{“lastseen”:”2026-02-11T14:05:09″,”description”:”Microsoft releases important security updates on the second Tuesday of every month, known as \u201cPatch Tuesday.\u201d This month\u2019s update patches fix 59 Microsoft CVE\u2019s including six zero-days.\\n\\nLet\u2019s have a quick look at these six actively exploited zero-days.\\n\\n### Windows Shell Security Feature Bypass Vulnerability\\n\\n**CVE-2026-21510 (CVSS score 8.8 out of 10)** is a security feature bypass in the Windows Shell. A protection mechanism failure allows an attacker to circumvent Windows SmartScreen and similar prompts once they convince a user to open a malicious link or shortcut file. \\n\\nThe vulnerability is exploited over the network but still requires on user interaction. The victim must be socially engineered into launching the booby\u2011trapped shortcut or link for the bypass to trigger. Successful exploitation lets the attacker suppress or evade the usual \u201care you sure?\u201d security dialogs for untrusted content, making it easier to deliver and execute further payloads without raising user suspicion.\\n\\n### MSHTML Framework Security Feature Bypass Vulnerability\\n\\n**CVE-2026-21513 (CVSS score 8.8 out of 10) **affects the MSHTML Framework, which is used by Internet Explorer’s Trident\/embedded web rendering). It is classified as a protection mechanism failure that results in a security feature bypass over the network. \\n\\nA successful attack requires the victim to open a malicious HTML file or a crafted shortcut (.lnk) that leverages MSHTML for rendering. When opened, the flaw allows an attacker to bypass certain security checks in MSHTML, potentially removing or weakening normal browser or Office sandbox or warning protections and enabling follow\u2011on code execution or phishing activity.\\n\\n### Microsoft Word Security Feature Bypass Vulnerability\\n\\n**CVE-2026-21514 (CVSS score 5.5 out of 10) **affects Microsoft Word. It relies on untrusted inputs in a security decision, leading to a local security feature bypass. \\n\\nAn attacker must persuade a user to open a malicious Word document to exploit this vulnerability. If exploited, the untrusted input is processed incorrectly, potentially bypassing Word\u2019s defenses for embedded or active content\u2014leading to execution of attacker\u2011controlled content that would normally be blocked.\\n\\n### Desktop Window Manager Elevation of Privilege Vulnerability\\n\\n**CVE-2026-21519 (CVSS score 7.8 out of 10) **is a local elevation\u2011of\u2011privilege vulnerability in Windows Desktop Window Manager caused by type confusion (a flaw where the system treats one type of data as another, leading to unintended behavior). \\n\\nA locally authenticated attacker with low privileges and no required user interaction can exploit the issue to gain higher privileges. Exploitation must be done locally, for example via a crafted program or exploit chain stage running on the target system. An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.\\n\\n### Windows Remote Access Connection Manager Denial of Service Vulnerability\\n\\n**CVE-2026-21525 (CVSS score 6.2 out of 10) **is a denial\u2011of\u2011service vulnerability in the Windows Remote Access Connection Manager service (RasMan). \\n\\nAn unauthenticated local attacker can trigger the flaw with low attack complexity, leading to a high impact on availability but no direct impact on confidentiality or integrity. This means they could crash the service or potentially the system, but not elevate privileges or execute malicious code.\\n\\n### Windows Remote Desktop Services Elevation of Privilege Vulnerability\\n\\n**CVE-2026-21533 (CVSS score 7.8 out of 10)** is an elevation\u2011of\u2011privilege vulnerability in Windows Remote Desktop Services, caused by improper privilege management. \\n\\nA local authenticated attacker with low privileges, and no required user interaction, can exploit the flaw to escalate privileges to SYSTEM and fully compromise confidentiality, integrity, and availability on the affected system. Successful exploitation typically involves running attacker\u2011controlled code on a system with Remote Desktop Services present and abusing the vulnerable privilege management path.\\n\\n### Azure vulnerabilities\\n\\nAzure users are also advised to take note of two critical vulnerabilities with CVSS ratings of 9.8:\\n\\n * CVE-2026-21531 affecting Azure SDK\\n * CVE-2026-24300 affecting Azure Front Door\\n\\n\\n\\n## How to apply fixes and check you\u2019re protected\\n\\nThese updates fix security problems and keep your Windows PC protected. Here\u2019s how to make sure you\u2019re up to date:\\n\\n1\\\\. Open **Settings**\\n\\n * Click the **Start** button (the Windows logo at the bottom left of your screen).\\n * Click on **Settings** (it looks like a little gear).\\n\\n\\n\\n2\\\\. Go to **Windows Update**\\n\\n * In the Settings window, select **Windows Update** (usually at the bottom of the menu on the left).\\n\\n\\n\\n3. **Check for updates**\\n\\n * Click the button that says **Check for updates**.\\n * Windows will search for the latest Patch Tuesday updates.\\n * If you have selected automatic updates earlier, you may see this under **Update history** :\\n\\n\\n\\n * Or you may see a **Restart required** message, which means all you have to do is restart your system and you\u2019re done updating.\\n * If not, continue with the steps below.\\n\\n\\n\\n4. **Download and Install**\\n\\n * If updates are found, they\u2019ll start downloading right away. Once complete, you\u2019ll see a button that says **Install** or **Restart now**.\\n * Click **Install **if needed and follow any prompts. Your computer will usually need a restart to finish the update. If it does, click **Restart now**.\\n\\n\\n\\n**5\\\\. Double-check you\u2019re up to date**\\n\\n * After restarting, go back to **Windows Update** and check again. If it says **You\u2019re up to date** , you\u2019re all set!\\n\\n\\n\\n* * *\\n\\n**We don\u2019t just report on threats\u2014we remove them**\\n\\nCybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.”,”published”:”2026-02-11T12:32:20″,”modified”:”2026-02-11T12:32:20″,”type”:”malwarebytes”,”title”:”February 2026 Patch Tuesday includes six actively exploited zero-days”,”source”:””,”references”:””,”id”:”MALWAREBYTES:3E77FEA34F7B582EFBDE88A392C2B52D”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[“CVE-2026-21510″,”CVE-2026-21513″,”CVE-2026-21514″,”CVE-2026-21519″,”CVE-2026-21525″,”CVE-2026-21531″,”CVE-2026-21533″,”CVE-2026-24300″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:9.8,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2026\/02\/february-2026-patch-tuesday-includes-six-actively-exploited-zero-days”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-02-11T14:05:09″,”description”:”Microsoft releases important security updates on the second Tuesday of every month, known as \u201cPatch Tuesday.\u201d This month\u2019s update patches fix 59 Microsoft CVE\u2019s including…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[9,6,8,35,12,115,13,7,11,5],"class_list":["post-40442","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-critical","tag-cve","tag-cvss","tag-cvss-98","tag-exploit","tag-malwarebytes","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n