Can virtual machines infect their host? [duplicate]

networking virtual-machine

Possible Duplicate:
Virtual Machine and Virus

I've always been curious because I've run a virtual machine a few times.

  • Can a VM infect the host with a shared drive between the two?
  • Can a VM infect the host with absolutely no networking at all?
  • Can something malicious "break out" of the virtual machine and infect its host?

Basically, is there any time at all that a virtual machine can pose any kind of security risk to its host?


Solution 1:

Depends on how your network is configured. I use my VMs in a bridged network, so basically each VM is a computer in the network, with own IP adress, etc.

The shared folders are usually network storages made visible to the guest OS. But in fact, that isn't a true server serving network shares, so it doesn't bring the same risks with it.

I've never heard of VM breakout-viruses, but it's technically possible. If there would be a bug in some of the emulated hardware, code might be run in the host system. However I've never heard of such thing before.

OK, now, when taking your question into account, It is not impossible, but very unlikely. Unlikely to the point that it's used as sandboxes for OS-es that pose security risks.

However, probably the most overlooked security risk is the shared clipboard. This works even with deactivated network, of course. When you copy a whole file that is infected, accidentally or not, you might infect the host os.

My Host is Linux, and with Windows guests, I don't have too much risks of getting "shared" viruses.

The Virus would need to be specifically designed to infect hosts-of-guests in VMs.

Solution 2:

Yes absolutely, without any "virtual" connection between them. CVE-2009-1244

No shared virtual network needed. No shared virtual drive needed. Security between Host OS and VM is just layers of software. Software fails. More code equals more bugs. Some bugs are exploitable. VM -> Host exploitation is a reality, and a statistical probability.

Related

How do I add a shortcut to a website to the Windows 8 start screen?
how to log the performance of all processes in windows 7? [duplicate]
Kill window or application just like linux do
Does Windows use the fastest drive for the page file?
How to change computer but retain hard disk
My Windows 10 version 1511 won't update to latest 1803?
Can't see DVD drive in Windows 8 Developer Preview
Why is my computer fan so loud?
Finding CPU usage of a service
Is there any way to "restore" a .pst (Outlook Personal Folder) or .ost (Offline Folder file)?
How can I make a copy of a printer in Windows 7?
Replacing notebook SATA hard disk with SSD without reinstalling