Microsoft highlighted six new and actively exploited vulnerabilities among the 60 fixes issued in today’s February Patch Tuesday releases. However, Tyler Reguly, associate director of security R&D at Fortra, says there’s good news: The issues are easy to resolve with regular Microsoft patches for Windows and Office, and none require any post patch configuration steps. Still, CSOs should be aware that, of the six, three involve a security feature bypass: CVE-2026-21510, a protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. To successfully exploit this vulnerability, an attacker must convince a user to open a malicious link...