Malware can attack an operating system (OS) or an application, if the OS or application is capable of running a program that is not part of that OS or application. All popular desktop operating systems, and many office applications, image editing programs, and design applications – plus other software environments with embedded scripting languages – have this capability.
Hence, these popular OSs and applications are all vulnerable to malware attacks.
Computer viruses, worms, and Trojans have been written for very many different OSs and applications. However, there are other operating systems and applications for which no malware has yet been detected. So what is the difference between these two groups of OSs and applications?
For each specific OS or application, malware will generally emerge when the following three conditions are met: