CVE-2018-0957

Description

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0964.

Affected products

• Microsoft / Windows 10Version 1607 for x64-based Systems – Version 1607 for x64-based Systems
• Microsoft / Windows 10x64-based Systems – x64-based Systems
• Microsoft / Windows 10Version 1709 for x64-based Systems – Version 1709 for x64-based Systems
• Microsoft / Windows 10Version 1703 for x64-based Systems – Version 1703 for x64-based Systems
• Microsoft / Windows 10Version 1511 for x64-based Systems – Version 1511 for x64-based Systems
• Microsoft / Windows 10 Serversversion 1709 (Server Core Installation) – version 1709 (Server Core Installation)
• Microsoft / Windows 8.1x64-based systems – x64-based systems
• Microsoft / windows_rt_8.1Windows RT 8.1 – Windows RT 8.1
• Microsoft / Windows Server 2012 R2(Server Core installation) – (Server Core installation)
• Microsoft / Windows Server 2016(Server Core installation) – (Server Core installation)

References

• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0957
• MISChttp://www.securitytracker.com/id/1040662
• MISChttp://www.securityfocus.com/bid/103628