Ubuntu
wine package

ubuntu helps spreading windows viruses

Bug #256880 reported by informiloud on 2008-08-11

278

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	wine (Ubuntu)	Triaged	Wishlist	Unassigned

Bug Description

This issue has already been reported in https://answers.launchpad.net/ubuntu/+question/22404 but it seems nobody sees how important is this problem:
I recently found that my flash disk was infected by the ¨New Folder.exe" and ¨scvhsot.exe¨ virus although I didn't use it in any Windows computer... In fact, I was surprised to discover that all the flash disks I put in my PC (where there is a Debian Lenny system) were infected. I think the system was also slower than it used to be.
I found the problem and reproduced it on a notebook with a fresh Hardy and wine installed: when you double-click on a .exe virus, the virus is automatically run by wine and it resides silently in memory, slowing the system and infecting all the removable media it finds...
I used to tell everybody that viruses aren't a problem with GNU/Linux, but it seems it's not so true!
So now, when I install an ubuntu system for a newbie, I 'm facing the dilemma of choosing between the risk of virus infections and the inability of running the windows softwares...
The solution would be simple: to disable the default behavior of nautilus to run clamtk instead of wine when a windows executable is clicked. I tried but I didn't find an easy way to do it. Setting clamtk in the "open with..." dialog didn't work...

See original description

Tags:

Revision history for this message

steveacab (antonio.chiurazzi) wrote on 2008-08-11:

#1

If you don't use the windows applications you don't take virus.

the bug is resolved.

Revision history for this message

Jan Van Buggenhout (chipzz) wrote on 2008-08-12:

#2

I wouldn't put it as bluntly as the previous comment, but wine becoming compatible with Windows up to a level viri run sounds like a feature to me, not a bug. Plus, the viri will most likely not affect your ubuntu installation. Your assertion that virus infections aren't a problem on Linux is correct in that sense. So this is not a bug.
I think the solution would be to install some kind of virus scanner (yes, those are available for Linux too).

informiloud (contact-informiloud) on 2008-08-12

description:

updated

Revision history for this message

Norman Grahams (ndgrahams) wrote on 2008-08-13:

#3

Wine becoming compatible with Windows up to a level viruses can run is certainly a feature - by implication that Wine is running well. Wine is not designed to distinguish what kind of program it runs, but to run it as the program intends.
However I think this problem of viruses running should be addressed. Even if it isn't damaged by them, Ubuntu shouldn't carry and transmit viruses. And the potential is always there for a Wine-run virus to attack things in the user's home folder, thus becoming a Linux virus. Whether that second option is more likely than a native or cross-platform virus I don't really know, but I can imagine it being so.
Certainly the first at least has happened, and should be addressed.

I don't know how to do it, but checking files with ClamAV (the back end to the aforementioned clamtk) before opening them in Wine sounds like a very good idea. It won't slow down native operations and programs, as an antivirus program on Windows does, but it will protect against Windows viruses running under Wine.

Revision history for this message

Norman Grahams (ndgrahams) wrote on 2008-08-13:

#4

I wonder whether it can be solved simply, at least as a workaround, by running ClamWin in wine - probably with its complimentary real-time scanner?

Revision history for this message

Scott Ritchie (scottritchie) wrote on 2008-08-20:

#5

(optional) ClamAV integration with Wine would be an interesting feature.

Changed in wine:
importance:	Undecided → Wishlist
status:	New → Triaged

Revision history for this message

HoppingWombat (hoppingwombat) wrote on 2008-11-28:

#6

The problem is not with Ubuntu or Wine, but with Windows programs -- you would get the virus in them whether you were running Windows, OpenBSD, or Ubuntu.

Revision history for this message

jan (jan-ubuntu-h-i-s) wrote on 2010-12-27:

#7

Just as Microsoft is advising, it should be standard practice that within Wine a virus scanner is advised for users doing a lot of wine stuff.
Has anyone tried to install virus scanners in Wine ?

Revision history for this message

Jack Leigh (leighman) wrote on 2010-12-27:

#8

I also recently experienced problems with a virus via wine. Clamav integration would seem to be a much better solution than the executable-bit fiasco at the moment

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.