Microsoft's February 2026 Patch Tuesday addresses 6 actively exploited zero-days, 58 flaws, and 5 critical vulnerabilities. These updates include fixes for 25 elevation of privilege vulnerabilities, 5 security feature bypass vulnerabilities, 12 remote code execution vulnerabilities, 6 information disclosure vulnerabilities, 3 denial of service vulnerabilities, and 7 spoofing vulnerabilities. Microsoft also rolls out updated Secure Boot certificates to replace the original 2011 certificates expiring in June 2026. This update introduces a broad set of targeting data for Windows quality updates, ensuring a safe and phased rollout. The security updates are available on the BleepingComputer website, and non-security updates are detailed in dedicated articles for Windows 11 and Windows 10. Microsoft has attributed the discovery of several zero-days to various entities, including the Microsoft Threat Intelligence Center, Microsoft Security Response Center, and Google Threat Intelligence Group. The company also highlights recent updates from other vendors, such as Adobe, BeyondTrust, CISA, Cisco, Fortinet, Google, n8n, SAP, and more. The February 2026 Patch Tuesday Security Updates list includes a comprehensive overview of resolved vulnerabilities, with details on their severity and affected systems. This update ensures the security and reliability of Microsoft's IT infrastructure, addressing potential risks and vulnerabilities in various products and services.
