CVE-2017-0099

EUVD-2017-0466
Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted application, aka "Hyper-V Denial of Service Vulnerability." This vulnerability is different from those described in CVE-2017-0098, CVE-2017-0074, CVE-2017-0076, and CVE-2017-0097.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
ADJACENT_NETWORK
HIGH
HIGH
CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10
-
microsoftwindows_7
*
microsoftwindows_8.1
*
microsoftwindows_server_2008
*
microsoftwindows_server_2012
-
microsoftwindows_server_2016
*
microsoftwindows_vista
*
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64)
KB4012606
1511 (x64)
KB4013198
1607 (x64)
KB4013429
Windows 7
Service Pack 1 (x64)
KB4012215
Windows 8.1
(x64)
KB4012216
Windows Server 2008
Service Pack 2 (x64)
KB3211306
Service Pack 2 Server Core (x64)
KB3211306
Windows Server 2008 R2
Service Pack 1 (x64)
KB4012215
Service Pack 1 Server Core (x64)
KB4012215
Windows Server 2012
Server Core
KB4012217
Standard
KB4012217
Windows Server 2012 R2
Server Core
KB4012216
Standard
KB4012216
Windows Server 2016
Server Core
KB4013429
Standard
KB4013429
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/96640
http://www.securitytracker.com/id/1037999
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0099
http://www.securityfocus.com/bid/96640
http://www.securitytracker.com/id/1037999
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0099