Microsoft CVE-2017-0168: Hyper-V Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists when the Windows Hyper-V Network Switch on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. An attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system. The security update addresses the vulnerability by correcting how the Windows Hyper-V Network Switch validates guest operating system user input.
Solution(s)
- msft-kb3211308-db9a8140-b864-4241-9182-e26cc2d924dd
- msft-kb4015546-592c9a40-6bdc-4122-8496-0b4295cf7a86
- msft-kb4015546-61107fd4-8fba-4639-9c3a-d70a69936b4e
- msft-kb4015546-7026cec0-32bf-4488-b45a-838aa929c109
- msft-kb4015546-c77661d2-7566-4f86-943c-264545419691
- msft-kb4015546-cc8006a9-8438-45aa-a20d-cceef511098d
- msft-kb4015546-e2e88e16-fd32-4c2e-8848-69817601c17b
- msft-kb4015547-79629e4e-67eb-438d-9420-17c673012731
- msft-kb4015547-e0e5d08f-8c2b-4dcf-a8c9-36eb7c174896
- msft-kb4015547-eb001e30-98fe-4874-a0c9-436635649fdd
- msft-kb4015548-31ca69ca-ca73-4405-860b-037051bd1984
- msft-kb4015548-72db1a7d-338c-4903-9869-9fd8258b643a
- msft-kb4015548-d1986d38-72dd-4e1a-877e-70a3f77f7802
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center