|MS10-009||Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (974145)||Windows Server||Critical||10-02-2010|
Brief overview of the risk:
The vulnerability could allow denial of service if a malformed sequence of machine instructions is run by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to log on locally into a guest virtual machine to exploit this vulnerability.
Detailed Information on the risk:
A denial of service vulnerability exists in Hyper-V on Windows Server 2008 and Windows Server 2008 R2. The vulnerability is due to insufficient validation of specific sequences of machine instructions by Hyper-V. An attacker who successfully exploited this vulnerability could cause the affected Hyper-V system to stop responding. This would affect all virtual machines hosted by that system.
Further information on this exploit is available at : MS10-010
Affected SoftwareWindows Server 2008 for x64-based Systems
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems