Privacy Digest has a warning for Mac users that use Parallels to run the cursed virus we know as Windows. As stable and secure as Macs are, there is potential for big problems with regards to Parallels allowing unfettered access to your entire Mac filesystem:

This scenario with Parallels presents the opposite threat: Virus writers could, by default, simply begin to tell their creations to check whether they are being run in a Parallels virtual machine, and if so run some basic checks to see which operating system the host machine is running, and then drop appropriate malicious code in key places on the host system.

Such a scenario may sound far-fetched, but the reality is that if you can dream it up, the bad guys online are probably already doing it. Here’s hoping the good folks at Parallels fix this feature in their next release.

It’s worth noting that this sharing of files, directories, etc., between the host and guest operating system(s) also is quite possible on VMware products as well, except that the default setting on VMware is not to let the guest operating system have read, write and delete privileges pretty much anywhere on the host OS.

To disable this functionality in Parallels, close out of the guest operating system, an in Parallels Desktop click on “edit.” From there, click on “Shared Folders” and uncheck the box next to the option “Enable global sharing for drag-and-drop.” You can then add any specific folders that you’d still like to share from that menu.

While an exploit is unlikely, it is worth noting that much like in the non virtual world, if you run Windows, you take your digital life in your hands and must be just as cautious as if you were running a Windows machine.

Technorati Tags: windows, mac, parallels

This entry was posted on Sunday, February 11th, 2007 at 1:00 am and is filed under Geeky. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.