The most important thing to remember is that:
- running software on OSes
- which are running in software
- on another OS
- or maybe on a hypervisor- software- between the hardware and OSes
- that is on hardware
We are still susceptible to all of the vulnerabilities that already exist in physical installations- plus a new array of emerging vulnerabilities for the virtualization systems themselves.
The world of virtualization security is well beyond the scope of my blog, so I will refer you to the following resources to get started: