Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to  
VMWare opens hypervisor to security apps
Published: 2008-02-27

Virtual-machine software maker VMWare announced on Wednesday a way for security programs to access the company's software and protect virtual systems in a way not possible today.

The company unveiled the technology, called VMSafe, two days after security researchers disclosed an issue in VMWare for Windows that could allow an attacker to run malicious code in a virtual machine and affect the underlying host operating system. By using VMSafe, security software could detect and block such attacks, the company said.

Twenty security companies have announced support for the technology and are expected to build applications to take advantage of the features, VMWare stated.

"The industry has come out in full force to support VMWare VMSafe technology with plans for a whole new class of security products that offer customers new advantages to running applications in virtual machines," Raghu Raghuram, vice president of data center products and solutions for VMWare, said in a statement.

Virtual machines continue to be considered a way to add security to otherwise insecure operating systems, though the security benefit of running operating systems in a software sandbox has increasingly been questioned. Some security researchers have maintained that a small software shim, or hypervisor, could be inserted between the guest and host operating systems, invisibly compromising the system. Microsoft and other companies have used virtual machines to create a multitude of client-side honeypots, or honeymonkeys, to check out potentially dangerous Web sites.

Like other machine virtualization technologies, VMWare uses a small software program, or hypervisor, running on a host operating system to emulate a physical computer system and manage one or more guest operating systems. The VMSafe application programming interface (API) will allow access to the virtual machines' memory, CPU, disk and I/O subsystems, the company said in a statement. The API should allow security firms to create software defenses that can prevent malicious programs from infecting, or otherwise accessing, the guest operating systems.

Symantec, the owner of SecurityFocus, is among the companies that have announced support for VMSafe.

If you have tips or insights on this topic, please contact SecurityFocus.

Posted by: Robert Lemos
    Digg this story   Add to  
Comments Mode:


Privacy Statement
Copyright 2009, SecurityFocus