Attacking Sandboxes

Posted by kdawson on Sunday July 15, 2007 @12:05PM from the just-another-brick-in-the-wall dept.

SkiifGeek writes "Many anti-malware applications use a sandbox as a tool to help identify potentially malicious software. Now knowledge is spreading about techniques and methods that can allow sandboxed software to target the sandbox itself (and by extension the application that applied it). While attacks that specifically target sandboxing applications are probably a little way off, this technology can be considered the logical extension of techniques and procedures to identify the presence of hosted systems (VMWare, Virtual PC, etc.)."

1 of 110 comments (clear)

Min score:

Reason:

Sort:

Smells like MS FUD to me. by opieum · 2007-07-15 14:18 · Score: 0, Flamebait

This sounds like MS FUD to me. Considering that their aim is to stop virtualization (if they are not doing it on their crippleware). It makes their OS irrelevant. And the increasing amount of reports on how virtualization is helping build leaner more efficient server farms and the like bolster this.

This reeks of MS tactics. No proof yet but I am sure it will come out eventually. It usually does. I would not be surprised if they indirectly had something to do with finding these vulnerabilities. MS Fanbois flame away.