{"id":10991,"date":"2010-12-15T17:51:02","date_gmt":"2010-12-15T17:51:02","guid":{"rendered":"https:\/\/aidanfinn.com\/?p=10991"},"modified":"2010-12-15T17:51:02","modified_gmt":"2010-12-15T17:51:02","slug":"kb2345316-prevent-a-ddos-attack-from-a-hyper-v-vm","status":"publish","type":"post","link":"https:\/\/aidanfinn.com\/?p=10991","title":{"rendered":"KB2345316: Prevent a DDOS Attack From A Hyper-V VM"},"content":{"rendered":"

Microsoft has released<\/a> the second ever<\/em> (since the release of Windows Server 2008!) security fix for Hyper-V.  <\/p>\n

\u201cThis security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users\u201d.<\/em><\/p>\n

In other words, you have to be logged into a VM running on the host (be a legit internal user) and have sufficient rights in the VM\u2019s operating system to craft this packet.<\/p>\n

The issue affects Windows Server 2008 and<\/em> Windows Server 2008 R2.<\/p>\n

Technorati Tags: Security<\/a>,Virtualisation<\/a>,Hyper-V<\/a>,Windows Server 2008<\/a>,Windows Server 2008 R2<\/a><\/div>\n","protected":false},"excerpt":{"rendered":"

Microsoft has released the second ever (since the release of Windows Server 2008!) security fix for Hyper-V.  \u201cThis security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an … Continue reading “KB2345316: Prevent a DDOS Attack From A Hyper-V VM”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[20],"tags":[181,190,195,116,117],"class_list":["post-10991","post","type-post","status-publish","format-standard","hentry","category-hyper-v","tag-hyper-v","tag-security","tag-virtualisation","tag-windows-server-2008","tag-windows-server-2008-r2"],"aioseo_notices":[],"jetpack_featured_media_url":"","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/aidanfinn.com\/index.php?rest_route=\/wp\/v2\/posts\/10991","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aidanfinn.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aidanfinn.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aidanfinn.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aidanfinn.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10991"}],"version-history":[{"count":0,"href":"https:\/\/aidanfinn.com\/index.php?rest_route=\/wp\/v2\/posts\/10991\/revisions"}],"wp:attachment":[{"href":"https:\/\/aidanfinn.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10991"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aidanfinn.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10991"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aidanfinn.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10991"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}