Skip to main content

Researchers urge hackers to exploit Hyper-V's huge attack surface

posted onJune 6, 2014
by l33tdawg

At the Hack in the Box security conference in Amsterdam, ERNW security researchers Enno Rey, Felix Wilhelm, and Matthias Luft presented Compromise-as-a-Service: Our PleAZURE (pdf).

The group says they chose to research Hyper-V because there has been “very little research so far,” resulting in only four DoS vulnerabilities in six years. Besides being used in a variety of corporate environments, Hyper-V – aka Windows Server Virtualization – “is also used in a variety of other platforms such as Microsoft Azure or the Xbox One gaming console.”

In a newly released technical paper (pdf) on Hyper-V security, ERNW researchers wrote, “after almost six years on the market, only a handful of Denial-of-Service vulnerabilities were patched. Even though Microsoft’s SDL has an impressive track record of producing secure software, this seems like an unrealistic low amount of vulnerabilities for such complex software.”

Source

Tags

Microsoft cloud Security HITB2014AMS

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th