News & Sicurezza

The February 2026 Security Update Review I have survived the biggest Pwn2Own ever, but I’m back in Tokyo for the second Patch Tuesday of 2026. My location never stops Patch Tuesday from coming, so let’s take a look at the latest security pat ... Read more Published Date: Feb 10, 2026 (24 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-23655 CVE-2026-21537 CVE-2026-21533 CVE-2026-21531 CVE-2026-21529 CVE-2026-21528 CVE-2026-21527 CVE-2026-21525 CVE-2026-21523 CVE-2026-21522 CVE-2026-21519 CVE-2026-21518 CVE-2026-21517 CVE-2026-21516 CVE-2026-21514 CVE-2026-21513 CVE-2026-21512 CVE-2026-21511 CVE-2026-21510 CVE-2026-21508 CVE-2026-21261 CVE-2026-21260 CVE-2026-21259 CVE-2026-21258 CVE-2026-21257 CVE-2026-21256 CVE-2026-21255 CVE-2026-21253 CVE-2026-21251 CVE-2026-21250 CVE-2026-21249 CVE-2026-21248 CVE-2026-21247 CVE-2026-21246 CVE-2026-21245 CVE-2026-21244 CVE-2026-21243 CVE-2026-21242 CVE-2026-21241 CVE-2026-21240 CVE-2026-21239 CVE-2026-21238 CVE-2026-21237 CVE-2026-21236 CVE-2026-21235 CVE-2026-21234 CVE-2026-21232 CVE-2026-21231 CVE-2026-21229 CVE-2026-21228 CVE-2026-21222 CVE-2026-21218 CVE-2026-20846 CVE-2026-20841 CVE-2026-24302 CVE-2026-24300 CVE-2026-21532 CVE-2026-0391 CVE-2026-1862 CVE-2026-1861 CVE-2023-2804

Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network.

Deserialization of untrusted data in Microsoft Office Outlook allows an unauthorized attacker to perform spoofing over a network.

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

Improper authentication in Windows Storage allows an authorized attacker to elevate privileges locally.

InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.