I recently have used Bootcamp to set up a new partition and run Windows 7. About half of my HDD is designated to my OS X partition and the other half is allocated to the new Windows 7 partition. If something were to happen to my Windows 7 partition with Bootcamp, is the OS X partition still safe? Or is it at risk due to Bootcamp being a link between the two?
If both partitions are at risk, what steps can I take to minimize the damage that could be done in the event that an attack occurs?
Boot Camp allows you to make two operating systems coexist on the same hard drive (but in distinct areas, called "partitions"), and to choose which one is started when you power up the machine. However, each OS, once started, sees and can access the whole machine. In particular, Windows, once started, is aware of the existence of both partitions, and can read and write both as it sees fit.
Both Mac OS X and Windows are "well-behaved" in that they know which partition is theirs, and which is not; and they refrain from altering the other partition contents in any way. However, malware is usually not well-behaved (by definition), and malware that runs on Windows may notice the existence of the OS X partition and begin to alter it for its nefarious purposes. It is thus at least conceptually possible that a virus running on Windows infects an OS X partition. This is not Boot Camp itself that puts both partitions at risk; it is the very concept of multiboot.
In practice this is not very likely to happen, because the Boot Camp situation is sufficiently rare to make the development of a cross-OS virus not worth the effort. Possibly, a destructive virus that bombards the whole disk with random bytes may impact the OS X partition as a collateral damage.
If you want some higher degree of isolation, use a virtual machine. In a VM, the guest OS (e.g. Windows) does not see the real hardware, but an emulation of a virtual drive that the VM solution synthesizes for the guest. Normally, the partition of the host OS (e.g. OS X) will not be made visible as a virtual drive to the guest, so even if the guest is hijacked by hostile code, its potential damage won't extend to the host partition.
This, of course, assumes that the VM solution does not have an exploitable hole that would allow an hostile guest to evade from it and run its code on the host. Also, some practical VM setups often actually make the host partition, or a subset thereof (e.g. a given directory), visible to the guest, to ease data transfers between host and guest.
In theory:
Partitions are really just logical divisions of space. There is no security boundary between partitions at all. Any virus running under your credentials could manipulate files. Even if you can't manipulate the files when you're logged on (through NTFS security permissions), a virus that manages to escalate to Administrator privileges can probably get to them anyway. Even if the files are stored on an unmounted partition, a virus with Administrator privileges could probably still trash the filesystems on the disk, although it would be unlikely to bother.
In practice:
Malicious code won't bother to touch other partitions, because it really just cares about maintaining access on your system.