Beware of virtualization exploits

Since a lot of people are adopting virtualization, more and more people are wondering about the security risks. Since my last big post on virtualization security, it's time for some updates:

• VMWare releases security alert
  

VMware has released a security alert in response to a vulnerability in Windows-hosted VMware Workstation, VMware Player, and VMware ACE. This vulnerability exists in the host-to-guest shared folders feature and allows applications running in the guest operating system to access the host operating system's file system. Exploitation of this vulnerability may allow an attacker to circumvent the controls on the guest system and gain read and write access to the host file system.

US-CERT encourages users to review VMware knowledge base article 1004034 and apply the workarounds. (Source: US-CERT)

• Live Virtual Machines at risk during transit

Jon Oberheide, a researcher and PhD candidate at the University of Michigan, is releasing a proof-of-concept tool called Xensploit that lets an attacker take over the VM’s hypervisor and applications, and grab sensitive data from the live VMs.

Oberheide says organizations don’t typically realize or consider the risk of migrating live virtual machines . The last thing they want to do is take down the live system because that would defeat the purpose of the dynamic and high-availability features you get in a VM deployment.