Six Actively Exploited Zero‑Days Slip Into Microsoft February 2026 Patch

Microsoft’s February 2026 Patch Tuesday released updates for more than 50 vulnerabilities, among them six zero‑day flaws that have already been observed in active exploitation campaigns. One of the most critical, CVE‑2026‑21510, allows an attacker to execute arbitrary code on a victim’s system simply by delivering a crafted hyperlink—no user interaction or consent required.

These zero‑days give threat actors a direct foothold in Windows environments, enabling ransomware deployment, credential theft, and lateral movement across networks. Defenders must prioritize immediate deployment of the patches, verify that the vulnerable components are present in their asset inventory, and update detection signatures and threat‑intel feeds to hunt for exploitation attempts tied to these CVEs. Delaying remediation could expose organizations to high‑impact breaches that leverage the same techniques already seen in the wild.

Source: Read original article