SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Wednesday, February 11th, 2026: Microsoft Patch Tuesday; Secure Boot Updates; Fake 7-Zip; FortiSlob
7 snips
Feb 11, 2026 A rundown of February Patch Tuesday and the dozens of fixes Microsoft released. Discussion of warning-bypass bugs affecting Windows Shell, Word, and MSHTML. Explanation of Secure Boot root certificate updates for older PCs. Warning about trojanized 7-Zip downloads that turn home machines into proxies. Notes on recent Fortinet sandbox and LDAP authentication vulnerabilities.
AI Snips
Chapters
Transcript
Episode notes
Patch Tuesday: Exploited Bypass Bugs
- Microsoft patched 59 vulnerabilities in February 2026, including six that were actively exploited before the update.
- Three related bugs bypassed download/execution warnings across Windows Shell, Word, and MSHTML, increasing attack ease.
Update Windows Defender On Linux
- If you run Windows Defender on Linux, update it immediately because the patched bug can allow remote code execution.
- Prioritize this update since security software inspects untrusted inputs and is high-risk when flawed.
Ensure Secure Boot Updates Apply
- Ensure your Windows systems receive monthly updates so Secure Boot certificates get installed automatically.
- If you miss them, avoid changing the boot system until you manually refresh the certificates to prevent being stuck.