Microsoft Windows Hyper-V CVE-2020-0661 Denial of Service Vulnerability
Description
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security update addresses the vulnerability by resolving a number of conditions where Hyper-V would fail to prevent a guest operating system from sending malicious requests.
Affected Applications
Windows 10
Windows Server 2016
Windows Server 2019
Windows Server version 1909 (Server Core installation)
Windows Server version 1903 (Server Core installation)