CVE-2018-0961

Description

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

Affected products

• Microsoft / Windows 10Version 1709 for x64-based Systems – Version 1709 for x64-based Systems
• Microsoft / Windows 10Version 1607 for x64-based Systems – Version 1607 for x64-based Systems
• Microsoft / Windows 10Version 1703 for x64-based Systems – Version 1703 for x64-based Systems
• Microsoft / Windows 10Version 1803 for x64-based Systems – Version 1803 for x64-based Systems
• Microsoft / Windows 10 Serversversion 1803 (Server Core Installation) – version 1803 (Server Core Installation)
• Microsoft / Windows 10 Serversversion 1709 (Server Core Installation) – version 1709 (Server Core Installation)
• Microsoft / Windows Server 2016(Server Core installation) – (Server Core installation)

References

• MISChttp://www.securitytracker.com/id/1040843
• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0961
• MISChttp://www.securityfocus.com/bid/104032