Windows : Microsoft Bulletins : Microsoft Windows Hyper-V Multiple Vulnerabilities (3143118)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.807661

Category: Windows : Microsoft Bulletins

Title: Microsoft Windows Hyper-V Multiple Vulnerabilities (3143118)

Summary: This host is missing an important security; update according to Microsoft Bulletin MS16-045

Description: Summary:
This host is missing an important security
update according to Microsoft Bulletin MS16-045

Vulnerability Insight:
Multiple flaws are due to
when Windows Hyper-V on a host operating system fails to properly validate
input from an authenticated user on a guest operating system.

Vulnerability Impact:
Successful exploitation will allow an attacker to
execute arbitrary code on the host operating system, also could gain access to
information on the Hyper-V host operating system.

Affected Software/OS:
- Microsoft Windows 8.1 x64

- Microsoft Windows Server 2012/2012R2

- Microsoft Windows 10 x64

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-0088
Microsoft Security Bulletin: MS16-045
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-045
http://www.securitytracker.com/id/1035538
Common Vulnerability Exposure (CVE) ID: CVE-2016-0089
Common Vulnerability Exposure (CVE) ID: CVE-2016-0090

Copyright Copyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.807661
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Windows Hyper-V Multiple Vulnerabilities (3143118)
Summary:	This host is missing an important security; update according to Microsoft Bulletin MS16-045
Description:	Summary: This host is missing an important security update according to Microsoft Bulletin MS16-045 Vulnerability Insight: Multiple flaws are due to when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code on the host operating system, also could gain access to information on the Hyper-V host operating system. Affected Software/OS: - Microsoft Windows 8.1 x64 - Microsoft Windows Server 2012/2012R2 - Microsoft Windows 10 x64 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0088 Microsoft Security Bulletin: MS16-045 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-045 http://www.securitytracker.com/id/1035538 Common Vulnerability Exposure (CVE) ID: CVE-2016-0089 Common Vulnerability Exposure (CVE) ID: CVE-2016-0090
Copyright	Copyright (C) 2016 Greenbone AG