Microsoft’s February 2026 Patch Tuesday Addresses 54 CVEs (CVE-2026-21510, CVE-2026-21513)
嗯,用户让我用中文总结一下这篇文章的内容,控制在100个字以内,而且不需要用“文章内容总结”之类的开头。好的,我先看看这篇文章讲的是什么。 这篇文章是关于微软在2026年2月的补丁星期二活动中发布的更新。他们修复了54个CVE漏洞,其中有6个是零日漏洞,已经被利用了,还有3个是公开披露的。这些漏洞涉及多个产品,比如Windows、Office、Azure等等。 然后文章还提到了具体的漏洞类型和影响,比如权限提升占了42.6%,远程代码执行占了20.4%。还有一些具体的CVE编号和它们的影响,比如CVE-2026-21510影响Windows Shell,可以通过恶意链接绕过安全提示。 最后提到了Tenable的解决方案和建议尽快打补丁。用户的需求是总结内容,所以我要抓住关键点:微软修复了多少漏洞,其中有多少是零日和公开的,涉及哪些产品,主要漏洞类型是什么。 现在把这些信息浓缩到100字以内。要注意不要遗漏重要信息,比如零日漏洞的数量、公开披露的数量、主要的产品受影响情况以及主要的漏洞类型比例。 可能的结构:微软在2月修复了54个漏洞,包括6个零日和3个公开的。涉及Windows、Office、Azure等。权限提升占42.6%,远程代码执行占20.4%。建议及时打补丁。 检查一下字数是否符合要求。确保语言简洁明了。 </think> 微软在2026年2月的补丁更新中修复了54个安全漏洞,其中包括6个被利用的零日漏洞和3个公开披露的 CVE。受影响的产品包括 Windows、Office、Azure 和其他组件。权限提升(EoP)占 42.6%,远程代码执行(RCE)占 20.4%。建议用户尽快安装补丁以减少风险。 2026-2-10 18:55:45 Author: www.tenable.com(查看原文) 阅读量:1 收藏

February 10, 2026

5 Min Read

A graphic from Tenable Research Special Operations regarding the February 2026 Microsoft Patch Tuesday. It features a yellow hexagon icon with crossed band-aids above the text "Microsoft Patch Tuesday" and "Zero Day Vulnerabilities," all framed by a colorful striped border.

  1. 2Critical
  2. 51Important
  3. 1Moderate
  4. 0Low

Microsoft addresses 54 CVEs in the February 2026 Patch Tuesday released, including six zero-day vulnerabilities that were exploited in the wild and three publicly disclosed CVEs.

Microsoft patched 54 CVEs in its February 2026 Patch Tuesday release, with two rated critical, 51 rated as important and one rated as moderate. We omitted one vulnerability from our counts this month, CVE-2023-2804, a heap based overflow vulnerability in the libjpeg-turbo component.

A pie chart showing the severity distribution across the Patch Tuesday CVEs patched in February 2026.

This month’s update includes patches for:

  • .NET
  • .NET and Visual Studio
  • Azure Arc
  • Azure Compute Gallery
  • Azure DevOps Server
  • Azure Front Door (AFD)
  • Azure Function
  • Azure HDInsights
  • Azure IoT SDK
  • Azure Local
  • Azure SDK
  • Desktop Window Manager
  • Github Copilot
  • GitHub Copilot and Visual Studio
  • Internet Explorer
  • Mailslot File System
  • Microsoft Defender for Linux
  • Microsoft Edge for Android
  • Microsoft Exchange Server
  • Microsoft Graphics Component
  • Microsoft Office Excel
  • Microsoft Office Outlook
  • Microsoft Office Word
  • Power BI
  • Role: Windows Hyper-V
  • Windows Ancillary Function Driver for WinSock
  • Windows App for Mac
  • Windows Cluster Client Failover
  • Windows Connected Devices Platform Service
  • Windows GDI+
  • Windows HTTP.sys
  • Windows Kernel
  • Windows LDAP - Lightweight Directory Access Protocol
  • Windows Notepad App
  • Windows NTLM
  • Windows Remote Access Connection Manager
  • Windows Remote Desktop
  • Windows Shell
  • Windows Storage
  • Windows Subsystem for Linux
  • Windows Win32K - GRFX

A bar chart showing the count by impact of CVEs patched in the February 2026 Patch Tuesday release.

Elevation of privilege (EoP) vulnerabilities accounted for 42.6% of the vulnerabilities patched this month, followed by remote code execution (RCE) vulnerabilities at 20.4%.

CVE-2026-21510 | Windows Shell Security Feature Bypass Vulnerability

CVE-2026-21510 is a security feature bypass vulnerability affecting Windows Shell. It was assigned a CVSSv3 score of 8.8 and was rated as important. According to Microsoft, this flaw was publicly disclosed prior to a patch being made available and was also exploited in the wild as a zero-day. Exploitation requires an attacker to convince an unsuspecting user to open a malicious link or shortcut file. This would allow the attacker to bypass Windows SmartScreen and Windows Shell warnings by exploiting a flaw in Windows Shell components.

CVE-2026-21533 | Windows Remote Desktop Services Elevation of Privilege Vulnerability

CVE-2026-21533 is an EoP vulnerability affecting Windows Remote Desktop Services. It was assigned a CVSSv3 score of 7.8, rated as important and was reportedly exploited in the wild. Successful exploitation allows a local, authenticated attacker to elevate to SYSTEM privileges.

CVE-2026-21519 | Desktop Window Manager Elevation of Privilege Vulnerability

CVE-2026-21519 is an EoP vulnerability affecting Desktop Window Manager, a Windows service used to render the graphical user interface (GUI) in Windows. It was assigned a CVSSv3 score of 7.8 and rated as important. A local, authenticated attacker could exploit this vulnerability to elevate to SYSTEM privileges. According to Microsoft, this vulnerability was exploited in the wild as a zero-day.

CVE-2026-21514 | Microsoft Word Security Feature Bypass Vulnerability

CVE-2026-21514 is a security feature bypass vulnerability affecting Microsoft Word. It was assigned a CVSSv3 score of 7.8 and rated as important. Successful exploitation requires an attacker to convince a user to open a crafted Office file. According to the Microsoft advisory, the preview pane is not an attack vector. This vulnerability was publicly disclosed prior to a patch being made available and was also exploited in the wild as a zero-day. Microsoft credited the discovery of this vulnerability to an Anonymous researcher, Google Threat Intelligence Group, Microsoft Threat Intelligence Center (MSTIC), Microsoft Security Response Center (MSRC) and Office Product Group Security Team.

CVE-2026-21525 | Windows Remote Access Connection Manager Denial of Service Vulnerability

CVE-2026-21525 is a denial of service (DoS) vulnerability affecting Windows Remote Access Connection Manager (also known as RasMan), a tool used for the management of multiple remote desktop connections. It was assigned a CVSSv3 score of 6.2, was rated as important and was exploited in the wild. While no information has been released about the exploitation of this DoS, the advisory credits the 0patch vulnerability research team for reporting this flaw.

CVE-2026-21513 | MSHTML Framework Security Feature Bypass Vulnerability

CVE-2026-21513 is a security feature bypass vulnerability in the MSHTML Framework. It was assigned a CVSSv3 score of 8.8 and rated as important. According to Microsoft, it was both exploited in the wild and publicly disclosed prior to a patch being available. Successful exploitation of this flaw requires an attacker to convince a potential victim into opening either a malicious HTML file or a shortcut (.lnk) file. Like similar security feature bypass flaws, this vulnerability can bypass protection prompts that would caution a user before opening a file.

CVE-2026-21511 | Microsoft Outlook Spoofing Vulnerability

CVE-2026-21511 is a spoofing vulnerability affecting Microsoft Outlook. It was assigned a CVSSv3 score of 7.5 and was rated as important. The spoofing vulnerability is the result of a deserialization of untrusted data flaw, which an attacker can trigger using a crafted email. Microsoft notes that the preview pane is an attack vector for this flaw. CVE-2026-21511 was assessed as “Exploitation More Likely” according to Microsoft’s Exploitability Index.

Tenable Solutions

A list of all the plugins released for Microsoft’s February 2026 Patch Tuesday update can be found here. As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems yet to be patched.

For more specific guidance on best practices for vulnerability assessments, please refer to our blog post on How to Perform Efficient Vulnerability Assessments with Tenable.

Get more information

Join Tenable's Research Special Operations (RSO) Team on Tenable Connect and engage with us in the Threat Roundtable group for further discussions on the latest cyber threats.

Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

Research Special Operations

Research Special Operations

The Research Special Operations (RSO) team serves as Tenable’s Forward Logistics Element in the threat landscape, providing customers with the analyses and contextualized exposure intelligence required to manage risks to critical business assets. With over 150 years of collective expertise, this hand-picked group of world-class security researchers is united with one mission: to cut through the noise and deliver critical intelligence about the most dangerous cyber threats emerging right now. Uniting the missions of the Tenable Security Response, Zero-Day Research, and Decision Science Operations teams, RSO disseminates timely, accurate, and actionable information about the latest threats and exposures.

  • Exposure Management

Cybersecurity news you can use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.


文章来源: https://www.tenable.com/blog/microsofts-february-2026-patch-tuesday-addresses-54-cves-cve-2026-21510-cve-2026-21513
如有侵权请联系:admin#unsafe.sh