Microsoft Released February 2026 Software Updates

Cybersecurity
Written By RF Wave

Microsoft has released software updates as part of its February 2026 Patch Tuesday. The updates fix 58 security vulnerabilities in total, including 6 zero-day vulnerabilities that are being actively exploited.

The breakdown of the vulnerabilities are as follows:

  • 25 privilege escalation

  • 5 security feature bypass

  • 12 remote code execution

  • 6 information disclosure

  • 3 denial of service

  • 7 spoofing

The actively exploited zero-day is as follows:

  • CVE-2026-21510 - vulnerability in Windows Shell that allows an attacker to bypass security features

  • CVE-2026-21513 - vulnerability in MSHTML Framework that allows an attacker to bypass security features

  • CVE-2026-21514 - vulnerability in Word that allows an attacker to bypass security features

  • CVE-2026-21519 - vulnerability Desktop Window Manager that can lead to elevation of privilege

  • CVE-2026-21525 - vulnerability in Windows Remote Access Connection Manager that can lead to denial of service

  • CVE-2026-21533 - vulnerability in Windows Remote Desktop Services that can lead to elevation of privilge

Why You Should Care?

Zero-day vulnerabilities are vulnerabilities where a flaw has been identified but there was no fix for the flaw, which means attackers will try to exploit as many targets as possible before users fix the vulnerability. This makes it extra dangerous, and needs to be addressed as soon as possible.

In this case, six of the zero-day vulnerabilities is actively exploited, which means attackers are already attacking businesses. It is only a matter of time before the attackers compromise your business. Now that patches are available, it is critical to apply the patches as soon as possible to avoid getting compromised.

What Should You Do?

  • Test the patches ASAP at your organization, and make sure it does not break any business applications

  • Prioritize patching the zero-day vulnerabilities

  • Roll out the rest of the Patch Tuesday updates

References

  • https://www.bleepingcomputer.com/news/microsoft/microsoft-february-2026-patch-tuesday-fixes-6-zero-days-58-flaws/

RF Wave
Next

Betterment breached and more - Feb 8, 2026