Client Login
Username:
Password:
 Quick Contact
Name:
Phone:
Email:
Microsoft Virtual PC Security Flaw
Category : General 25 Mar 2010 09:02 AM | Industry News
Microsoft is downplaying the problem, but Core Security says the vulnerability could allow an attacker to bypass security defenses to compromise virtualized Windows systems.
Microsoft indicated that it plans to solve the problem in future updates to the vulnerable products: Microsoft Virtual PC 2007, Windows Virtual PC, and Virtual Server 2005, the advisory says. Microsoft Hyper-V technology is not affected by the problem, Core Security said.
Core Security Technologies issued a security advisory for our Virtual PC (VPC) software. The advisory calls out a proof of concept where the virtual machine monitor allows memory pages above the 2GB level to be read from or written to by user-space programs running within a guest operating system. The advisory explicitly calls into question the effectiveness of many of the security hardening features of Windows, including DEP, SafeSEH, and ASLR.
Basically, the hole could allow an attacker to bypass Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), and other security mitigation features to compromise virtualized Windows systems. Thus certain vulnerabilities that were not exploitable may become exploitable in the virtualized system, said Ivan Arce, chief technology officer at Core Security.
An attacker would need to abuse an already present vulnerability in order to leverage this technique. In the scenario Core describes, the functionality is limited to within the virtualized environment - in other words, an attacker could only exploit a vulnerability in an application running 'inside' the guest virtual machine on Windows XP rather than Windows 7 in the case of Windows XP Mode.
Core Security recommends that affected users run all mission critical Windows applications on the native hardware or use virtualization technologies that aren't affected by the bug.
Microsoft downplayed the issue, saying it wasn't really its own vulnerability but merely a "way for an attacker to more easily exploit security vulnerabilities already present on the system".
We believe that Windows XP Mode and Windows Virtual PC are great bridging strategies to help customers who have legacy applications get up and running on Windows 7. For those customers who need Windows XP Mode, they should look to install only the required subset of applications that need Windows XP in order to function properly while planning to move those applications to Windows 7 in the future.