Serial number: AV26-111
Date: February 10, 2026
On February 10, 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:
- .NET 10.0
- .NET 8.0
- .NET 9.0
- Azure AI Language Authoring
- Azure ARC
- Azure DevOps Server 2022
- Azure Front Door
- Azure Functions
- Azure HDInsight
- Azure IoT Explorer
- Azure Local
- GitHub Copilot Plugin for JetBrains IDEs
- Microsoft 365
- Microsoft ACI Confidential Containers
- Microsoft Defender for Endpoint for Linux
- Microsoft Excel 2016
- Microsoft Exchange Server 2016
- Microsoft Exchange Server 2019
- Microsoft Exchange Server Subscription Edition RTM
- Microsoft Office 2019
- Microsoft Office LTSC
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Outlook 2016
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft Visual Studio 2022
- Microsoft Word 2016
- Office Online Server
- Power BI Report Server
- Visual Studio Code
- Windows 10
- Windows 11
- Windows App for Mac
- Windows Notepad
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Microsoft has received reports that CVE-2026-21525, CVE-2026-21514, CVE-2026-21510, CVE-2026-21513, CVE-2026-21533 and CVE-2026-21519 are being exploited.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.