I'm afraid we're going to need some validated sources for such a statement. "the iPhone is the most exploited mobile platform." I call BS. Additionally, of all the iTunes exploits, all required a phishing attack to first succeed, and most also only worked on machines with additional unpatched Windows vunls, and iTunes self notifies of updates as well and those vulns were closed within days (and none infected the phone, only windows itself).
Your post is complete BS and FUD and lies.
The only vulns on the iPhone I have found in a search just now were related to jail broken devices with a default root account active, or if the phone was physically connected to another machine specifically to hack it, and before the device could be remote wiped by the owner (and even that provided only limited access only to SMS history data). There are no data breach capable or device owning exploits I can find capable of getting into an iOS device OTA that is not jail broken, or that is not directed specifically to a hacked website (phishing scam) and even those were patched. No outed vulnerability of iOS was ever present ITW infecting actual devices, short of ones targeting unsecured SSH servers on hacked devices, they were all [proof of concepts (and most of those were incomplete showing only one PART of a potential hack). Android however has been bitten several times by apps in the marketplace actually containing Trojans, and there have been ITW exploits of the devices.
Patching is increasingly complicated and drawn out for Android as well due to 3rd party middlemen (Google releases a patch, then the manufacturer of the device checks it and releases a patch for their customer version of the OS assuming they're even using the current one, then the phone provider additionally modifies the code for their own needs and testing, and finally a patch is released; and any one of them may actually be a break in the process by no longer doing active development for a device, which has been the case sometimes as soon as 3 months after release, look at how many devices STILL won't get Froyo). iOS may one day have an ITW vuln, but in days every iOS device ever distributed could be patched. That is simply not possible on Android. (especially those with Flash, the single most exploited piece of code in history, with currently 37 unpatched vulnerabilities, including the Android 2.2 vulnerabilities released on Sept 10th and 14th that are unpatched)
Apple at least validates the app code of each submitted app to see if it touches the secured data sections of the phone (via any method, valid API or not), and automatically rejects apps that don't have cause to access data it touches even if documented and done through valid APIs. If undocumented access occurs, or if undocumented internet transmission of data occurs even with valid access without significant cause or explanation the app is still refused. Google has NEITHER protection. Plus, with side-loading possible on Android, even an approved app could be updated remotely to enable latent unaproved code. This is not only really hard to do on iOS, but even in the few rare cases it could be conceivable, doing so is illegal in addition to being a contract violation, and Apple THOROUGHLY back checks each dev and could provide police with easy ways to find them. Google also has no such verifiable trail to track down illegally operating hackers in their dev pool. Also by default, any app attempting to access data prompts when it does so, EACH TIME, unless you tell it to stop prompting. Android has no such feature beyond the cryptic warning at install that most users don't even understand (or read).
Apple is not 100% safe, granted, but all access to data is monitored, and the use of it once accessed is equally monitored, and anyone who seeks to violate this has to do it in the open with their name and bank accounts exposed. Their OS being single sourced is patched much more quickly, and can even adapt to 0 day exploits with a little help from the media and/or AT&T automates SMS alerts instructing users to connect to their iTunes PC and update. Apple can also easily and quickly if really necessary pull any app OTA from all deployed devices, Google can only do that from their own personal marketplace (not 3rd party or open markets).