Tag :
Cyber Security

Summary

On February 11 (UTC+8), 2026, Microsoft released its February 2026 Security Updates, which included patches for a total of 61 CVEs, a decrease of 54 CVEs compared to the previous month.

In terms of vulnerability severity, there were 5 vulnerabilities marked as "Critical" and 54 vulnerabilities marked as "Important/High". In terms of vulnerability types, there were primarily 14 remote code execution vulnerabilities, 25 privilege escalation vulnerabilities, and 6 information disclosure vulnerabilities.

Statistics

Vulnerability Trend

Vulnerabilities Patched by Microsoft in the Last 12 Months

Figure 1 Vulnerabilities Patched by Microsoft in the Last 12 Months

  • On the whole, Microsoft released 61 patches in February 2026, including 5 critical vulnerability patches.
  • Based on Microsoft's historical vulnerability disclosures and the specific circumstances of this year, Sangfor FarSight Labs estimates that Microsoft will announce a similar quantity of vulnerabilities in the coming March in comparison to February. We expect a figure of approximately 60 vulnerabilities.

Comparison of Vulnerability Trends

The following figure shows the number of patches released by Microsoft in the month of February from 2023 to 2026.

Number of Windows Patches Released by Microsoft in February from 2023 to 2026

Figure 2 Number of Windows Patches Released by Microsoft in February from 2023 to 2026

The following figure shows the trend and number of vulnerabilities at different severity levels addressed by Microsoft in February from 2023 to 2026.

Number of Vulnerabilities by Severity Level Addressed by Microsoft in February from 2023 to 2026

Figure 3 Number of Vulnerabilities by Severity Level Addressed by Microsoft in February from 2023 to 2026

The following figure shows the number of vulnerabilities by type addressed by Microsoft in February from 2023 to 2026.

Figure 4 Number of Vulnerabilities by Type Addressed by Microsoft in February from 2023 to 2026

Figure 4 Number of Vulnerabilities by Type Addressed by Microsoft in February from 2023 to 2026

Data source: Microsoft security updates

  • Compared to last year, there has been a decrease in terms of the number of vulnerabilities this year. The number of vulnerabilities addressed by Microsoft in February 2026 has decreased. A total of 61 vulnerability patches, including 5 critical ones, have been reported this month.
  • Compared to last year, the number of vulnerabilities at the Critical level addressed by Microsoft has increased, and that of vulnerabilities at the Important/High level has decreased. Specifically, 5 vulnerabilities at the Critical level have been addressed, an increase of about 25%; and 54 vulnerabilities at the Important/High level have been addressed, a decrease of about 8%.
  • In terms of the vulnerability type, both the number of remote code execution (RCE) vulnerabilities and the number of denial-of-service (DoS) vulnerabilities have decreased, whereas the number of elevation of privilege (EoP) vulnerabilities has increased. We should remain highly vigilant because, when combined with social engineering techniques, attackers can exploit RCE vulnerabilities to take over the entire local area network (LAN) and launch attacks.

Details of Key Vulnerabilities

Analysis

Microsoft Word Security Feature Bypass Vulnerability (CVE-2026-21514)

This vulnerability arises because Microsoft Office Word overly relies on untrusted inputs in security decisions, without adequately validating these inputs. Upon successful exploitation, attackers can bypass Microsoft Word's native protection mechanisms to access and manipulate information with elevated privileges. This vulnerability has been actively exploited in the wild.

Windows Shell Security Feature Bypass Vulnerability (CVE-2026-21510)

This vulnerability arises because the protection mechanism of Windows Shell fails to adequately validate relevant network requests. It allows unauthorized attackers to bypass security features over the network. Upon successful exploitation, attackers can access, manipulate, and destroy high-level confidential information. This vulnerability has been actively exploited in the wild.

MSHTML Framework Security Feature Bypass Vulnerability (CVE-2026-21513)

This vulnerability stems from a flaw in the protection mechanism of the MSHTML framework. Successful exploitation enables unauthorized attackers to bypass network security features. This vulnerability has been actively exploited in the wild.

Windows Remote Desktop Services Elevation of Privilege Vulnerability (CVE-2026-21533)

This vulnerability stems from improper privilege management in Windows Remote Desktop. Successful exploitation enables attackers to elevate privileges locally. This vulnerability has been actively exploited in the wild.

Desktop Window Manager Elevation of Privilege Vulnerability (CVE-2026-21519)

Resource access using an incompatible type ("type confusion") in Desktop Window Manager allows an authorized attacker to elevate privileges locally. This vulnerability has been actively exploited in the wild.

Affected Versions

Vulnerability Name & CVE ID Affected Version
Microsoft Word Security Feature Bypass Vulnerability (CVE-2026-21514)
Microsoft Office LTSC for Mac 2024
Microsoft Office LTSC 2024 for 64-bit editions
Microsoft Office LTSC 2024 for 32-bit editions
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft 365 Apps for Enterprise for 32-bit Systems
Windows Shell Security Feature Bypass Vulnerability (CVE-2026-21510)
Windows 11 version 26H1 for x64-based Systems
Windows 11 Version 26H1 for ARM64-based Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2025
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 11 Version 25H2 for x64-based Systems
Windows 11 Version 25H2 for ARM64-based Systems
Windows Server 2025 (Server Core installation)
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
MSHTML Framework Security Feature Bypass Vulnerability (CVE-2026-21513)
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2016
Windows Server 2025
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 25H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 11 Version 25H2 for ARM64-based Systems
Windows Server 2025 (Server Core installation)
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows 10 Version 1809 for x64-based Systems
Windows Server 2012
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016 (Server Core installation)
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 1809 for 32-bit Systems
Windows 11 version 26H1 for x64-based Systems
Windows 11 Version 26H1 for ARM64-based Systems
Windows Remote Desktop Services Elevation of Privilege Vulnerability (CVE-2026-21533)
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2025
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 11 Version 25H2 for x64-based Systems
Windows 11 Version 25H2 for ARM64-based Systems
Windows Server 2025 (Server Core installation)
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 11 version 26H1 for x64-based Systems
Windows 11 Version 26H1 for ARM64-based Systems
Desktop Window Manager Elevation of Privilege Vulnerability (CVE-2026-21519)
Windows 11 version 26H1 for x64-based Systems
Windows 11 Version 26H1 for ARM64-based Systems
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2025
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 11 Version 25H2 for x64-based Systems
Windows 11 Version 25H2 for ARM64-based Systems
Windows Server 2025 (Server Core installation)
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems

Solutions

Official Solution

Microsoft has released security patches for affected software. Affected users can install the corresponding security patches based on their system versions.

Download links:

  1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21514
  2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21510
  3. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21513
  4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21519
  5. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21533

References

https://msrc.microsoft.com/update-guide/releaseNote/2026-Feb

Timeline

On February 11, 2026, Microsoft released a security bulletin.

On February 11, 2026, Sangfor FarSight Labs released a vulnerability alert.

Learn More

Sangfor FarSight Labs researches the latest cyber threats and unknown zero-day vulnerabilities, alerting customers to potential dangers to their organizations, and providing real-time solutions with actionable intelligence. Sangfor FarSight Labs works with other security vendors and the security community at large to identify and verify global cyber threats, providing fast and easy protection for customers.

Listen To This Post

Search

Keyword maximum 256 character

Related Articles

Remote Code Execution due to Expression Escape in n8n (CVE-2026-25049)

Date : 06 Feb 2026
Read Now

Security Feature Bypass in Microsoft Office (CVE-2026-21509)

Date : 27 Jan 2026
Read Now

Authentication Bypass in Oracle WebLogic Server Proxy Plug-in (CVE-2026-21962)

Date : 22 Jan 2026
Read Now

See Other Product

Athena SASE - Secure Access Service Edge
Sangfor Athena NGFW - Next Generation Firewall
Sangfor Athena EPP - Modern Endpoint Protection Platform
Sangfor Athena NDR - Network Detection and Response
Cyber Command - NDR Platform
MDR TCO Calculator - User Input Page

Meet the Author

Sangfor HQ Building

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
See Author's Detail