'Critical' HyperV vulnerability: MS15-068

Discussion created by ben.fariello Expert on Jul 15, 2015
Latest reply on Aug 29, 2016 by julie.gordon

Microsoft Security Bulletin MS15-068 - Critical


I came across this on Reddit and figured I would share it in case anybody out there hadn't seen it yet.


The vulnerabilities could allow remote code execution in a host context if a specially crafted application is run by an authenticated and privileged user on a guest virtual machine hosted by Hyper-V. An attacker must have valid logon credentials for a guest virtual machine to exploit this vulnerability.


Doesn't affect any VMTurbo software, but it's probably something worth patching if you've got a HyperV deployment that's currently vulnerable.