A couple of days ago I asked a question about Ubuntu and a dual boot installation. Turns out that I have installed Ubuntu inside Windows 7 in a WUBI installation. In this case am I susceptible to viruses and malware on the Windows OS when I am using Ubuntu?

If you are downloading Windows files...then YES. (Even with an AV in Windows, any time you download something you risk infection). If you are downloading Linux files...not likely. If you are talking about media files then maybe.

A Wubi installation is in essence no different, from a security perspective, from a true dual boot installation of Windows and Linux on different partitions. Yes the Wubi installation is initiated and can be removed from within Windows but once you boot into the Wubi Ubuntu the only significant difference is that you are running it within a virtual Linux file system within files created in C:\ubuntu rather than directly from a Linux partition.

In order to infect the Windows installation the relevent Windows executable would first have to be downloaded to an accessible location within the Windows directory structure. Secondly a method of opening/running this executable once Windows is started would need to installed. This could involve downloading it specifically to a user's Startup folder but just about anywhere else would require an additional autorun file or registry edit in order to open and run the malware at some later point in time.

Of course having a potentially risky executable sitting somewhere within windows is an occult risk but I believe the actual risks are small (with either Wubi or a full dual boot) especially if you are running decent anti-malware/anti-virus within Windows.

I am open to correction but I don't know of any examples whereby (apart from an active hacker) malware has been invoked within Windows but originating from a Linux installation. I agree there is a theoretical risk but believe that unless the user is stupid that it is very minimal indeed.

I am open to correction but I don't know of any examples whereby (apart from an active hacker) malware has been invoked within Windows but originating from a Linux installation. I agree there is a theoretical risk but believe that unless the user is stupid that it is very minimal indeed.

With WINE in the equation the risks increase dramatically...especially if the Windows partition is linked in some way to the WINE directory. That's one of the reasons the WINE devs strongly recommend separate partitions (it used to be because NTFS support in Linux was a bit flaky...now it's malware). WINE has improved to the point where it suffers most of the same risks as Windows...:rolleyes:

In general, yes the risks are small, probably lower than with a 'protected' Windows and careless downloading.

I don't really know that much about WINE. In reality I only use it for others who want MS Office applications installed under a Linux installation and I have only ever set these up using Code Weavers "Cross Over Linux". It creates WINE "bottles" which in my limited experience seem to run with virtual reboots and a virtual Windows registry and so on. Thus I don't really understand, if say browsing with IE from a WINE bottle, just where any downloads could be downloaded-to and how they could then be executed by anything running under WINE or from the Linux distro itself.

Personally speaking I would almost certainly have dumped Windows altogether but for the fact that I write simple applications in Virtual Studio and fairly elaborate databases, including a lot of VBA code, in MS Access. I have never got anywhere with either of these under WINE so unless the Windows executables are simple or else very well supported under WINE I don't see the point of accessing via WINE when the run perfectly under Windows.

Using VMs is of course another approach and with enhanced "sand box" protection particularly if the VM is not connected to the LAN.

Those average families that I have installed Ubuntu for as a standalone OS in the last couple of years are just so delighted with its speed, functionality and absense of malware (particularly those with teenager kids) that they say they will never go back to Microsoft.

Thanks for the speedy and informed replies. Do any of you use an antivirus with Linux? I am currently using avast free for my antivirus. You can't beat the price but is this good enough? I would like to go over to Linux as my sole OS but for the time being, I have a Netflix streaming video account and they do not recognize Linux. Finally, would an mp3 downloaded through Ubuntu be able to infect the windows side.

If you tie WINE to your Windows partition, it will use the standard Windows folders...like TMP/Downloads/My Documents and so on. THAT's how they will get there. And they will remain dormant, until you boot into Windows and activate them, as if they were downloaded from Windows (say it's a corrupt/fake media file...when it's played in Windows). Or if Windows is set to make thumbnails (for media files)...but that would trigger the infection, no matter where the file came from/how it was downloaded. Vista and Win7 should be less likely to be infected in that manner, with UAC, but we all know how annoying that can be and how often it just gets disabled.

The easiest ones to cross infect are the script exploits...java, javascript, etc.

Granted it takes a little bit of work to set WINE up that way. The typical reason for this being done is to avoid reinstalling a bunch of software. Or to keep all the software in one location (it's easier to reinstall a game over top of itself, on the Windows partition, where all the save data resides than it is to install it clean, configure it and then transfer all the save data to a new location).

Overall, the risks are minimal, especially if WINE is not in the equation or if it uses an entirely separate (no linking with Windows) directory structure (default).

The funny thing about Netflix...all the Netflix embedded devices, like the various DVD/BluRay players and such all run Linux. The real reason they don't support Linux in general is DRM. The embedded Linux on the devices has it, the full installs of the various distros don't.

As to the AV...no, I don't, but then I'm usually petty careful about what is downloaded. It's a bit easier to check if the what you are downloading is what it's supposed to be in Linux. If in doubt, go ahead and manually scan the file.

In what is probably a shining example of noobiness, may I ask how to scan a file manually in Linux, since I am not using an AV program in my Ubuntu OS. Thanks again for the prompt, informed response. G

One of two ways...

Avast, AVG and ClamAV all have Linux versions. You can scan any file with one of those.

Or

Run the scan in Windows, if Windows can access the download location. It should be a folder that won't automatically generate thumbnails or autorun (no external drives, USB sticks, etc).

As far as the Thumbnail Image vulnerability goes I believe this has been addressed by MS. It does not affect Win7 or WinServer 2008 and if one uses automatic updates in Windows it should have been patched. The relevant KB download for the Windows version can be downloaded from MS11-006 (http://technet.microsoft.com/en-us/security/bulletin/ms11-006).

When it comes to "infected" video files then infection is not normally by the infected file per se but either because the media player used is not up-to-date or because it can still get you to download a malicious codec that then executes its nasty code. Using Sandboxie in Windows (http://www.sandboxie.com/) is suggested by some to avoid this but I am not sure about its effectiveness.

Double file extension exploits such as xxxxx.mp3.exe are obviously other forms of Windows attack that the vigilant should be able to detect and is the main reason for changing the default file/folder options to not hide commonly used file extensions.

I hope I am not appearing to be complacent. Running Windows is at all times more risky than a pure Mac or Linux box but I still don't really see that any Linux box that coexists with a Windows one is any more risky than attaching a USB drive or using a peer-to-peer or social networking download from the Windows installation however it is placed there.

All Windows installations, for numerous reasons, are inherently susceptible but it is nearly always lax practices by users that allows them to become infected or otherwise owned. I only ever use pure Linux when using credit cards on-line or accessing on-line banking or other sensitive sites. Even then I am inclined to look over my shoulder to check that no hidden camera could be watching what I am up to - such is the paranoia that on-line activities can induce. If you want/need security then best avoid MS altogether and also keep your guard up agains hacking, phishing and all sorts of scams.

In general always be suspicious of something that pops up out of the blue however plausible it seems to be.

Great info, excellent advice. Thanks for the input as always... G