Microsoft has patched CVE-2026-21533, a zero-day elevation of privilege vulnerability in Windows Remote Desktop Services (RDS) that attackers are exploiting in the wild to gain SYSTEM-level access. The flaw stems from improper privilege management and was addressed in the February 2026 Patch Tuesday updates released on February 10. CVE-2026-21533 carries a CVSS v3.1 base score […] The post Windows Remote Desktop Services 0-Day Vulnerability Exploited in the Wild to Escalate Privileges appeared first on Cyber Security News.