Is host machine safe in case of virus on virtual machine

patkim

Cyborg Agent
As goes this title, in case there's virus on a virtual machine is there any possibility of the host also getting affected? The shared folder is disabled or set to read only mode for the vm.
Many times I prefer to try freewares, adwares etc first in vm before doing anything on host os. Thx.
 

Vyom

The Power of x480
Staff member
Admin
Doing a sudo rm-rf won't affect the files on your local PC.
I think that's enough to say your local pc isn't affected by virtual machine, until and unless there is a way for the virtual OS to talk to host pc through shared folders, which you mentioned is already disabled.

Also, sharing Pen drives on infected virtual machine and host PC should also be avoided, goes without saying. But saying, just in case, you were planning to do so. :p
 

Anorion

Sith Lord
Staff member
Admin
its possible, hypervisors have known exploits
here is example > *www.vmware.com/security/advisories/VMSA-2013-0010.html

plus like Vyom said, there are other vectors of infection, network, or usb drives
 

Hrishi

******************
Generally it doesn't spreads unless , you have USB drive or shared folders enabled.
But like said earlier , there can be exceptions.
 
If a malware wasn't specifically designed for a VM, it's unlikely to spread into host OS if shared folders are disabled and no storage device is shared. But; like many have mentioned; virtual environments have security holes. SO, a malware specifically targeted towards VM can exploit these cracks. Kep the hyperviser updated anyways.
 

whitestar_999

Super Moderator
Staff member
@Anorion,that link is not of concern for op's query:
VMware Workstation and Player contain a vulnerability in the handling of the vmware-mount command. A local malicious user may exploit this vulnerability to escalate their privileges to root on the host OS. The issue is present when Workstation or Player are installed on a Debian-based version of Linux.
The vulnerability does not allow for privilege escalation from the Guest Operating System to the host or vice-versa. This means that host memory can not be manipulated from the Guest Operating System.
but i do agree about using latest version of any virtual machine software which has security fixes.
 
Top Bottom