Can Malware in VM trickle down to Linux?
Hi,
I'm using VirtualBox on Linux Mint 15 and wish to install my Win7 OS as a VM. My concern however is, what if my "virtualized" Win7 gets infected with malware or stuff; can my Linux Mint get affected? (ofcourse I will install anti-virus things in Win7) Would really appreciate some help on this pls |
Hey there and welcome to the forum! With a cool question!
The simple truth: no, infection is not possible. A virtualised machine does not know it "lives" on top of an other machine... Let's examine an infection step by step: - malware/spyware/iffyware comes on a system - it needs execute rights, in ***dows, that's not a problem, on Linux...it's not likely it gets executed - it needs to find the startup files, in a ***dows system, it's right there, but...on a Linux system, it can be anywhere. Fedora starts up differently than Manjaro... - it needs read rights, so what if it reads these files - it'll try to edit them in user space (the space it invaded as it came in) - so what - it'll try to save the altered startup file(s), in a ***dows system that's a snap, on a Linux system...not likely to happen. It has the same rights the user has, the user cannot alter these files, neither can it... It's likely your harddrive (and anyone else's for that matter) is littered with ???ware that never got started up, and even then could'nt get the system infected...a real "boneyard" - creeeeeepy.... I'd not worry about this. It's likely your virtualised ***dows will die, at one point some time (thus is the fate of these systems anyway)...but, that's only in the confines of the VM... Thor |
Thor_2.0 Thank you very much for the super explanation. It's cleared all doubts and given me even more confidence to stay married to Linux.
|
Quote:
Quote:
Hope to read more of you! :D Thor |
Hi there,
Quote:
[X] Doc CPU |
To get things into a real proportion:
1. Under a secure hypervisor, the VM should not even be aware of it being virtual, so unless you get a virus that is specifically targeted at trying to get into the underlying hypervisor (exploiting a weakness, and those are very rare), you're safe. 2. If you get a windows virus into a linux (or any other non-windows) system, it can only be a binary file, a bunch of data that cannot be executed. 3. virtualbox is not very security oriented, but in the industry standard hypervisors like KVM, you have additional security issues, like sVirt, which locks every VM down into an execution container, and even if the VM-hypervisor boundary is breached, the only thing compromised on the hypervisor will be that container, unable to break out into the actual host OS. In short, keep your windows secure and don't worry about the host OS too much. This doesn't mean the host OS can't be attacked directly, but there are other means of defending against that. |
It is actually possible but has not been reported as a threat. It has been noted on several instances where it might be possible and some patches set in place.
There is no substitute to best practices in any case. If you ran windows badly you could run linux badly. |
@ Doc CPU - touché, learned something here...and, she'll not cheat on you either. Oh, she'll mate around, but you'll know...and you'll know for shure, that even though she mates around, you're her only love...I love Linux...
(that...and I have to get out more...) Quote:
|
All times are GMT -5. The time now is 11:17 AM. |