Microsoft Hyper-V Security Vulnerability

::: Update: 3:06PM EDT 7/15/2015  :::

There may be temporary downtime on your shared environment as the security update does require a reboot.  We apologize for any inconvenience this may cause.

If you have any questions, please contact our support team at 1-877-215-HOST (4678) or submit an ticket by logging into https://solutions.hostmysite.com.

::: Original Post: 9:30am EDT 7/15/2015 :::

A critical security vulnerability affecting Hyper-V on Microsoft Windows 2008 (MS15-068) has been announced.

A flaw discovered in Microsoft Windows could allow remote code execution, leaving the web servers, systems, and applications hosted on those machines vulnerable to cyber-attacks. The vulnerability has been labeled MS15-068. More detailed information can be found at: https://technet.microsoft.com/en-us/library/security/MS15-068. A summary can be found below.

What exactly is the bug?

From the Security Bulletin on microsoft.com:

“A remote code execution vulnerability exists in Windows Hyper-V in a host context if an authenticated and privileged user on a guest virtual machine hosted by Hyper-V runs a specially crafted application.

To exploit this vulnerability, an attacker must have valid logon credentials for a guest virtual machine. Systems where Windows Hyper-V is installed are primarily at risk. The security update addresses the vulnerability by correcting how Hyper-V handles packet size memory initialization in guest virtual machines.”

Why is this vulnerability so dangerous?

If an attacker were to exploit this vulnerability successfully, they could gain the ability to execute any arbitrary code, giving them full control of the server and data.

How is HostMySite protecting me?

Our Support team and System Administrators have already applied the security patches to all affected servers, including the Azure platform and some of the Shared environment. These updates will be applied.  A reboot of the server is necessary and you may experience temporary downtime during the reboot. No servers at HostMySite are susceptible to this attack.

Still have a question?

If you have any additional questions regarding this security vulnerability, please don’t hesitate to contact our Support Team.

Add your comment

The HostMySite Blog provides useful news and information for HostMySite Customers