CVE-2018-8219 — Hypervisor Code Integrity Elevation of Privilege Vulnerability
Executive Summary
An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels. An attacker who successfully exploited this vulnerability could gain elevated privileges on a target guest operating system. The host operating system is not vulnerable to this attack. This vulnerability by itself does not allow arbitrary code to be run. However, the vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running. The update addresses the vulnerability by correcting how privileges are enforced by Windows Hyper-V instruction emulation.
Overview
CVSS Vector
EPSS Score
No EPSS score available for this CVE.
View on FIRST.orgAffected Products
| Product | KB Article | Severity | Impact | Restart Required |
|---|---|---|---|---|
| Windows 10 Version 1607 for x64-based Systems | 4284880 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows 10 Version 1703 for x64-based Systems | 4284874 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows 10 Version 1709 for x64-based Systems | 4284819 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows 10 Version 1803 for x64-based Systems | 4284835 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows Server 2016 | 4284880 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows Server 2016 (Server Core installation) | 4284880 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows Server, version 1709 (Server Core Installation) | 4284819 (Security Update) |
Important | Elevation of Privilege | Yes |
| Windows Server, version 1803 (Server Core Installation) | 4284835 (Security Update) |
Important | Elevation of Privilege | Yes |
Patches
| Article | Type | Restart |
|---|---|---|
4284880 |
Security Update | Yes |
4284874 |
Security Update | Yes |
4284819 |
Security Update | Yes |
4284835 |
Security Update | Yes |
Known Exploits
Acknowledgments
Microsoft Hyper-V Development Team
Joe Bialek, MSRC Vulnerabilities and Mitigations Team