Critical Microsoft Hyper-V bug could haunt orgs for a long time

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
Technical details are now available for a vulnerability that affects Hyper-V, Microsoft's native hypervisor for creating virtual machines on Windows systems and in the Azure cloud computing environment.

Currently tracked as CVE-2021-28476, the security issue has a critical severity score of 9.9 out of 10. Exploiting it on unpatched machines can have a devastating impact as it allows crashing the host (denial of service) or execute arbitrary code on it.

Terminate VMs or take full control​

The bug is in Hyper-V's network switch driver (vmswitch.sys) and affects Windows 10 and Windows Server 2012 through 2019. It emerged in a build from August 2019 and received a patch earlier this year in May.

Public details about the flaw are scarce at the moment but in a blog post today, researchers Peleg Hadar of SafeBreach and Ophir Harpaz of Guardicore explain where the fault is and why it is exploitable. The two researchers found the bug together and disclosed it privately to Microsoft.
While the Azure service is safe from this issue, some local Hyper-V deployments are likely still vulnerable as not all admins update Windows machines when patches come out.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top