==================================================================== CERT-Renater Note d'Information No. 2016/VULN165 _____________________________________________________________________ DATE : 13/04/2016 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Windows versions 8.1, Server 2012, 10 running Windows Hyper-V. ====================================================================== KB3143118 https://technet.microsoft.com/en-us/library/security/MS16-045 _____________________________________________________________________ Microsoft Security Bulletin MS16-045: Security Update for Windows Hyper-V (3143118) Bulletin Number: MS16-045 Bulletin Title: Security Update for Windows Hyper-V Severity: Important KB Article: 3143118 Version: 1.0 Published Date: April 12, 2016 Executive Summary This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected. This security update is rated Important for all supported editions of Windows 8.1 for x64-based Systems, Windows Server 2012, Windows Server 2012 R2, and Windows 10 for x64-based Systems. Affected Software Windows 8.1 for x64-based Systems (3135456) Windows Server 2012 and Windows Server 2012 R2 Windows 10 for x64-based Systems[1](3147461) Windows Server 2012 (Server Core installation)(3135456) Windows Server 2012 R2 (Server Core installation)(3135456) [1]Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. Vulnerability Information Hyper-V Remote Code Execution Vulnerability - CVE-2016-0088 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system. The security update addresses the vulnerability by correcting how Hyper-V validates guest operating system user input. The following table contains links to the standard entry for each vulnerability in the Common Vulnerabilities and Exposures list: Vulnerability title CVE number Publicly disclosed Exploited Hyper-V Remote Code Execution Vulnerability CVE-2016-0088 No No Multiple Hyper-V Information Disclosure Vulnerabilities Information disclosure vulnerabilities exist when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerabilities, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating system to disclose memory information. Customers who have not enabled the Hyper-V role are not affected. An attacker who successfully exploited the vulnerabilities could gain access to information on the Hyper-V host operating system. The security update addresses the vulnerabilities by correcting how Hyper-V validates guest operating system user input. The following table contains links to the standard entry for each vulnerability in the Common Vulnerabilities and Exposures list: Vulnerability title CVE number Publicly disclosed Exploited Hyper-V Information Disclosure Vulnerability CVE-2016-0089 No No Hyper-V Information Disclosure Vulnerability CVE-2016-0090 No No ========================================================== Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================== + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: cert@support.renater.fr + ==========================================================