"Microsoft fixed a total of 58 vulnerabilities during Patch Tuesday in February 2026. That is fewer than in many other months. It is striking that six of these vulnerabilities were already being actively exploited before a security update was available. This means that more than ten percent of the patched vulnerabilities had already been exploited at the time of publication. The details have been published via the Microsoft Security Response Center and the accompanying Security Update Guide."
"According to Microsoft, the following zero days were actively exploited: CVE-2026-21510, a security feature bypass in Windows ShellCVE-2026-21513, a security feature bypass in the MSHTML frameworkCVE-2026-21514, a security feature bypass in Microsoft WordCVE-2026-21519, a privilege escalation leak in Desktop Window ManagerCVE-2026-21525, a denial-of-service vulnerability in Remote Access Connection ManagerCVE-2026-21533, a privilege escalation leak in Remote Desktop Services The first three vulnerabilities had already been publicly disclosed before the patches were released."
"In total, Microsoft resolved 25 privilege escalation leaks, 12 vulnerabilities that enable remote code execution, 7 spoofing bugs, 6 information leaks, 5 security feature bypasses, and 3 denial-of-service vulnerabilities this month. Privilege escalation is once again the largest category in this patch round. Microsoft released update KB5077181 for Windows 11 24H2 and 25H2. KB5075912 was released for Windows 10. The latter update is intended for systems participating in the Extended Security Updates program."
Microsoft fixed 58 vulnerabilities during Patch Tuesday in February 2026, fewer than in many other months. Six of the patched vulnerabilities were already being actively exploited before security updates were available, representing over ten percent of fixes. The zero-days exploited included CVE-2026-21510, CVE-2026-21513, CVE-2026-21514, CVE-2026-21519, CVE-2026-21525, and CVE-2026-21533; the first three had been publicly disclosed prior to patching. In total, 25 privilege escalation leaks, 12 remote code execution flaws, seven spoofing bugs, six information leaks, five security feature bypasses, and three denial-of-service vulnerabilities were addressed. Updates KB5077181 and KB5075912 were released for Windows 11 and Windows 10 (ESU) respectively. New Secure Boot certificates were issued to prevent compatibility and startup issues before existing certificates expire in June.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]