Microsoft has released its February 2026 Patch Tuesday updates, addressing around 60 security vulnerabilities across its product lineup, including six zero-day flaws that are known to be actively exploited in the wild.
Among the fixed zero-days is CVE-2026-21510, a Windows SmartScreen and Windows Shell security prompt bypass that can be triggered when a user is tricked into opening a malicious link or shortcut file. CVE-2026-21514 affects Microsoft 365 and Office, allowing attackers to bypass OLE mitigations by tricking a victim into opening a crafted Office document. Another issue (CVE-2026-21513) could let attackers bypass security controls and potentially execute code through malicious HTML or LNK files.
The update also patches several privilege escalation flaws, including CVE-2026-21519 in Windows Desktop Window Manager and CVE-2026-21533 in Windows Remote Desktop Services, the latter allowing attackers to elevate privileges to the System level. CVE-2026-21525 is a Windows Remote Access Connection Manager vulnerability that could be abused to launch local denial-of-service attacks.
Microsoft has flagged CVE-2026-21510, CVE-2026-21514, and CVE-2026-21513 as publicly disclosed. There is currently no public information detailing attacks that exploit the above mentioned flaws.
In addition to the zero-day vulnerabilities, Microsoft has fixed a number of high-risk issues in Microsoft Azure, Windows Notepad App, and other software products.
Separately, Fortinet has fixed a couple of high-risk vulnerabilities affecting its FortiOS product. The first one is CVE-2025-68686, an information disclosure issue that allows a remote user to gain access to potentially sensitive information via a specially crafted HTTP request. This flaw was marked as exploited in the wild, though it needs to be paired with other vulnerabilities that provide access at filesystem level.
The second flaw is CVE-2026-22153, an authentication bypass issue that stems from an error in fnbamd. It allows a remote attacker to bypass LDAP authentication in Agentless VPN and FSSO and gain unauthorized access to the network.