Microsoft CVE-2017-8706: Hyper-V Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. An attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input.
Solution(s)
- msft-kb4038781-543bcc38-5dd5-4468-ba64-42b448b2f723
- msft-kb4038781-723a8a89-df76-45ca-8a16-9801e28fd75b
- msft-kb4038782-397ff69f-657f-4029-9329-b2c00bd6a6a8
- msft-kb4038782-e895239d-88ad-4ac3-b68f-8abb6b489d19
- msft-kb4038782-e8a8e193-de5d-413d-990a-76d355b5fb5e
- msft-kb4038783-7e41eb51-d66a-484f-a0d0-391ac07541b4
- msft-kb4038783-cd8e051c-b8c6-40df-871b-909087f49cd6
- msft-kb4038788-c74d6456-695e-4f07-a9b9-35e07259012b
- msft-kb4038788-da917577-591c-4e7d-8ff0-4ef45f3c203f
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center