CrossOver Support - Community Forums

Does anyone know if using old versions of MS Office on Crossover constitutes a potential vulnerability to the current international ransomware attack, or is it specifically the Windows OS that is vulnerable? - Perhaps Codeweavers could make a general statement about this.

I am not associated with either CrossOver or Microsoft but at this point am only a hobbyist (I am the goto person for friends & family but that is all.) Based on what I have read so far, it appears this particular threat is targeting PCs based on network connections. It is bad to ever let your guard down but I feel you are at a lower risk if you have not installed any Microsoft networking DLLs. In regard to the other part of the question, running older versions of MS Office is inadvisable due to attacks from other vectors.

As always, the best defense is regular backups to a medium that programs running on a system cannot reach directly -- for example, do versioning backups to a device that is then backed up to another device or cloud storage. These backup schedule must be enforced by your IT department so schedule backups ALWAYS run without exception & samples of the data are restored to verify the backups are good.

The final piece of advice I have comes from a wise old friend now deceased -- the trust you place in someone should be inversely proportional to the strength of their opinions & the volume they use.

Hopefully a REAL computer professional will respond to your question before long in case I missed something.

The current wcry malware exploits a vulnerability found in Windows XP, unpatched, 7 and 8, and Server 2003 (win10 is immune). The probability that Crossover has a flaw in common with any of those Windows version is highly improbable (read all but impossible). The reason for this is simple, there is no "Windows bits" in Crossover. Crossover is, for a lack of a better word, a translator. Most malware out there rely on some pretty deep flaws in a given OS. Since Crossover "translates" instructions, it is doubtful it offers the actual flaw needed for an exploit to succeed as the underlying OS is entirely different (In your case, MacOS). I see no reason why Crossover would be subject to any particular statement regarding this or any other windows specific problem.

On the other hand, if you run vulnerable Windows software, you should do so knowing full well what the situation is. You should also keep in mind that Crossover can have its own flaws, and therefore be subject to attacks. According to some advocates, some malware have worked in the past but those would be the exception, not the rule. But then, all software is vulnerable in one way or another, as all that is required is a flaw being discovered.

In short, proper computer hygiene and preventive practices (like backups) are the only way to keep your stuff working right. This would include a particular sense of danger regarding any e-mail attachment. As for the current crisis, the articles that I have read would seem to indicate there is no known risk that applies to Crossover use itself.

I would leave you with this... I have used Crossover (on Linux) since 2006, and never had a problem. Not once did I even get a doubt that malware managed to infect my system, and I did run some pretty obscure stuff, along with different version of Office, including unsupported versions. Paranoia is good to have as a computer user, it prevents idiotic mistakes as "they" are very much out to get you, as wcry shows. But you shouldn't let yourself be overwhelmed...

Well, apparently, if you're stupid enough to run the executable, it can affect Linux via Wine/Crossover as seen here:

https://www.youtube.com/watch?v=7cUL1HKfTK0

I would think it can affect Mac too, but again if you're stupid enough to run the exploit quite willingly. Still not something I'll lose sleep over.

It's very helpful to me. Thanks guys for sharing！