They are also, for the most part, add-on (and readily removable) parts of the system. Usually some network service or web app vulnerability.
There have been a few kernel-level exploits, most of which are DoS vulnerabilities, though a few are privilege escalations (meaning: paths to root or full system ownership).
Still, as a whole, the modular architecture and high system transparency of Linux means that it's far easier to avoid, detect, and recover from attacks than Windows. Mac OS X is slightly less protected, but only somewhat.
Contrast this to the gaping security whole that remains the Windows shell, the tightly integrated default Web browser, the "document as application" model, various unsecured default services, very low system transparency (/proc, /sys, strace/ltrace/dtrace, netstat, etc., are wonderful), and, oh, say, the fucking impossibility of deleting open files, and you've got a massive security migraine.
Still.
And, yes, Virginia, there's antivirus for Linux. We run clamav on our servers to keep all those damned Windows viruses from proliferating by way of our services. But viruses as an attack vector for Linux itself? No.
They are also, for the most part, add-on (and readily removable) parts of the system. Usually some network service or web app vulnerability.
There have been a few kernel-level exploits, most of which are DoS vulnerabilities, though a few are privilege escalations (meaning: paths to root or full system ownership).
Still, as a whole, the modular architecture and high system transparency of Linux means that it's far easier to avoid, detect, and recover from attacks than Windows. Mac OS X is slightly less protected, but only somewhat.
Contrast this to the gaping security whole that remains the Windows shell, the tightly integrated default Web browser, the "document as application" model, various unsecured default services, very low system transparency (/proc, /sys, strace/ltrace/dtrace, netstat, etc., are wonderful), and, oh, say, the fucking impossibility of deleting open files, and you've got a massive security migraine.
Still.
And, yes, Virginia, there's antivirus for Linux. We run clamav on our servers to keep all those damned Windows viruses from proliferating by way of our services. But viruses as an attack vector for Linux itself? No.