**Microsoft Patch Tuesday Security Updates for January 2026 Fixed Actively Exploited Zero-Day**
The new year has kicked off with a major patch update from Microsoft, addressing 112 security flaws across Windows, Office, Azure, Edge, and more. Among these vulnerabilities are eight critical ones that pose significant risks to users.
Microsoft's Patch Tuesday security updates for January 2026 have released a total of 114 CVEs (Common Vulnerabilities and Exposures) affecting various Microsoft products and services. This includes third-party Chromium fixes, which add to the overall count. The eight critical vulnerabilities are rated as such due to their potential impact on users' systems.
One of these flaws, tracked as CVE-2026-20805 (CVSS score of 5.5), is actively exploited in attacks in the wild. This vulnerability is a Windows Desktop Window Manager flaw that allows attackers to leak small pieces of memory information. While it does not directly run malicious code, the leaked data can help attackers bypass security protections and make more serious exploits work.
According to Microsoft's advisory, CVE-2026-20805 "allows an authorized attacker to disclose information locally." The type of information that could be disclosed if an attacker successfully exploited this vulnerability is a section address from a remote ALPC port, which is user-mode memory.
This weakness highlights how even limited information leaks can play a key role in full system compromise. Microsoft has not shared any details about the attacks exploiting this vulnerability. The following vulnerabilities are labeled as publicly known at release:
- CVE-2026-20810: Windows SMBv3
- CVE-2026-20815: Windows Server Message Block (SMB) client
The full list of CVEs addressed by Microsoft Patch Tuesday security updates for January 2026 is available on the Microsoft website. It is essential to note that large patch releases are common, especially in January, as vendors often delay patches during the holidays to avoid disruptions.
Microsoft's efforts to address these vulnerabilities demonstrate their commitment to ensuring user security and protecting against potential threats. As always, it is crucial for users to stay up-to-date with the latest patch updates and take necessary precautions to protect themselves from potential exploits.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon for the latest security news and updates.