MICROSOFT’S February 2026 Patch Tuesday addressed 59 vulnerabilities across Windows and multiple Microsoft products, including six actively exploited zero-day vulnerabilities, three of which were publicly disclosed before patches.
The six zero-days include CVE-2026-21510 (Windows Shell Security Feature Bypass), CVE-2026-21513 (Internet Explorer Security Feature Bypass), CVE-2026-21514 (Microsoft Word Security Feature Bypass), CVE-2026-21519 (Desktop Window Manager Elevation of Privilege), CVE-2026-21533 (Windows Remote Desktop Services Elevation of Privilege), and CVE-2026-21525 (Windows Remote Access Connection Manager Denial of Service).
Critical fixes covered Azure Cloud Service and Azure Confidential Computing, while several high‑risk vulnerabilities affected development tools and core Windows components, including issues in GitHub Copilot, Visual Studio, and Azure SDK, as well as multiple Windows Kernel and WinSock elevation‑of‑privilege flaws. CISA has added all six actively exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog, with a remediation deadline of 3 March 2026 for federal agencies and organisations.
SOCRadar emphasises prioritising remediation for the six zero‑days and assets such as developer workstations, internet‑facing Azure services, and endpoints running Microsoft Office applications.