This Hyper-V vulnerability could plague Microsoft users for some time security
New details have emerged about a critical remote code execution vulnerability in Hyper-V that was discovered by cybersecurity researchers and patched in May 2021.
The vulnerability, tracked as CVE-2021-28476 was reported to Microsoft by Guardicore Labs’ Ophir Harpaz and SafeBreach Labs’ Peleg Hadar, and was assigned a CVSS score of 9.9.
“Hyper-V is Azure’s hypervisor; for this reason, a vulnerability in Hyper-V entails a vulnerability in Azure, and can affect whole regions of the public cloud. Triggering denial of service from an Azure VM would crash major parts of Azure’s infrastructure and take down all virtual machines (VM) that share the same host,” note the researchers in a new joint blog post.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
The vulnerability was found using an in-house developed fuzzer dubbed hAFL1, which the researchers will detail in next month’s Black Hat USA 2021 conference.
Businesses are slow to patch
The bug originates in Hyper-V’s network switch driver named vmswitch, and affects all versions of Windows from Windows 7 upwards, including Windows 10, as well as Windows Server 2008 through to Windows Server 2019.
The researchers note that the vulnerability was first spotted in August 2019, which suggests to them that the bug might have been in production for over a year before it was discovered and patched.
To exploit the vulnerability, the attacker must have access to a guest VM through which they can send a specially crafted packet to the Hyper-V host to trigger mayhem.
While Microsoft has ensured that the Azure service is safe from this issue, Harpaz told BleepingComputer that it is fairly common for vulnerabilities to remain unpatched for years on machines in enterprise networks.
New details have emerged about a critical remote code execution vulnerability in Hyper-V that was discovered by cybersecurity researchers and patched in May 2021. The vulnerability, tracked as CVE-2021-28476 was reported to Microsoft by Guardicore Labs’ Ophir Harpaz and SafeBreach Labs’ Peleg Hadar, and was assigned a CVSS score of…
Recent Posts
- Amazfit’s new low-cost wearable packs in a big display and 26 days of battery life
- As Questions Swirl Around Tesla’s Superchargers, the Race Is On to Fill the Power Gap
- Asus won’t say if the ROG Ally’s SD card reader will ever be truly fixed
- Quordle today – hints and answers for Thursday, May 2 (game #829)
- NYT Strands today — hints, answers and spangram for Thursday, May 2 (game #60)
Archives
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011