Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Summary

On November 12, 2019, Intel published a technical advisory around Intel® Processor Machine Check Error vulnerability that is assigned CVE-2018-12207. Microsoft has released updates to help mitigate this vulnerability for guest Virtual Machines (VMs) but the protection is disabled by default. Enabling this protection requires an action on the Hyper-V hosts running untrusted VMs. Follow the guidance in the "Registry setting" section to enable this protection on the Hyper-V hosts running untrusted VMs.

Registry setting

  • To enable the protection around Intel® Processor Machine Check Error vulnerability (CVE-2018-12207), run the following command in an elevated Command Prompt on the Hyper-V host that run untrusted VMs to set the following registry key:

    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization" /v IfuErrataMitigations /t REG_DWORD /d 1 /f

Note After executing this command, please shutdown and then restart all Guest VMs running on the Hyper-V host.

  • To disable the protection around Intel® Processor Machine Check Error vulnerability (CVE-2018-12207), run the following command in an elevated Command Prompt on the Hyper-V host that run untrusted VMs to set the following registry key:

    reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization" /v IfuErrataMitigations /t REG_DWORD /d 0 /f

Note After executing this command, please shutdown and then restart all Guest VMs running on the Hyper-V host.

 

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×