PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
September 2009

Security threats to virtual environments less theoretical, more practical

Jailbreaking a virtual machine has always been sort of a black op. You constantly hear whispers of researchers studying malware samples captured in the wild that can leap from a virtual guest machine to the host. Other researchers, meanwhile, work on exploits for vulnerabilities that would also allow an attacker to escape a virtual machine. These tangible exploits threaten the sanctity of virtualization projects that are so en vogue today with many companies for their server consolidation and power consumption benefits. The volume is getting louder on these exploit tools because every month or so, there are more of them. One of the neatest was outlined in late July at Black Hat 2009 USA. Immunity, an assessment and penetration testing company, provided details on a tool called Cloudburst, developed by senior security researcher Kostya Kortchinsky. Cloudburst, available to users of Immunity's CANVAS testing tool, exploits a bug in the display functions of VMware Workstation 6.5.1 and earlier versions, as well as VMware Player, ...

Access this PRO+ Content for Free!

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

Safe Harbor

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue