The security work that Microsoft did with Hyper-V didn’t stop at the hypervisor level:
All of the binaries that are included as part of the Hyper-V role have gone through the SDL process. One part of this process adds address-space-layout randomization, which, when enabled, loads critical DLLs in random pages of memory at each boot. This helps alleviate exploits that target DLLs that load in the same memory location every time.
•The worker processes that represent the virtual processor to the VM have a number of safeguards— they run in user mode, with reduced privileges, and each worker process is separate from the others.
•Each VM has its own instance of a virtual device. No two VMs can use the same virtual network adapter—when a VM is created, a new virtual network adapter is created for that VM.
•By requiring the Execute Disable/No Execute bit in the host’s processor, the chance of malicious buffer overflow attacks is reduced.
Other components, such as the VSP/VSC architecture, have additional security measures in place:
•Each VM that is powered on has a separate instance of Virtual Machine Bus (VMBus).
•VMBus is a point-to-point connection between the VSP in the parent and the VSC in the guest.
•Because the VSC doesn’t have access to the physical device, DMA (Direct Memory Access) attacks can’t take place.
Source of Information : Sybex Windows Server 2008 Hyper-V Insiders Guide to Microsofts Hypervisor
All of the binaries that are included as part of the Hyper-V role have gone through the SDL process. One part of this process adds address-space-layout randomization, which, when enabled, loads critical DLLs in random pages of memory at each boot. This helps alleviate exploits that target DLLs that load in the same memory location every time.
•The worker processes that represent the virtual processor to the VM have a number of safeguards— they run in user mode, with reduced privileges, and each worker process is separate from the others.
•Each VM has its own instance of a virtual device. No two VMs can use the same virtual network adapter—when a VM is created, a new virtual network adapter is created for that VM.
•By requiring the Execute Disable/No Execute bit in the host’s processor, the chance of malicious buffer overflow attacks is reduced.
Other components, such as the VSP/VSC architecture, have additional security measures in place:
•Each VM that is powered on has a separate instance of Virtual Machine Bus (VMBus).
•VMBus is a point-to-point connection between the VSP in the parent and the VSC in the guest.
•Because the VSC doesn’t have access to the physical device, DMA (Direct Memory Access) attacks can’t take place.
Source of Information : Sybex Windows Server 2008 Hyper-V Insiders Guide to Microsofts Hypervisor
|
|
0 comments
Post a Comment