Microsoft Hyper-V VMBus 'vmswitch.sys' Denial of Service Vulnerability

ID SMNTC-48179
Type symantec
Reporter Symantec Security Response
Modified 2011-06-14T00:00:00



Microsoft Hyper-V is prone to a local denial-of-service vulnerability. Using a guest system, a local attacker can exploit this issue to force the Hyper-V server to become unresponsive, denying service to legitimate users. The denial-of-service conditions would also affect other guest operating systems. The issue affects Hyper-V on Microsoft Windows Server 2008 and Windows Server 2008 R2.

Technologies Affected

  • Microsoft Windows Server 2008 R2 for x64-based Systems SP1
  • Microsoft Windows Server 2008 for x64-based Systems
  • Microsoft Windows Server 2008 for x64-based Systems R2
  • Microsoft Windows Server 2008 for x64-based Systems SP2


Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To exploit this vulnerability, an attacker requires local interactive access to an affected computer. Grant local access for trusted and accountable users only.

A vendor advisory and updates are available. Please see the references for details.