Microsoft CVE-2018-0961: Hyper-V vSMB Remote Code Execution Vulnerability
Description
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system. To exploit these vulnerabilities, an attacker running inside a virtual machine could run a specially crafted application that could cause the Hyper-V host operating system to execute arbitrary code. The update addresses the vulnerabilities by correcting how Windows Hyper-V validates vSMB packet data.
Solution(s)
- msft-kb4103721-eb863932-a151-446c-8884-ab5add176f94
- msft-kb4103721-f7846ea0-3bd9-48a2-b230-0be2ad24b4ea
- msft-kb4103721-fdd62b2a-0e40-4c06-b153-7d2f5e45f613
- msft-kb4103723-54f93c06-1d96-40f5-bdc8-f9924dbcd522
- msft-kb4103723-99a0b90d-2519-4700-be0c-e6c7b5bd04ec
- msft-kb4103723-a74a9c4e-0823-4afc-8b58-cf1785a2e2b4
- msft-kb4103727-0dae0270-e483-4c81-9914-263ec487c6c1
- msft-kb4103727-6108aff5-77b2-4684-b1cb-749f3c040d8f
- msft-kb4103727-c03178c9-b5d2-4c5f-819f-c8871513e23d
- msft-kb4103731-610e3534-770e-4bab-845a-0159c0645106
- msft-kb4103731-f80f24fa-933a-44d1-a83a-8013a727d881
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center