The Register published an interesting article last week about the security risks that the upcoming VMsafe APIs may introduce in VMware ESX.
The critical part anyway is a revelation from Mike Poor, Senior Security Analyst at IntelGuardians, claiming to have broken hypervisor’s security layer:
…Poor said his firm received $1.2m from the Department of Homeland Security to look for ways attackers can penetrate hypervisors and ways security researchers can detect and prevent such escapes. Because the two years worth of research is under lock and key, Poor could only say: “We were successful in all three.”…
Obviously this sentence may mean everything, but it seems to imply that IntelGuardians was able to escape the guest OS isolation and jump directly onto the hypervisor, which is the biggest risk in virtualization environments.
Since there is no way to validate the Poor’s claim we’ll have to wait for another security firm to publicly disclose the breach.