Vulnerability Description
Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS by leveraging guest OS privileges, aka "Hyper-V System Data Structure Vulnerability."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 8 | - |
| Microsoft | Windows 8.1 | - |
| Microsoft | Windows Server 2008 | All versions |
| Microsoft | Windows Server 2012 | - |
Related Weaknesses (CWE)
References
- http://www.securitytracker.com/id/1032897
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-06
- http://www.securitytracker.com/id/1032897
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-06
FAQ
What is CVE-2015-2362?
CVE-2015-2362 is a vulnerability with a CVSS score of 7.2 (HIGH). Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest OS...
How severe is CVE-2015-2362?
CVE-2015-2362 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-2362?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 8, Microsoft Windows 8.1, Microsoft Windows Server 2008, Microsoft Windows Server 2012.