No Tears(WannaCry) on Linux Unless you Wine

The big question we’re seeing in the Linux Support department right now, “Do I need to worry about the WannaCry malware on my SUSE Linux Enterprise box?” The short answer, most likely not. This is not a Linux vulnerability. There is one exception though, if you use WINE (Windows Emulator), and use it in an unusual way on Linux (specific ways listed further down), you could be at risk.

So, if you don’t use WINE then your Linux boxes are safe and you can sleep soundly tonight.  So what do you do if you are using WINE? Well, it depends. Since this isn’t a problem with the WINE program (it’s a vulnerability in Windows) there’s not a whole lot that can be done from a patching perspective. Also, there’s only a few ways that WINE can result in your system getting this malware. You’d have to use WINE to:

1. Open your mail
2.  Open dropbox links
3.  Browse the web

You really shouldn’t be doing these things with WINE anyways. If you need that kind of Windows functionality, it’d be better to make a virtual machine of Windows and make sure to apply their WannaCry patch. As a general rule, there isn’t any reason you shouldn’t be able to do those things natively on Linux.

Solution? On a Linux box WINE really could have only resulted in infecting your user’s home directory. Now’s the time to use those handy-dandy backups and restore your user account.

One last note, if someone used WINE with root permissions or sudo.. That would be a user error and at that point it’d be recommended to do a full system backup and restore. In the future it’s always best not to run WINE with such high permissions.

Shout out to rinzwind for his thorough response to this question on stack exchange.