[cw-discuss] MS Outlook & Viruses

Jeremy White jwhite at codeweavers.com
Thu Sep 27 14:44:44 CDT 2007 

Hi Adam,

Here's a boiler plate response we use on viruses:

People often wonder if CrossOver is subject to as many problems with viruses and
trojans as Windows is.

The short answer is that, in theory, a virus could affect a system running a
Windows program, but that it would require a pretty extremely unlikely scenario
and it has not, to our knowledge, ever happened.

The longer answer is that programs that are vulnerable to virii, such as Outlook
and Internet Explorer will retain those vulnerabilities when run on the via
CrossOver.

That is, if a virus exploits a weakness in Internet Explorer which allows it to
upload code into memory and cause that code to start execution, then that same
weakness will exist.

So, in theory, the problem persists.

However, a wide range of factors exist so that we feel that it is far safer to
use CrossOver than it is to run Windows.

First, that exploited code running in memory relies upon a very exact operating
system configuration; it will try to use certain Windows specific commands and
layouts to do its dirty work; it is very unlikely to run on your system because it
is a foreign system.  We've run tests on a range of known viruses and not a
single virus has been able to successfully execute its code.

Second, you're only vulnerable if you run vulnerable applications.  Internet
Explorer is the worst case.  Candidly, we recommend  only using IE for sites
where Firefox does not work.  Outlook is another case, but in CrossOver, Outlook
is prevented from running files with typical virus file formats.   Most other
applications do not suffer from virus risk; most viruses come in through either
a direct attack on your system (this is not relevant because you're protected by
Mac as a whole), or via IE or Outlook.

Third, even if a virus were able to be run, it will be constrained by the Unix
system as to the damage it can do.  Since CrossOver is meant to be run by a
regular user, you're first protected by Unix's proper user security system;
the virus cannot harm anything further than your user account.  Second, a
Windows virus will generally only know of Windows file systems; if it destroys
your entire virtual C: drive, well that's very easily recreated and you've lost
no data.

Finally, we do take this quite seriously; we provide hooks that our customers
use to scan every PE format (Windows executable file format) file that would
be opened prior to opening, so you can integrate your own virus scanner if you like.
You can even run this all in chroot jail and be guaranteed safety.

The only closing remark on this subject is that I will reiterate that not one of
our many customers has ever reported a problem with a virus or other nasty beast
on CrossOver.

Cheers,

Jeremy

Adam Bray wrote:
> Hi Everyone,
> 
>  
> 
> A colleague of mine brought up a good point about using CrossOver Linux
> to run Outlook.  Is it safe from potential viruses or should some type
> of Anti-Virus software be installed into the bottle?  I’m nervous about
> using this at work in case it can get hit by a virus.
> 
>  
> 
> Thanks.
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> discuss mailing list
> discuss at crossover.codeweavers.com
> http://crossover.codeweavers.com/mailman/listinfo/discuss
> You can be removed from this list by visiting the above web page, or by checking the 'subscriptions' tab in your account with CodeWeavers.

More information about the discuss mailing list