Microsoft Windows Hyper-V Multiple Vulnerabilties

Last Update Date: 13 Apr 2016 12:03 Release Date: 13 Apr 2016 3719 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS
  1. Hyper-V Remote Code Execution Vulnerability
    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.
  2. Multiple Hyper-V Information Disclosure Vulnerabilities
    Information disclosure vulnerabilities exist when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerabilities, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. Customers who have not enabled the Hyper-V role are not affected.

Impact

  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Microsoft Windows 8.1
  • Microsoft Windows Server 2012 and Windows Server 2012 R2
  • Microsoft Windows 10

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows OLE Remote Code Execution Vulnerability

13 Apr 2016 3696 Views

Next

Microsoft Windows Secondary Logon Elevation of Privilege Vulnerability

13 Apr 2016 4524 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY