Unfold what this Patch Tuesday has in store for you

Q: What is Patch Tuesday?

Patch Tuesday, the colloquial term for Microsoft's Update Tuesday that falls on second Tuesday of every month. That is when Microsoft rolls out patch updates to improve security of the Microsoft applications... more

Q: When is Patch Tuesday?

Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on ... more

Q: Where can I find more details about individual bulletins?

Each CVE ID listed in the ... more

Patch Tuesday, the unofficial term for Microsoft's scheduled security fix release on every second Tuesday of a month, has been a constant topic of discussion ever since its inception.

Upcoming Webinar

- 11:30 a.m. EST& 6:30 a.m. GMT

Agenda of the Free Patch Tuesday webinar

A complete breakdown of all the latest Patch Tuesday updates
Patch updates that you should be prioritizing
Topical updates in the cyber-security space
Real-time patching scenarios and ways to handle them
Few best practices that you need to employ for an effective patch management

Book your slots here!

First Name ^* Please enter the valid name. Please enter a name.

Last Name ^* Please enter the valid name. Please enter a name.

Business Email ^* Please enter a valid email. Please enter a email.

Phone ^* Please enter the valid phone. Please enter the phone.

Patch Tuesday Training Time(Monthly Once)

Patch Tuesday (Monthly once)

11:30 EST -

6:30 GMT -

Gain exclusive access to our UEMS Free Training series

Choose your Webinar Series

Country ^*

By clicking 'Register Now', you agree to processing of personal data according to the Privacy Policy.

Microsoft Patch Tuesday February 2026 - Summary

Feb 122026

Read Blog

118

Patches

59

Vulnerabilities

16

Articles

6

Impacts

CVE Index for February 2026 Patch Tuesday Updates

Critical Vulnerabilities
Zero-day vulnerabilities
Microsoft Windows
Microsoft
Office
Others

Vulnerable Component	Impact	CVE ID
Azure Arc	Elevation of Privilege	CVE-2026-24302
Azure Front Door	Elevation of Privilege	CVE-2026-24300
Microsoft ACI Confidential Containers	Information Disclosure	CVE-2026-23655
Azure Function	Information Disclosure	CVE-2026-21532
Microsoft ACI Confidential Containers	Elevation of Privilege	CVE-2026-21522
MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow	Remote Code Execution	CVE-2016-9535

Vulnerable Component	Impact	CVE ID
Windows Remote Desktop Services	Elevation of Privilege	CVE-2026-21533
Desktop Window Manager	Elevation of Privilege	CVE-2026-21519
Microsoft Word	Security Feature Bypass	CVE-2026-21514
MSHTML Framework	Security Feature Bypass	CVE-2026-21513
Windows Shell	Security Feature Bypass	CVE-2026-21510
Windows Remote Access Connection Manager	Denial of Service	CVE-2026-21525

CVE ID	Severity	Impact
CVE-2026-21527	Important	Spoofing
CVE-2026-21517	Important	Elevation of Privilege
CVE-2026-21508	Important	Elevation of Privilege
CVE-2026-21255	Important	Security Feature Bypass
CVE-2026-21251	Important	Elevation of Privilege
CVE-2026-21250	Important	Elevation of Privilege
CVE-2026-21249	Important	Spoofing
CVE-2026-21248	Important	Remote Code Execution
CVE-2026-21247	Important	Remote Code Execution
CVE-2026-21246	Important	Elevation of Privilege
CVE-2026-21245	Important	Elevation of Privilege
CVE-2026-21244	Important	Remote Code Execution
CVE-2026-21243	Important	Denial of Service
CVE-2026-21242	Important	Elevation of Privilege
CVE-2026-21241	Important	Elevation of Privilege
CVE-2026-21240	Important	Elevation of Privilege
CVE-2026-21239	Important	Elevation of Privilege
CVE-2026-21238	Important	Elevation of Privilege
CVE-2026-21237	Important	Elevation of Privilege
CVE-2026-21236	Important	Elevation of Privilege
CVE-2026-21235	Important	Elevation of Privilege
CVE-2026-21234	Important	Elevation of Privilege
CVE-2026-21232	Important	Elevation of Privilege
CVE-2026-21231	Important	Elevation of Privilege
CVE-2026-21222	Important	Information Disclosure
CVE-2026-20846	Important	Denial of Service
CVE-2026-20841	Important	Remote Code Execution
CVE-2023-2804	Important	Remote Code Execution
CVE-2026-21537	Important	Remote Code Execution
CVE-2026-0391	Moderate	Spoofing

CVE ID	Severity	Impact
CVE-2026-21511	Important	Spoofing
CVE-2026-21261	Important	Information Disclosure
CVE-2026-21260	Important	Spoofing
CVE-2026-21259	Important	Elevation of Privilege
CVE-2026-21258	Important	Information Disclosure

CVE ID	Severity	Impact
CVE-2026-21531	Important	Remote Code Execution
CVE-2026-21529	Important	Spoofing
CVE-2026-21528	Important	Information Disclosure
CVE-2026-21512	Important	Spoofing
CVE-2026-21228	Important	Remote Code Execution

Vulnerable Component	CVE ID	Severity	Impact
Mailslot File System	CVE-2026-21253	Important	Elevation of Privilege
Power BI	CVE-2026-21229	Important	Remote Code Execution
GitHub Copilot and Visual Studio Code	CVE-2026-21523	Important	Remote Code Execution
GitHub Copilot and Visual Studio Code	CVE-2026-21518	Important	Security Feature Bypass
.NET	CVE-2026-21218	Important	Spoofing
GitHub Copilot and Visual Studio	CVE-2026-21257	Important	Elevation of Privilege
GitHub Copilot and Visual Studio	CVE-2026-21256	Important	Remote Code Execution
GitHub Copilot for Jetbrains	CVE-2026-21516	Important	Remote Code Execution

Previous Patch Tuesday Updates and Fixes

Microsoft Windows Patch Tuesday - Overview

What is Patch Tuesday?

Patch Tuesday or Update Tuesday is the common name for the second Tuesday of every month when Microsoft releases security updates for its operating system and other software. Coinciding with the Patch Tuesday, several other vendors such as Oracle, Mozilla, Adobe, and many others roll out updates for the third-party applications.

When is Patch Tuesday?

Patch Tuesday falls on the second Tuesday of each month. The upcoming Patch Tuesday is on Feb 10, 2026.

What is patching and why is it important?

Patches are nothing but pieces of software code that are written to fix a bug in a software application, that might lead to a vulnerability. Such vulnerabilities in any application are loop holes for attackers to get their hands on business critical data and information. So it is highly crucial to keep all the applications in a network updated to its latest versions. Updating applications in mobile phones and laptops also work in the same manner by preventing theft of personal data, through security flaws.

What kind of patch updates are released during Patch Tuesday?

Predominantly security patch updates of varying severity like Critical, Important, Moderate & Low are labeled and released. Effective Windows patch management involves prioritizing these based on severity, automating deployment, and ensuring rollback or compatibility testing. It is always a best practice to prioritize your patching based on the severity level mentioned.

What are CVE IDs?

CVE ID - Common Vulnerabilities and Exposure ID is a format in which each vulnerability is disclosed and cataloged in the National Vulnerability Database (NVD). You can look up for a detailed explanation of each vulnerability in the NVD with the help of CVE ID. In Patch Manager Plus you can make use of these CVE IDs to fetch the appropriate patches to deploy. You can find the CVE IDs here.

How to register for ManageEngine's Free Patch Tuesday webinar?

The upcoming Free Patch Tuesday webinar by ManageEngine is scheduled on -. You can make your registrations here.

Where can I find more details about individual bulletins?

Each CVE ID listed in the CVE Index section has been linked to its security advisory.