Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Hyper-V vulnerability could allow escalation of privilege


Report ID: MS201311005
Date Published: 13 November 2013

Criticality: Important
Compromise Type: privilege-escalation
Compromise From: remote


Affected Product/Component:

Windows 8
Windows Server 2012




Summary

A vulnerability in Hyper-V on Windows 8 and Windows Server 2012 could allow an attacker to gain escalated privilege and possibly cause denial of service condition.



Detailed Description

Microsoft has released a security update to address a reported vulnerability in Hyper-V on Windows 8 and Windows Server 2012 machines. The vulnerability was caused by improper verification of a data structure's value, which allows a memory address with invalid address to be used. This issue has been resolved through the update by ensuring that user input are properly sanitized. Users are recommended to install the update onto their system as a protection measure against exploit attempts.



CVE Reference

CVE-2013-3898



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms13-092)



Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.