**Microsoft Patch Tuesday Security Updates for February 2026 Fix Six Actively Exploited Zero-Days**

The latest Microsoft Patch Tuesday security updates have been released, addressing a total of 58 new security flaws across various components, including Windows, Office, Azure, Edge, Exchange, Hyper-V, WSL, and more. When combined with third-party updates, this brings the total count to 62 CVEs (Common Vulnerabilities and Exposures). Among these vulnerabilities, five are classified as Critical, two as Moderate, and most are rated Important.

However, what's particularly concerning is that six of the addressed flaws are actively exploited in the wild, with three being publicly known. This highlights the severity of the situation and underscores the importance of applying these patches as soon as possible to prevent potential attacks.

**The Actively Exploited Zero-Day Vulnerabilities**

Microsoft has identified six zero-day vulnerabilities that have been addressed this month. Three of these flaws, CVE-2026-21510, CVE-2026-21514, and CVE-2026-21513, are publicly disclosed by the company. The credit for discovering these vulnerabilities goes to Google Threat Intelligence Group (GTIG), Microsoft's internal security teams, and an anonymous researcher.

Here is a breakdown of the six actively exploited zero-day vulnerabilities addressed in the latest Patch Tuesday update:

  • CVE-2026-21510: Publicly disclosed, credit goes to Google Threat Intelligence Group, Microsoft's internal security teams, and an anonymous researcher
  • CVE-2026-21514: Publicly disclosed, credit goes to Google Threat Intelligence Group, Microsoft's internal security teams, and an anonymous researcher
  • CVE-2026-21513: Publicly disclosed, reported by Microsoft and GTIG
  • CVE-2026-21512 (Actively exploited)
  • CVE-2026-21511 (Actively exploited)
  • CVE-2026-21509 (Actively exploited)

It's essential to note that these vulnerabilities are actively being exploited, and it's crucial for users to apply the latest security patches to prevent potential attacks.

**What You Need to Do**

To stay protected from these zero-day vulnerabilities, we strongly advise users to:

  • Apply the latest Microsoft Patch Tuesday security updates
  • Regularly monitor your systems for any signs of compromise
  • Implement robust security measures, such as firewalls and antivirus software
  • Keep your software up-to-date with the latest security patches

By taking these steps, you can significantly reduce the risk of falling victim to these actively exploited zero-day vulnerabilities.

To access the full list of CVEs addressed by the Microsoft Patch Tuesday security update for February 2026, please click here.

Stay informed about the latest cybersecurity news and updates by following me on Twitter: @securityaffairs, Facebook, and Mastodon.