VMware has updated ESX Server to defend against multiple holes in its virtualisation software. A flaw involving the aacraid SCSI driver might be abused by malicious local users to bypass security restrictions or crash vulnerable systems. The security bug affects both VMware ESX Server 2.x and 3.x versions of the software. …
"The increased use of virtualisation in corporate data centres and elsewhere has raised the profile of the technology. Security handlers at the SANS Institute's Internet Storm Centre described how the technology is showing signs of becoming a battleground between security researchers and crackers, as well as outlining a possible response,..."
For some, IT and ITs Virtualisation may be as a Playground in which all who battle or engage in battles will lose, and a possible response ....."Last month Microsoft fixed in MS07-049 a thread they classified as important that allowed a break out of the virtual OS to the host OS. We had some disagreement on that rating with Microsoft as we saw it as a significant bigger deal than "just" privilege escalation." .... http://isc.sans.org/diary.html?storyid=3411 .... is not a solution. There may be no solution but only a series of responses which will ever increasing have the Host OS following Virtual Instruction Sets. However that would be a Stronger OS with fewer, if any Conflicts. It would certainly be Virtualisation's AIM...... Streamlined Mainstreaming of Shared Source.
And I think I would definitely agree that such a thing is a significant bigger deal, for it is Raw Pure Stealth?
Enlightenment, more to come
M$ is insisting that Virtualization vendors implement the Enlightenment "shim layer", to allow the guest image to be aware of and in formal contact with the hypervisor. This will allow a direct path for hacking by breaching the firewall between the guest and the host environment, and probably allow for some interesting DRM and EULA enforcement as well.