CVE-2016-0090

Name of the Vulnerable Software and Affected Versions Microsoft Windows Hyper-V versions in Windows 8.1, Windows Server 2012 R2, and Windows 10

Description The issue is related to a lack of protection for sensitive data in the Hyper-V hardware virtualization system, allowing a local attacker to obtain confidential information using a specially crafted application. This is due to the failure of Windows Hyper-V to properly validate input from an authenticated user on a guest operating system, which could enable an attacker to gain access to information on the Hyper-V host operating system.

Recommendations For Windows 8.1, consider applying specific security updates or patches to address the issue. For Windows Server 2012 R2, apply the recommended security fixes to prevent exploitation. For Windows 10, ensure that all latest security updates are installed to mitigate the risk. As a temporary workaround, consider restricting access to sensitive data on the host operating system until a patch is available.