Patch Tuesday, February 2026 Edition
Source: Krebs on Security
Image: Patch Tuesday February 2026
Zero‑day vulnerabilities
| CVE | Affected component | Description |
|---|---|---|
| CVE‑2026‑21510 | Windows Shell | Security feature bypass: a single click on a malicious link can bypass Windows protections and run attacker‑controlled content without warning or consent dialogs. Affects all currently supported Windows versions. |
| CVE‑2026‑21513 | MSHTML (default Windows web browser engine) | Security bypass bug targeting the proprietary rendering engine. |
| CVE‑2026‑21514 | Microsoft Word | Related security feature bypass in Word. |
| CVE‑2026‑21533 | Windows Remote Desktop Services | Local privilege escalation allowing attackers to gain SYSTEM‑level access. |
| CVE‑2026‑21519 | Desktop Window Manager (DWM) | Elevation‑of‑privilege flaw in the component that organizes windows on the screen. (A different DWM zero‑day was patched in January.) |
| CVE‑2026‑21525 | Windows Remote Access Connection Manager | Potentially disruptive denial‑of‑service vulnerability affecting the service that maintains VPN connections to corporate networks. |
Out‑of‑band updates (January)
- January 17 – Fix for a credential‑prompt failure when attempting Remote Desktop or Remote Application connections.
- January 26 – Patch for a zero‑day security‑feature bypass in Microsoft Office (CVE‑2026‑21509).
AI‑related vulnerabilities
Microsoft also addressed several remote‑code‑execution flaws affecting AI‑assisted development tools such as GitHub Copilot, VS Code, Visual Studio, and JetBrains products. The relevant CVEs are:
- CVE‑2026‑21516
- CVE‑2026‑21523
- CVE‑2026‑21256
These vulnerabilities stem from command‑injection issues that can be triggered via prompt injection, allowing an attacker to coax an AI agent into executing malicious code or commands. As highlighted by security analyst Kev Breen, developers are high‑value targets because they often possess sensitive API keys and secrets. While the presence of these flaws does not mean organizations should abandon AI, it underscores the need for:
- Clear identification of systems and workflows that interact with AI agents.
- Application of least‑privilege principles to limit blast radius if secrets are compromised.
Additional resources
- SANS Internet Storm Center – A clickable breakdown of each fix, indexed by severity and CVSS score.
- AskWoody – Practical notes on testing and deploying the updates.
Reminder: Ensure you have recent backups before applying the patches.