One of the patches released by Microsoft is a critical security fix for Hyper-V. It affects all installation types on both Windows Server 2008 and Windows Server 2008 R2.
“This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a malformed sequence of machine instructions is run by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to log on locally into a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users”.
Basically, if a person has rights to log into a VM hosted on a vulnerable server, then they could cause a Denial-of-Service (DOS) attack.
The update is supplied via Windows Update. Check your updates either on the host, Configuration Manager, WSUS or whatever your update service is.
I’ll be pushing it out first thing tomorrow morning. Live Migration with VMM 2008 R2 maintenance mode makes it really easy to update clustered hosts. Standalone hosts will have some downtime for their VM’s. Most VM’s will be set up to go into a saved state when the host shuts down. That limits interruption to them in a way.
One thought on “KB977894: VERY Important Hyper-V Security Update”