I don’t use AV and I’ve never gotten a virus on my machine regardless of OS, except when I was 12 compiling virus code from the ezine 40Hex. I don’t run untrusted executables, seems simple to me. Then I see my non-technical friends and family with 90 icons on their desktop and 6 years of files in their Downloads folder and you see how it happens.
There was a really bad Dark Ages of remote exploits which peaked around the early Windows XP era. The OS itself and Internet Explorer were a horror show.
Other than that, yes, it's been fairly rare to have malware infections that don't start with tricking the user into executing a binary, though it certainly can happen.
In 30+ years of having computers I’ve had issues twice.
Once was on in the 3.11 days. Turned out the copy of KidPix we bought had a virus on the installation disks.
The other was in the late 2000s at work on XP. I got got some piece of malware (showed ads IIRC) from a drive by using a Java exploit in an applet showed by an ad network.
If you’re not doing high-risk stuff it’s not hard to avoid. But I’m glad MacOS has this built in just in case (like MSE on Windows).
It's possible, definitely. I've had some amount of luck. But I think if we had good measurements we'd find that getting a virus through those means on personal machines is rare.
