Microsoft Warns of Active Zero-Day Attacks

Microsoft has confirmed that hackers are actively exploiting multiple critical zero-day vulnerabilities in its Windows operating system and Microsoft Office suite. The company has released urgent security patches as part of its February 2026 Patch Tuesday update.

In its latest security advisory, Microsoft revealed that at least six zero-day vulnerabilities were being actively used in real-world attacks. Zero-day vulnerabilities are security flaws that attackers exploit before a fix becomes widely available. These types of bugs are especially dangerous because users have little protection until updates are installed.

Critical Vulnerabilities Identified

One of the most serious flaws is a Windows Shell security feature bypass tracked as CVE-2026-21510. This vulnerability allows attackers to trick users into clicking malicious links or opening dangerous shortcuts. Once opened, harmful code can run without triggering normal Windows security warnings.

Other major vulnerabilities include:

• A security bypass in Microsoft 365 and Office OLE (Object Linking and Embedding).

• Internet Explorer component flaws that may allow remote code execution.

• Weaknesses in Office document handling routines that attackers can exploit through phishing emails or malicious attachments.

These vulnerabilities affect core Windows components and Office applications that are widely used across businesses and homes worldwide.

February Patch Tuesday Fixes Around 60 Issues

Microsoft’s February 2026 Patch Tuesday update addresses nearly 60 vulnerabilities in total. However, the six actively exploited zero-day flaws are receiving the highest attention from cybersecurity experts.

Security professionals warn that attackers can exploit some of these bugs using simple social engineering tactics, such as phishing emails or fake download links. In many cases, only minimal user interaction is required.

Growing Pattern of Zero-Day Exploitation

Security analysts say this situation reflects a broader industry trend. Zero-day vulnerabilities are increasingly being used by advanced persistent threat (APT) groups soon after disclosure. In past Patch Tuesday cycles, Microsoft has even released emergency out-of-band updates after active exploitation was detected.

Similar emergency zero-day updates have recently been issued by other major technology companies, including Google and Apple, showing that the cybersecurity threat landscape remains highly active.

What Users and Organisations Should Do

Cybersecurity experts strongly advise:

• Installing the latest Windows and Office updates immediately.

• Enabling automatic updates.

• Limiting administrator privileges.

• Educating users about phishing risks.

• Avoiding suspicious links and attachments.

Timely patching remains the most effective defense against zero-day attacks.

Microsoft has emphasized that applying the February 2026 security updates as soon as possible is critical to reducing risk.