Vulnerabilities > CVE-2017-0075 - Remote Code Execution vulnerability in Microsoft Windows Hyper-V

CVSS 7.4 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

microsoft

nessus

NVD

Published: 2017-03-17

Updated: 2019-10-03

Summary

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0109.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows 10 - Microsoft Windows 10 1511 Microsoft Windows 10 1607 Microsoft Windows 7 * Microsoft Windows 8.1 * Microsoft Windows Server 2008 * Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 - Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 * Microsoft Windows Vista *	11

Msbulletin

bulletin_id	MS17-008
bulletin_url
date	2017-03-14T00:00:00
impact	Remote Code Execution
knowledgebase_id	4013082
knowledgebase_url
severity	Critical
title	Security Update for Windows Hyper-V

Nessus

NASL family	Windows : Microsoft Bulletins
NASL id	SMB_NT_MS17-008.NASL
description	The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist due to improper validation of vSMB packets. An attacker on a guest operating system can exploit these vulnerabilities, via a specially crafted application, to execute arbitrary code on the host. (CVE-2017-0021, CVE-2017-0095) - Multiple denial of service vulnerabilities exist due to improper validation of input from a privileged user on a guest operating system. An attacker with a privileged account on a guest operating system can exploit these vulnerabilities, via a specially crafted application, to crash the host machine. (CVE-2017-0051, CVE-2017-0074, CVE-2017-0076, CVE-2017-0097, CVE-2017-0098, CVE-2017-0099) Note that customers who have not enabled the Hyper-V role are not affected.
last seen	2020-06-01
modified	2020-06-02
plugin id	97745
published	2017-03-15
reporter	This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/97745
title	MS17-008: Security Update for Windows Hyper-V (4013082)

Summary

Vulnerable Configurations

Msbulletin

Nessus

References