Malware and virtual machines

Hi all,

How safe is it to run malware in a virtual machine (it will be running my old XP Pro license)? I plan to try out my own anti-virus/firewall comparison tests out of curiosity, and was planning to do it with VMware Server. Is there any chance that the host system will get infected?

Thanks in advance!

 

Yes, there is.
Check this VMWare patch announcement.
Virtualbox also has had it's vulnerabilities.
No one knows what kind of 'fun' resides in tomorrow's keygen/crack/whatever or drive-by download (which I assume you're going to harvest first) and what they are capable of.

My best advice would be to not use a production machine for malware testing and to not hook it up on a LAN where other computers/users might be affected.
You could sandbox your VM or virtualize a sandboxed VM in a sandbox or whatever, as described here but I would simply not use a production machine.
This Wilders thread is also interesting; check out which FW+HIPS crack under pressure and what virtualization and sandboxing is needed.
Also, make sure that your firewall&HIPS (if you're going to use such a combination) function properly within the VM before testing malware, so test results aren't distorted.
VMware vCenter Converter is a nice program that can even use an Acronis backup image for conversion into a virtual machine.
Cheers and have fun.

 

If you have the latest vmware is it already patched, and fairly safe?

 

Yes, the recent version VM WS 6.5.3 is patched.