Windows 10: Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet?

Discus and support Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet? in AntiVirus, Firewalls and System Security to solve the problem; Windows 10 Hyper-V enables vEthernet adapters, which are bound to RDMA by default, and which cannot be disabled or modified. Any modification of these... Discussion in 'AntiVirus, Firewalls and System Security' started by tutu_312, Jul 9, 2020.

  1. tutu_312 Win User

    Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet?


    Windows 10 Hyper-V enables vEthernet adapters, which are bound to RDMA by default, and which cannot be disabled or modified. Any modification of these adapters, and their settings is reverted on reboot. If RDMA bindings cannot be disabled on vEthernet, and if Microsoft has not implemented Throwhammer mitigation, this may open Device Guard enabled systems up to Throwhammer related vulnerabilities, unless Microsoft has introduced appropriate software mitigations. My question is, has Microsoft addressed Throwhammer vulnerabilities in Hyper-V virtual ethernet adapters?


    I found a definitive solution to disable vEthernet, unless and until Microsoft fixes these security flaws. Simply disable DNS Client and use a better third party DNS client. My solution works, even with Hyper-V enabled. Many of us don't want to disable Hyper-V security, and nothing else here worked for me on Windows 10 2004, everything is replaced on reboot, even netbios settings and RDMA which increase attack surface, by vulnerabilities like throwhammer, unless hyper-v has implemented inbuilt mitigations and its a pain to configure potentially hundreds of adapters every single time. Even automating withNvspbind all settings revert on reboot. One way to disable these adapters literally ONCE AND FOR ALL is to disable "DNScache" aka "Dns Client" service and use a third-party DNS service such asAcrylic , or SimpleDNSCrypt. Be sure to comb through Acrylics configuration with a fine toothed comb because initially your default DNS provider will automatically be set to google or cloudflare. Then point acrylic to your router IP, or preferred DNS server, and set all your adapters DNS settings to 127.0.0.1.


    You must disable DNSCache with regedit, here Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache


    Set startup to 4, and reboot.


    Aside from EventViewer errors clouding up the logs, The only minor caveat is you may see a single adapter constantly and briefly appearing and disappearing underControl Panel\Network and Internet\Network Connections and your device manager window may constantly refresh each time it attempts to install adapters. Another caveat is that initially loading the windows store you will get an error, unless you have previously opened the store with DNScache enabled. After that the store will work indefinitely unless you reset it. Not a big price to pay given how annoying this is, this actually works.

    :)
     
    tutu_312, Jul 9, 2020
    #1
  2. Steve C Win User

    Duplicate vEthernet Switch Adapters?

    I have two instances of a vEthernet Switch Adapter after installing a VM in Hyper V. I only have the default switch installed in Hyper V. How do I remove the greyed out adapter? Right clicking does not allow me to delete anything


    Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet? [​IMG]
     
    Steve C, Jul 9, 2020
    #2
  3. Problem in geting Hyper--V connecting to internet

    Greetings Ladies and Gentlemen, I have a Windows 10 Pro 64 bit, Windows Defender on a laptop. I update twice daily. I have installed Hyper-V and gotten as far as enabling vethernet switch. But I have been unable to get internal switch enabled. Under control
    panel, network and internet, network connections I have: vethernet (default switch) disabled Hyper--V ethernet system and underneath that I have vethernet (new virtual switch) disabled Hyper--V ethernet system. How do I get the best one connected to the internet
    ? I tried enabling but can not remove neither of them and reinstall one. Troubleshooting, both of them, suggested a reboot, that did not do anything. Please tell me how can I correct this ? Thank you
     
    CharlesLaMonte, Jul 9, 2020
    #3
  4. Kari Win User

    Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet?

    Hyper-V virtualization - Setup and Use in Windows 10  


    OK. I think you'd be better off with a clean install *Wink but if you have patience you could try this:


    1. In Hyper-V Virtual Switch Manager, remove all switches. I mean all of them!
    2. In Network Connections, remove all adapters labeled as vEthernet (any name). Right click all remaining (physical) adapters, if they are bridged remove from the bridge
    3. Reboot, connect with Ethernet
    4. In Hyper-V Virtual Switch Manager, create a new external switch connecting it to the Ethernet adapter
    5. Open your Windows 7 vm settings (you still have it?), change the Network Adapter to the external switch you just created
    6. Start your Windows 7 vm, It should now have network connection
    If this works, we can try re-create your wireless external switch.

    This is how the adapter properties on your host should look when the virtual switches have been created correctly. First, the host physical NIC properties, everything else is unselected, only the Hyper-V Extensible Switch being selected:
    Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet? [​IMG]


    Then the vEthernet adapter, the virtual switch connected to the above NIC. Everything else selected except the Hyper-V Extensible Switch and MS Network Adapter Multiplexor Protocol :
    Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet? [​IMG]


    Seen in Device Manager, each virtual switch should be mentioned in Network adapters:
    Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet? [​IMG]

    In my case the three switches seen in Device Manager are the same three shown in PowerShell with Get-VMSwitch:
    Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet? [​IMG]


    We continue when you have either decided to reinstall or gone through the steps I listed above Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet? :)
     
    Kari, Jul 9, 2020
    #4
Thema:

Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet?

Loading...
  1. Does Windows 10 Hyper-V have "Throwhammer" security Mitigations in vEthernet adapters yet? - Similar Threads - Does Hyper Throwhammer

  2. Adapter settings in Hyper-V

    in Windows 10 Customization
    Adapter settings in Hyper-V: Hello in Hyper-V Manager Action Settings, I am trying to select those settings that I need to get my Windows XP virtual computer connected to the network. From what I have read online, I need to select the Legacy Network Adapter item and click the Add button to create a...
  3. cannot permanently remove vEthernet adapter after removing Hyper-V

    in Windows 10 Ask Insider
    cannot permanently remove vEthernet adapter after removing Hyper-V: I enabled Hyper-V on a Windows 10 Pro machine to try using a Virtual Machine, but could never get the networking right. I could get either the VM or the host machine to have internet access, but never got both working simultaneously. I decided to give up on Hyper-V and...
  4. Has Windows 10 and Hyper-V introduced "Throwhammer" security Mitigations in Ethernet /...

    in AntiVirus, Firewalls and System Security
    Has Windows 10 and Hyper-V introduced "Throwhammer" security Mitigations in Ethernet /...: Windows 10 Hyper-V enables vEthernet adapters, which are bound to RDMA by default, and which cannot be disabled or modified. Any modification of these adapters, and their settings is reverted on reboot. If RDMA bindings cannot be disabled on vEthernet, and if Microsoft has...
  5. Has Windows 10 Hyper-V introduced "Throwhammer" security Mitigations in vEthernet adapters yet?

    in AntiVirus, Firewalls and System Security
    Has Windows 10 Hyper-V introduced "Throwhammer" security Mitigations in vEthernet adapters yet?: Windows 10 Hyper-V enables vEthernet adapters, which are bound to RDMA by default, and which cannot be disabled or modified. Any modification of these adapters, and their settings is reverted on reboot. If RDMA bindings cannot be disabled on vEthernet, and if Microsoft has...
  6. Cannot remove vEthernet Ethernet, Hyper-V Virtual Ethernet Adapter

    in Windows 10 Network and Sharing
    Cannot remove vEthernet Ethernet, Hyper-V Virtual Ethernet Adapter: Problem: Have to disable 'vEthernet Ethernet' after every reboot to be able to use my local network. Cannot permanently delete this Hyper-V Virtual Ethernet Adapter, which is of no use for me. Windows 10 Pro ver.2004: no VPN, no Virtual Machine, no Sandbox But I have had...
  7. Hyper-V Network adapter not connected in Windows 10

    in Windows 10 News
    Hyper-V Network adapter not connected in Windows 10: [ATTACH] [ATTACH]Hyper-V is a great utility built right inside the Windows 10 Pro and Enterprise editions to enable users to deploy Virtual Machines and other virtualization objects on their computers. Mostly used by the enterprise, Hyper-V is mostly used to deploy [...]...
  8. Hyper-V Network Adapter Bridge Mode?

    in Windows 10 Virtualization
    Hyper-V Network Adapter Bridge Mode?: I'm running successfully running Android BlueStacks in a Hyper-V machine and have network connectivity through the host adapter. However, one Android app I run does not fully function because it believes the device is not on the same subnet as the actual host machine. Someone...
  9. Network adapters not appearing in Hyper-V

    in Windows 10 Virtualization
    Network adapters not appearing in Hyper-V: Hello. I'm hoping somebody knowledgeable can help me. I've looked online and I can't find an answer for this problem. I've just recently picked up windows 10 (It's been less than a week so I'm admittedly a noob with it) and I want to create a virtual machine. I've gone...
  10. Windows 10 and Hyper-V

    in Windows 10 Installation and Upgrade
    Windows 10 and Hyper-V: I tried to install the preview as a virtual machine and everything went fine until after a reboot following the download and installation of the updates. Both 8.1 & 10 locked up with a strange crackling noise through the speakers every few seconds. One good thing about a...