Simply using a thing to make a living doesn't make a person an expert in that thing's design. A long-haul trucker could drive 150,000 miles/year but it doesn't make him a mechanic. I've known programmers who don't own computers. In college, many of my classmates in upper level classes were completely clueless about basic computer operations outside of the scope of their classes. Had to ask how to store their files on a floppy. "Format? What's that?" Don't assume someone knows what s/he is talking about just because they sit in front of a monitor for 8 hours a day.
Of course you can still get a windows virus in your windows environment in bootcamp, parallels, virtualpc, etc. So what? That's nothing new. It's been an issue since the first version of VirtualPC. There's nothing different here. What happens in that virutal environment stays in that virtual environment. It's like a holodeck. When you shut down that virtual machine, it's inert.
If you're really paranoid, always run a copy of your last image. Do your installation in parallels, then make a copy of the image once it's configured, patched, etc. and has all your software installed. If you get a virus while working in windows, just close that session, delete the image, and make a fresh copy of your last clean image. When you finish working, close your windows session, make a copy of the image you were just using and delete the old backup. If you're worried you might not catch the virus right away, keep several old images like a rotating daily backup schedule.
In order to threaten OSX through windows, a virus/worm/malware writer would have to exploit specific weaknesses in parallels, virtualPC, etc. To what end? All they'd be able to do at that point is inject a virus targetted at OSX. Why go to the trouble of delivering it through windows? An attack through windows is pointless unless they've got something to deliver that works on OSX. If they've got that, why bother going through windows?
