Microsoft January 2026 Patch Tuesday: 114 flaws addressed, including actively exploited 0-day

Microsoft has released its January 2026 Patch Tuesday updates, addressing a total of 114 vulnerabilities. Among these are one actively exploited zero-day and two publicly disclosed zero-day vulnerabilities, alongside eight critical flaws, six of which are remote code execution vulnerabilities, according to a report published by Bleeping Computer.

The January updates include 57 elevation of privilege flaws, 22 remote code execution flaws, and 22 information disclosure flaws. The actively exploited zero-day, CVE-2026-20805, is an information disclosure vulnerability in the Desktop Window Manager that allows local attackers to read memory addresses. The two publicly disclosed zero-days are CVE-2026-21265, a Secure Boot certificate expiration security feature bypass vulnerability, and CVE-2023-31096, an elevation of privilege vulnerability in the Windows Agere Soft Modem driver, which has now been removed. Other vendors like Adobe, Cisco, and Fortinet also released security updates this month.

The patching of an actively exploited zero-day highlights the ongoing threat landscape and the critical importance of timely security updates. The inclusion of vulnerabilities in third-party drivers also underscores the need for comprehensive supply chain security management and vigilance against potential privilege escalation attacks.

Source: Bleeping Computer