Thank you for clarifying this! So there is not much sense in blocking QWT, as Windows qubes are notoriously insecure. Using a compromised QWT will just make an already bad situation even worse. Using Windows under Qubes poses a risk anyhow, but this risk is mitigated a lot thanks to the security functions of Qubes. Using Windows outside Qubes is, in my opinion, suicide, especially when you regard the latest problems like the Midnight Blizzard's hack.
Andrew David Wong schrieb am Samstag, 13. April 2024 um 08:46:44 UTC+2: > On 4/12/24 4:50 AM, Gerhard Weck wrote: > > [...] > > > > - Things may look different, if an attacker could, via the Xen PV > drivers, > > break out of a Windows VM with QWT and compromise Xen, and therefore > Qubes > > itself. In this case, usage of a Windows VM with the insecure QWT may be > > too risky in many, but not all circumstances. So far, I found no > > information, if such a scenario is possible at all. What is the extent > of > > possible compromises of the Xen PV drivers - is it just local to the VM > or > > could it reach into Qubes itself? It would be helpful if this could be > > clarified somehow. > > > > [...] > > > > This was already clearly addressed in QSB-091: > > > Impact > > ------- > > > > If the Xen Project's Windows PV Drivers were compromised at build time, > > all Windows qubes that have Qubes Windows Tools (QWT) installed may also > > be compromised. If the drivers were not compromised at build time, then > > there is no known vulnerability. > > > > Dom0 is not affected, even though the `qubes-windows-tools` package is > > installed in dom0, since neither the dom0 package build process nor dom0 > > itself interprets these driver files. Rather, the purpose of this > > package is merely to make the driver files available to the Windows > > qubes in which QWT are installed. > > In other words, only the Windows VMs using QWT are potentially at risk, > not dom0, Xen, or Qubes OS itself. > -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/47b97b64-b27f-4e8b-96e0-48e9c97254d4n%40googlegroups.com.
