343

A Windows XP machine's life expectancy in 2024 seems to be about 10 minutes before even just an idle net connection renders it a trojan-riddled zombie PC (www.pcgamer.com)

submitted 5 months ago by oleorun@real.lemmy.fan to c/weirdnews@real.lemmy.fan

56 comments fedilink hide all child comments

Just a fun, somewhat terrifying read

you are viewing a single comment's thread
view the rest of the comments

[+] steakmeoutt@sh.itjust.works -21 points 5 months ago

Well that guy’s network and all of his friends too are now compromised. Good job.

[-] SoGrumpy@lemmy.ml 13 points 5 months ago

I guess you missed the bit about it running on a virtual machine, huh?

[-] slazer2au@lemmy.world -1 points 5 months ago

VM does not mean it is safe. There is malware out there that can break the sandbox and infect the hypervisor

[-] extracheese@lemmy.world 20 points 5 months ago

Such an exploit would not get wasted on some random xp honeypot

[-] slazer2au@lemmy.world 3 points 5 months ago

It's XP, there are likely several unpatched escaping bugs with free POC out there. You don't need anything new.

[-] Zagorath@aussie.zone 20 points 5 months ago

Surely breaking out of a VM requires exploiting a vulnerability of the VM, not of the OS running in it?

[-] slazer2au@lemmy.world 4 points 5 months ago

I would assume it requires both a hypervisor and guest OS bug to be tripped.

[-] yggdar@lemmy.world 4 points 5 months ago

It's pure speculation, but I assume you'll need

Enough access to the guest OS so that you can interact directly with the virtual hardware. That would probably require root access, so you'll probably need to exploit some bug in the guest OS to get there.
To break out of the vm, you'll then need to exploit a bug in the virtual hardware. You would want to get the hypervisor to execute arbitrary code.
If you want to infect the host OS, then you'll need sufficient access on the host. If the hypervisor doesn't run with sufficient privileges, you'll have to exploit a bug in the host as well to perform a privilege escalation. But I'm guessing the hypervisor will usually have sufficient privileges, so exploiting the host is probably not necessary.

Sounds like quite a bit of work, but I don't see why malware couldn't automate it. An up-to-date hypervisor should help reduce the risk though.

[-] extracheese@lemmy.world 5 points 5 months ago

Theres no way an hypervisor zero day gets implemented in some random Malware. Those are worth millions and are used in coordinated manual attacks against VIP targets

[-] yggdar@lemmy.world 2 points 5 months ago* (last edited 5 months ago)

Yeah a zero-day would be very unlikely, but a months-old, publically known and patched vulnerability could always be attempted. One of the reasons why the hypervisor should definitely be kept up-to-date. There is always someone who forgets to patch their software, why not give it a try? We're talking about a Windows XP scenario after all!

[-] pivot_root@lemmy.world 1 points 5 months ago

It's XP. There's guaranteed to be a way to go from userland to ring 0 code execution.

load more comments (6 replies)

load more comments (10 replies)

this post was submitted on 18 May 2024

343 points (93.0% liked)

Weird News - Things that make you go 'hmmm'

879 readers

330 users here now

Rules:

News must be from a reliable source. No tabloids or sensationalism, please.
Try to keep it safe for work. Contact a moderator before posting if you have any doubts.
Titles of articles must remain unchanged; however extraneous information like "Watch:" or "Look:" can be removed. Titles with trailing, non-relevant information can also be edited so long as the headline's intent remains intact.
Be nice. If you've got nothing positive to say, don't say it.

Violators will be banned at mod's discretion.

Communities We Like:

-Not the Onion

-And finally...

founded 1 year ago

MODERATORS

lemmyfanadmin@real.lemmy.fan

oleorun@real.lemmy.fan