Jordan Rabet

**Name of the Vulnerable Software and Affected Versions** Windows Hyper-V (affected versions not specified) **Description** A remote code execution issue exists due to improper input validation from an authenticated user on a guest operating system. This allows a remote attacker to execute arbitrary code using a specially crafted application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Hyper-V (affected versions not specified) **Description** A remote code execution issue exists due to insufficient input validation in the Windows Hyper-V Network Switch. This allows a remote attacker, acting as an authenticated user on a guest operating system, to execute arbitrary code on the host operating system by running a specially crafted application. The vulnerability is addressed by correcting how Windows Hyper-V Network Switch validates guest operating system network traffic. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined. **Description** A vulnerability allows attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (affected versions not specified) **Description** The issue is caused by a buffer overflow in memory, allowing a remote attacker to execute arbitrary code in the context of the current user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 Microsoft Windows 7 SP1 Microsoft Windows 8.1 Microsoft Windows Server 2012 Gold and R2 Microsoft Windows 10 Gold, 1511, and 1607 Microsoft Windows Server 2016 **Description** The issue allows guest OS users to execute arbitrary code on the host OS via a crafted application. It is related to insufficient access control in the Windows operating system, which can be exploited by an attacker to execute arbitrary code and compromise system security. Remote attackers can exploit this issue, potentially affecting the system. **Recommendations** For Microsoft Windows Vista SP2, update to a newer version that includes the fix for this issue. For Microsoft Windows Server 2008 SP2 and R2, update to a newer version that includes the fix for this issue. For Microsoft Windows 7 SP1, update to a newer version that includes the fix for this issue. For Microsoft Windows 8.1, update to a newer version that includes the fix for this issue. For Microsoft Windows Server 2012 Gold and R2, update to a newer version that includes the fix for this issue. For Microsoft Windows 10 Gold, 1511, and 1607, update to a newer version that includes the fix for this issue. For Microsoft Windows Server 2016, update to a newer version that includes the fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows 10 1607 Windows Server 2016 **Description** The issue is related to improper validation of vSMB packet data in Hyper-V, allowing attackers to execute arbitrary code on a target OS. It is also described as a vulnerability related to insufficient access control in the Hyper-V application of the Windows operating system, which can be exploited by a specially crafted application. The vulnerability enables remote attackers to execute arbitrary code and affect the system. **Recommendations** For Microsoft Windows 10 1607, update to a version that includes the fix for this issue. For Windows Server 2016, apply the necessary patch or update to resolve the vulnerability. As a temporary workaround, consider restricting access to Hyper-V to minimize the risk of exploitation.