Windows Hyper-V vSMB Elevation of Privilege Vulnerability

2017-05-11T07:00:00
ID MS:CVE-2017-0212
Type mscve
Reporter Microsoft
Modified 2017-05-11T07:00:00

Description

An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.

This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running.

The update addresses the vulnerabilities by correcting how Windows Hyper-V validates vSMB packet data.