Avis du CERT RENATER

Par défaut, cette page vous affichera les derniers messages envoyés par le CERT RENATER à la communauté. Vous pouvez affiner par année ou par type de message. Si aucun critère n'est précisé, seuls les derniers messages sont affichés
Date : Thu, 12 Nov 2015 14:08:48 +0100
Type : VULN
Sujet : CERT-Renater : 2015/VULN262 (Microsoft : Update for Windows Hyper-V to Address CPU Weakness)
===================================================================
                    CERT-Renater

                    Note d'Information No. 2015/VULN262
_____________________________________________________________________

DATE                : 10/11/2015

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): System running Windows Hyper-V
======================================================================
https://technet.microsoft.com/en-us/library/security/3108638
_____________________________________________________________________


Update for Windows Hyper-V to Address CPU Weakness

Published: November 10, 2015

Version: 1.0

Executive Summary

Microsoft is announcing the availability of a security update for 
Windows Hyper-V to protect against a denial of service condition that 
can be triggered with certain central processing unit (CPU) chipsets. 
Although the weakness resides in the chipset, Microsoft is issuing this 
security update to protect customers. The update prevents guests on a 
Hyper-V system from triggering a weakness in the CPU that could allow 
instructions from a Hyper-V guest to place its Hyper-V host's CPU into 
an unresponsive state, leading to a denial of service condition for the 
guest operating systems running on the affected host. Successful 
exploitation of the CPU weakness would require kernel-mode
code execution privileges on the guest operating system. The update
circumvents the CPU weakness by preventing a guest operating system from 
triggering the unresponsive state in the host systems CPU.

Recommendation. Please see the Suggested Actions section of this 
advisory for instructions on applying the updates for specific releases 
of Microsoft Windows. Advisory Details

Vulnerability References

CVE References 				CVE-2015-5307 CVE-2015-8104
Microsoft Knowledge Base Article	3108638
Publicly Disclosed 			No
Active Attack 				No

Affected Software

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 R2

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows 8 and Windows 8.1

Windows 8 for x64-based Systems (Professional and Enterprise editions only)

Windows 8.1 for x64-based Systems (Professional and Enterprise editions 
only)

Windows Server 2012 and Windows Server 2012 R2

Windows Server 2012

Windows Server 2012 R2

Windows 10 Windows 10 for x64-based Systems [1] (Excluding Home editions)

Windows 10 Version 1511 for x64-based Systems [1] (Excluding Home editions)

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core
installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core 
installation)

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2 (Server Core installation)

[1]Windows 10 updates are cumulative. In addition to containing 
non-security updates, they also contain all of the security fixes for 
all of the Windows 10-affected vulnerabilities shipping with the monthly 
security release. The updates are available via the Microsoft Update 
Catalog.

Note Windows Server Technical Preview 3 is affected. Customers running 
this operating system are encouraged to apply the update, which is 
available via Windows Update.

Advisory FAQ

What is the scope of the advisory?

The purpose of this advisory is to notify customers of an available 
security update for Windows Hyper-V to protect against a denial of 
service condition that can be triggered with certain CPU chipsets.

What does the update do?

The security update bypasses the CPU weakness by preventing a guest 
operating system from triggering an unresponsive state in the CPU.

Suggested Actions

Apply the update for your version of Microsoft Windows

The majority of customers have automatic updating enabled and will not 
need to take any action because the updates will be downloaded and 
installed automatically. Customers who have not enabled automatic 
updating need to check for updates and install this update manually. For 
information about specific configuration options in automatic updating, 
see Microsoft Knowledge Base Article 3097966.

For administrators and enterprise installations, or end users who want 
to install the updates manually, Microsoft recommends applying the 
update immediately using update management software, or by checking for 
updates usingthe Microsoft Update service. For more information on how 
to manually apply the updates, see Microsoft Knowledge Base Article 3108638.

Additional Suggested Actions

Protect your PC

We continue to encourage customers to follow our Protect Your Computer
guidance of enabling a firewall, getting software updates and installing 
antivirus software. For more information, see Microsoft Safety & 
Security Center.

Keep Microsoft Software Updated

Users running Microsoft software should apply the latest Microsoft 
security updates to help make sure that their computers are as protected 
as possible.
If you are not sure whether your software is up to date, visit Microsoft 
Update, scan your computer for available updates, and install any 
high-priority updates that are offered to you. If you have automatic 
updating enabled and configured to provide updates for Microsoft 
products, the updates are delivered to you when they are released, but 
you should verify that they are installed.

Security Update Deployment

For Security Update Deployment information, see Microsoft Knowledge Base
Article 3108638.

Other Information

Feedback

You can provide feedback by completing the Microsoft Help and Support form,
Customer Service Contact Us.

Support

Customers in the United States and Canada can receive technical support 
from Security Support. For more information, see Microsoft Help and Support.

International customers can receive support from their local Microsoft
subsidiaries. For more information, see International Support.

Microsoft TechNet Security provides additional information about 
security in Microsoft products.

Disclaimer

The information provided in this advisory is provided "as is" without 
warranty of any kind. Microsoft disclaims all warranties, either express 
or implied, including the warranties of merchantability and fitness for 
a particular purpose. In no event shall Microsoft Corporation or its 
suppliers be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages, even if Microsoft Corporation or its suppliers have been 
advised of the possibility of such damages. Some states do not allow the 
exclusion or limitation of liability for consequential or incidental 
damages so the foregoing limitation may not apply.

Revisions

V1.0 (November 10, 2015): Advisory published.
=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================

[An attachment of type application/pkcs7-signature was included here]