Can anybody name a single security product that scans VHD or VHDX contents? Given that Windows doesn't apply the Mark of the Web (MOTW) to VHD(X) contents, and Win10 can open them with a double-click, this seems like an excellent vehicle for deploying evil.
-
-
What about vmdk's and other hypervisor formats?
-
What makes VHD and VHDX noteworthy is that as of Windows 8, they are double-click-able in Windows to mount and open contents. VMDK, not so much. (even with VMware installed)pic.twitter.com/3ybu6g8w5T
End of conversation
New conversation -
-
-
can i get a copy of that file? i wanna test some mail filters.
-
I put up a copy of the file I used for testing here:https://github.com/wdormann/vhds
End of conversation
New conversation -
-
This Tweet is unavailable.
-
-
seems 2 of the 3 uploads are flagged by Ikarus ?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
its a 6 meg file, that probably affects some products "static" detection. also, inb4 "VT isn't real endpoint engines."
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.