I tisdags släppte MS en patch som man bör lägga på snarast möjligt för sin Hyper-V miljö!

Som man kan läsa på deras sida så kan sårbarheten vilken är egentligen en x86 CPU-chipsetteknisk detalj, sänka en Hyper-V host inifrån en VM med fulla rättigheter.

“Microsoft is announcing the availability of a security update for Windows Hyper-V to protect against a denial of service condition that can be triggered with certain central processing unit (CPU) chipsets. Although the weakness resides in the chipset, Microsoft is issuing this security update to protect customers. The update prevents guests on a Hyper-V system from triggering a weakness in the CPU that could allow instructions from a Hyper-V guest to place its Hyper-V host’s CPU into an unresponsive state, leading to a denial of service condition for the guest operating systems running on the affected host. Successful exploitation of the CPU weakness would require kernel-mode code execution privileges on the guest operating system.”

Med Operations Management Suite och Log Analyzer kan man se vilka Hyper-V hostar man har som behöver patchas:

Screen Shot 2015-11-13 at 15.45.44

Läs mer och se på Security Center