1

I have a host system (Windows 10) with premium antivirus and running a Windows 7 in Virtualbox with no antivirus. I have installed sandboxie and try to run executable files that may contain virus. Is it safe to run those applications? and what will be the effect if the virus slips out. I know this is a dumb question even after knowing about sanboxie. But I would like to know the consequences that occur.

Also, I would like to know how it affects the host machine if I run that exe file without sandboxie on Virtualbox.

Since there are many viruses and trojans that silently triggers even without running the exe file. Just want to learn the consequences that virus can damage. (P.S that I still having the antivirus on on the host machine).

schroeder
  • 125,553
  • 55
  • 289
  • 326
  • This has been asked a few times over the years. Does this answer you? https://security.stackexchange.com/questions/23452/is-it-safe-to-use-virtual-machines-when-examining-malware – schroeder May 24 '20 at 08:01
  • 1
    We cannot possibly tell you what an unknown virus might do to your host machine. – schroeder May 24 '20 at 08:02
  • OK i understand, but I have ESET Internet Security antivirus which detect all virus. So I was thinking if I run on Virtualbox, does the antivirus quarantine the attack. – Nagaraj Thirthahalli May 24 '20 at 15:15

1 Answers1

0

The anti-virus program will only quarantine files that are on the host machine, as the anti-virus program has no access to the virtual-drive, hence the name virtual drive.

However, since in order for virtual box to let its virtual machines access the internet it must pass web requests into the host machine. To windows it will look like as if Virutal box is asking to connect to that specific Public Ip address. This is the only thing that is within the scope of ESET. If the web address or the Public Ip being requested is on the Public Blacklist, then it will block it. Anything happening in the VM is contained in the VM as long as CPU microcode security patches are installed.

Windows 7 also comes with Windows Firewall/Antivirus by default.

Amol Soneji
  • 346
  • 1
  • 5
  • 1
    this is correct in theory, but there have been a few diff published vulnerabilities that allow for code inside a VM to breakout and run commands on the host machine. – CaffeineAddiction Oct 22 '20 at 06:50