==================================================================== CERT-Renater Note d'Information No. 2015/VULN182 _____________________________________________________________________ DATE : 09/09/2015 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Windows version 8.1, 10, Server 2012 running Windows Hyper-V. ====================================================================== KB3091287 https://technet.microsoft.com/en-us/library/security/MS15-105 ______________________________________________________________________ Microsoft Security Bulletin MS15-105: Important Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass (3091287) Bulletin Number: MS15-105 Bulletin Title: Important Vulnerability in Important Could Allow Security Feature Bypass Severity: Important KB Article: 3091287 Version: 1.0 Published Date: September 8, 2015 Executive Summary This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker runs a specially crafted application that could cause Windows Hyper-V to incorrectly apply access control list (ACL) configuration settings. Customers who have not enabled the Hyper-V role are not affected. This security update is rated Important for all supported editions of Windows 8.1 for x64-based Systems, Windows Server 2012 R2, and Windows 10 for x64-based Systems. For more information, see the Affected Software section. Affected Software Windows 8.1 for x64-based Systems Windows Server 2012 R2 Windows 10 for x64-based Systems[1] Server Core installation option Windows Server 2012 R2 (Server Core installation) [1]The Windows 10 update is cumulative. In addition to containing non-security updates, it also contains all of the security fixes for all of the Windows 10-affected vulnerabilities shipping with this month's security release. See Microsoft Knowledge Base Article 3081444 for more information and download links. Vulnerability Information Hyper-V Security Feature Bypass Vulnerability - CVE-2015-2534 A security feature bypass vulnerability exists in Windows Hyper-V when access control list (ACL) configuration settings are not applied correctly. To exploit the vulnerability, an attacker could run a specially crafted application that could cause Hyper-V to allow unintended network traffic. Customers who have not enabled the Hyper-V role are not affected. The security update addresses the vulnerability by correcting how Hyper-V applies ACL configuration settings. Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was originally issued Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers. ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================