Upon consideration, I'd consider the existence of viruses/malware for a platform is actually a good thing, as it's a sign of openness. If there isn't, it's most likely because there is a central authority deciding what you can and cannot do on the platform.
And if someone else controls what you can and cannot do on the platform, the platform really isn't secure from your point of view. This is especially true when that someone not only has that control but also has access to your activities, metadata, data, PII, etc through cloud based applications and features, telemetry, central store registration/purchases, etc.
Windows Azure datacenters have more than 1 million servers combined.
They all run Windows, and unlike those cheap XBoxes, they are powered on 24/7 and connected to very fast fiber optics.
If you think Windows is an immediate easy target, why don’t you run your botnet on Azure?
Windows has had a sufficient built-in virus/malware scanner for a while now. But, I agree, it's now as easy of a target as other Windows 10 machines out there.
No, because desktop and server Windows 10 machines have to be compatible with arbitrary older binaries that were written against the Win32 API. The Xbox One version of Windows 10 can leave out the backwards compatible and more easily targeted parts of Windows, and only support UWP apps, which are sandboxed and thus are less exposed to various types of exploits.
I agree. MS's recent anti-malware offerings are definitely up there. Their efforts in the area have been paying off.
The major issue is identical executables being operable across platforms makes for much easier transmissability. Eg, how many people put their XBoxes and Windows machines on the same home network? I'd posit a majority of people who own both platforms, simply for simplicity's sake.
Aren't the Xbox One apps only delivered via the Windows (App) Store though? So they have the benefit of being sandboxed and needing to be reviewed in some form or another by MS before appearing.