PatchSiren cyber security CVE debrief
CVE-2026-40378 Microsoft CVE debrief
CVE-2026-40378 is a HIGH severity vulnerability in Windows Local Security Authority Subsystem Service (LSASS) that allows an unauthorized attacker to deny service over a network. The vulnerability involves memory allocation with an excessive size value. Multiple Windows versions and editions are affected, including Windows 10, Windows 11, and Windows Server. Microsoft has released a vendor advisory for this vulnerability.
- Vendor
- Microsoft
- Product
- Windows 10 Version 1607
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-14
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-14
- Advisory updated
- 2026-07-16
Who should care
System administrators and security teams responsible for Windows infrastructure should be aware of this vulnerability. Given its HIGH CVSS score of 7.5 and potential for denial of service, prioritizing patching for this CVE is recommended. Windows 10, Windows 11, and Windows Server users should review their systems for exposure.
Technical summary
The vulnerability exists in the Local Security Authority Subsystem Service (LSASS) of Windows. LSASS is a critical system service responsible for managing security and authentication on a Windows system. The vulnerability allows an attacker to cause a denial of service (DoS) by triggering excessive memory allocation. This can be done remotely, making it a significant concern for organizations using affected Windows versions. The Common Vulnerabilities and Exposures (CVE) score is 7.5, classified as HIGH severity. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating that the vulnerability can be exploited over the network with low attack complexity and no privileges required.
Defensive priority
High priority should be given to patching systems vulnerable to CVE-2026-40378 due to its potential for denial of service and high CVSS score. System administrators should ensure that Windows 10, Windows 11, and Windows Server systems are updated with the latest security patches.
Recommended defensive actions
- Apply patches from Microsoft for affected Windows versions.
- Review and update inventory of Windows systems to ensure all are patched.
- Monitor system logs for potential exploitation attempts.
- Implement compensating controls such as network segmentation and access restrictions.
- Verify LSASS service configurations and ensure proper security settings.
Evidence notes
The CVE record was published on 2026-07-14T17:16:47.257Z and has not been modified since then. The NVD entry is currently Analyzed. Microsoft has provided a vendor advisory for this vulnerability.
Official resources
-
CVE-2026-40378 CVE record
CVE.org
-
CVE-2026-40378 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-14T17:16:47.257Z and has not been modified since then.