CVE-2018-0961

Name of the Vulnerable Software and Affected Versions Windows Hyper-V versions prior to the fixed version Windows Server 2016 Windows 10 Windows 10 Servers

Description The issue exists due to insufficient input validation in the Windows Hyper-V system, allowing exploitation through specially crafted vSMB packet data. This can enable a remote attacker to execute arbitrary code.

Recommendations For Windows Hyper-V, update to a version that includes the fix for this issue. For Windows Server 2016, apply the necessary patch to resolve the vulnerability. For Windows 10 and Windows 10 Servers, ensure that all security updates are applied to mitigate the risk. As a temporary workaround, consider restricting access to vSMB packet data until a patch is available.