<< Back
CVE Number Vulnerability Product Severity Date
MS15-105 Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass (3091287) Windows 8.1 Important 09-09-2015

Technical Information

Brief overview of the risk:
The vulnerability could allow security feature bypass if an attacker runs a specially crafted application that could cause Windows Hyper-V to incorrectly apply access control list (ACL) configuration settings. Customers who have not enabled the Hyper-V role are not affected.

Detailed Information on the risk:

A security feature bypass vulnerability exists in Windows Hyper-V when access control list (ACL) configuration settings are not applied correctly. To exploit the vulnerability, an attacker could run a specially crafted application that could cause Hyper-V to allow unintended network traffic. Customers who have not enabled the Hyper-V role are not affected. The security update addresses the vulnerability by correcting how Hyper-V applies ACL configuration settings.

Further information on this exploit is available at : MS15-105

Windows 8.1 for x64-based Systems
Windows Server 2012 R2
Windows 10 for x64-based Systems
Windows Server 2012 R2

Affected Software

Windows 8.1 for x64-based Systems
Windows Server 2012 R2
Windows 10 for x64-based Systems
Windows Server 2012 R2