Also, it is way easier to attack a desktop than a server. Desktop users are more careless than server admins and have many more different applications malware can use to gain access: im apps, browsers, media players, pdf viewers, flash runtimes, etc. To attack a server you have to find an exploit using an http, ftp or ssh request to a limited and more secure, in general, set of programs.
Apple is growing very fast and it is finding itself in that position now. You can see that in the new security measures of the Mac App Store. By limiting what apps itself can do you limit what malware gaining access to those apps can do. Maybe Microsoft should have done something similar to prevent Windows from being the virus hub.