CVE-2018-0965

Description

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8439.

Affected products

• Microsoft / Windows 10Version 1607 for x64-based Systems – Version 1607 for x64-based Systems
• Microsoft / Windows 10Version 1703 for x64-based Systems – Version 1703 for x64-based Systems
• Microsoft / Windows 10Version 1803 for x64-based Systems – Version 1803 for x64-based Systems
• Microsoft / Windows 10 Serversversion 1709 (Server Core Installation) – version 1709 (Server Core Installation)
• Microsoft / Windows 10 Serversversion 1803 (Server Core Installation) – version 1803 (Server Core Installation)
• Microsoft / Windows Server 2016(Server Core installation) – (Server Core installation)

References

• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0965
• MISChttp://www.securityfocus.com/bid/105229
• MISChttp://www.securitytracker.com/id/1041624