RE: Protection From Malware (Windows Users)
April 26, 2013 at 3:59 pm
(This post was last modified: April 26, 2013 at 4:00 pm by Love.)
(April 26, 2013 at 3:47 pm)JesusHChrist Wrote: But AVG detecting a virus inside a VM disk file is not the same as the host being forced to execute that code. How would the host run the infected code and become infected itself? Seems like there would need to be a flaw in the VM software itself. I also use virtualbox BTW.
I'll have to look into this as I thought windows within windows was a safe architecture.
VirtualBox rules!
I agree entirely. However, I found it extremely disconcerting that AVG on the host could detect a piece of malware that was residing inside what I perceived to be multiple layers of protection (i.e. Windows VM, Sandboxie et cetera). Although this obviously does not mean that the execution of the malware inside the VM will automatically lead to infection on the host, there is a much greater probability that the malware will be able to escape the VM and infect the host if you are: using the same operating system for the VM and host, sharing drives and sharing network connections. It also depends on how sophisticated the malware is. I do not think so much that it would be a flaw in the VM software, but rather the ability of the malware to detect that the host and VM are using the same operating system. If the VM is Linux and host is Windows, and you're running the Windows software with WINE in the Linux VM, this will massively confuse the malware; it will not be able to perform operations outside of WINE.