KB2345316: Prevent a DDOS Attack From A Hyper-V VM

Microsoft has released the second ever (since the release of Windows Server 2008!) security fix for Hyper-V. 

“This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users”.

In other words, you have to be logged into a VM running on the host (be a legit internal user) and have sufficient rights in the VM’s operating system to craft this packet.

The issue affects Windows Server 2008 and Windows Server 2008 R2.

Leave a comment

Your email address will not be published.

*