Most of you will remember that Hyper-V’s parent partition is based on a slimmed down version of Windows called “Server Core”. Hmmm, could it be that the parent partition is affected?
Yup, it’s affected.
Don’t let the word “Core” mislead you. It’s still a big footprint – about 1GB in size. I’m glad this particular vulnerability isn’t remotely exploitable or I’d really be worried, but we’ve still got to patch the darn thing. And that means taking the server down. Live Migration (introduced with Windows Server 2008 R2) will allow you to move the workloads without downtime, but how many of you have moved to R2?
The lesson from all of this is that thinner is better from a security perspective and I’d argue that the x86 virtualization platforms that we are installing (ESX, Xen, Hyper-V and so on) are the most important x86 platforms in our data centers. That means patching this layer is paramount. With Hyper-V’s parent partition that means closely keeping an eye on Microsoft’s vulnerability announcements to see if it is affected.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.