Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Using virtual machine to open suspicious PDF files.


05 Sep 2013   #1

Windows 7 Professional x64
 
 
Using virtual machine to open suspicious PDF files.

How safe is it to open an infected file on a virtual machine? Is there no chance that the computer hosting the VM will get infected?

What if it's a plug and play malware that can be transferred by USB key? Wouldn't both the host computer and the VM machine become infected if you plug in a USB stick to the computer that is hosting the Virtual Machine?

thanks

My System SpecsSystem Spec
.

06 Sep 2013   #2

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by bishop101 View Post
How safe is it to open an infected file on a virtual machine?...
It depends on how the VM is setup, flaws in the VM software, the type of infection and the person operating the host and VM.


Quote   Quote: Originally Posted by bishop101 View Post
...Is there no chance that the computer hosting the VM will get infected?...
There is always a chance of infection. All you can do is lessen the chance to an acceptable level.


Quote   Quote: Originally Posted by bishop101 View Post
...What if it's a plug and play malware that can be transferred by USB key? Wouldn't both the host computer and the VM machine become infected if you plug in a USB stick to the computer that is hosting the Virtual Machine?...
It depends on how the VM is setup, flaws in the VM software, the type of infection and the person operating the host and VM. You can tell the VM to not use USB connections from the host... but, if the VM software is flawed, it might use the USB anyway under certain conditions.


Other considerations for using a VM to work with suspicious files:
The VM should be frozen (it should not save any changes made to it).
The VM should not have any connections to the host OS...
...no mapped drive letters or UNC connection
...no USB, CD, DVD...
...no drag/drop for moving files between VM and host.
The VM should be on its own isolated network*...
...or disconnected** from all networks before opening the file(s) in question.

*Preferably using a network interface that is connected to a different ISP than the host - since some ISPs treat all connections coming out of one neighborhood as one network.

**If disconnecting from all networks, the VM should exit (revert to pristine) before network connections are enabled again.

The caveat to the info above is: I am not a security expert.
My System SpecsSystem Spec
Reply

 Using virtual machine to open suspicious PDF files.




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:33 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33