Summary: CISA has added several Windows zero-days to the Known Exploited Vulnerabilities (KEV) catalog, including a critical Windows Shell bypass (CVE-2026-21510) and an MSHTML engine flaw (CVE-2026-21513). Attackers are using these to remotely install malware via “one-click” links, effectively bypassing the SmartScreen security feature.
Business Impact: High endpoint vulnerability. These flaws bypass the built-in “defense-in-depth” layers that users have come to rely on. Because details are now public, the volume of automated attacks is expected to spike over the weekend.
Why It Happened: These vulnerabilities reside in legacy components (MSHTML) and core UI shells that remain for backward compatibility, proving that “Tech Debt” is the primary gateway for modern state-sponsored hacking.
Recommended Executive Action: Follow the CISA mandate to apply patches by March 3, 2026, but aim for a **48-hour internal target**. Audit all browser usage and ensure SmartScreen is supplemented with external endpoint detection and response (EDR) tools.
Hashtags: #CISA #KEV #WindowsShell #ZeroDay #Infosec #SmartScreenBypass