In November, Microsoft released the MS13-092 (aka CVE-2013-3898) security fix for Windows Server 2012 Hyper-V and Windows 8 Client Hyper-V.
An attacker who successfully exploited this vulnerability could execute arbitrary code as System in another virtual machine (VM) on the shared Hyper-V host. An attacker would not be able to execute code on the Hyper-V host, only on guest VMs on the same host. The vulnerability could also allow denial of service in Hyper-V on the same platforms, allowing an attacker to cause the Hyper-V host to stop responding or restart.
We’ve only had a handful of security fixes for Hyper-V since it was released on Windows Server 2008. This looks like the most important one of the lot.
Please test/deploy as quickly as you can.