Microsoft Patch Tuesday February 2026 – 54 Vulnerabilities Fixed, Including 6 Zero-days - CybersecurityNews

Home Cyber Security Microsoft Patch Tuesday February 2026 – 54 Vulnerabilities Fixed, Including 6 Zero-days Microsoft Patch Tuesday February 2026 Microsoft released its February 2026 Patch Tuesday updates on February 10, addressing 54 vulnerabilities, including six zero-days across Windows, Office, Azure, and developer tools. The updates fix issues in products like Windows Remote Desktop Services, Microsoft Defender, Azure services, GitHub Copilot, Visual Studio Code, Microsoft Exchange, and Office apps. Severity ratings include two Critical flaws and numerous Important ones, with types including remote code execution (RCE), elevation of privilege (EoP), information disclosure, spoofing, denial-of-service (DoS), and security feature bypass. Microsoft assigns customer action as required for all listed CVEs and urges immediate patching. Vulnerability Type Count Remote Code Execution 11​ Denial of Service 3​ Elevation of Privilege 23​ Information Disclosure 5​ Security Feature Bypass 5​ Spoofing 7​ Total 54​ Zero-Day Vulnerabilities Six zero-days were patched, marked as publicly disclosed and/or exploited prior to release. These include: CVE-2026-21514: Security feature bypass in Microsoft Office Word. CVE-2026-21513: Security feature bypass in MSHTML Framework. CVE-2026-21510: Security feature bypass in Windows Shell. CVE-2026-21533: EoP in Windows Remote Desktop Services. CVE-2026-21525: DoS in Windows Remote Access Connection Manager. CVE-2026-21519: EoP in Desktop Window Manager. Attackers could chain these for broader compromise, such as bypassing protections to execute code or escalate privileges. Critical Vulnerabilities Two Critical vulnerabilities demand priority: CVE ID Type Affected Product CVSS Implication CVE-2026-23655 Information Disclosure Azure Compute Gallery (ACI Confidential Containers) Allows sensitive data leak from confidential workloads. CVE-2026-21522 Elevation of Privilege Azure Compute Gallery (ACI Confidential Containers) Enables privilege escalation in container environments. These Azure flaws highlight risks in cloud-native confidential computing. RCE flaws pose high risks in cloud and endpoint tools: CVE-2026-21537: RCE in Microsoft Defender for Endpoint Linux Extension. CVE-2026-21531: RCE in Azure SDK for Python. CVE-2026-21523: RCE in GitHub Copilot and Visual Studio Code. CVE-2026-21516: RCE in GitHub Copilot for JetBrains. CVE-2026-21256: RCE in GitHub Copilot and Visual Studio. Office issues include spoofing in Outlook (CVE-2026-21527, CVE-2026-21260), info disclosure/EoP in Excel (CVE-2026-21261, CVE-2026-21259, CVE-2026-21258), and Word bypass (CVE-2026-21514). Windows sees EoP in HTTP.sys (CVE-2026-21250), Hyper-V bypass (CVE-2026-21255), and storage (CVE-2026-21508). Azure-specific: Spoofing in HDInsight (CVE-2026-21529), info disclosure in IoT Explorer SDK (CVE-2026-21528). Other: XSS spoofing in Azure DevOps (CVE-2026-21512). Elevated risks target developers (Copilot/VS Code), enterprises (Azure/Exchange), and endpoints (Windows/Defender). Exploitation could lead to data theft, lateral movement, or full compromise. The table below summarizes the CVEs found in the provided text, including links to the official Microsoft Security Response Center (MSRC) pages for each vulnerability, along with their impact, severity, and affected product details. Microsoft Security Updates – February 10, 2026 CVE ID Impact Severity Vulnerability Title Product/Component CVE-2026-23655 Information Disclosure Critical Microsoft ACI Confidential Containers Information Disclosure Vulnerability Azure Compute Gallery CVE-2026-21537 Remote Code Execution Important Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability Microsoft Defender for Linux CVE-2026-21533 Elevation of Privilege Important Windows Remote Desktop Services Elevation of Privilege Vulnerability Windows Remote Desktop CVE-2026-21531 Remote Code Execution Important Azure SDK for Python Remote Code Execution Vulnerability Azure SDK CVE-2026-21529 Spoofing Important Azure HDInsight Spoofing Vulnerability Azure HDInsights CVE-2026-21528 Information Disclosure Important Azure IoT Explorer Information Disclosure Vulnerability Azure IoT SDK CVE-2026-21527 Spoofing Important Microsoft Exchange Server Spoofing Vulnerability Microsoft Exchange Server CVE-2026-21525 Denial of Service Moderate Windows Remote Access Connection Manager Denial of Service Vulnerability Windows Remote Access Connection Manager CVE-2026-21523 Remote Code Execution Important GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability GitHub Copilot and Visual Studio CVE-2026-21522 Elevation of Privilege Critical Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability Azure Compute Gallery CVE-2026-21519 Elevation of Privilege Important Desktop Window Manager Elevation of Privilege Vulnerability Desktop Window Manager CVE-2026-21518 Security Feature Bypass Important GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability GitHub Copilot and Visual Studio Code CVE-2026-21517 Elevation of Privilege Important Windows App for Mac Installer Elevation of Privilege Vulnerability Windows App for Mac CVE-2026-21516 Remote Code Execution Important GitHub Copilot for Jetbrains Remote Code Execution Vulnerability Github Copilot CVE-2026-21514 Security Feature Bypass Important Microsoft Word Security Feature Bypass Vulnerability Microsoft Office Word CVE-2026-21513 Security Feature Bypass Important MSHTML Framework Security Feature Bypass Vulnerability MSHTML Framework CVE-2026-21512 Spoofing Important Azure DevOps Server Cross-Site Scripting Vulnerability Azure DevOps Server CVE-2026-21511 Spoofing Important Microsoft Outlook Spoofing Vulnerability Microsoft Office Outlook CVE-2026-21510 Security Feature Bypass Important Windows Shell Security Feature Bypass Vulnerability Windows Shell CVE-2026-21508 Elevation of Privilege Important Windows Storage Elevation of Privilege Vulnerability Windows Storage CVE-2026-21261 Information Disclosure Important Microsoft Excel Information Disclosure Vulnerability Microsoft Office Excel CVE-2026-21260 Spoofing Important Microsoft Outlook Spoofing Vulnerability Microsoft Office Outlook CVE-2026-21259 Elevation of Privilege Important Microsoft Excel Elevation of Privilege Vulnerability Microsoft Office Excel CVE-2026-21258 Information Disclosure Important Microsoft Excel Information Disclosure Vulnerability Microsoft Office Excel CVE-2026-21257 Elevation of Privilege Important GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability GitHub Copilot and Visual Studio CVE-2026-21256 Remote Code Execution Important GitHub Copilot and Visual Studio Remote Code Execution Vulnerability GitHub Copilot and Visual Studio CVE-2026-21255 Security Feature Bypass Important Windows Hyper-V Security Feature Bypass Vulnerability Windows Hyper-V CVE-2026-21253 Elevation of Privilege Important Mailslot File System Elevation of Privilege Vulnerability Mailslot File System CVE-2026-21251 Elevation of Privilege Important Cluster Client Failover (CCF) Elevation of Privilege Vulnerability Windows Cluster Client Failover CVE-2026-21250 Elevation of Privilege Important Windows HTTP.sys Elevation of Privilege Vulnerability Windows HTTP.sys Prioritize critical and zero-day patches via Windows Update or WSUS; test in staging environments. Enable auto-updates, monitor MSRC for revisions, and audit Azure/Office configs. CISA may add top CVEs to the KEV catalog soon. Tyler Reguly, Associate Director of Fortra, stated to Cybersecurity News that “On first pass, this month looks pretty reasonable – 60 CVEs, including one assigned by the Chrome CNA. When you look a little more closely, you start to realize that there is a lot going on here. February can be a bit of a cold, dull month, but Microsoft has decided to heat things up a bit. The good news, there’s not a lot of CVEs to deal with, the bad news, there’s actually a lot to unpack here. We can’t ignore the fact that there are 6 actively exploited vulnerabilities included in this month’s patch drop. 10% of this month’s vulnerabilities are listed by Microsoft as exploit detected.” Other Patch Tuesday Updates FortiSandbox XSS Vulnerability Let Attackers Run Arbitrary Commands FortiOS Authentication Bypass Vulnerability Lets Attackers Bypass LDAP Authentication Ivanti Endpoint Manager Vulnerability Lets Remote Attacker Leak Arbitrary Data SAP Security Patch Day – Critical SAP CRM and SAP S/4HANA Code Injection Vulnerabilities Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories. RELATED ARTICLESMORE FROM AUTHOR Cyber Security News New ACRStealer Variant Uses Syscall Evasion, TLS C2 and Secondary Payload Delivery Cyber Security News Microsoft Exchange Online Mailbox Access Outage Affects Users Globally Cyber Security News Betterleaks – A New Open-Source Tool to Scan Directories, Files, and Git Repositories Cyber Security News Konni APT Hijacks KakaoTalk Accounts to Spread Malware in Multi-Stage Spear-Phishing Campaign Android Android 17 Advanced Protection Mode to Block Malicious Service Usage