Microsoft Windows Hyper-V Remote Code Execution Vulnerability

A critical* Microsoft Windows Hyper-V Remote Code Execution Vulnerability with a CVSS 3.1 score of 9.0 was released.

A critical* Microsoft Windows Hyper-V Remote Code Execution Vulnerability with a CVSS 3.1 score of 9.0 was released. Even though no exploit regarding this vulnerability has been discovered, due to its severity/criticality, it is highly recommended that the following patches are downloaded to ensure the safety of systems/assets.

Affected Systems

It is stated in the recommended solutions section.

IoC’s

Recommended Solution(s)

Organizations using the following products are recommended to download the patches in the table below.

Product	Article	Patch
Windows 11 for x64-based Systems	5006674	Security Update
Windows Server, version 20H2 (Server Core Installation)	5006670	Security Update
Windows 10 Version 20H2 for x64-based Systems	5006670	Security Update
Windows Server, version 2004 (Server Core installation)	5006670	Security Update
Windows 10 Version 2004 for x64-based Systems	5006670	Security Update
Windows Server 2022 (Server Core installation)	5006699	Security Update
Windows Server 2022	5006699	Security Update
Windows 10 Version 21H1 for x64-based Systems	5006670	Security Update
Windows 10 Version 1909 for x64-based Systems	5006667	Security Update
Windows Server 2019 (Server Core installation)	5006672	Security Update
Windows Server 2019	5006672	Security Update
Windows 10 Version 1809 for x64-based Systems	5006672	Security Update

CVE / CWE

CVE-2021-38672

Related Website(s)

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.

Current Security Vulnerability Reports

SolarWinds Serv-U Remote Code Execution Vulnerability

21/07/2021

Microsoft Exchange Server Remote Code Execution Vulnerability-34473

21/07/2021

Microsoft Exchange Server Remote Code Execution Vulnerability-31206

21/07/2021

VMware VCenter Remote Code Execution Vulnerability

26/05/2021

Microsoft Exchange Server Remote Code Execution Vulnerabilities

14/04/2021

March 2021 Microsoft Exchange 0-Day Reports

03/03/2021

Spectre Vulnerability Exploitation

03/03/2021

Masslogger Phishing Campaign

19/02/2021

SolarWinds: Raindrop Malware

20/01/2021

SolarWinds Orion API Authentication Bypass Vulnerability

28/12/2020

SolarWinds Sunburst Attack Campaign

22/12/2020

StrongPity Watering Hole

07/07/2020

Microsoft SMBv3 Compression Vulnerability

11/03/2020

Critical Microsoft Vulnerability – March 2020

11/03/2020

MS Exchange Validation Key Remote Code Execution Vulnerability

28/02/2020

İSTANBUL

+90 216 504 53 30

+90 216 504 53 32

info@barikat.com.tr

Aydınevler Mahallesi,İsmet İnönü Cadddesi,Küçükyalı Ofis Park A Blok,No:20/1 Maltepe İstanbul

ANKARA

+90 312 235 44 41

+90 312 235 44 51

info@barikat.com.tr

Mustafa Kemal Mahallesi, Dumlupınar Bulvarı No:164, Kentpark Ofis, Kat:4 Daire:06 Çankaya, 06510 Ankara, Turkey

AMSTERDAM

+90 216 504 53 30

+90 216 504 53 32

info@barikatbv.com

Millenium Tower Floor 29, Radarweg 29 1045 XN Amsterdam, Netherlands

VULNERABILITY NEWSLETTER

You can register to our newsletter on the home page to be instantly informed about security vulnerabilities.

Microsoft Windows Hyper-V Remote Code Execution Vulnerability