14 DAY TRIAL // The past week, Microsoft planned to joggle around with the licensing terms of the Windows Vista virtualization limitations, but the company subsequently bailed on introducing the announced modifications to the operating system's EULA. Currently, not only does Microsoft ban the use of Windows Vista Home Basic and Home Premium together with hardware emulating technologies, but it also fails to offer support with its virtualization solutions such as Virtual PC 2007, for the two editions of its latest operating system.
When discussing Microsoft's plans to scrape the Vista virtualization limitations back in February 2007, Mike Neil, Product Unit Manager for Windows Virtualization, stressed the security perspective. "Virtualization is a new technology for consumers, and one that isn't mature enough yet from a security perspective for broad consumer adoption. One area that is clear is that our security and data protection features can potentially be subverted by a malicious virtualization layer. We're working with the hardware and software industry to improve the security of virtualization technologies and we will evolve our licensing policies as virtualization becomes more widely used on client systems," Neil stated.
Microsoft's change of heart was generated by customer feedback and input from the security industry. But in the last hour, the company pulled the plug on the changes and announced that it maintained the original Windows Vista virtualization policy. Is security at fault once again? The emedia survey found that 32% of security concerns associated with virtualization were tied to the updating process, 27% to guest-to-guest exploits, and 22% to the fresh host solutions.
A new study performed by research firm emedia seems to confirm that virtualization technology and new security concerns go hand in hand. emedia's findings emphasized the fact that while in excess of 50% of organizations are either already using or planning to deploy virtualization solutions, the adoption is being impacted by the new security practices associated with the new technology.
Analyst firm Gartner indicated in a report from April 2007, that virtual servers will deliver less security than physical servers for a couple of years. Gartner revealed that in 2009, the ecosystem of security solutions built around virtualization technologies will be mature enough for the technology to be widely adopted.