CVE-2021-26443

FAQ

How could an attacker exploit this vulnerability?

A remote code execution vulnerability exists when a VM guest fails to properly handle communication on a VMBus channel. To exploit the vulnerability, an authenticated attacker could send a specially crafted communication on the VMBus channel from the guest VM to the Host. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system.

Does this update need to be applied to Hyper-V guest virtual machines?

If the guest VM is running nested VMs, then this machine becomes a host and is vulnerable to CVE-2021-26443 and the update will need to be applied to mitigate this vulnerability. If the Guest VM is not running nested VMs then the Guest VM is not vulnerable to CVE-2021-26443.

** Is my system at risk to CVE-2021-26443 if Hyper-V is not enabled?** No.

From a Guest and Host perspective does CVE-2021-26443 only apply to OS running Hyper-V Yes