An unpatched weakness in Microsoft’s Virtual PC could leave organizations using the virtualization software vulnerable to attack, CNET reports. An exploit writer at Core Security Technologies discovered the vulnerability in Virtual PC hypervisor and reported it to Microsoft in August 2009, Core Security said in an advisory. Microsoft said it plans to solve the problem in future updates to the vulnerable products: Microsoft Virtual PC 2007, Windows Virtual PC, and Virtual Server 2005. Microsoft Hyper-V technology is not affected by the problem, Core Security said. Virtual PC hypervisor is part of the Windows Virtual PC package, which allows customers to run multiple Windows environments on a single computer. The hypervisor is a key component of Windows 7 XP Mode, a feature designed to ease the migration to Windows 7 for customers who need to run Windows XP on the native operating system. Core Security recommends that affected users run all mission-critical Windows applications on the native hardware or use virtualization technologies that aren’t affected by the bug…

Click here for the full story

About the Author:

Meris Stansbury

Meris Stansbury is the Editorial Director for both eSchool News and eCampus News, and was formerly the Managing Editor of eCampus News. Before working at eSchool Media, Meris worked as an assistant editor for The World and I, an online curriculum publication. She graduated from Kenyon College in 2006 with a BA in English, and enjoys spending way too much time either reading or cooking.


Add your opinion to the discussion.