Microsoft Windows Hyper-V Privilege Escalation Vulnerability

A use-after-free vulnerability has been identified in Windows Hyper-V, allowing an unauthorized attacker to locally elevate privileges. This vulnerability affects multiple versions of Windows 11 and Windows Server 2022. The issue arises when a guest virtual machine manipulates the Hyper-V host's kernel into reading from an arbitrary, potentially invalid memory address. While this typically causes a denial-of-service by crashing the Hyper-V host, it could also be exploited to read from memory-mapped device registers of hardware devices connected to the host, potentially leading to additional security risks.

Impact

Exploitation of this vulnerability could allow a guest virtual machine to gain SYSTEM privileges on the Hyper-V host, effectively crossing the security boundary between the guest and the host environment.

Remediation

Users can download the security update for this vulnerability via the Microsoft Update Catalog. Security Update KB5087420 is available for Windows 11 Version 23H2 for both x64-based and ARM64-based systems. For Windows Server 2022, Security Update KB5087545 and Security Hotpatch Update KB5087424 can be downloaded from the Microsoft Update Catalog.