This Hyper-V vulnerability could plague Microsoft users for some time

Patch or perish

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

New details have emerged about a critical remote code execution vulnerability in Hyper-V that was discovered bycybersecurityresearchers and patched in May 2021.

The vulnerability, tracked as CVE-2021-28476 was reported toMicrosoftby Guardicore Labs’ Ophir Harpaz and SafeBreach Labs’ Peleg Hadar, and was assigned a CVSS score of 9.9.

“Hyper-V isAzure’s hypervisor; for this reason, a vulnerability in Hyper-V entails a vulnerability in Azure, and can affect whole regions of thepublic cloud. Triggering denial of service from an Azure VM would crash major parts of Azure’s infrastructure and take down allvirtual machines (VM)that share the same host,” note the researchers in a newjoint blog post.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

The vulnerability was found using an in-house developed fuzzer dubbed hAFL1, which the researchers will detail in next month’s Black Hat USA 2021 conference.

Businesses are slow to patch

Businesses are slow to patch

The bug originates in Hyper-V’s network switch driver named vmswitch, and affects all versions of Windows fromWindows 7upwards, includingWindows 10, as well asWindows Server2008 through to Windows Server 2019.

The researchers note that the vulnerability was first spotted in August 2019, which suggests to them that the bug might have been in production for over a year before it was discovered and patched.

To exploit the vulnerability, the attacker must have access to a guest VM through which they can send a specially crafted packet to the Hyper-V host to trigger mayhem.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

While Microsoft has ensured that the Azure service is safe from this issue,Harpaz toldBleepingComputerthat it is fairly common for vulnerabilities to remain unpatched for years on machines in enterprise networks.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Best Linux distro for Windows users of 2024

Chuwi Hi10 Max 2-in-1 Tablet review

Best genealogy tool of 2024