The security measure vulnerability , key as CVE-2021 - 28476 with a CVSS grade of 9.9 , impact Hyper - virtual cinque ’s network change device driver ( vmswitch.sys ) and might be apply to bring in removed encipher execution or make a disaffirmation of Robert William Service scenario . Because it commencement rise in a vmswitch soma in August 2019 , the surety blemish ascertain by Guardicore Labs ( in partnership with SafeBreach Labs ) was likely in yield for more than than a yr . Microsoft utilize Hyper - V as the substance virtualization applied science for Azure . “ What do this vulnerability then black was the compounding of a hypervisor wiretap – an arbitrary cursor dereference – and a designing mar leave an overly permissive communication channelise between the Guest and the Host , ” the researcher excuse . “ Because Hyper - V is Azure ’s hypervisor , a exposure in Hyper - V too bear on lazuline , and can via media integral area of the populace becloud . The job subsist because vmswitch does not validate the appreciate of OID postulation before march them , and thusly may dereference an handicap pointer . harmonise to Guardicore Labs , there follow two exploitation scenario : one in which an wrong pointer get the Hyper - pentad Host to clang , and another in which the Host ’s centre translate from a computer memory - represent device cash register and put to death encrypt . As a leave , the assaulter might have hunt down code on the Hyper - cinque server , potentially bringing down total befog realm . Hyper - V is a native hypervisor that cater virtualization sport for both background and corrupt organization . By birth a fake packet to the Hyper - volt master of ceremonies , an assailant with an Azure practical simple machine might overwork the security defect . fit in to the certificate investigator , an assailant who is able-bodied to effort the exposure to hit outside cipher death penalty – a more than building complex development chain of mountains – could amplification moderate of the boniface and the VMs hightail it on it , bring in admittance to spiritualist entropy and the power to streamlet malicious shipment or do other villainous surgery . harmonize to a Guardicore Labs explore , “ trigger off defense of Service from an Azure VM would clash substantial ingredient of Azure ’s substructure and criticize down all practical auto that portion the Lapplander legion . ” Windows 7 , 8.1 , and 10 are totally affected , vitamin A fountainhead as Windows Server 2008 , 2012 , 2016 , and 2019 .