Does the Virtual PC XP Mode need safety measures?

Solution 1:

Yes. In essence, It is still just regular old virtualization, same as used in VMWare or VirualBox. Just because they share the same start menu items, does not make it any less (or more) secure.

You should always be taking the appropriate measures and cautions as with anything else. If you use antivirus, install it on both the host and guest OS.

Solution 2:

From my understanding and experience with Virtual machines, they usually need seperate security measures. Seeing that they are "bypassing" antivirus software firewalls of the host PC / Server, you'd want Antivirus / SW-firewall on both the HOST and the vitual pc / server.

A Physical Firewall placed before the gost would cover both the host and the virtual pc/server, because all network traffic passes through it.

This article covers mentions that exact issue

Woodgate noted that XP Mode isn't a security solution. Indeed, to protect their systems, users will need antivirus software running both on their Windows 7 desktop as well as a copy running inside their Windows XP virtual machine.

Also check out this blogpost concerning security of XP-mode in win7

The problem is that Microsoft are not providing management around the XP mode virtual machine (VM). This creates the potential for a security disaster. XP mode is an independent Windows instance, that shares the odd folder and device with the host Windows 7 installation. What it doesn't share is processes and memory. So it doesn't share security settings, security software, patches etc. It does not inherit any security from the host. When you use XP mode, you need to patch the copy of XP as well as the host Windows 7. You need to manage settings separately, configure two personal firewalls and install and manage two copies of anti-malware software.

This would mean having 2 seperate liscences for software, unless the specific software vendor has a liscencing scheme that covers virtualization. This may probably become more popular* now that Win7 is going to havebuitl in XP, since users will expect liscences for both operating systems.

*: Assumption on my part, no facts to base this upon! :)

Solution 3:

I contacted Microsoft last week and asked them about the potential risks of using Windows XP Mode. They replied saying that due how it's implemented, the risk of malware breaking out of the VM is 'very unlikely'. They didn't go into further details, though.

Solution 4:

Just be sure to disable Integrated Devices -> Hard Drive sharing. Warning: Windows XP Mode not only can read the contents of your hard drive, it can also write and modify files in it with elevated security credentials. This is a very serious oversight by Microsoft. Most users assume that shared drives under Virtual Window XP mode follow normal behavior of shared folders, ie. if you did not explicitly share a drive, it will not be accessible, and if you do not have the right security credentials, access and modification is disabled. ALL OF THESE ARE BYPASSED BY WINDOWS XP MODE INTEGRATED DEVICES. That means all the files in the host machine can be accessed and modified by a program in the virtual machine. Be warned. Install security software as a precaution, or atleast disable Integrated Devices if you are lazy in keeping your virtual machine secure.

Solution 5:

The official answer from Microsoft is: yes it does need anti-virus software.

This is mentioned in the following video on Microsoft's web site: http://windows.microsoft.com/en-us/windows7/help/videos/using-windows-xp-mode

One more thing to note: anti-virus software is not included in Windows XP mode. Even if your computer running Windows 7 already has anti-virus software, you should also install anti-virus software in Windows XP mode, to help defend your computer against viruses.

And as other people have posted, this happily concurs with third-party reports on the subject.