The Hacker News

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.
Windows Report

CISA Orders Urgent Patch for Actively Exploited Windows Shell Vulnerability

CISA orders urgent patching of a Windows Shell flaw actively exploited in zero-click attacks. Federal agencies must update by ...

Incomplete fix for Fancy Bear exploit opens zero-click hole in Windows

Microsoft's partial patching in February 2026 of a zero-day vulnerability abused by Russian state-sponsored threat group ...

Windows Shell vulnerability is being attacked

In February, Microsoft closed a Windows Shell vulnerability, but incompletely. Attacks have now been discovered. A patch ...
SecurityWeek

Incomplete Windows Patch Opens Door to Zero-Click Attacks

Incomplete patch for a Windows SmartScreen and Windows Shell security prompts bypass created a new bug enabling zero-click ...
PCQuest on MSN

Microsoft warns Windows Shell flaw is being exploited to expose credentials

Microsoft has confirmed that CVE-2026-32202, a Windows Shell spoofing vulnerability, is being actively exploited and has therefore become a greater alert to enterprise defenders about this ...
Neowin

Microsoft releases fourth preview of AI Shell with Mac improvements

Microsoft has just released the fourth preview of its AI Shell tool with several notable improvements. The big changes in this update include macOS support improvements, support for Microsoft Entra ID ...
Bleeping Computer

Microsoft February 2026 Patch Tuesday fixes 6 zero-days, 58 flaws

Today is Microsoft's February 2026 Patch Tuesday with security updates for 58 flaws, including 6 actively exploited and three publicly disclosed zero-day vulnerabilities. This Patch Tuesday also ...