> It seems our colleagues doing virtualization on Intel have another > possible security > concern to worry about now..... > > By far the biggest concern related to virtual machine security is the > threat of > > a virtual machine escape. A virtual machine escape is a theoretical type > of > > attack in which an attacker uses a vulnerability within a virtual > machine to > > take control of either the underlying host operating system, or the > hypervisor > > itself. Upon doing so, the attacker could potentially gain control of > the other > > virtual machines hosted on the server. > > > > Why is it such a threat? It's the fear of the unknown, that eventually > someone > > will be able to do it.
Not just possible; proven. It's been done on an Intel Pacifica chipset, and there was an excellent paper in IEEE Transactions on Computer Systems on how it was done.
