Microsoft Resolves 114 Windows Vulnerabilities, Addresses One Ongoing Exploit in January 2026 Patch
In January 2026, Microsoft released its first security update addressing a total of 114 vulnerabilities. Among these, one flaw has been confirmed to be actively exploited in the wild. This update is noteworthy for being the third largest in terms of vulnerabilities resolved during a January Patch Tuesday event, following updates in January 2025 and January 2022.
Security Flaw Breakdown
The security update classifies 8 vulnerabilities as Critical and 106 as Important. Notably, the breakdown of the vulnerabilities is as follows:
- 58 – Privilege escalation
- 22 – Information disclosure
- 21 – Remote code execution
- 5 – Spoofing
Details on Active Exploits
One significant vulnerability, CVE-2026-20805, poses a risk of information disclosure specifically within the Desktop Window Manager (DWM), scored at 5.5 on the CVSS scale. Microsoft cautioned that this vulnerability allows unauthorized disclosure of sensitive information, particularly addresses from remote ALPC ports.
Previous Vulnerabilities and Their Impact
Microsoft had addressed similar concerns before, notably in May 2024, when CVE-2024-30051, a privilege escalation flaw, was exploited by various actors through malware distributions.
This time, experts highlight the DWM’s role in displaying content on Windows systems, which increases the attack surface for possible exploits. Adam Barnett from Rapid7 remarked on DWM’s history of vulnerabilities, indicating its repetition in Patch Tuesday updates.
Security Measures and Recommendations
In light of the active vulnerabilities, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included CVE-2026-20805 in its Known Exploited Vulnerabilities (KEV) catalog. It requires Federal agencies to implement fixes by February 3, 2026.
Another vulnerability, CVE-2026-21265, rated at 6.4, presents risks associated with Secure Boot Certificate Expiration, which could undermine critical security mechanisms protecting against unauthorized firmware loads. Microsoft urges users to update Secure Boot certificates before their expiration in June 2026.
Additional Updates
The latest patch also removes certain outdated drivers, including Agere Soft Modem drivers vulnerable to a previous privilege escalation flaw (CVE-2023-31096). Furthermore, CVE-2026-20876, a critical privilege escalation flaw in Windows Virtualization-Based Security, is under close scrutiny due to its extensive potential impact on the system’s security framework.
Other Vendor Updates
Alongside Microsoft, numerous vendors have also released patches this month addressing a variety of vulnerabilities. These include:
- Adobe
- Amazon Web Services
- Cisco
- Lenovo
- NVIDIA
- Samsung
- Trends across many more organizations and software
Maintaining up-to-date software is crucial to mitigating these security threats effectively.
The post Microsoft Resolves 114 Windows Vulnerabilities, Addresses One Ongoing Exploit in January 2026 Patch appeared first on CDN3 - Filmogaz.
