Is the hypervisor the new monoculture?

That monstrous clang you heard on August 12 was the sound of VMware shuffling off its armour of invincibility. The darling of the virtualization market left some stray code in an update, which convinced hypervisors their licences had expired. The results, for the few IT outfits that keep scrupulously up-to-date on these matters, were predictably chaotic.

VMware’s track record had been solid until that date. But all code fails at some point — a flawed upgrade or security patch makes it through QA, an OS upgrade makes it all go wonky. So it’s no surprise gremlins caught up to ESXi. (Appropos nothing, I note it’s a single transposition away from SEXi.)

There are two things, though, that are significant.

First: The hypervisor abstracts the operating system and applications from the hardware. If that layer of abstraction seizes, all those OS instances and applications are disabled.

We’re not just worried about a flaw in the code, which VMware patched in a New York minute. This also means that a malware writer who can reach the hypervisor can reach any application on any operating system. To my knowledge, we haven’t seen that yet. What do you think the odds are we will, and soon?

Which brings us to Point B. We’ve had years and years of Microsoft vulnerabilities, not simply because the products themselves are weak (argue amongst yourselves) but because the massive footprint in the marketplace makes Microsoft an attractive target to hack. Abstracting the OS from the processor makes the hypervisor attractive in the same way — if you can get at the hypervisor, you can get at anything, because everything has to go through the hypervisor. Not a monoculture in the classic Microsoft Windows/Office/Exchange sense, but certainly an attractive single point of access. This may — and should — make those who’d virtualize everything a little warier.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada
Dave Webb
Dave Webb
Dave Webb is a freelance editor and writer. A veteran journalist of more than 20 years' experience (15 of them in technology), he has held senior editorial positions with a number of technology publications. He was honoured with an Andersen Consulting Award for Excellence in Business Journalism in 2000, and several Canadian Online Publishing Awards as part of the ComputerWorld Canada team.

Featured Download

IT World Canada in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Latest Blogs

Senior Contributor Spotlight