Microsoft Hyper-V customers to expect upcoming downtime

December 17th, 2008 by jason Leave a reply »

This morning Microsoft issued an out of band security bulletin rated Critical which impacts Microsoft Hyper-V virtualized environments (and their respective running VMs) hosted on a Windows platform running any version of Internet Explorer.  The critical vulnerability is Remote Code Execution.  The bulletin advises that a reboot of the host may be required, which is Microsoft lingo for “you can count on a reboot”, they just don’t want to be nailed down to saying as such.  With some companies in their official year end freeze period where no changes other than emergency are allowed, there is no doubt this vulnerability comes at an inconvenient time leaving many IT skeleton crews scrambling.

VMware ESX/ESXi hosts are not directly impacted by the vulnerability and may continue running business as usual.  Those who are running VMware VirtualCenter on Microsoft Windows will likely require a reboot of the Windows host, however, this does not impact running VMs or ESX/ESXi hosts.

Advertisement

No comments

  1. matt meneau says:

    You’re a retard.

  2. Kevin Sweeney says:

    I agree with Matt. Nice site though and Happy Holidays!

  3. jason says:

    I can’t argue with brilliance.

  4. Anonymous says:

    This is just a bunch of FUD. Internet Explorer is not even part of Windows 2008 Server Core. Look, I love VMware and preach to my customers about using it. But, just get your facts straight before posting things like this. If your goal is to create a panic with Windows Hyper-V customers, then I guess your goal has been achieved.

  5. jason says:

    @Anonymous

    We’re on the same page – I want nothing more than the facts.

    The blog post specifically spoke to Hyper-V running on Windows with any version of Internet Explorer. This could imply Standard or Enterprise editions of Windows Server 2008, but the key fact is that we’re running Windows Server 2008 with any version of IE. Period. You chose to arbitrarily remove IE from the equation, implying server core, and thus changing the scope of the Microsoft patch impact and the scope of my blog post.

    Your selective reading and/or comprehension skills have failed you.

  6. Nat says:

    Jeeze – it is the truth. No reason to get all up tight about it.

    My guess is that if you’re a small enough shop to run hyper-v on a non-core installation of 08, you’re going to be able to ignore this bulletin until a more convenient time.

  7. Simon says:

    Guys, Server Core has parts of IE embedded in it for things like Automoatic Updates. While I haven’t checked yet, it is definately possible that this critical update is required for a Server Core and also Hyper-V Server installation