Heads Up On Microsoft Security Bulletin MS11-047: Vulnerability in Hyper-V Could Allow Denial of Service (KB2525835)

Well, it’s patch Tuesday again, and here’s a quick heads up to all people using Hyper-V.  I would like to point your attention to http://www.microsoft.com/technet/security/bulletin/MS11-047.mspx.  This security bulletin deals with a vulnerability in Hyper-V that could allow a denial of service as mentioned in knowledge base article 2525835 which can be found here http://support.microsoft.com/kb/2525835. As you can read the severity rating is important, not critical. If you want to manually download the update you can get it here: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=c9c6c36d-a455-42f7-b7d4-9fb9824c07cb

This is, if I’m not mistaken, only the third security fix for Hyper-V since the Windows 2008 era. That is not a bad track record at all! Now look at the information available under mitigating factors:  An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users. Now that isn’t too much to ask from your virtualization infrastructure I hope. If it is, we need to talk. As the time of writing, no known exploits are out in the wild.

So review this and plan to deploy this at your earliest available maintenance windows. When you’re running a cluster with Live Migration you can do this with no downtime for the guests what so ever as it requires a restart.