Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-8707: Hyper-V Information Disclosure Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2017-8707: Hyper-V Information Disclosure Vulnerability

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:N/A:N)

Published

09/12/2017

Created

07/25/2018

Added

09/12/2017

Modified

11/18/2021

Description

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. An attacker who successfully exploited the vulnerability could gain access to information on the Hyper-V host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input.

Solution(s)

msft-kb4038779-1070c9d0-e91b-4bc4-b7b9-a64dd8e76951
msft-kb4038779-1f7d6ab2-b81a-4f48-859a-706a9990c78c
msft-kb4038779-3de7a78a-5b97-4df7-8bf6-36ebe20d3c75
msft-kb4038779-530b9069-0208-4eef-add4-da2b473e9ef8
msft-kb4038779-bb0be51a-f352-4d5f-b522-7d85d6e18585
msft-kb4038779-fcccb9ba-857f-484e-83be-fd0685a31efb
msft-kb4038781-543bcc38-5dd5-4468-ba64-42b448b2f723
msft-kb4038781-723a8a89-df76-45ca-8a16-9801e28fd75b
msft-kb4038782-397ff69f-657f-4029-9329-b2c00bd6a6a8
msft-kb4038782-e895239d-88ad-4ac3-b68f-8abb6b489d19
msft-kb4038782-e8a8e193-de5d-413d-990a-76d355b5fb5e
msft-kb4038783-7e41eb51-d66a-484f-a0d0-391ac07541b4
msft-kb4038783-cd8e051c-b8c6-40df-871b-909087f49cd6
msft-kb4038786-2ac4d3a4-287f-4f33-bb61-b7b81245f55b
msft-kb4038786-6c356cec-ee0d-458a-9561-daba4b9d324a
msft-kb4038786-793b7e3e-090e-472e-b275-b520b5832a77
msft-kb4038788-c74d6456-695e-4f07-a9b9-35e07259012b
msft-kb4038788-da917577-591c-4e7d-8ff0-4ef45f3c203f
msft-kb4038793-8c3d7238-564c-4ed3-ae6f-e3d9881f6f5f
msft-kb4038793-9516efa8-6493-43de-979c-ebf2aa89aa69
msft-kb4038793-d97e9753-f904-44d9-87a2-35cbf248aef4
msft-kb4039325-39190f1e-2930-4bf4-b6d3-0b89a235df7d

References

https://attackerkb.com/topics/cve-2017-8707
CVE - 2017-8707
4038777
4038779
4038781
4038782
4038783
4038786
4038788
4038792
4038793
4038799
4039325

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2017-8707: Hyper-V Information Disclosure Vulnerability

Microsoft CVE-2017-8707: Hyper-V Information Disclosure Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.