Microsoft has published security advisories for CVE-2026-40402, a Windows Hyper-V Elevation of Privilege vulnerability listed in the Microsoft Security Update Guide. The flaw affects Hyper-V, Microsoft's virtualization platform, and could allow an attacker to gain elevated privileges on a vulnerable system.
The advisory was released through Microsoft's public update channels, including the Security Update Guide and MSRC advisory pages, but no public synopsis or technical details were provided in the referenced notices. Organizations using Windows Hyper-V should review Microsoft's guidance for affected versions, patch availability, and any mitigation steps tied to CVE-2026-40402.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
1 event from the most recent confirmed update back to the earliest known activity.
Microsoft added CVE-2026-40402, a Windows Hyper-V Elevation of Privilege vulnerability, to its Security Update Guide. The references indicate public disclosure via Microsoft's advisory pages on the same date.
2 references tracked. Mallory keeps watching after this page renders.
msrc.microsoft.com
Open sourcemsrc.microsoft.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.