Microsoft CVE-2017-0098: Hyper-V Denial of Service Vulnerability
Description
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by preventing out-of-bound memory access.
Solution(s)
- msft-kb4012606-384d5679-3c34-433f-8564-66fc5136a5e9
- msft-kb4012606-6a38fe85-98ba-4ce2-b4eb-aed947d5c203
- msft-kb4013198-477b54b9-913d-4c4e-8da8-01e0b4cf15ce
- msft-kb4013198-6d9f75f7-d998-4188-a935-7603f4e51a4d
- msft-kb4013429-724ee219-b949-4d44-9e02-e464c6062ae4
- msft-kb4013429-74b1fe65-bd6b-4b76-a624-8674748898f2
- msft-kb4013429-e29d1b22-493d-44dd-8857-7c6c7cb6d84c
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center