Microsoft fixed 59 bugs in its software on Tuesday, including six that it claimed had been exploited in the wild This article explores security flaws edge. . Five of the 59 defects are classified as Critical, 52 as Important, and two as Moderately Severe.

Privilege escalation accounts for 25 of the patched vulnerabilities, with remote code execution (12), spoofing (7), information disclosure (6), security feature bypass (5), denial-of-service (3), and cross-site scripting (1) following.

It's important to note that since the January 2026 Patch Tuesday update, Microsoft has fixed three security flaws in its Edge browser, including a Moderate vulnerability affecting the Edge browser for Android (CVE-2026-0391, CVSS score: 6.5) that could enable an unauthorized attacker to perform spoofing over a network by exploiting a "user interface misrepresentation of critical information." Six vulnerabilities that have been identified as actively exploited are at the top of this month's update list: CVE-2026-21510 (CVSS score: 8.8), which is a Windows Shell protection mechanism failure that enables an unauthorized attacker to get around a security feature over a network.

CVE-2026-21513 (CVSS score: 8.8) is a flaw in the MSHTML Framework's protection mechanism that enables an unauthorized attacker to get around a security feature via a network. A threat actor with this degree of access could disable security tools, spread more malware, or, in the worst situations, gain access to credentials or secrets that could result in a complete domain compromise.Due to the development, all six vulnerabilities have been added to the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalog. Federal Civilian Executive Branch (FCEB) agencies are required to implement the fixes by March 3, 2026.

Additionally, Microsoft is releasing updated Secure Boot certificates to replace the 2011 ones, which are set to expire in late June 2026.

Without requiring any extra steps, the new certificates will be installed as part of the routine monthly Windows update process. The tech giant stated that "if a device does not receive the new Secure Boot certificates before the 2011 certificates expire, the PC will continue to function normally and existing software will keep running."