Microsoft has released over 50 security updates for its Windows operating systems and other software. This month’s Patch Tuesday addresses six “zero-day” vulnerabilities that are actively being exploited by attackers.
One of the critical zero-day flaws, CVE-2026-21510, is a security feature bypass in Windows Shell. This vulnerability allows attacker-controlled content to execute without user warning or consent simply by clicking a malicious link. All supported Windows versions are impacted by CVE-2026-21510.
CVE-2026-21513 is another zero-day security bypass vulnerability affecting MSHTML, the rendering engine used by Windows’ default web browser. A related security feature bypass, CVE-2026-21514, has been patched in Microsoft Word.
An elevation of privilege zero-day, CVE-2026-21533, impacts Windows Remote Desktop Services, potentially allowing local attackers to gain “SYSTEM” level access. Additionally, CVE-2026-21519 addresses a zero-day privilege elevation vulnerability in the Desktop Window Manager (DWM), a core Windows component. A separate DWM zero-day was patched in the previous month’s updates.
The sixth zero-day, CVE-2026-21525, is a denial-of-service vulnerability found in the Windows Remote Access Connection Manager, which manages VPN connections to corporate networks.
Several out-of-band security updates have been released by Microsoft since January’s Patch Tuesday. These include a fix on January 17 for a credential prompt failure during remote desktop or application connections, and a patch on January 26 for a zero-day security feature bypass vulnerability (CVE-2026-21509) in Microsoft Office.
This month’s Patch Tuesday also features fixes for remote code execution vulnerabilities impacting GitHub Copilot and various integrated development environments (IDEs), such as VS Code, Visual Studio, and JetBrains products. The associated CVEs are CVE-2026-21516, CVE-2026-21523, and CVE-2026-21256.
These AI vulnerabilities are rooted in a command injection flaw, which can be activated via prompt injection. This involves manipulating an AI agent to perform unintended actions, such as executing malicious code or commands.
Developers are frequently targeted by threat actors due to their access to sensitive data, including API keys and secrets for critical infrastructure like privileged AWS or Azure API keys. When organizations integrate Large Language Models (LLMs) and agentic AI into developer workflows and automation pipelines, a malicious prompt could have substantial consequences. While this does not suggest discontinuing AI use, it emphasizes the need for developers to comprehend the risks. Teams should clearly identify systems and workflows with AI agent access and implement least-privilege principles to minimize the impact if developer secrets are compromised.
For a detailed breakdown of each Microsoft fix this month, indexed by severity and CVSS score, the SANS Internet Storm Center provides a clickable resource. Enterprise Windows administrators responsible for testing patches before deployment may find valuable information on askwoody.com, which often reports on problematic updates. Users are advised to back up their data regularly.
