Microsoft Hyper-V VMBus Denial of Service Vulnerability

2010-12-14T00:00:00
ID SMNTC-45293
Type symantec
Reporter Symantec Security Response
Modified 2010-12-14T00:00:00

Description

Description

Microsoft Hyper-V is prone to a denial-of-service vulnerability. Using a guest system, a local attacker can exploit this issue to force the Hyper-V server to become unresponsive, denying service to legitimate users. The denial-of-service conditions would also affect other guest operating systems. The issue affects Hyper-V on Microsoft Windows Server 2008 and Windows Server 2008 R2. Microsoft Hyper-V Server 2008 and Microsoft Hyper-V Server 2008 R2 are also affected.

Technologies Affected

  • Microsoft Windows Server 2008 for x64-based Systems
  • Microsoft Windows Server 2008 for x64-based Systems R2
  • Microsoft Windows Server 2008 for x64-based Systems SP2

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To exploit this vulnerability, an attacker requires local interactive access to an affected computer. Grant local access for trusted and accountable users only.

The vendor has released an advisory and updates. Please see the references for details.