A Windows XP machine's life expectancy in 2024 seems to be about 10 minutes before even just an idle net connection renders it a trojan-riddled zombie PC
Enough access to the guest OS so that you can interact directly with the virtual hardware. That would probably require root access, so you'll probably need to exploit some bug in the guest OS to get there.
To break out of the vm, you'll then need to exploit a bug in the virtual hardware. You would want to get the hypervisor to execute arbitrary code.
If you want to infect the host OS, then you'll need sufficient access on the host. If the hypervisor doesn't run with sufficient privileges, you'll have to exploit a bug in the host as well to perform a privilege escalation. But I'm guessing the hypervisor will usually have sufficient privileges, so exploiting the host is probably not necessary.
Sounds like quite a bit of work, but I don't see why malware couldn't automate it. An up-to-date hypervisor should help reduce the risk though.
Theres no way an hypervisor zero day gets implemented in some random Malware. Those are worth millions and are used in coordinated manual attacks against VIP targets
Yeah a zero-day would be very unlikely, but a months-old, publically known and patched vulnerability could always be attempted. One of the reasons why the hypervisor should definitely be kept up-to-date. There is always someone who forgets to patch their software, why not give it a try? We're talking about a Windows XP scenario after all!
Exactly. And you can see by the number of upvotes your comment got vs the number of downvotes earned by mine that a false sense of security is shared by the majority.