Microsoft highlighted six new and actively exploited vulnerabilities among the 60 fixes issued in today’s February Patch Tuesday releases.
However, Tyler Reguly, associate director of security R&D at Fortra, says there’s good news: The issues are easy to resolve with regular Microsoft patches for Windows and Office, and none require any post patch configuration steps.
Still, CSOs should be aware that, of the six, three involve a security feature bypass:
- CVE-2026-21510, a protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. To successfully exploit this vulnerability, an attacker must convince a user to open a malicious link or shortcut file. Then the attacker could bypass Windows SmartScreen and Windows Shell security prompts by exploiting improper handling in Windows Shell components, allowing attacker‑controlled content to execute without user warning or consent;
Jack Bicer, director of vulnerability research at Action1, says this is the most urgent risk to Windows-based networks. “Confirmed active exploitation demonstrates that adversaries are leveraging this weakness to deliver malware and payloads at scale,” he told CSO. “Because Windows Shell is universally used across the enterprise, this vulnerability significantly undermines user trust controls and materially increases the effectiveness of phishing campaigns.” - CVE-2026-21513, an MSHTML Framework security bypass. A protection mechanism failure in the framework allows an unauthorized attacker to bypass a security feature over a network. An attacker could exploit this vulnerability by convincing a user to open a malicious HTML file or shortcut (.lnk) file delivered through a link, email attachment, or download. The specially crafted file manipulates browser and Windows Shell handling, causing its content to be executed by the operating system. This allows the attacker to bypass security features and potentially achieve code execution;
- CVE-2026-21514 , a vulnerability that bypasses OLE mitigations in Microsoft 365 and Microsoft Office which protect users from vulnerable COM/OLE controls. To exploit it, an attacker has to send a user a malicious Office file and convince them to open it. The Preview Pane isn’t an attack vector.
Just as concerning, two of the actively exploited flaws allow an elevation of access privileges to System.
- CVE-2026-21519, a hole in Desktop Windows Manager that could allow an attacker to elevate their access privileges;
- CVE-2026-21533, a vulnerability in Windows Remote Desktop Services’ privilege management allows an authorized attacker to elevate privileges locally.
Satnam Narang, senior staff research engineer at Tenable, said CVE-2026-21510, CVE-2026-21513 and CVE-2026-21514 should be at the top of CSOs’ list for action. “The protection mechanisms that these vulnerabilities bypass are often the first line of defense preventing users from opening malicious attachments,” he explained. “They operate as gatekeepers, like Heimdall protecting Asgard.”
Finally, the sixth actively exploited hole, CVE-2026-21525, is in Windows Remote Access Connection Manager. It could allow an unauthorized attacker to deny service locally. Chris Goettl, vice-president of product management at Ivanti, notes this vulnerability affects all currently supported and ESU supported versions of Windows. A risk-based prioritization methodology warrants treating this vulnerability as at a higher severity than the vendor rating or CVSS score assigned, he said.
As for other vulnerabilities identified in the Patch Tuesday releases, Action1’s Bicer highlighted two that involve Azure cloud environments. He said CSOs should ensure cloud teams urgently address:
- CVE-2026-21522, a command injection issue in Azure Compute Gallery. Microsoft calls it an ACI Confidential Containers Elevation of Privilege Vulnerability, which introduces a command injection risk within confidential container workloads. Although exploitation has not yet been observed in the wild, Bicer said, proof of concept code confirms real world exploitability and challenges the trust assumptions of confidential computing;
- CVE-2026-21655, a cleartext storage hole. Microsoft calls it an ACI Confidential Containers Information Disclosure Vulnerability. Bicer said that, if not plugged, it could create potential pathways for broader cloud compromise, even without active exploitation.
Kev Breen, senior director of cyber threat research at Immersive, noted that today’s releases also include several patches for remote code execution vulnerabilities affecting GitHub Copilot and multiple IDEs, including VS Code, Visual Studio, and JetBrains products.
Microsoft’s AI assistant, Copilot, is integrated into these developer environments, Breen said, and the vulnerabilities stem from a command injection flaw in it that can be triggered through prompt injection. In practice, a threat actor could embed a malicious prompt into a codebase, leading to remote code execution if a developer or CI/CD pipeline uses an agent workflow that executes commands contained in the prompt. This can bypass normal restrictions and cause backend components or integrated tools to run unintended commands.
Developers are high-value targets for threat actors, he explained, as they often have access to sensitive data such as API keys and secrets that function as keys to critical infrastructure; these include privileged AWS or Azure API keys. When organizations enable developers and automation pipelines to use LLMs and agentic AI, a malicious prompt can have significant impact.
“This does not mean organizations should stop using AI,” said Breen. “It does mean developers should understand the risks, teams should clearly identify which systems and workflows have access to AI agents, and least-privilege principles should be applied to limit the blast radius if developer secrets are compromised.”
Andrew Grotto, a research scholar at the Stanford University’s Center for International Security and Co-operation, and a former senior White House director for cyber policy, is concerned about Microsoft’s track record of vulnerabilities. He noted that this Patch Tuesday follows last month’s widespread Microsoft 365 outage, which disrupted organizations across North America and left them without access to core enterprise services.
“That incident, alongside the vulnerabilities disclosed today, underscore the systemic risks to the US economy and national security posed by the heavy reliance on a small number of technology providers for critical services,” he said in an email.
“Perfect code is an unattainable goal, but measurable improvement should be for a vendor that claims ‘security above all else’ – and I see no obvious evidence of improvement looking back across many years of these reports. We should all be asking why.”
Critical SAP vulnerabilities
Also today, SAP released 27 new and updated security notes, including two that address critical-severity vulnerabilities. Jonathan Stross, SAP security analyst at Pathway, drew attention to a code injection hole in SAP CRM / SAP S/4HANA (Scripting Editor), assigned 3697099 (CVE-2026-0488), with a CVSS score of 9.9.
The affected function is commonly used in many large, established SAP CRM landscapes such as call centers.
The underlying flaw is a generic function module invocation path that can be abused to execute unauthorized critical functionality, he said. A realistic attack chain could start from attackers compromising a standard CRM user through phishing, password reuse, or endpoint compromise. Then the attacker would accesses Scripting Editor–related functionality and leverage the generic call flaw. Finally, they would execute unauthorized database-level actions (SQL), resulting in broad control. Once control was achieved, an attacker could compromise the database, steal or modify data, and cause operational disruption by manipulating CRM/S/4 data at the persistence layer.
Stross also pointed out a missing authorization enforcement for remote function call (RFC) execution paths vulnerability, assigned 3674774 (CVE-2026-0509), with a CVSS score of 9.6. It affects RFC (including background RFC), which is foundational for integrations, background processing, and cross-system communication, he said, with impact across NetWeaver AS ABAP / ABAP Platform.
In a potential attack scenario, an attacker with a foothold in a user account would leverage RFC mechanisms to execute remote-enabled functionality that should be blocked by S_RFC. In landscapes with broad RFC trust and legacy permissive roles, this can become a stepping stone to system manipulation or operational disruption. If successful, an attacker could perform unauthorized execution of RFC operations, data or process manipulation through RFC-enabled functions, and potentially cause service disruption through high-impact RFC operations.