Microsoft Windows Hyper-V CVE-2019-0695 Denial of Service Vulnerability
Description
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests.
Affected Applications
Windows 10
Windows Server 2016
Windows Server version 1803 (Server Core Installation)
Windows Server version 1709 (Server Core Installation)
Windows Server 2019