---
type: "term"
title: "Designed Execution Capability"
description: "The environment's intended capability to load, interpret, or execute program content."
resource: "tlctc:term:designed-execution-capability"
tags:
  - "glossary"
---
# Designed Execution Capability

The environment's **intended** capability to load, interpret, or execute program content. This is the generic vulnerability exploited by `#7 Malware`. Examples: OS loaders, script interpreters, macro engines, browser JS engines, module loaders, container/virtualization runtimes.

**Reference:** §4.2.2 (Global Definitions), §4.1 (#7 Definition)

**Related reading:** [The File Type Fallacy — extension blocklists](https://www.tlctc.net/tlctc-file-type-fallacy.html), [GovCERT-CH blocked filetypes × TLCTC](https://www.tlctc.net/tlctc-govcert-blocked-filetypes.html)