Virtualization Vulnerability Trends
Posted by Mario Vuksan on Sun, Mar 01, 2009
It has been touted that Virtualization is a more secure alternative to today's physical real estate approach to coming.
Yet
X-Force ISS Report tells us to be prepared for new attacks against the Virtualization infrastructure. For one, discovered vulnerabilities against virtualization software are at all time high.
Report claims that "
although virtual machine breakout vulnerabilities tend to get a lot of attention from the press, they are rare" and they target solutions that predominantely require a fulling blown operating system.
Hypervisor solutions are cure for this as they remove, for example, a RedHat Service Console (in VMWare's case) from the mix. Similarly Microsoft's implementation tries to remove all the unnecessary components from the stripped down OS as not to be affected by any fringe vulnerability.
It is very likely that new hypervisor compromising
malware, attacks on management infrastructure, and other
malicious activity will make headlines very soon. Yet, hypervisors are a very safe today. After studying their structure, we can safely challenge the world to break it and evaluate it. It will not be easy.