PDA

View Full Version : can a malicious software running in Parallels Desktop gain access to OS X?




MacMan988
Jul 30, 2013, 10:50 AM
Hi, I'm a bit worried about having to install Windows in parallels regarding the computer security. Is parallels runs in a sandbox environment? If theres a software running in windows on parallels and stealing data, will it be able to access my data store in the OS X ? (Documents directory, Music etc?)

Thanks in advance!



GGJstudios
Jul 30, 2013, 10:58 AM
Hi, I'm a bit worried about having to install Windows in parallels regarding the computer security. Is parallels runs in a sandbox environment? If theres a software running in windows on parallels and stealing data, will it be able to access my data store in the OS X ? (Documents directory, Music etc?)
Unless you go through very specific, deliberate steps to enable it, no Windows application can write on your OS X partition, and no Windows app, including malware, can run in OS X.

MacMan988
Jul 30, 2013, 12:08 PM
Thank you for the reply.

throAU
Jul 30, 2013, 12:11 PM
Maybe.

There are exploits to get out of the hypervisor for some versions of other hypervisors.


Though the likelihood is very very low.

https://ng.techweb.com/authds/gateway?gateway=true&return=http%3A%2F%2Fwww.informationweek.com%2Fsecurity%2Fapplication-security%2Fnew-virtualization-vulnerability-allows%2F240001996

Given the track record Parallels has had with regards to performance vs stability (it's faster than vmware but has had previous data corruption bugs) i wouldn't rule it out.

Again though, very very unlikely, and i doubt someone who's capable of writing such an exploit would bother to target parallels on mac, the number of targets is simply too low.

More info:
http://blogs.gartner.com/neil_macdonald/2011/01/26/yes-hypervisors-are-vulnerable/

Again.... not likely.

bist
Jul 30, 2013, 12:22 PM
Any malware may have access to your personal files:
- By default (It may depend on the version), Parallel will share your Mac home folder with Windows.
- This is with read/write access.

This "feature" can be deactivated in the configuration of your VM ("Options" / "Sharing").

EDIT: For security reasons, you can disable everything in the "sharing" settings (look also in the "security" settings).

throAU
Jul 30, 2013, 12:24 PM
Any malware may have access to your personal files:
- By default (It may depend on the version), Parallel will share your Mac home folder with Windows.
- This is with read/write access.

This "feature" can be deactivated in the configuration of your VM ("Options" / "Sharing").


That's good to know.

Likelihood of cross infection is pretty low (Mac won't generally run PC malware) though.