Microsoft CVE-2019-0786: Hyper-V vSMB Remote Code Execution Vulnerability
Description
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could execute arbitrary code on a target operating system. To exploit these vulnerabilities, an attacker running inside a virtual machine could run a specially crafted application that could cause the Hyper-V host operating system to execute arbitrary code. The update addresses the vulnerabilities by correcting how Windows Hyper-V validates vSMB packet data.
Solution(s)
- msft-kb4493441-30e70ea5-db98-4921-9fb6-cd711cbe111c
- msft-kb4493441-c48d3b04-de61-45f8-aa09-19dcdcbf27cf
- msft-kb4493441-d4df103d-2ae9-4b1a-a4a3-615b9cceb666
- msft-kb4493464-1a60bdf0-0746-4b51-b98a-c7aa184e0e65
- msft-kb4493464-2678ef0e-1396-499a-aa6d-7b5edc40c1ed
- msft-kb4493464-8c293f3f-ae3d-46af-870d-ed61b2fe12e0
- msft-kb4493509-08d3a825-29af-4ebd-b167-019a45e87fb8
- msft-kb4493509-623b4e44-1f39-4496-9836-dc80be3ce2cc
- msft-kb4493509-b866c1a6-ae98-449c-9285-c3008ae7bebc
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center