Patch Tuesday February 2026 - Critical Microsoft Security Patches Released Including Vulnerabilities Being Actively Exploited in the Wild

Kev Breen, Senior Director, Cyber Threat Research, Immersive

Included in the actively exploited are two Elevation of Privilege Vulnerabilities CVE-2026-21519 affecting the Desktop Window Manager and CVE-2026-21533 affecting Windows Remote Desktop Services.

These are Local Privilege escalations, which means an attacker must have already gained access to a vulnerable host. This could be with something like a malicious attachment, a remote code execution vulnerability or lateral movement from another compromised host. Once on the host, the attacker can use these new escalation vulnerabilities to elevate themselves to SYSTEM. With this level of privileges, the threat actor could disable security tooling, deploy additional malware, and in worst-case scenarios, gain access to secrets or credentials that could lead to a full domain compromise. 

In addition to the priv escalation issues, a Denial of Service in the Windows Remote Access Connection Manager CVE-2026-21525 is also reported as being actively exploited in the wild. On its own, a Denial Of Service vulnerability may not sound important but these types of vulnerabilities are usually abused as part of a chain where another attack vector may require a service to restart in order to win a race condition or impersonate a process that is not running.  

Windows event logs for services terminating unexpectedly are a great source of information for threat hunters looking for signs of exploitation.

Also included in this release are a number of patches for Remote Code Execution in GitHub Copilot and a number of IDEs VSCode, Visual Studio and Jetbrains. CVE-2026-21516., CVE-2026-21523, CVE-2026-21256 

Copilot is the Microsoft AI Assistant built into these developer environments and these vulnerabilities all stem from a command injection vulnerability that can be triggered through Prompt Injection. In practice, this means a threat actor could embed a malicious prompt into a codebase, resulting in remote code execution if a developer or a CI/CD pipeline uses an agent workflow that then executes the commands within the prompt, bypassing the normal restrictions which could result in  remote code execution (RCE) when the compromised prompt causes backend components or integrated tools to run unintended commands.

Developers are rich targets for threat actors, as they typically have access to sensitive data like API keys and secrets that are often the literal keys to the kingdom, such as a privileged AWS or Azure API key. Coupled with organizations enabling both developers and automation pipelines to use LLMs and Agentic AI with the right prompt, an attacker could have a significant impact. 

This is not to say stop using AI, but to ensure developers understand the risks and identify what has access to AI Agents, and lastly,  least privilege can limit the impact if a developer's secrets are compromised. 

‍

Natalie Silva, Lead Cyber Security Engineer, Immersive

This February 2026 Microsoft Patch Tuesday release includes three Security Feature Bypass Vulnerabilities, all of which have been reported as exploited in the wild and they have all been publicly disclosed. These vulnerability types are flaws that could allow an attacker to circumvent, disable, or even ignore the usual security mechanisms. The three affected Windows tools are MSHTML, Windows Shell, and Microsoft Word. In all of these vulnerabilities, Microsoft outlines that user interaction is required – in other words, an attacker would need to convince a user to open the malicious file.

The first vulnerability, CVE-2026-21513, affects the MSHTML Framework. This is the underlying software component used to render web content. Microsoft’s notes outline that “a malicious HTML file or shortcut (.lnk) file delivered through a link, email attachment, or download” would lead to this vulnerability exploit. The release team also notes that “the specially crafted file manipulates browser and Windows Shell handling, causing the content to be executed by the operating system.” 

The second of these vulnerabilities is CVE-2026-21510, a vulnerability in Windows Shell. This is the graphical user interface for the Microsoft Windows operating system. In this case, attackers would send “a malicious link or shortcut file” to exploit this vulnerability. Users would download these via a link or email attachment, and if opened, the user would not see security warnings. This ultimately removes the speed bump that forces users to think twice. 

The third and final vulnerability, CVE-2026-21514, targets Microsoft Word. This specific bypass focuses on how Word handles untrusted input when making security decisions. Specifically, it allows an attacker to circumvent OLE (Object Linking and Embedding) mitigations within Microsoft 365 and Office. Microsoft outlines that “an attacker would need to send a user a malicious Office file” for this one.

‍