(MS13-092) Vulnerability in Hyper-V Could Allow Elevation of Privilege (2893986)
Publish Date: 21 de listopada de 2013
Severity: : High
CVE Kennungen: : CVE-2013-3898
Advisory Date: 21 de listopada de 2013
DESCRIPTION
This security update resolves a reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker passes a maliciously-crafted function parameter in a hypercall from an existing running virtual machine to the hypervisor. The vulnerability could also allow denial of service for the Hyper-V host.
SOLUTION
AFFECTED SOFTWARE AND VERSION:
- Windows 8 for x64-based Systems (Pro and Enterprise editions only)
- Windows Server 2012 (Standard and Datacenter editions
- and Hyper-V Server 2012 only)
- Windows Server 2012 (Server Core installation)