As one could see at the installation of the new beta, one needs the Microsoft VC++ Runtime pre-installed to install and run the 7th version. After successful installation I asked myself a question - which DLL are really required and uninstalled the runtime. At the start of the VBox we get the errors, that following DLL are missing:
vcruntime140
vcruntime140_1
msvcp140
msvcp140_1
I installed the runtime once again and copied the required 4 DLL. After that, I uninstalled the runtime and put 4 DLL in System32 and everything worked fine.
But when I put them directly in the program folder of the VBox itself, I can start the VBox, but got a hardening error if I try to start a VM.
Shouldn't be hardening working in both cases? It shouldn't be important, where the DLL are, as long as they could be loaded.
I put my hardening log here.
Issues with hardening in new 7th Beta
-
Air Force One
- Posts: 107
- Joined: 6. Oct 2017, 16:54
- Primary OS: MS Windows other
- VBox Version: PUEL
- Guest OSses: Windows
- Location: Germany
Issues with hardening in new 7th Beta
- Attachments
-
- VBoxHardening_29082022.7z
- Hardening log
- (11.83 KiB) Downloaded 258 times
Re: Issues with hardening in new 7th Beta
The default Visual C++ Redistributable install puts the files into windows\system32, and that's the case which we have tested. The hardening checks are less strict in this directory. If you place DLLs into the VirtualBox install directory then more strict rules apply, and Microsoft's signature of these DLLs doesn't meet these.
In general I don't think it's a good idea to manually place files into the VirtualBox install directory, because as a side effect this usually gives additional users write permissions and that always means lowering the security level.
In general I don't think it's a good idea to manually place files into the VirtualBox install directory, because as a side effect this usually gives additional users write permissions and that always means lowering the security level.
-
Air Force One
- Posts: 107
- Joined: 6. Oct 2017, 16:54
- Primary OS: MS Windows other
- VBox Version: PUEL
- Guest OSses: Windows
- Location: Germany
Re: Issues with hardening in new 7th Beta
Thank you for your quick response. Are there any detailed description of the hardening test? Especially, how strict are the tests in some particular folders? As I remember, Windows looks for files in the path, in the program's folder and in the Windows and System32 folder. Did I miss something? Could I copy this DLLs into another location?
About your security concerns: to install both VBox and runtime, I need permissions from Administrator or his group. But to copy this DLL files into the program folder in the Programs folder, I just need the same permissions. So, I see no difference for this scenario.
About your security concerns: to install both VBox and runtime, I need permissions from Administrator or his group. But to copy this DLL files into the program folder in the Programs folder, I just need the same permissions. So, I see no difference for this scenario.