> virus or malware that is already on my device

Here’s the point you missed. Stuff that is only on the hard drive is harmless, no matter what it is. It’s like having hermetically sealed packages in your cupboard. They won’t give you food poisoning unless you open them and eat their contents.

This even is true for your computer’s memory (RAM). If something malicious only sits there as *data*, it can’t do anything.

For it to become alive, it needs to be executed. (Now that’s a paradoxical sentence, isn’t it?) Or, in other words, the CPU must read it as instructions and follow those instructions. At this point, it can then change the list of stuff that will be read from the disk and executed automatically when a computer starts.

The protected view is a way of treating the whole document as data, even the parts that normally would be treated as instructions.

—

Here’s a very simple example:

rm -rf /

This ^ is malicious code. If it were executed (with the help of a sh-compatible shell program, as it is not compiled into machine code itself), it would delete all files from your computer.

Yet, it now exists safely on your computer. It’s in memory, in temporary files your web browser uses, and on your screen. That’s because it is treated as data, so it can’t do anything.