Can anybody name a single security product that scans VHD or VHDX contents? Given that Windows doesn't apply the Mark of the Web (MOTW) to VHD(X) contents, and Win10 can open them with a double-click, this seems like an excellent vehicle for deploying evil.
-
Show this thread
-
To answer my own question: ZERO antivirus products on VirusTotal detect the EICAR file contained within a VHD file. So no, I don't think anything is scanning VHD or VHDX contents. https://insights.sei.cmu.edu/cert/2019/09/the-dangers-of-vhd-and-vhdx-files.html …pic.twitter.com/M2rbfuFNKh
5 replies 19 retweets 37 likesShow this thread -
Replying to @claytonolley
What makes VHD and VHDX noteworthy is that as of Windows 8, they are double-click-able in Windows to mount and open contents. VMDK, not so much. (even with VMware installed)pic.twitter.com/3ybu6g8w5T
12:48 PM - 4 Sep 2019
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.