Microsoft CVE-2017-0212: Windows Hyper-V vSMB Elevation of Privilege Vulnerability
Description
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerabilities by correcting how Windows Hyper-V validates vSMB packet data.
Solution(s)
- msft-kb4016871-3f4526c4-d3ec-486a-a7ef-8d1987905310
- msft-kb4016871-cf89e515-56cd-4e4f-b5ca-31b3ea1e81b3
- msft-kb4019472-95ff788a-8fe4-4584-bfca-7051b92405b2
- msft-kb4019472-970dc0b3-07a2-4434-8df0-9008dcdc9f36
- msft-kb4019472-bf47cd35-d39a-426f-8884-ffcd8bd9c49a
- msft-kb4019473-55f05839-b358-4f0d-bcef-683de665b62c
- msft-kb4019473-e7400165-c486-4e3e-aabc-24d04ef1dbe6
- msft-kb4019474-15928377-0964-4b80-9021-1ab7230cc690
- msft-kb4019474-6964cf08-89cf-4a95-ace6-fdb7a423c09c
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center