4

According to this link, when running a windows OS virtual machine on a windows host OS, one can share files like one would share files between two computers on a network by ensuring that file sharing is enabled on both operating systems.

My mom her computer infected with ransom-ware, which resulted in her needing a new OS and losing all of her data. :-(

I am thinking installing a virtual machine on her computer for her to use when browsing the internet and looking through emails (she's not very cautious when it comes to emails and links in them). I want to make it so that when she works on documents in the VM she can save it to the host system to access later. However, I'm concerned that this would defeat the whole purpose of working on a VM.

Is it possible for ransomware to spread to another computer through a shared file system that windows provides? I'm also assuming other malicious viruses and malware can spread through such a connection, correct?

To prevent such things from happening, could I not just share only the specific folder on the host system where the files will be stored?

2 Answers2

2

As MiatoHatola pointed out, moving possibly infected files from the VM to the host system exposes the host to all the dangers the VM is exposed to. You can migitate that danger, for example by automatically scanning files in the shared folder, or by removing most software from the host that would be used to open these files. For example, you could remove the web browser from the host system, which would force your mother to use the VM to browse the web (humans are lazy; she will forget to open up the VM if she can just run the browser on the host) and remove all browser exploit attack paths from the host system.

Thinking about this a bit more, you might arrive at the conclusion that it makes more sense to do certain tasks entirely in the web browser VM, and other tasks entirely in the host. This will reduce the number of files your mother must shuffle from VM to host. Then you might think about moving all tasks to special VMs: For example, there might be a VM for everything that's untrusted, e.g. web surfing, reading mail and looking at documents downloaded in the untrusted VM, and a VM for everything else that's network related, but trusted, such as E-Banking, and yet another VM for doing stuff that doesn't need network access (personal finances, writing letters, doing your tax returns etc). For this VM, you can remove the virtual network interface so it can't possibly connect to the network. The host would just be there to start the VMs.

The advantage of this is that you reduce the attack surface significantly, because you isolate tasks from each other and reduce the amount of data that must be exchanged between the VMs. Also, if malware such as ransomware actually makes it to one of the VMs, you will most likely notice it before it can spread to every other VM. So the damage stays localized.

The disadvantage is that it makes working with the computer more difficult. Your mother will need to remember which VM is for which task, and she'll need to put up the discipline to use the correct VM for the task at hand. You can enforce some of that, for example by making the firewall only connect to trusted sites from your "trusted network VM", and by controlling which software is available in a VM, but it's still a bit of a hassle, especially when she wants to do something for which there isn't a clearly defined task boundary.

Qubes OS is an Operating System built on this idea, and tries to streamline the involved workflows, but it's probably not something your mother is going to be happy with.

If your main point of worry is another ransomware attack, diligent backups are a much easier solution.

Out of Band
  • 9,200
  • 1
  • 22
  • 30
1

From my understanding, you would most likely be just fine by sharing a single folder between the Host and Guest operating systems.

For a malicious program to act on more than just the files within the files of the Shared Folder, I'd expect a security vulnerability within VMWare would be necessary. This isn't exactly unheard of, but I have doubt a malware author would use such an exploit outside of a targeted attack because running a virtual machine lends to technical competence, and finding the vulnerability would carry a cost of money and time that could be saved on by just finding targets who don't browse in a virtual machine.

From the host OS, there does lie the possibility of vulnerable programs to be trapped into parsing evil files within the shared folder, or for a malware author to find a method of performing a VM escape.

I don't know personally of any instances in which this has happened in a notable piece of malware, but this looks relevant for looking.

dreamist
  • 94
  • 6
  • You are not taking into account the fact that his mother can save a "FunnyKittens.jpg.js" file in the shared folder and when she later wants to look at the cute kittens from the host machine she will run a malicious Javascript file on the host. – MiaoHatola Mar 19 '17 at 07:27
  • That I figured I was taking into account when I mentioned vulnerable programs parsing evil files (a browser in that example), though in writing I was thinking more immediately of a recent example I was reading about aggressive antivirus engines. In the case of malware placing malicious files on the VM, wouldn't she be able to check it in the VM before moving it to a trusted location on the back-up storage of her Host? – dreamist Mar 19 '17 at 08:46
  • 1
    You cannot trust someone who is not security aware to test a file that appears to be safe. Especially when the file appears on their machine as "whatever.jpg" (although it is named "whatever.jpg.js" since, by default, Windows hides the extension of known file types. You must not expect this kind of vigilance from a user. – MiaoHatola Mar 19 '17 at 08:50