Описание
Hyper-V vSMB Remote Code Execution Vulnerability
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system.
To exploit these vulnerabilities, an attacker running inside a virtual machine could run a specially crafted application that could cause the Hyper-V host operating system to execute arbitrary code.
The update addresses the vulnerabilities by correcting how Windows Hyper-V validates vSMB packet data.
Меры по смягчению последствий
The following mitigating factors might be helpful in your situation:
- Customers who have not enabled the Hyper-V role are not affected.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2016 | ||
| Windows 10 Version 1607 for 32-bit Systems | ||
| Windows 10 Version 1607 for x64-based Systems | ||
| Windows Server 2016 (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is different from that described in CVE-2017-0095.
Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is different from that described in CVE-2017-0095.
Уязвимость операционной системы Windows, позволяющая нарушителю выполнить произвольный код
EPSS
4.3 Medium
CVSS3