KB3211308: Security Update for Hyper-V in Windows Server 2008 (April 2017)
High Nessus Plugin ID 107195
SynopsisThe remote Windows host is affected by multiple vulnerabilities.
DescriptionThe remote Windows host is missing a security update KB3211308. It is, therefore, affected by multiple vulnerabilities:
- Multiple flaws exist in Windows Hyper-V Network Switch due to improper validation of input from the guest operating system. A local attacker can exploit these, via a specially crafted application on the guest, to execute arbitrary code on the host system.
- Multiple information disclosure vulnerabilities exist in Windows Hyper-V Network Switch due to improper validation of user-supplied input. A guest attacker can exploit these to disclose sensitive information on the host server. (CVE-2017-0168)
SolutionApply security update KB3211308.