Can virtual machines infect their host? [duplicate]
Possible Duplicate:
Virtual Machine and Virus
I've always been curious because I've run a virtual machine a few times.
- Can a VM infect the host with a shared drive between the two?
- Can a VM infect the host with absolutely no networking at all?
- Can something malicious "break out" of the virtual machine and infect its host?
Basically, is there any time at all that a virtual machine can pose any kind of security risk to its host?
Solution 1:
Depends on how your network is configured. I use my VMs in a bridged network, so basically each VM is a computer in the network, with own IP adress, etc.
The shared folders are usually network storages made visible to the guest OS. But in fact, that isn't a true server serving network shares, so it doesn't bring the same risks with it.
I've never heard of VM breakout-viruses, but it's technically possible. If there would be a bug in some of the emulated hardware, code might be run in the host system. However I've never heard of such thing before.
OK, now, when taking your question into account, It is not impossible, but very unlikely. Unlikely to the point that it's used as sandboxes for OS-es that pose security risks.
However, probably the most overlooked security risk is the shared clipboard. This works even with deactivated network, of course. When you copy a whole file that is infected, accidentally or not, you might infect the host os.
My Host is Linux, and with Windows guests, I don't have too much risks of getting "shared" viruses.
The Virus would need to be specifically designed to infect hosts-of-guests in VMs.
Solution 2:
Yes absolutely, without any "virtual" connection between them. CVE-2009-1244
No shared virtual network needed. No shared virtual drive needed. Security between Host OS and VM is just layers of software. Software fails. More code equals more bugs. Some bugs are exploitable. VM -> Host exploitation is a reality, and a statistical probability.