Cybercriminals compromise home computer users and businesses in a variety of ways. One of the most popular and effective is exploiting vulnerabilities in software, either in the operating system itself or in any of the installed third-party apps.
As you might expect, cybercriminals typically go after widely used applications and services, making Windows operating systems and popular third-party software (PDF readers, office suites, browsers, archivers, etc.) common targets. Of course, that doesn’t mean that these attacks won’t probe other applications, quite the opposite, in fact.
Cybercriminals will often check what software is in use to search for rare apps with severe vulnerabilities that were never patched.