{"id":4507,"date":"2026-02-14T03:37:53","date_gmt":"2026-02-14T03:37:53","guid":{"rendered":"http:\/\/ft365.org\/index.php\/2026\/02\/14\/microsoft-fixes-six-zero-day-vulnerability-in-february-patch-tuesday\/"},"modified":"2026-02-14T03:37:53","modified_gmt":"2026-02-14T03:37:53","slug":"microsoft-fixes-six-zero-day-vulnerability-in-february-patch-tuesday","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2026\/02\/14\/microsoft-fixes-six-zero-day-vulnerability-in-february-patch-tuesday\/","title":{"rendered":"Microsoft Fixes Six Zero Day Vulnerability in February Patch Tuesday"},"content":{"rendered":"<div>\n<p><img decoding=\"async\" src=\"http:\/\/ft365.org\/wp-content\/uploads\/2025\/06\/localimages\/ea721ff9-8ba4-4d88-b386-57e9e1606077.jpg?width=64&#038;height=64&#038;mode=crop&#038;scale=both&#038;format=webp\" alt=\"Photo of Phil Muncaster\" loading=\"lazy\"><\/p>\n<\/div>\n<div id=\"cphContent_pnlArticleBody\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"0\">\n<p>System administrators are likely to have a busy February after Microsoft released updates to fix six actively exploited zero-day vulnerabilities, three of which have been publicly disclosed.<\/p>\n<p>The zero-days are as follows:<\/p>\n<ul>\n<li>CVE-2026-21510 is a security feature bypass vulnerability in Windows Shell which enables unauthorized attackers to circumvent Windows SmartScreen and security prompt protections by tricking victims into clicking on a malicious link<\/li>\n<li>CVE-2026-21513 is a security feature bypass vulnerability in the Microsoft MSHTML Framework, which is used by Windows and various applications to\u00a0render\u00a0HTML content. \u201cA crafted file can silently bypass Windows security prompts and trigger dangerous actions with a single click,\u201d warned Action1 director of vulnerability research, Jack Bicer<\/li>\n<li>CVE-2026-21514 is a security feature bypass vulnerability in Microsoft Word. Exploitation requires no privileges but the victim must open a malicious document<\/li>\n<li>CVE-2026-21519\u00a0is an elevation of privilege (EoP) flaw in the Windows Desktop Window Manager (DWM) which allows attackers turn basic access into full system control.\u00a0It\u2019s unclear how it is being exploited<\/li>\n<li>CVE-2026-21525 is a denial-of-service vulnerability affecting the Windows Remote Access Connection Manager. \u201cExploitation is local, requires no privileges, and does not rely on user interaction,\u201d explained Action1 president, Mike Walters. \u201cAn attacker with basic local access can repeatedly trigger the flaw to cause persistent service disruption.\u201d<\/li>\n<li>CVE-2026-21533 is another EoP vulnerability in Windows Remote Desktop Services. Exploitation is local, requires only low privileges, and does not need user interaction, noted Bicer<\/li>\n<\/ul>\n<p><em>Read more on Patch Tuesday: Microsoft Fixes Three Zero-Days on Busy Patch Tuesday.<\/em><\/p>\n<p>In total this month, most CVEs disclosed by Microsoft were EoP (25), followed by remote code execution (12), spoofing (7), information disclosure (6) and security feature bypass (5).<\/p>\n<p>None of the actively exploited vulnerabilities are rated critical. In fact, only five CVEs out of the 58 patched this month are critical.<\/p>\n<h2><strong>SAP Adds to the Patch Load<\/strong><\/h2>\n<p>Elsewhere, SAP released 26 new security \u201cnotes\u201d yesterday, and one update to a previously released note.<\/p>\n<p>The two most serious CVEs include a missing authorization check vulnerability (CVE-2026-0509) in SAP NetWeaver Application Server ABAP and ABAP Platform \u2013 which has a CVSS score of 9.6.<\/p>\n<p>The second (CVE-2026-0488) is a code injection vulnerability in SAP CRM and SAP S\/4HANA (Scripting Editor), which has a CVSS score of 9.9.<\/p>\n<p>Pathlock SAP security analyst, Jonathan Stross, explained that the affected systems are commonly used by call center agents and CRM support staff.<\/p>\n<p>\u201cA\u00a0realistic attack chain could start from attackers compromising a standard CRM user through phishing, password reuse, or endpoint compromise. Then, the attacker accesses the Scripting Editor-related functionality and leverages the generic call flaw,\u201d he continued.<\/p>\n<p>\u201cFinally, they execute unauthorized database-level actions (SQL), resulting in broad control. Once there, an attacker can compromise the database, steal or modify data, and cause operational disruption by manipulating CRM\/S\/4 data at the persistence layer.\u201d<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>System administrators are likely to have a busy February after Microsoft released updates to fix six actively exploited zero-day vulnerabilities, three of which have been publicly disclosed. The zero-days are as follows: CVE-2026-21510 is a security feature bypass vulnerability in Windows Shell which enables unauthorized attackers to circumvent Windows SmartScreen and security prompt protections by<\/p>\n","protected":false},"author":2,"featured_media":4508,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4507","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e.jpg",300,300,false],"thumbnail":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e-150x150.jpg",150,150,true],"medium":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e.jpg",300,300,false],"medium_large":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e.jpg",300,300,false],"large":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e.jpg",300,300,false],"1536x1536":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e.jpg",300,300,false],"2048x2048":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e.jpg",300,300,false],"morenews-featured":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e.jpg",300,300,false],"morenews-large":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e.jpg",300,300,false],"morenews-medium":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e.jpg",300,300,false],"crawlomatic_preview_image":["http:\/\/ft365.org\/wp-content\/uploads\/2026\/02\/4507-ff5db43d-b50c-4ec0-b7b9-3c0256f60a8e-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"http:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"<a href=\"http:\/\/ft365.org\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/4507","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=4507"}],"version-history":[{"count":0,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/4507\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/4508"}],"wp:attachment":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=4507"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=4507"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=4507"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}