CrowdStrike flags six zero‑day patches, RDP exploit threatens Windows servers

CrowdStrike’s February 2026 Patch Tuesday analysis uncovered six zero‑day vulnerabilities that were actively exploited before Microsoft issued patches. The most critical is a Remote Desktop Services flaw (CVE‑2026‑21533) that allows attackers to bypass authentication and execute code with system‑level privileges on vulnerable Windows servers. Evidence shows threat actors are already leveraging this bug in the wild, chaining it with credential‑stealing tools to move laterally across enterprise networks.

Defenders must treat the RDP zero‑day as a top‑priority remediation. Apply the Microsoft patch immediately, enforce network‑level controls that restrict RDP exposure, and enable strict logging and anomaly detection for remote‑desktop sessions. Additionally, review the other five disclosed zero‑days, prioritize those affecting privileged services, and update detection signatures to catch known exploit patterns before attackers can achieve persistence.

Categories: Malware & Ransomware, Vulnerabilities & Exploits, AI Security & Threats

Source: Read original article