Advanced

Zero-Days in Microsoft Hyper-V: What You Should Know

Microsoft's January Patch Tuesday release addressed the largest number of CVEs in a single month since 2017, with 162 vulnerabilities patched in total. This surpassed the previous record...

Among the 162 CVEs addressed that month were three Elevation of Privilege (EoP) vulnerabilities affecting Microsoft Hyper-V. While the broader patch batch also included remote code execution, denial-of-service, and spoofing vulnerabilities across other products, these three Hyper-V EoP vulnerabilities stood out for one critical reason: they had already been exploited in the wild before the patches were released, making them true zero-days.

Because Hyper-V underpins Microsoft Azure's virtual machine service, its footprint extends well beyond individual servers and workstations into hyperscale cloud infrastructure.

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

3 sections
  1. 1 Table of Contents
  2. 2 Module 1: The Microsoft Hyper-V Zero-Day Elevation of Privilege Vulnerabilities
  3. 3 Summary

More Vulnerability Briefings courses

View all 30

Interested in this course?

Contact us to book it or get a custom training plan for your team.