Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS Virtual PC Flaw Defeats Windows Defenses

Posted by kdawson on from the around-the-maginot-line dept.

Coop's Troops writes "An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft's Virtual PC virtualization software to malicious hacker attacks. The vulnerability, which is unpatched, essentially allows an attacker to bypass several major security mitigations — DEP, SafeSEH and ASLR — to exploit the Windows operating system. As a result, some applications with bugs that are not exploitable when running in a not-virtualized operating system are rendered exploitable if running within a guest OS in Virtual PC."

4 of 141 comments (clear)

  1. Still can't exploit the host OS by cbhacking · · Score: 5, Informative

    This is definitley a bug, but all it does is allow bypassing of security features in the virtualized system. In other words, you can exploit the VM client, but you still can't get at the host.

    It's worth of a patch, but not of a panic. If you're virtualizing for security, you don't really care what happens to the virtual system (that's the point). If you're virtualizing so you can run an old OS, it's going to be full of holes anyhow. If you're virtualizing for any other reason, why the hell are you using consumer-grade virtualization software?

    --
    There's no place I could be, since I've found Serenity...
  2. Re:Linux by Hamsterdan · · Score: 5, Informative

    Virtualbox.

    --
    I've got better things to do tonight than die.
  3. Re:Ugh, this isn't good. by cbhacking · · Score: 5, Informative

    Honeypots are designed to get hit. This bug doesn't make the host system vulnerable, it just means that the client OS is easier to exploit.

    If it worked on Hyper-V, this would be a big problem; that's a server-level technology where even the clients are expected to remain secure. On the other hand, Virtual PC isn't even a hypervisor; it requires a full OS onderneath it, running itself as just another Windows app. Up until 2007 didn't even require hardware support for virtualization.

    --
    There's no place I could be, since I've found Serenity...
  4. Credits by aurelianito · · Score: 5, Informative
    From TFA:

    An exploit writer at Core Security Technologies has discovered a serious vulnerability that exposes users of Microsoft's Virtual PC virtualization software to malicious hacker attacks.

    I would like to add that the exploit writer at Core Security Technologies that discovered this vulnerability is Nicolás Economou and congratulate him on the great work he has made.

    Disclaimer: I also work at Core