{“lastseen”:”2026-02-10T22:05:08″,”description”:”Microsoft’s February 2026 Patch Tuesday focuses on closing security gaps that attackers could exploit, reinforcing the importance of timely patching in enterprise environments. Here’s a quick breakdown of what you need to know.\\n\\n## Microsoft Patch Tuesday for February 2026\\n\\nThis month’s release addresses **61** vulnerabilities, including **five** critical and **52** important-severity vulnerabilities.\\n\\nIn this month’s updates, Microsoft has addressed **six **zero-day vulnerabilities that have been exploited in the wild.\\n\\nMicrosoft addressed one vulnerability in Microsoft Edge (Chromium-based) that was patched earlier this month.\\n\\nMicrosoft Patch Tuesday, February edition, includes updates for vulnerabilities in Microsoft Exchange Server, Microsoft Graphics Component, Windows NTLM, Windows Remote Access Connection Manager, Windows Remote Desktop, and more.\\n\\nFrom elevation of privilege flaws to remote code execution risks, this month’s patches are essential for organizations aiming to maintain a robust security posture.\\n\\nThe February 2026 Microsoft vulnerabilities are classified as follows:\\n\\n**Vulnerability Category**| **Quantity**| **Severities** \\n—|—|— \\nSpoofing Vulnerability| 7| Important: 6 \\nDenial of Service Vulnerability| 3| Important: 3 \\nElevation of Privilege Vulnerability| 25| Critical: 3 \\nImportant: 22 \\nInformation Disclosure Vulnerability| 6| Critical: 2 \\nImportant: 4 \\nRemote Code Execution Vulnerability| 12 | Important: 12 \\nSecurity Feature Bypass Vulnerability| 5| Important: 5 \\n \\n## Zero-day Vulnerabilities Patched in February Patch Tuesday Edition\\n\\n### CVE-2026-21519: Desktop Windows Manager Elevation of Privilege Vulnerability \\n\\nDesktop Window Manager is a system service in Windows (Vista and later) that enables visual effects such as transparency, window animations, and live taskbar thumbnails via GPU hardware acceleration. \\n\\nA type confusion flaw in the Desktop Window Manager may allow an authenticated attacker to elevate privileges locally. Successful exploitation of the vulnerability may allow an attacker to gain SYSTEM privileges. \\n\\n### CVE-2026-21533: Windows Remote Desktop Services Elevation of Privilege Vulnerability \\n\\nWindows Remote Desktop Services (RDS) is a Microsoft Windows Server technology that allows users to securely access virtualized desktops, applications, and resources from any device, anywhere. \\n\\nAn improper privilege management flaw in Windows Remote Desktop could allow an authenticated attacker to elevate privileges locally. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. \\n\\n### CVE-2026-21510: Windows Shell Security Feature Bypass Vulnerability\\n\\nThe Windows Shell is the primary interface for users to interact with the Windows operating system, encompassing visible elements like the Desktop, Taskbar, and Start Menu.\\n\\nA failure in the Windows Shell protection mechanism may allow an unauthenticated attacker to bypass a network security feature. An attacker must convince a user to open a malicious link or shortcut file to exploit the vulnerability.\\n\\n### CVE-2026-21514: Microsoft Word Security Feature Bypass Vulnerability\\n\\nAn attacker must send a user a malicious Office file and convince them to open it to exploit the vulnerability.\\n\\n### CVE-2026-21525: Windows Remote Access Connection Manager Denial of Service Vulnerability\\n\\nWindows Remote Access Connection Manager is a core Windows service that manages dial-up and Virtual Private Network connections, allowing user computers to securely connect to remote networks, corporate resources, or other devices.\\n\\nA null pointer dereference in Windows Remote Access Connection Manager could allow an unauthenticated attacker to deny service locally.\\n\\n### CVE-2026-21513: MSHTML Framework Security Feature Bypass Vulnerability\\n\\nThe MSHTML Framework (also known as Trident) is a proprietary browser engine developed by Microsoft. It is a software component that renders web pages and other HTML content within applications running on Microsoft Windows.\\n\\nA failure in the MSHTML Framework protection mechanism could allow an unauthenticated attacker to bypass a security feature over a network.\\n\\nInsight generated by Agent Sara, part of Qualys Enterprise TruRisk Management (ETM), which autonomously prioritizes and remediates risk across your environment.\\n\\n## Critical Severity Vulnerabilities Patched in February Patch Tuesday Edition\\n\\n### CVE-2026-24300: Azure Front Door Elevation of Privilege Vulnerability\\n\\nMicrosoft mentioned in the advisory, \\”This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.\\”\\n\\n### CVE-2026-21522: Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability\\n\\nA command injection flaw in Azure Compute Gallery allows an authorized attacker to elevate privileges locally. Upon successful exploitation, an attacker could execute arbitrary commands within the affected ACI container’s context, thereby running code with the same privileges as the compromised container.\\n\\n### CVE-2026-23655: Microsoft ACI Confidential Containers Information Disclosure Vulnerability\\n\\nUpon successful exploitation of the vulnerability, an attacker could disclose the secret tokens and keys.\\n\\n### CVE-2026-24302: Azure Arc Elevation of Privilege Vulnerability\\n\\nAs per the Microsoft advisory, \\”This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.\\”\\n\\n### CVE-2026-21532: Azure Function Information Disclosure Vulnerability\\n\\nAs per the Microsoft advisory, \\”This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. The purpose of this CVE is to provide further transparency.\\”\\n\\nInsight generated by Agent Sara, part of Qualys Enterprise TruRisk Management (ETM), which autonomously prioritizes and remediates risk across your environment.\\n\\n## Other Microsoft Vulnerability Highlights\\n\\n * **CVE-2026-21511** is a spoofing vulnerability in Microsoft Outlook. Deserialization of untrusted data in Microsoft Office Outlook may allow an unauthenticated attacker to perform network spoofing.\\n * **CVE-2026-21253** is an elevation of privilege vulnerability in the Mailslot File System. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.\\n * **CVE-2026-21241** is an elevation of privilege vulnerability in the Windows Ancillary Function Driver for WinSock. Successful exploitation of the vulnerability may allow an authenticated attacker to gain SYSTEM privileges.\\n * **CVE-2026-21238** is an elevation of privilege vulnerability in the Windows Ancillary Function Driver for WinSock. Successful exploitation of the vulnerability may allow an authenticated attacker to gain SYSTEM privileges.\\n * **CVE-2026-21231** is an elevation of privilege vulnerability in the Windows Kernel. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.\\n\\n\\n\\nInsight generated by Agent Sara, part of Qualys Enterprise TruRisk Management (ETM), which autonomously prioritizes and remediates risk across your environment.\\n\\n## Microsoft Release Summary\\n\\nThis month’s release notes cover multiple Microsoft product families and products\/versions affected, including, but not limited to, Windows Win32K – GRFX, Microsoft Edge for Android, Windows Notepad App, Windows GDI+, .NET and Visual Studio, Windows Kernel, Azure Local, Power BI, Windows HTTP.sys, Windows Connected Devices Platform Service, Windows Ancillary Function Driver for WinSock, Windows Subsystem for Linux, Windows LDAP – Lightweight Directory Access Protocol, Role: Windows Hyper-V, Windows Cluster Client Failover, Mailslot File System, GitHub Copilot and Visual Studio, Microsoft Office Excel, Microsoft Office Word, Windows Storage, Windows Shell, Microsoft Office Outlook, Azure DevOps Server, Internet Explorer, Github Copilot, Windows App for Mac, .NET, Desktop Window Manager, Azure Compute Gallery, Azure IoT SDK, Azure HDInsights, Azure SDK, Azure Function, Microsoft Defender for Linux, Azure Front Door (AFD), Azure Arc, and Microsoft Edge (Chromium-based).\\n\\nThe next Patch Tuesday is scheduled for March 10, and we will provide details and patch analysis at that time. Until next Patch Tuesday, stay safe and secure. Be sure to subscribe to the ‘This Month in Vulnerabilities and Patches’ webinar.’\\n\\n## Qualys Monthly Webinar Series \\n\\nThe Qualys Research team hosts a monthly webinar series to help our existing customers leverage the seamless integration between Qualys Vulnerability Management, Detection \\u0026 Response (VMDR), and Qualys Patch Management. Combining these two solutions can reduce the median time to remediate critical vulnerabilities. \\n\\nDuring the webcast, we will discuss this month’s high-impact vulnerabilities, including those highlighted in this month’s Patch Tuesday alert. We will walk you through the necessary steps to address the key vulnerabilities using Qualys VMDR and Qualys Patch Management. \\n\\n* * *\\n\\n**Join the webinar**\\n\\n**This Month in Vulnerabilities \\u0026 Patches**\\n\\nRegister Now”,”published”:”2026-02-10T20:51:28″,”modified”:”2026-02-10T20:51:28″,”type”:”qualysblog”,”title”:”Microsoft Patch Tuesday,\u00a0February\u00a02026 Security Update Review”,”source”:””,”references”:””,”id”:”QUALYSBLOG:73DE6D3D7D91B08058CCE3C11629EE2C”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[“CVE-2026-21231″,”CVE-2026-21238″,”CVE-2026-21241″,”CVE-2026-21253″,”CVE-2026-21510″,”CVE-2026-21511″,”CVE-2026-21513″,”CVE-2026-21514″,”CVE-2026-21519″,”CVE-2026-21522″,”CVE-2026-21525″,”CVE-2026-21532″,”CVE-2026-21533″,”CVE-2026-23655″,”CVE-2026-24300″,”CVE-2026-24302″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/blog.qualys.com\/category\/vulnerabilities-threat-research”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-02-10T22:05:08″,”description”:”Microsoft’s February 2026 Patch Tuesday focuses on closing security gaps that attackers could exploit, reinforcing the importance of timely patching in enterprise environments. Here’s a…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[9,6,8,35,12,13,120,7,11,5],"class_list":["post-40294","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-news","tag-qualysblog","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n