Macs Open to Security Flaw Thanks to Windows in VMware Fusion
The recent Conficker virus scare had me warning relatives to protect their PCs, while also simultaneously gloating about how lucky I am to not be affected, since I’m a Mac user. You could say it bordered on the obnoxious, and you’d be right.
But it looks like I may have to eat some humble pie now that a bug has been found in VMware Fusion that could potentially allow malicious code to be run on your Mac using a virtualized Windows machine as a conduit. Obviously, Windows is still the weak link here, but it doesn’t make your Apple machine any less vulnerable.
Luckily, the flaw was discovered by Immunity Inc. exploit researcher Kostya Kortchinsky, and not by some malicious hacker eager to steal your credit card information. The vulnerability allows the virtual machine display function to read and write code in the host operating system, including OS X. Kortchinsky demoed the flaw using a Vista machine running a guest OS of Windows XP, but said the flaw is just as easy to exploit in OS X running Fusion, though they hadn’t yet actually run live tests of such a scenario.
Not one to be caught slouching, VMware has already responded with an update to Fusion, version 2.0.4, to fix the bug and block the exploit. It’s a free update for all Fusion 2 owners.
Even if Windows is actually the conduit for the malicious code in this case, this is a good reminder that Macs are not invulnerable to attack, despite what we may sometimes think. There’s a variety of security software out there to consider, but as always, smart and safe usage is your best bet for avoiding most ills.
Tweet This (31)
Sheltie on April 16th, 2009 at 9:17 am
Luckily the Conficker virus didn’t infect my computer either. I wish those criminals wouldn`t develop such malware.
SpaceFlightOrange on April 16th, 2009 at 9:55 am
I Wonder is parallels vunerable in a similar way?
I was a bit concerned when Conficker came on the scene, because the smartmount feature of parallels means your mac drives are writable by windows, and this is on by default.
Unless absolutley necessary i recommend completely isolating your Windows vm from any mac drives
krye on April 16th, 2009 at 10:39 am
Still not worried.
Ken on April 16th, 2009 at 11:58 pm
Here’s something funny.
Before I switched to Mac back in 2004 I ran a Windows box on a static DSL line, on 24/7. I hosted five domains (mostly family sites). I didn’t run AV software. Before I packed it into the garage I did a virus scan and it came clean.
I’m not worried about my Mac. Though it would/will be funny if I get infected.
Rob A. on April 18th, 2009 at 1:49 pm
You state that Windows is the weak link here and you are wrong. VMware is the weak link here. They’ve been releasing security bug fixes for the last week and it’s yet another security flaw in VMware’s code. This doens’t speak well to their isolation or security testing.
Partners in Grime on April 19th, 2009 at 12:01 pm
I thing someone spelled Conficker wrong.
security software on August 18th, 2009 at 2:00 am
If you have a powerful antivirus you don’t have problems with Cornflicker.
ambreen tariq on November 13th, 2009 at 11:14 am
horrifying news..but what’s the purpose of software security testing tools than. aren’t they worthy to use.
ambreen tariq on November 13th, 2009 at 11:22 am
horrifying news..but what’s the purpose of software security testing tools than. aren’t they worthy to use.
พระเครื่อง on November 16th, 2009 at 9:37 am
It’s very useful for me. Thank you.
ข่าวพระเครื่อง ตะกรุด มีด เว็บฝากรูป