Very good question.

The main reason a virus could propagate from VM to host Operating System is via the network. Once you start using bridged networking between the host and guest things get more risky. Your machine and the VM are seen as 2 nodes on the same subnet. A worm which sees these 2 nodes has the possibility of propagation if such a vulnerability is found.

Yes, if you have shared folders...

Either shared folders through the VM, or standard networking.

I am not sure, and have not seen any viruses in quite a while that spread like this and edit files over a network, but it is possible.

Just because it is a VM does not mean it is safe, you just have to treat it like another physical machine on your network.

So, if you have anti virus on your host machine (and others on your network) you are as safe as you are going to be, but again... treat any VM like any other physical machine.

The only safe way to run a VM is to disable networking features (or VLAN separate it completely from your network... and not have any sort of management interface on that VLAN.) and all the host/guest integration that involve sharing files.

Unless there's a security flaw in Virtualbox that allows you to break out of the VM (and you've not patched), then no. However, it's worth remembering that if there's any network connection between the two, there's the possibility of it moving to the host, as it would move between normal machines on the same network.

Edit: In terms of checking for connections, the simplest way is to nmap the host from the guest. Use the -PN switch, incase your host blocks ping. If there is any response, then you've got a connection there. Even if you don't, there's still the possibility of a connection through another machine, if that one is connected to both the host and the guest.

technically, the answer is yes and with virtualization growing increasingly popular, expect more attacks on hosts through the guest OS in the forseeable future.

In response the John T's post about bridging - There is nothing required the host to be addressed. In our setups the host never has an assigned ip and therefore has no network connection. When updates are needed all virtuals are suspended, the host is temporarily assigned an IP, updates are performed, host IP is removed, then virtuals can be resumed.

Since we keep the host fairly bare and do all work in the virtuals, very few host updates are needed, kernel, X and virtualization code mainly.

I can confirm that it is possible for the host to get affected while browsing in the guest.

I have Windows 7 as the host and Ubuntu 12.04 as the guest system. I also have ESET Smart Security in Windows 7.

I was working on the guest system and suddenly wanted to browse. I opened Firefox in the guest system and while searching clicked on an ad. That ad seemed to be malware as ESET (in the host) popped up a warning saying something has been blocked from installing.

So, an ad clicked at guest seemed to affect host. Though it was blocked, hopefully, by the host antivirus. I was thinking that shared folder was the only link untill now. But a simple network connection via NAT allows for a virus to spread between systems.

Hope this clears the air a bit. This is just my experience yesterday, as I don't know the full technical details of how it is possible.

A little late to the answer party, but affect can have multiple meanings. The virus can be contained and have no risk of spreading from the VM. However, it can still consume resources such as CPU, RAM, disk, and the network of the host machine.

technically yes because the VM saves the files to the host PC so its risky and it depends on the virus