(MS15-068) Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution (3072000)

  Severity: CRITICAL
  CVE Identifier: CVE-2015-2361,CVE-2015-2362
  Advisory Date: AUG 14, 2015

  DESCRIPTION

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution on the vulnerable system. An attacker must have valid logon credentials on a guest Hyper-V machine in the vulnerable system in order to successfully exploit this vulnerability.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Windows Server 2008
  • Windows Server 2008 R2
  • Windows 8
  • Windows 8.1
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2012 (Server Core installation)
  • Windows Server 2012 R2 (Server Core installation)