

Someone Figured Out How To Compromise VMware From Inside - VonGuard
http://www.sdtimes.com/blog/post/2009/04/11/Someone-Figured-Out-How-to-Step-Up-in-VM-Ware.aspx
Finally seems there is code in the wild to step up and compromise a hypervisor from the inside.
======
cstejerean
90% of the linked article is a waste of bytes. Here's a summary of the other
10%

VMWare released a patch to address a critical vulnerability in the virtual
machine display function that might allow a guest operating system to run code
on the host. [http://lists.vmware.com/pipermail/security-
announce/2009/000...](http://lists.vmware.com/pipermail/security-
announce/2009/000055.html)

That's about it. There's also two barely related links to

<http://www.invisiblethings.org/papers/redpill.html> and
<http://bluepillproject.org/>

The first one is a technique for detecting the presence of a hypervisor, the
second I can't quite figure out, but it appears to be a kind of hypervisor.

~~~
gdee
Don't take this the wrong way, it's meant as a little meta-joke: Based on word
count, you're "summary of the other 10%" is exactly 46.8% of the original. :)

~~~
cstejerean
I guess "summary" was the wrong word :)

------
mkelly
There was at least one talk at Defcon last year about this kind of thing.
Escaping VMs is not as hard as the article suggests.

