Now, I know tht OS's aren't that sandboxed, if you Google that, you get tons of results saying "no! it's not entirely safe!". But, what most of these articles assume, that if you have Windows as virtual machine, that your host operating system is Windows as well. What if, virus made for Windows, comes onto virtual machine, but your host operating system is Linux?

  1. Is it still "safe", if you're only one on network?
  2. Is it still "safe", if you're not only one on network?
2 Years
Discussion Span
Last Post by Slavi

Viruses that infect a virtual machine should only affect that virtual machine, unless it has some network connection to the host that can let the virus propagate to the host (rare). If your host is Linux, and the VM is Windows, this is unlikely. I use VirtualBox for this sort of stuff, and keep a current snapshot of my Windows VM. If it gets infected, I just roll the image back to the snapshot - voila! No virus!


VMs provide a pretty low-level sandbox, which means that there aren't many ways to "break out" of the VM, because within the VM there isn't much that you could see from the host. With a basic setup, there is, as far as I know, nothing that transpires between them. However, there are a number of additional features for things like being able to access the host's file-system (folders) through the VM, which might be convenient sometimes, which could allow for an infection to spread, but it would generally require that the virus in question be designed to be able to do that, which is unlikely. And, of course, if you avoid using those features, and thus, keep your VM very basic / isolated, then there's no danger with that. In fact, it would be really difficult for a virus to even detect that it is running within a VM, let alone break out of it.

Another possibility is on the networking side of things. The VM more or less acts like any computer on your local network. Assuming that you are protecting your local network with a router-based firewall and port blocking, or even a DMZ, then if anything infects a computer on your local network, those defences are useless against anything coming from that infected computer. However, this technique is almost exclusively used in deliberate targeted attack against a computer or network. This is not something that an ordinary virus would do. And also, there are ways to protect against that, like limiting (or forbidding) communication between any devices on your local network (i.e., local firewalls).


it would be really difficult for a virus to even detect that it is running within a VM, let alone break out of it.

If you run Tails in VMware or VirtualBox (not sure which), it automatically prompts warning, that it has detected it was ran(?) in virtual machine and that both virtual machinery software and underlying operating system can see whatever I'm typing and doing. So it's not THAT hard I guess.


well, technically you are using the same keyboard, I would assume that a keylogger running on the host will be able to catch key strokes even if they were made within the guest OS, as far as Tails, it warns as much as it can cos it's made to hide identity and kind of hide activity by using TOR as much as it can so warnings such as that are not uncommon

Edited by Slavi

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.