2
1
Possible Duplicate:
Virtual Machine and Virus
I've always been curious because I've run a virtual machine a few times.
Basically, is there any time at all that a virtual machine can pose any kind of security risk to its host?
Corey
Posted 2010-09-20T21:05:47.860
Reputation: 1 212
3
Depends on how your network is configured. I use my VMs in a bridged network, so basically each VM is a computer in the network, with own IP adress, etc.
The shared folders are usually network storages made visible to the guest OS. But in fact, that isn't a true server serving network shares, so it doesn't bring the same risks with it.
I've never heard of VM breakout-viruses, but it's technically possible. If there would be a bug in some of the emulated hardware, code might be run in the host system. However I've never heard of such thing before.
OK, now, when taking your question into account, It is not impossible, but very unlikely. Unlikely to the point that it's used as sandboxes for OS-es that pose security risks.
However, probably the most overlooked security risk is the shared clipboard. This works even with deactivated network, of course. When you copy a whole file that is infected, accidentally or not, you might infect the host os.
My Host is Linux, and with Windows guests, I don't have too much risks of getting "shared" viruses.
The Virus would need to be specifically designed to infect hosts-of-guests in VMs.
polemon
Posted 2010-09-20T21:05:47.860
Reputation: 2 531
+1 for "specifically designed to infect hosts-of-guests". Often they do not target the VM itself (which is theoretically impossible), but drivers written for the VM. Some real-life examples: VMware's display driver and VMware's bridged networking component. – zildjohn01 – 2010-09-20T22:27:02.387
2
Yes absolutely, without any "virtual" connection between them. CVE-2009-1244
No shared virtual network needed. No shared virtual drive needed. Security between Host OS and VM is just layers of software. Software fails. More code equals more bugs. Some bugs are exploitable. VM -> Host exploitation is a reality, and a statistical probability.
knitti
Posted 2010-09-20T21:05:47.860
Reputation: 871
I read a transcript of a blackhat presentation that stated the possibility of writing to the host's memory in the VM through the virtualized graphics card. – TuxRug – 2010-09-20T22:37:21.940
0
If there's a shared drive - absolutely.
Not having a network connection isn't a sufficient condition for "100% security" There are other ways to get infected - for instance a virus on a floppy image, CD, DVD or thumbdrive for four.
Can something break out? Well, "something" is a little vague but my answer is YES. One possible example is an email virus/worm that ends up sending a copy to the host from the guest (or vice versa).
There can be a security advantage to using a VM but you REALLY have to know what you're doing to take advantage of it.
hotei
Posted 2010-09-20T21:05:47.860
Reputation: 3 645
Very similar: http://superuser.com/questions/48939/virtual-machine-and-virus
– Sasha Chedygov – 2010-09-20T21:29:17.163