The monthly security update for Windows 11 includes a patch for Remote Desktop Services. The vulnerability is being actively exploited and can also affect Windows Server.
Microsoft rolled out a new Patch Tuesday update on February 10 with security patches for supported Windows versions, and you’d better install it quickly. A vulnerability in Windows Remote Desktop Services is being actively exploited by hackers and can grant elevated system-level access. The CVSS score of 7.8 indicates a high level of risk.
Crowdstrike discovered the vulnerability (CVE-2026-21533) in Remote Desktop. The vulnerability is the result of a flaw in the processing of user privileges and can grant new users admin privileges with full system access. According to Crowdstrike, exploiting the bug requires little to no effort from hackers or interaction from users.
Patch available
The vulnerability affects various Windows versions, from Windows 10 to Windows 11 and several Windows Server configurations. Microsoft provides an overview of affected Windows versions:
- Windows Server 2025
- Windows 11 24H2 (x64/ARM64)
- Windows Server 2022
- Windows 11 23H2 (x64/ARM64)
- Windows Server 2019
- Windows 10 22H2
- Windows Server 2016
- Windows Server 2012 R2
A patch has been available since Tuesday for all versions still supported by Microsoft. It fixes five other zero-days and 55 Windows vulnerabilities in total. As always, it is recommended to apply these as soon as possible. If that is not possible for some reason, there are several preventive mitigation measures you can take to limit the risk.
Disable Remote Desktop if you are not using it, or restrict access to trusted networks with limited permissions. Stay alert and check for changes in settings. Finally, it doesn’t hurt to run Remote Desktop patches in a controlled environment first. It wouldn’t be the first time something goes wrong with a Windows update.