A vulnerability in the Network Switch component of Microsoft Windows Hyper-V could allow an adjacent attacker to cause a denial of service (DoS) condition on a targeted host system.
The vulnerability is due to improper validation of user-supplied input by the affected software when handling input from a privileged user on a guest system. An attacker with privileged access to a guest system could exploit this vulnerability by accessing the guest system and executing an application that submits malicious input to the affected software. A successful exploit could allow the attacker to cause the host system to crash, resulting in a DoS condition for the host and all guest systems.
Microsoft confirmed the vulnerability and released software updates.
Security Impact Rating: Medium