>yes, it'll probably work. Viruses are Windows applications like any other.
The difference here is documented/support APIs vs other code paths.
This is true so long as the 'application' is using the normal APIs, as soon as an application depends on out-of-contract 'implementation details', which the bugs that are utilized by worms definitely are..., all bets are off.
In short ReactOS is more and more likely to implement the API needed by an app, but that doesn't mean it implements the out-of-API defects that malware depends on. Like anyway software, it probably as its own defects.
But that bug doesn't have to be in Windows. If you can get privilege escalation in a Windows app that the user trusts (hello, Office), then you're in. ReactOS is based on Windows circa XP and doesn't implement UAC, so that vulnerability is wide open.
The difference here is documented/support APIs vs other code paths.
This is true so long as the 'application' is using the normal APIs, as soon as an application depends on out-of-contract 'implementation details', which the bugs that are utilized by worms definitely are..., all bets are off.
In short ReactOS is more and more likely to implement the API needed by an app, but that doesn't mean it implements the out-of-API defects that malware depends on. Like anyway software, it probably as its own defects.