What are the zero-day vulnerabilities Microsoft fixed?

Microsoft fixed critical zero-day vulnerabilities in Windows and Office that were actively exploited by hackers, allowing for one-click attacks.

How do these Windows exploits work?

The Windows shell vulnerability (CVE-2026-21510) allows hackers to bypass SmartScreen by tricking users into clicking malicious links, enabling remote malware installation.

What is the risk associated with these zero-day bugs?

These bugs pose a high risk, potentially leading to silent malware execution with high privileges, system compromise, ransomware deployment, or intelligence collection.

Home / Technology / Microsoft Rushes Patches as Zero-Day Exploits Spread

Microsoft Rushes Patches as Zero-Day Exploits Spread

12 Feb

•

Summary

Hackers actively exploit Windows and Office zero-day vulnerabilities.
One-click attacks allow malware installation with minimal user interaction.
Microsoft released urgent fixes for these actively abused security flaws.

Microsoft Rushes Patches as Zero-Day Exploits Spread

Microsoft has urgently addressed security vulnerabilities in its Windows and Office software, which are currently being exploited by malicious actors. These zero-day exploits, meaning they were used before Microsoft could fix them, pose a significant threat as they allow for one-click attacks. Hackers can gain access to or install malware on computers with very little user involvement, such as clicking a malicious link or opening a compromised Office file.

One critical vulnerability, tracked as CVE-2026-21510, is found in the Windows shell and affects all supported versions. This flaw can bypass Microsoft's SmartScreen security feature, enabling remote malware planting. Google's Threat Intelligence Group confirmed widespread, active exploitation of this bug, warning of potential system compromise, ransomware deployment, or data theft. Another patched vulnerability in the MSHTML engine, CVE-2026-21513, also allowed hackers to bypass Windows security features to install malware.