I know they can jump Hard Drives and partitions but is it possible they can jump from a VM to the real machine? I ask this because I am wondering how Viruses are made. Even before virturaliztion how where they made? How did the person making them not infect their machine?
If the VM is in Bridged mode on the local network, it will have an IP address just as the host does, and will be connected as an equal to the host to the network. But that’s the same risk as between any two network clients.
However, there’d still have to be some action taken on the host that would connect to the VM, or vice versa, wouldn’t there?
I’m thinking of the time I used IE to connect to what I thought was a legitimate furniture site, only to have the Awola scamware download into my machine without so much as a by-your-leave. If the VM had an Awola infection, and was also running a web server that distributed Awola, then connecting to the VM from the host or from any other VM would certainly spread the malware.
Whether there’s malware that breaks through the hosting program itself, I don’t know.
Generally, the VM is seen as a separate computers. It’s no different than if you have two computers side by side on the desk – the virus can go from one to the other only through some sort of connection.
There are some viruses that are VM aware and will not infect virtual machines (so they can’t be safely tested). I’d say that if they can do that, they could also be engineered to go from VM to another machine – but I haven’t heard of a case where that is possible.
What brand of VM machine? What role is the physical machine filling on the network? If its NIC configured?
There have been descriptions on Slashdot recently on some fairly serious VM ware vulnerabilities.
Computer viruses, like their biological namesakes, can do nothing on their own. A virus is just a bit of code, and will just sit there idly unless it’s executed. Part of what makes a virus a virus is that it has measures built in to try to trick other programs on the computer or the user into running it.
For instance, a person might make a virus that, when executed, seeks out any program meeting a certain description, and attaches copies of itself to that program. When one of those infected programs next runs, it’ll in turn run the virus again, which infects more programs, and so on. But it has to run once to begin with, to start the whole process. The author of the virus presumably distributed it by manually attaching it to some program, and then distributing that infected program, without ever running the infected program himself.
On the question of virtual machines, by the way, one common reason for running a virtual machine is to use a different operating system than one normally does, and most viruses will only affect one specific OS (though they can still exist in dormant form on others). So in those cases, even if there’s some sort of connection between the real and virtual machines, the virus is still likely to be unable to infect the other machine.