Can Windows viruses acquired in OS X infect the boot camp partition?

Discussion in 'Mac Apps and Mac App Store' started by axu539, Jan 6, 2011.

  1. axu539 macrumors 6502a

    Joined:
    Dec 31, 2010
    #1
    The title says it all. I have searched, and can't seem to find a situation exactly the same as mine. I have Paragon NTFS installed, so OS X CAN write to NTFS drives (namely my Boot Camp partition). I do not have any antivirus on Mac, as it is simply a waste of system resources. I DO have MSE installed on my Boot Camp partition (which is running Windows 7 64 bit by the way). Could I inadvertently pick up a virus in OS X and have it somehow infect my Boot Camp partition? Any knowledge would be much appreciated.
     
  2. wrldwzrd89 macrumors G5

    wrldwzrd89

    Joined:
    Jun 6, 2003
    Location:
    Solon, OH
    #2
    The answer is rather complicated.

    Windows viruses cannot RUN in the Mac OS X environment, so they cannot do anything at all if picked up there. However, if infected files are then copied to your Windows partition, you reboot into Windows, and try to load/run them... that's when you could get infected.
     
  3. jace88 macrumors regular

    jace88

    Joined:
    Jan 3, 2011
    Location:
    Sydney, Australia
    #3
    As alluded to above, a virus is fundamentally a program with a malicious intent of some form. It can only be run in the environment it was designed for whether it's Windows or Mac.

    Therefore, a Windows virus wouldn't be able to execute within the Mac environment (e.g. if you downloaded a Windows .exe virus in your email) and hence it wouldn't be able to infect your boot camp partition.

    However, if you downloaded a Mac virus whilst in Mac OS, there's nothing stopping it from treating the Boot Camp partition as just another drive and infecting files on there especially if it has read/write access.

    The exception to the first point above is if you are running virtualisation of Windows (e.g. Parallels) in which case it can happen whilst running Mac OS X (because your'e also running Windows simultaneously).

    A question to the punters out there- are there any viruses identified yet which are capable of taking advantage of dual boot operating systems? AFAIK there aren't but who knows what can happen in the future (e.g. a Mac virus which identifies you have a Boot Camp partition and dropping a Windows virus executable into your Windows start up!).
     
  4. wrldwzrd89 macrumors G5

    wrldwzrd89

    Joined:
    Jun 6, 2003
    Location:
    Solon, OH
    #4
    Actually, there are ~3 known hybrid Windows/Linux viruses that can be especially destructive on dual-boot Windows + Linux configurations. However, I know of 0 Mac + Windows hybrids.
     
  5. axu539 thread starter macrumors 6502a

    Joined:
    Dec 31, 2010
    #5
    Thanks for the replies everyone. I was more curious than worried, but you guys have cleared it up for me. :)
     
  6. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #6
    This won't work for most users for a few reasons. First, there ARE no Mac viruses in the wild that can run on current Mac OS X.

    Mac Virus/Malware Info

    Second, in order for Mac OS X to write to the Boot Camp partition, not only would read/write have to be enabled, you would also have to install NTFS-3G to write to the NTFS-formatted Windows partition, since native Mac OS X can't write to NTFS.

    NTFS (Windows NT File System)
    • Read/Write NTFS from native Windows.
    • Read only NTFS from native Mac OS X
    • To Read/Write/Format NTFS from Mac OS X: Install NTFS-3G for Mac OS X (free)
    • Some have reported problems using Tuxera (approx 33USD).
    • Native NTFS support can be enabled in Snow Leopard, but is not advisable, due to instability.
    • Maximum file size: 16 TB
    • Maximum volume size: 256TB

    Anyone who enables r/w and installs NTFS-3G should be knowledgeable enough to know the risks, but even then, they'd have to wait until someone writes a Mac virus and releases it in the wild, where the user could hunt for it and find it. The bottom line is, this vulnerability is possible, but it would take a lot of deliberate effort to make it work.
     
  7. axu539 thread starter macrumors 6502a

    Joined:
    Dec 31, 2010
    #7
    As I said in the original post, I have Paragon NTFS installed (same as NTFS-3G), AND I do have read/write privileges on my Boot Camp partition. But, like you and everyone else are saying, since the virus needs to be executed in OS X to infect that other partition, infections are unlikely. Thanks for your response!

    Just curious though, my Boot Camp partition was r/w enabled by default. Is that required for Boot Camp to work, or is there some way to disable it (just in case)?
     

Share This Page