Technical Information

Brief overview of the risk:
This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution in a host context if a specially crafted application is run by an authenticated and privileged user on a guest virtual machine hosted by Hyper-V. An attacker must have valid logon credentials for a guest virtual machine to exploit this vulnerability.

Detailed Information on the risk:

A remote code execution vulnerability exists in Windows Hyper-V in a host context if an authenticated and privileged user on a guest virtual machine hosted by Hyper-V runs a specially crafted application.
To exploit this vulnerability, an attacker must have valid logon credentials for a guest virtual machine. Systems where Windows Hyper-V is installed are primarily at risk. The security update addresses the vulnerability by correcting how Hyper-V handles packet size memory initialization in guest virtual machines.

Further information on this exploit is available at : MS15-068

Windows Server 2008 for x64-based Systems Service Pack 2 
Windows Server 2008 R2 for x64-based Systems Service Pack 1 
Windows 8 for x64-based Systems 
Windows 8.1 for x64-based Systems 
Windows Server 2012 
Windows Server 2012 R2 
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 
Windows Server 2012 R2 (Server Core installation)