Headline
CVE-2021-26443: Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability
How Could an Attacker Exploit this Vulnerability? A remote code execution vulnerability exists when a VM guest fails to properly handle communication on a VMBus channel. To exploit the vulnerability, an authenticated attacker could send a specially crafted communication on the VMBus channel from the guest VM to the Host. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host operating system.
Microsoft Security Response Center: Latest News
CVE-2024-43593: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability