How contained is Hyper-V?
Posted by PusheenHater@reddit | sysadmin | View on Reddit | 9 comments
If I were to run a super virus (I'm not, just saying) in my Hyper-V VM that is running on my host, how safe is it?
Both VM and host are running Windows 11 Pro on the same physical PC.
Reo_Strong@reddit
Not really safe at all.
IIRC one of the first Pwn2Own awards was for a VM breakout to host exploit.
ExceptionEX@reddit
The answer is simply and vague, as isolated as you configure it.
alpha417@reddit
... are.... are you going to run the DaVinci virus?
Please don't run the DaVinci virus.
Nexzus_@reddit
The guest does know it's a VM, and the host information is stored in the registry, so any attempt to break out will start there.
Adam_Kearn@reddit
I think it’s mostly the networking between the two VMs that’s the weakest link.
Providing that you have a decent firewall running on both machines.
sys370model195@reddit
You also should not map drives to anything from the VM being infected, and be careful with how you remote access the VM. I don't know offhand what is the best way.
The infected VM optimally would not have any network connection. If it does, it should not be on the same network as anything else, a completely independent ISP connection if you can manage it.
Do some googling around, malware researchers have described their setups.
DrAtomic1@reddit
Once the server role is installed, Hyper-V actually moves underneath the OS and the Windows Server installation is being extracted into what is called the root partitition which is running on top of Hyper-V.
Strassi007@reddit
This question is way to broad. This depends on so many circumstances and defending points in place.
Random-D@reddit
just as always, in theory there is full isolation, however, hypervisor exploits were found and fixed in the past