Can Malware Transfer Between Dual-Booted Operating Systems on the Same Drive?

Yes, it's possible for malware to move between operating systems on the same drive, but it's not very likely. Most malware isn't designed to jump from one OS to another, especially if you're not a high-value target. If you encrypt your 'safe' OS, it becomes much harder for any malware to cause harm.

Wouldn’t it be better to use disk encryption? That would prevent the other OS from accessing files in a useful way. In fact, a live system on a USB stick in read-only mode might be the most secure option. Otherwise, dual booting with disk encryption could offer a good balance between safety and convenience. Most Linux distros offer that in their installer.

I’d say it's unlikely for viruses to spread to a second OS on a dual-boot setup. However, you should definitely consider using a virtual machine as it adds an extra layer of defense. Malware will have a harder time breaking out of a VM than infecting another OS on the same hard drive.

In a dual-boot setup, the infected OS can still access data on the 'clean' one, so it’s not super secure. You could somewhat mitigate this with separate partitions that use incompatible file systems, but that's not foolproof. Plus, the second OS might be able to run Windows programs, putting it at risk, too. Honestly, it might be safer to use a read-only virtual machine instead of dual-booting, though that’s not fully invulnerable either.