Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
General Apps
VM and Remote Access
Possibilities of malware in Virtual Machine infecting Host Machine (Excluding 0-day/VM platform own vulnerabilities)?
Message
<blockquote data-quote="RRlight" data-source="post: 1087399" data-attributes="member: 112542"><p>Since I'm cautious with software downloads and usage, I haven't seen behavioural defence triggered by programs/files on my PC. So out of curiosity (and thrill perhaps) sometimes, I would download samples and run them in virtual machines, to see e.g. how's security software's performance, would security software blocks them from executing, how the behavioural protection looks, etc. You know, it looks similar to bungee jumping or playing shooting games more or less, some risks under control/won't take in real life.</p><p></p><p>The platforms I use are VMWare Workstation Pro and Hyper-V. I use the NAT option for virtual machines' internet connection. For VMWare, the adapters "VMnet1" and "VMnet1" are disabled. The shared folders are also disabled. While trying the files I would keep the internet connected for the VMs as the cloud is important for most AVs.</p><p></p><p>I wonder if it's possible for the virus executed in the guest OS to infect the Host OS, mainly through the local area network formed by the guest machine and host machine, or other similar mechanics, not considering 0-day/platform vulnerabilities (since they are not something we can determine). Back in the day, there were quite a lot of viruses/worms capable of infecting other machines in the LAN (XP-era for example). Is such malware common nowadays? If I use the same anti-virus software for both guest and host OS(I'm using Kaspersky security suit in my own host OS, and then install another Kaspersky in the virtual machine) and it totally misses the malware executed in the VM, maybe the malware could infect the host machine through LAN (or other ways), since the AV in host OS can't block the threat either? I know if the internet connection of VMs is disabled, there shouldn't be such LAN and such risk, but it also disables the clouds. So I'm considering this for the situation where the internet connection is enabled.</p></blockquote><p></p>
[QUOTE="RRlight, post: 1087399, member: 112542"] Since I'm cautious with software downloads and usage, I haven't seen behavioural defence triggered by programs/files on my PC. So out of curiosity (and thrill perhaps) sometimes, I would download samples and run them in virtual machines, to see e.g. how's security software's performance, would security software blocks them from executing, how the behavioural protection looks, etc. You know, it looks similar to bungee jumping or playing shooting games more or less, some risks under control/won't take in real life. The platforms I use are VMWare Workstation Pro and Hyper-V. I use the NAT option for virtual machines' internet connection. For VMWare, the adapters "VMnet1" and "VMnet1" are disabled. The shared folders are also disabled. While trying the files I would keep the internet connected for the VMs as the cloud is important for most AVs. I wonder if it's possible for the virus executed in the guest OS to infect the Host OS, mainly through the local area network formed by the guest machine and host machine, or other similar mechanics, not considering 0-day/platform vulnerabilities (since they are not something we can determine). Back in the day, there were quite a lot of viruses/worms capable of infecting other machines in the LAN (XP-era for example). Is such malware common nowadays? If I use the same anti-virus software for both guest and host OS(I'm using Kaspersky security suit in my own host OS, and then install another Kaspersky in the virtual machine) and it totally misses the malware executed in the VM, maybe the malware could infect the host machine through LAN (or other ways), since the AV in host OS can't block the threat either? I know if the internet connection of VMs is disabled, there shouldn't be such LAN and such risk, but it also disables the clouds. So I'm considering this for the situation where the internet connection is enabled. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
