Lucene search

K
mskbMicrosoftKB3135456
HistoryApr 12, 2016 - 7:00 a.m.

MS16-045: Description of the security update for Windows Hyper-V: April 12, 2016

2016-04-1207:00:00
Microsoft
support.microsoft.com
33

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

9.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.073 Low

EPSS

Percentile

94.1%

MS16-045: Description of the security update for Windows Hyper-V: April 12, 2016

Summary

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.

To learn more about the vulnerability, see Microsoft Security Bulletin MS16-045.

More Information

Important

  • All future security and non-security updates for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 require update 2919355 to be installed. We recommend that you install update 2919355 on your Windows RT 8.1-based, Windows 8.1-based, or Windows Server 2012 R2-based computer so that you receive future updates.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to obtain and install the update

Method 1: Windows Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see
Get security updates automatically.

Note For Windows RT 8.1, this update is available through Windows Update only.

__

Method 2: Microsoft Download Center

You can obtain the stand-alone update package through the Microsoft Download Center. Follow the installation instructions on the download page to install the update.

Click the download link in Microsoft Security Bulletin MS16-045 that corresponds to the version of Windows that you are running.

__

How to obtain help and support for this security update

Help for installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center

Local support according to your country: International Support

File Information

__

File hash information

File name SHA1 hash SHA256 hash
Windows8-RT-KB3135456-x64.msu E2B995AF13446EF231B87151679BC34B67DCF319 014336433AC1E1947E57273370E75A2CAA49F16B15C73738DBF34E0B911996F6
Windows8.1-KB3135456-x64.msu A42C42CCAE2E3DD54C0A7722FE7AECDAE2E69785 1683E20BA0682BCD397350ECE175007CA9D7CC85D76643AE0EA6614764287919

__

File information

The English (United States) version of this software update installs files that have the attributes that are listed in the following tables.Windows Server 2012 file informationNotes

* The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:Version Product Milestone Service branch
6.2.920 0.17xxx Windows 8, Windows RT, or Windows Server 2012 RTM GDR
6.2.920 0.21xxx Windows 8, Windows RT, or Windows Server 2012 RTM LDR
  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
    For all supported x64-based versionsFile name| File version| File size| Date| Time| Platform
    —|—|—|—|—|—
    Vmsif.dll| 6.2.9200.16384| 46,080| 26-Jul-2012| 03:07| x64
    Vmsntfy.dll| 6.2.9200.16384| 89,088| 26-Jul-2012| 03:07| x64
    Vmswitch.sys| 6.2.9200.21793| 567,296| 03-Mar-2016| 19:28| x64
    Vmsif.dll| 6.2.9200.16384| 46,080| 26-Jul-2012| 03:07| x64
    Vmsntfy.dll| 6.2.9200.16384| 89,088| 26-Jul-2012| 03:07| x64
    Vmswitch.sys| 6.2.9200.21793| 567,296| 03-Mar-2016| 19:28| x64
    Windows 8.1 and Windows Server 2012 R2 file informationNotes

  • The files that apply to a specific product, milestone (RTM, SPn), and service branch (LDR, GDR) can be identified by examining the file version numbers as shown in the following table:Version| Product| Milestone| Service branch
    —|—|—|—
    6.3.960 0.17 xxx| Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2| RTM| GDR

  • GDR service branches contain only those fixes that are widely released to address widespread, critical issues. LDR service branches contain hotfixes in addition to widely released fixes.

  • The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
    For all supported x64-based versionsFile name| File version| File size| Date| Time| Platform
    —|—|—|—|—|—
    Vmsif.dll| 6.3.9600.18258| 65,024| 03-Mar-2016| 16:45| x64
    Vmsnetsetupplugin.dll| 6.3.9600.17396| 33,792| 08-Oct-2014| 06:07| x64
    Vmswitch.sys| 6.3.9600.18258| 689,152| 03-Mar-2016| 18:24| x64
    Vmsif.dll| 6.3.9600.18258| 65,024| 03-Mar-2016| 16:45| x64
    Vmsntfy.dll| 6.3.9600.17396| 91,648| 08-Oct-2014| 06:54| x64
    Vmswitch.sys| 6.3.9600.18258| 689,152| 03-Mar-2016| 18:24| x64
    Vmsif.dll| 6.3.9600.18258| 65,024| 03-Mar-2016| 16:45| x64
    Vmsntfy.dll| 6.3.9600.17396| 91,648| 08-Oct-2014| 06:54| x64
    Vmswitch.sys| 6.3.9600.18258| 689,152| 03-Mar-2016| 18:24| x64
    Vmsif.dll| 6.3.9600.18258| 65,024| 03-Mar-2016| 16:45| x64
    Vmsntfy.dll| 6.3.9600.17396| 91,648| 08-Oct-2014| 06:54| x64
    Vmswitch.sys| 6.3.9600.18258| 689,152| 03-Mar-2016| 18:24| x64

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

9.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.073 Low

EPSS

Percentile

94.1%