I have a windows 10 host machine that is connected to my LAN with other devices. It runs a VMware Ubuntu virtual machine that is connected to the guest wifi and has shared folders between vm and host disabled. I thought that this would protect the host machine and other devices on the LAN from potential malware since the VM is on the guest wifi but I forgot that the VM doesn't have its own physical NIC. Does this mean that despite being on different networks, my host machine can still get infected with malware from the VM if the network settings is set to bridged? If so, is there a way to prevent this?
Asked
Active
Viewed 42 times
1 Answers
0
Mostly, except by compromising your router or exploiting hypervisor vulnerabilities.
I will assume that your LAN and the guest WiFi network are separated. In that case, the two networks are isolated and your VM should not be able to contact a device in your private LAN. The only way an attacker could compromise devices on your LAN would be by compromising your router, or if you created explicit rules to route packets between the 2 networks.
However, you seem to assume that the VM can only interact with your host through the network, but this is certainly not the case.
Your host acts as a type-2 hypervisor, and therefore will directly manage your virtual machines. Any vulnerability in that software could allow your virtual machines to compromise your host. So, while virtualization may protect you against most malwares, hypervisor vulnerabilities do also exist.
The best security controls you can implement to reduce your risk is to keep your stuff up-to-date (softwares, AV, OS, router, etc.) and do not partake in potentially dangerous activity on your VM. (Eg: analysis of malwares that could compromise an hypervisor.) It also depends on your risk appetite.
Yuriko
- 941
- 1
- 6
- 21