Hypervisor - Security Implications

Security Implications

The use of hypervisor technology by malware and rootkits installing themselves as a hypervisor below the operating system can make them more difficult to detect because the malware could intercept any operations of the operating system (such as someone entering a password) without the antivirus software necessarily detecting it (since the malware runs below the entire operating system). Implementation of the concept has allegedly occurred in the SubVirt laboratory rootkit (developed jointly by Microsoft and University of Michigan researchers) as well as in the Blue Pill malware package. However, such assertions have been disputed by others who claim that it would indeed be possible to detect the presence of a hypervisor-based rootkit.

In 2009, researchers from Microsoft and North Carolina State University demonstrated a hypervisor-layer anti-rootkit called Hooksafe that can provide generic protection against kernel-mode rootkits.


Read more about this topic:  Hypervisor

Famous quotes containing the words security and/or implications:

    Modern children were considerably less innocent than parents and the larger society supposed, and postmodern children are less competent than their parents and the society as a whole would like to believe. . . . The perception of childhood competence has shifted much of the responsibility for child protection and security from parents and society to children themselves.
    David Elkind (20th century)

    Philosophical questions are not by their nature insoluble. They are, indeed, radically different from scientific questions, because they concern the implications and other interrelations of ideas, not the order of physical events; their answers are interpretations instead of factual reports, and their function is to increase not our knowledge of nature, but our understanding of what we know.
    Susanne K. Langer (1895–1985)