Microsoft Patches Denial of Service Issue in Hyper-V

Microsoft addressed an issue in its hypervisor, Hyper-V, this week, that could lead to a denial of service condition.

In addition to the usual slew of patches Microsoft dropped this week, the company on Tuesday also addressed an issue in its hypervisor, Hyper-V, that could lead to a denial of service condition.

Microsoft warned about the issue in an advisory separate from its usual Patch Tuesday bulletins.

The native hypervisor can be used to run virtual machines on Windows Server 2008 and some versions of Windows 8, and also be downloaded and installed as a standalone entity. Microsoft is warning users who run it on Windows Server 2008, Windows Server 2008 R2, Windows 8, 8.1, Windows Server 2012, Windows Server 2012 R2, and x64-based versions of Windows 10 that they are at risk.

The weakness technically exists in certain central processing unit (CPU) chipsets on that can be exploited by guests on a Hyper-V system, and in turn, lead to a denial of service situation.

“The update prevents guests on a Hyper-V system from triggering a weakness in the CPU that could allow instructions from a Hyper-V guest to place its Hyper-V host’s CPU into an unresponsive state, leading to a denial of service condition for the guest operating systems running on the affected host” Microsoft said in the advisory.

Microsoft adds that in order to exploit the weakness, an attacker would have to secure kernel-mode code execution privileges on the guest operating system.

It’s the second time in the last two months that Microsoft has patched an issue in Hyper-V. In September the company fixed a vulnerability in the hypervisor that could have allowed a security feature bypass via a specially crafted application. The issue – which was marked important at the time – could have caused Hyper-V to incorrectly apply access control list settings.

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.