Researchers Publish Details on Recent Critical Hyper-V Vulnerability


Tracked as CVE-2021-28476 with a CVSS score of 9.9, the security vulnerability impacts Hyper-V’s virtual network switch driver (vmswitch.sys) and could be exploited to achieve remote code execution or cause a denial of service condition.

Hyper-V is a native hypervisor that provides virtualization capabilities for both desktop and cloud systems, and which Microsoft uses as the underlying virtualization technology for Azure.

The security issue that Guardicore Labs (in collaboration with SafeBreach Labs) discovered was likely in production for more than a year, as it first appeared in a vmswitch build in August 2019. The vulnerability affects Windows 7, 8.1 and 10 and Windows Server 2008, 2012, 2016 and 2019.