Vulnerability Protection

Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution


Report ID:


Date Published:

15 March 2017

Date Revised:



Compromise Type:

Remote code execution, denial of service, information disclosure

Compromise From:


Affected Product/Component:

Windows Server 2008
Windows 7
Windows Server 2008 R2
Windows 8.1
Windows Server 2012 and Windows Server 2012 R2
Windows 10
Windows Server 2016


WIndows Hyper-V was affected by eleven reported vulnerabilities that could be exploited into allowing remote code execution, denial of service, and information disclosure. 

Detailed Description

Windows Hyper-V was affected by a total of eleven vulnerabilities, six of which could lead to denial of service, four could lead to remote code execution, and one could lead to information disclosure. These vulnerabilities were caused by improper validation of input from an authenticated user and improper validation of vSMB packet data. All issues have been resolved in the latest update through corrective modifications and fixes. 

CVE Reference

CVE-2017-0021, CVE-2017-0051, CVE-2017-0074, CVE-2017-0075, CVE-2017-0076, CVE-2017-0095, CVE-2017-0096, CVE-2017-0097, CVE-2017-0098, CVE-2017-0099, CVE-2017-0109


Install the latest security patch for applicable system, available for download from


Microsoft Security Bulletin MS17-008