Patch Tuesday Archives

Winsage

February 26, 2026

‘Windows 11 is far from perfect’: Microsoft just released an update I actually want to install — and you should too

Microsoft has released update KB5077241 for Windows 11, which will automatically download on March 10 during 'Patch Tuesday.' This optional update includes a new network speed test feature accessible from the taskbar, allowing users to diagnose internet connectivity issues. It also introduces pan and tilt camera controls for compatible webcams through the Windows 11 Settings app. The update aims to improve user experience by addressing issues with peripherals waking from sleep mode, enhancing visual cohesion, optimizing projector and printer connectivity, and improving sign-in screen performance. However, concerns remain regarding the promotion of Microsoft services in the Start menu's new accounts section.

Winsage

February 17, 2026

Microsoft Windows 11 KB5077181 Update Triggers Infinite Restart Loop on Some Devices

Microsoft's Patch Tuesday update, KB5077181, released on February 10, 2026, has caused significant boot failures for users of Windows 11 versions 24H2 (OS build 26200.7840) and 25H2 (OS build 26100.7840), resulting in endless restart loops. Users are reporting over 15 reboot cycles, preventing access to their desktops. Issues include System Event Notification Service (SENS) errors and DHCP problems affecting internet connectivity. Installation errors with codes 0x800f0983 and 0x800f0991 indicate potential hardware, driver, or servicing stack incompatibilities. The update was intended to address 58 vulnerabilities, including six zero-days, but the boot loop issue has overshadowed these enhancements. CVE IDs and their CVSS scores related to the vulnerabilities addressed include: - CVE-2026-21510: 7.5 - CVE-2026-21519: 7.8 - CVE-2026-21533: 8.8 - CVE-2026-20841: 7.1 As of February 15, 2026, there is no "known issues" entry in Microsoft's release notes despite user reports. Users can uninstall the update through the Control Panel if their systems are accessible, or use the Windows Recovery Environment to execute commands for uninstallation if their systems are unbootable.

Winsage

February 16, 2026

Windows 11 KB5077181 fixes boot failures linked to failed updates

Microsoft resolved a critical bug affecting some commercial systems running Windows 11 that caused boot failures due to an "UNMOUNTABLEBOOTVOLUME" error. This issue was linked to problematic updates from December 2025 and primarily impacted devices on Windows 11 versions 25H2 and 24H2. The resolution was included in the February 2026 Patch Tuesday update, specifically the Windows 11 KB5077181 security update released on February 10, 2026. An initial fix was provided in the optional update KB5074105 on January 29, 2026. Affected devices experienced failures after installing the January 13, 2026, security update KB5074109. Microsoft recommends that enterprise customers with still unbootable systems contact Microsoft Support for Business for assistance.

Winsage

February 16, 2026

Multiple Flaws Found in Microsoft Windows & Office — Could Let Hackers In

Microsoft has identified at least six zero-day vulnerabilities in Windows and Microsoft Office that were actively being exploited by hackers before patches were released. These vulnerabilities allow attackers to compromise systems with minimal user interaction, such as clicking on malicious links or opening compromised Office documents. Notable examples include a Windows Shell Security Bypass (CVE-2026-21510) and an Office File Exploit that can execute malicious code. The vulnerabilities pose serious risks, including active exploitation, remote code execution, and the potential for malware installation and credential theft. Microsoft has released security patches to address these vulnerabilities, and users are urged to install them immediately. The affected systems include all supported versions of Windows and Microsoft Office applications. Users are advised to install updates, be cautious with emails and links, enable security tools, and keep software up to date.

Winsage

February 16, 2026

Windows 11 KB5077181 Security Update Causing Some Devices to Restart in an Infinite Loop

Microsoft's security update KB5077181, released on February 10, 2026, for Windows 11 versions 24H2 and 25H2, has caused critical boot failures, leading to infinite restart loops for users. The update addresses 58 vulnerabilities, including six zero-day exploits, and introduces new Secure Boot certificates. Users have reported errors such as “a specified procedure could not be found” and DHCP failures, with installation errors like 0x800f0983 and 0x800f0991 affecting specific hardware. To resolve issues, users are advised to uninstall the update and pause Windows Update. Accessing the Windows Recovery Environment may also be necessary for persistent boot loops. While some users experienced improvements, the overall instability highlights risks associated with updates. Microsoft has not acknowledged any known issues related to this update as of February 15.

Winsage

February 15, 2026

Microsoft Blocks Credential Autofill to Fix Windows Hello Flaw

Microsoft has blocked credential autofill functionality in Windows 11 as part of the February 2026 Patch Tuesday updates to address the critical vulnerability CVE-2026-20804, which allows unauthorized access by tampering with Windows Hello authentication. This vulnerability was first identified in August 2025 and allows local administrators to inject biometric data. The restriction was documented in the January 2026 Patch Tuesday release notes. Enhanced Sign-in Security (ESS) operates at a hypervisor virtual trust level but is limited by hardware compatibility issues, particularly affecting AMD-based systems. Post-update, credential dialogs do not respond to virtual keyboard inputs from remote desktop or screen-sharing applications, preventing autofill during remote support sessions. Microsoft has provided a risky workaround that allows applications to operate with elevated administrator privileges, but this reintroduces the vulnerability. Organizations must now choose between disrupted remote support workflows or risking exposure to credential injection attacks, leading to operational challenges for IT teams and help desk staff.

Winsage

February 12, 2026

Microsoft’s latest update patches six zero-days and two critical flaws – but is it another buggy mess?

Microsoft's February Patch Tuesday update addresses feature and security bugs, continuing the refresh of Secure Boot certificates to protect against bootkit malware. Secure Boot prevents malicious software from executing during startup by using trusted certificates, many of which are set to expire in June. The update is available for both Windows 11 and Windows 10 users, with the latter needing to be enrolled in the Extended Security Updates (ESU) program until October 2026. Windows 11 fixes include resolutions for full-screen gaming and WPA3-Personal Wi-Fi connectivity issues, while Windows 10 improvements address Chinese fonts, specific graphics processing units, and custom folder names in File Explorer. A bug causing unexpected restarts in Secure Launch-compatible PCs has also been fixed. The update includes 55 security patches, a decrease from January's 114, with two classified as critical and six identified as zero-day vulnerabilities. One vulnerability exploited in the wild could allow system privilege escalation, another could disrupt network connectivity, and a third could disable security controls and access sensitive data. Users can update their Windows 11 PCs through System > Windows Update, and Windows 10 users through System > Update & Security. Due to previous buggy updates, users may consider waiting a few days before installing the February update, with the option to uninstall if issues arise.

Winsage

February 12, 2026

February 2026 Patch Tuesday includes six actively exploited zero-days

Microsoft released security updates on the second Tuesday of each month, addressing 59 vulnerabilities this month, including six critical zero-day exploits. 1. CVE-2026-21510: Windows Shell security feature bypass vulnerability (CVSS score 8.8) allows attackers to circumvent Windows SmartScreen by tricking users into opening malicious links or shortcuts. 2. CVE-2026-21513: MSHTML Framework security feature bypass vulnerability (CVSS score 8.8) enables attackers to weaken browser protections by persuading users to open malicious HTML files or shortcuts. 3. CVE-2026-21514: Microsoft Word security feature bypass vulnerability (CVSS score 5.5) allows attackers to exploit untrusted inputs in malicious Word documents to execute blocked content. 4. CVE-2026-21519: Desktop Window Manager elevation of privilege vulnerability (CVSS score 7.8) allows low-privileged attackers to gain higher privileges without user interaction. 5. CVE-2026-21525: Windows Remote Access Connection Manager denial-of-service vulnerability (CVSS score 6.2) can be exploited by unauthenticated local attackers to crash the service without compromising confidentiality or integrity. 6. CVE-2026-21533: Windows Remote Desktop Services elevation of privilege vulnerability (CVSS score 7.8) allows local authenticated attackers to escalate privileges to SYSTEM without user interaction. Additionally, Azure users should be aware of two critical vulnerabilities with CVSS ratings of 9.8.

Winsage

February 11, 2026

Microsoft Patch Tuesday: February 2026

Microsoft has identified several vulnerabilities affecting its products, particularly within Windows Server and Office suites. The affected products and their corresponding vulnerabilities include: - Windows Server 2025: CVE-2026-21510, CVE-2026-21513, CVE-2026-21519, CVE-2026-21525, CVE-2026-21533; updates under article numbers 5075899 and 5075942. - Windows Server 2022, 23H2: Same vulnerabilities as above; update article number 5075897. - Windows Server 2022: Same vulnerabilities; update article number 5075906. - Windows Server 2019: Same vulnerabilities; update article number 5075904. - Windows Server 2016: Same vulnerabilities; update article number 5075999. - Windows Server 2012 R2: CVE-2026-21510, CVE-2026-21513, CVE-2026-21525, CVE-2026-21533; update article number 5075970. - Windows 11 and Windows 10: Various versions (26H1, 25H2, 24H2, 22H2) affected; update articles range from 5077179 to 5075912. - Microsoft Office LTSC for Mac 2024 and Mac 2021: Affected by CVE-2026-21514; release notes available. - Microsoft Office LTSC 2024 and 2021: CVE-2026-21509 and CVE-2026-21514; release notes provided. - Microsoft 365 Apps for Enterprise: Affected by CVE-2026-21509 and CVE-2026-21514; release notes available.

Winsage

February 11, 2026

Microsoft releases Windows 11 26H1, but it’s not for existing PCs. Windows 11 26H2 is coming for all PCs

Microsoft has confirmed the existence of Windows 11 26H1, which will roll out exclusively on new PCs equipped with Snapdragon X2 chips starting in early 2026. This version is tailored for ARM-based devices and will not be available for download or installation on current PCs. Windows 11 26H1 does not introduce new features but focuses on performance and battery life improvements. It may also be optimized for Nvidia N1X chips, which are expected to release in Q1 2026. Windows 11 26H2 is set to roll out for existing hardware in October 2026 as a normal yearly update. It will be based on the same core platform as previous versions 24H2 and 25H2, while 26H1 operates on a different core, meaning there is no upgrade path from 26H1 to 26H2. Both versions will unify under Windows 27H2 in 2027.