Microsoft January 2026 Security Updates

Discussion in 'Software' started by NICK ADSL UK, Jan 13, 2026.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK MajorGeeks Forum Administrator Staff Member

    January 2026 Security Updates

    This release consists of the following 112 Microsoft CVEs:

    Tag CVE Base Score CVSS Vector Exploitability FAQs? Workarounds? Mitigations?
    Windows Deployment Services CVE-2026-0386
    SQL Server CVE-2026-20803
    Windows Hello CVE-2026-20804 7.7
    Desktop Window Manager CVE-2026-20805
    Printer Association Object CVE-2026-20808
    Windows Kernel Memory CVE-2026-20809
    Windows Ancillary Function Driver for WinSock CVE-2026-20810
    Windows Win32K - ICOMP CVE-2026-20811
    Windows LDAP - Lightweight Directory Access Protocol CVE-2026-20812
    Graphics Kernel CVE-2026-20814
    Capability Access Management Service (camsvc) CVE-2026-20815
    Windows Installer CVE-2026-20816
    Windows Error Reporting CVE-2026-20817
    Windows Kernel CVE-2026-20818
    Windows Virtualization-Based Security (VBS) Enclave CVE-2026-20819
    Windows Common Log File System Driver CVE-2026-20820
    Windows Remote Procedure Call CVE-2026-20821
    Microsoft Graphics Component CVE-2026-20822
    Windows File Explorer CVE-2026-20823
    Windows Remote Assistance CVE-2026-20824
    Windows Hyper-V CVE-2026-20825
    Tablet Windows User Interface (TWINUI) Subsystem CVE-2026-20826
    Tablet Windows User Interface (TWINUI) Subsystem CVE-2026-20827
    Windows Internet Connection Sharing (ICS) CVE-2026-20828
    Windows TPM CVE-2026-20829
    Capability Access Management Service (camsvc) CVE-2026-20830
    Windows Ancillary Function Driver for WinSock CVE-2026-20831
    Windows Remote Procedure Call Interface Definition Language (IDL) CVE-2026-20832
    Windows Kerberos CVE-2026-20833
    Windows Shell CVE-2026-20834
    Capability Access Management Service (camsvc) CVE-2026-20835
    Graphics Kernel CVE-2026-20836
    Windows Media CVE-2026-20837
    Windows Kernel CVE-2026-20838 5.5
    Windows Client-Side Caching (CSC) Service CVE-2026-20839
    Windows NTFS CVE-2026-20840
    Windows DWM CVE-2026-20842
    Windows Routing and Remote Access Service (RRAS) CVE-2026-20843
    Windows Clipboard Server CVE-2026-20844
    Windows Shell CVE-2026-20847
    Windows SMB Server CVE-2026-20848
    Windows Kerberos CVE-2026-20849
    Capability Access Management Service (camsvc) CVE-2026-20851
    Windows Hello CVE-2026-20852
    Windows WalletService CVE-2026-20853
    Windows Local Security Authority Subsystem Service (LSASS) CVE-2026-20854
    Windows Server Update Service CVE-2026-20856
    Windows Cloud Files Mini Filter Driver CVE-2026-20857
    Windows Management Services CVE-2026-20858
    Windows Kernel-Mode Drivers CVE-2026-20859
    Windows Ancillary Function Driver for WinSock CVE-2026-20860
    Windows Management Services CVE-2026-20861
    Windows Management Services CVE-2026-20862
    Windows Win32K - ICOMP CVE-2026-20863
    Connected Devices Platform Service (Cdpsvc) CVE-2026-20864
    Windows Management Services CVE-2026-20865
    Windows Management Services CVE-2026-20866
    Windows Management Services CVE-2026-20867
    Windows Routing and Remote Access Service (RRAS) CVE-2026-20868
    Windows Local Session Manager (LSM) CVE-2026-20869
    Windows Win32K - ICOMP CVE-2026-20870
    Desktop Window Manager CVE-2026-20871
    Windows NTLM CVE-2026-20872


    Windows Management Services CVE-2026-20873
    Windows Management Services CVE-2026-20874
    Windows Local Security Authority Subsystem Service (LSASS) CVE-2026-20875
    Windows Virtualization-Based Security (VBS) Enclave CVE-2026-20876
    Windows Management Services CVE-2026-20877
    Windows Management Services CVE-2026-20918
    Windows SMB Server CVE-2026-20919
    Windows Win32K - ICOMP CVE-2026-20920
    Windows SMB Server CVE-2026-20921
    Windows NTFS CVE-2026-20922
    Windows Management Services CVE-2026-20923
    Windows Management Services CVE-2026-20924
    Windows NTLM CVE-2026-20925
    Windows SMB Server CVE-2026-20926
    Windows SMB Server CVE-2026-20927
    Windows HTTP.sys CVE-2026-20929
    Windows Telephony Service CVE-2026-20931
    Windows File Explorer CVE-2026-20932
    Windows SMB Server CVE-2026-20934
    Windows Virtualization-Based Security (VBS) Enclave CVE-2026-20935
    Windows NDIS CVE-2026-20936
    Windows File Explorer CVE-2026-20937
    Windows Virtualization-Based Security (VBS) Enclave CVE-2026-20938
    Windows File Explorer CVE-2026-20939
    Windows Cloud Files Mini Filter Driver CVE-2026-20940
    Host Process for Windows Tasks CVE-2026-20941
    Microsoft Office CVE-2026-20943
    Microsoft Office Word CVE-2026-20944
    Microsoft Office Excel CVE-2026-20946
    Microsoft Office SharePoint CVE-2026-20947
    Microsoft Office Word CVE-2026-20948
    Microsoft Office Excel CVE-2026-20949
    Microsoft Office Excel CVE-2026-20950
    Microsoft Office SharePoint CVE-2026-20951
    Microsoft Office CVE-2026-20952
    Microsoft Office CVE-2026-20953
    Microsoft Office Excel CVE-2026-20955
    Microsoft Office Excel CVE-2026-20956
    Microsoft Office Excel CVE-2026-20957
    Microsoft Office SharePoint CVE-2026-20958
    Microsoft Office SharePoint CVE-2026-20959
    Dynamic Root of Trust for Measurement (DRTM) CVE-2026-20962
    Microsoft Office SharePoint CVE-2026-20963
    Windows Admin Center CVE-2026-20965
    Inbox COM Objects CVE-2026-21219
    Capability Access Management Service (camsvc) CVE-2026-21221
    Azure Connected Machine Agent CVE-2026-21224
    Azure Core shared client library for Python CVE-2026-21226
    Windows Secure Boot CVE-2026-21265

    We are republishing 3 non-Microsoft CVEs:
    CNA Tag CVE FAQs? Workarounds? Mitigations?
    MITRE Corporation Agere Windows Modem Driver CVE-2023-31096
    MITRE Corporation Windows Motorola Soft Modem Driver CVE-2024-55414
    Chrome Microsoft Edge (Chromium-based) CVE-2026-0628

    Security Update Guide Blog Posts
    Date Blog Post
    October 31, 2025 You asked, we delivered: Introducing new features for an improved security experience
    October 28, 2025 Understanding CVE-2025-55315: What CISOs, security engineers, and sysadmins should know
    October 22, 2025 Toward greater transparency: Introducing machine-readable Vulnerability Exploitability Xchange (VEX) for Azure Linux and beyond
    November 12, 2024 Toward greater transparency: Publishing machine-readable CSAF files
    June 27, 2024 Toward greater transparency: Unveiling Cloud Service CVEs
    April 9, 2024 Toward greater transparency: Security Update Guide now shares CWEs for CVEs
    January 6, 2023 Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API
    January 11, 2022 Coming Soon: New Security Update Guide Notification System
    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
    December 8, 2020 Security Update Guide: Let’s keep the conversation going
    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Resources
    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 and Windows 11 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10 and Windows 11, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    Known Issues
    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    5073379 Windows Server 2025
    5073450 Windows Server 23H2
    5073457 Windows Server 2022
    5074109 Windows 11, version 24H2, Windows 11, version 25H2
    Released: Jan 13, 2026

    January 2026 Security Updates - Release Notes - Security Update Guide - Microsoft
     
    NICK ADSL UK, Jan 13, 2026
    #1
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds