Preface: Hyper-V is still available as a role in Windows Server 2022 and will be supported as long as that operating system is, currently scheduled for end of extended support on October 14, 2031.
Background: The vsock can also be used in QEMU/KVM as well as HyperV but the code is close source. H2G (host to guest) transports: they run in the host and usually they provide the device emulation; currently we have vhost and vmci transports. G2H (guest to host) transports: they run in the guest and usually they are device drivers; currently we have virtio, vmci, and hyperv transports.
– virtio-vsock provides a way for applications running on a guest VM and the host system to communicate with each other using the standard socket interface ( socket , connect , bind , listen , accept ).
– VMCI sockets communicate between the host and a guest on VMware platform products. You could also use VMCI sockets for interprocess communications on a guest. You cannot use VMCI sockets between the host and a virtual machine running on a different host.
– Starting with the Windows 10 Anniversary Update, anyone can create applications that communicate between a Hyper-V host and its virtual machines over Hyper-V sockets. Hyper-V Sockets is a Windows Sockets that uses a new address family and specialized endpoints for virtualizers. All communications run over Hyper-V sockets without using the network, and all data remains in the same physical memory. Applications that use Hyper-V sockets are similar to Hyper-V Integration Services.
Vulnerability details: Design weakness on vsock.
Remedy: Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect().
Prevents socket unbinding during a transport reassignment, which fixes a use-after-free:
Ref: Based on the latest information, CVE-2025-21756 does not appear to impact Microsoft Hyper-V. The recent vulnerabilities affecting Hyper-V are CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335, which involve privilege escalation and are already being exploited in the wild.
Official announcement: Please see the link for details –