VMware moves to plug security holes

gallery

VMware, the virtualisation vendor, this morning announced the introduction of a new security technology called VMware VMsafe, designed to protect applications running in virtual machines.

Dr. Mendel Rosenblum, VMware chief scientist unveiled the new technology at the vendor's first European user conference, VMworld Europe, saying it was capable of protecting software running in the data centre in ways previously not possible in physical environments.

"It's a better model for protection engines to sit within the virtual infrastructure because here we can see into the memory, CPU, disk and I/O systems," he said. "That is why we have published APIs [application programming interfaces] to encourage the security industry to develop products to sit on top of the virtual environment."

He added that the VMsafe APIs could allow vendors to develop advanced security products that combat the latest generation of malware, by enabling integration at the VMware hypervisor layer and providing the transparency to detect, prevent or eliminate threats and attacks such as viruses, trojans and keyloggers from ever reaching a virtual machine.

The company said 20 security vendors have already signed up to the VMsafe technology and are building products to enhance the security of virtual machines.

One such vendor is McAfee, whose chief technology officer and executive vice president of product development and research, Christopher Bolin, endorsed the VMsafe strategy presented by Rosenblum.

He said: "Virtual machines remain just as vulnerable today as the software running in traditional data centre environments. That's why we've been working with VMware these last months to develop VMsafe and make sure its open to other security vendors."

A case in point was demonstrated earlier this week when US security vendor Core Security Technologies highlighted an unpatched flaw it said it had discovered in VMware's virtualisation software. It said the fact that VMware has no way of properly validating PathNames to its shared folders feature could potentially allow an attacker to create or modify executable on the host operating system using a custom-coded PathName.

Bolin said: "[Of the] tsunami of malware we saw emerge during 2007 - accounting for 37 per cent of all the malware we seen since we've been in business - we've not yet seen any exploits targeting virtual environments." But he added that greater adoption of the technologies will lead to them becoming a greater target in future.

Email to a friend

Print this page