Published: 09/05/2018 Updated: 14/06/2018

CVSS v2 Base Score: 7.4 | Impact Score: 10 | Exploitability Score: 4.4

CVSS v3 Base Score: 7.6 | Impact Score: 6 | Exploitability Score: 1

VMScore: 659

Vector: AV:A/AC:M/Au:S/C:C/I:C/A:C

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 10 1803
microsoft windows 10 1607
microsoft windows server 2016 -
microsoft windows 10 1709
microsoft windows server 2016 1709
microsoft windows server 2016 1803
microsoft windows 10 1703

It's 2018, and a webpage can still pwn your Windows PC – and apps can escape Hyper-V

The Register • Chris Williams, Editor in Chief • 09 May 2018

Scores of bugs, from Edge and Office to kernel code to Adobe Flash, need fixing ASAP

Patch Tuesday Microsoft and Adobe have patched a bunch of security bugs in their products that can be exploited by hackers to commandeer vulnerable computers, siphon people's personal information, and so on. Redmond emitted 68 patches alone, 21 rated critical and at least two being actively exploited in the wild. There are browser and kernel patches you should look into first, check out an Office 365 email filter bypass that isn't addressed, then Hyper-V if you're using that, and then the rest. ...

CVE-2018-0961

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect