Microsoft Patch Tuesday security updates for January 2026 fixed actively exploited zero-day
Microsoft Patch Tuesday addressed 112 security flaws across Windows, Office, Azure, Edge, and more, including eight critical vulnerabilities, kicking off the new year with a major patch update. Microsoft Patch Tuesday security updates for January 2026 release 112 CVEs affecting Windows, Office, Azure, Edge, SharePoint, SQL Server, SMB, and Windows management services. Including third-party Chromium […]
Microsoft Patch Tuesday security updates for January 2026 release 112 CVEs affecting Windows, Office, Azure, Edge, SharePoint, SQL Server, SMB, and Windows management services. Including third-party Chromium fixes, the total rises to 114 vulnerabilities. Eight flaws are rated Critical, while the rest are Important. Large January releases are common, as vendors often delay patches during the holidays to avoid disruptions.
One of these flaws, tracked as CVE-2026-20805 (CVSS score of 5.5), is actively exploited in attacks in the wild, while two others are labeled as publicly known at release. CVE-2026-20805 is a Windows Desktop Window Manager flaw that lets attackers leak small pieces of memory information. While it does not directly run malicious code, the leaked data can help attackers bypass security protections and make more serious exploits work.
Related breach coverage
- Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days2026-02-10
Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for February 2026 fix 58 new security flaws across Windows, Office, Azure, Edge, Exchange, Hyper-V, WSL, and other components, rising to 62 CVEs when third-party updates are included. Five vulnerabilities are Critical, two Moderate, and most […]
- Microsoft Patch Tuesday security updates for December 2025 fixed an actively exploited zero-day2025-12-10
Microsoft Patch Tuesday security updates for December 2025 address 57 vulnerabilities, including three critical flaws. Microsoft Patch Tuesday security updates for December 2025 addressed 57 vulnerabilities in Windows and Windows components, Office and Office Components, Microsoft Edge (Chromium-based), Exchange Server, Azure, Copilot, PowerShell, and Windows Defender. Three vulnerabilities are rated Critical, while the rest are […]
- Microsoft Patch Tuesday security updates for November 2025 fixed an actively exploited Windows Kernel bug2025-11-12
Microsoft fixed over 60 flaws, including an actively exploited Windows kernel zero-day, in its latest Patch Tuesday updates. Microsoft’s Patch Tuesday security updates for November 2025 addressed 63 vulnerabilities impacting Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure Monitor Agent, Dynamics 365, Hyper-V, SQL Server, and the Windows Subsystem for Linux […]
- Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs2026-03-10
Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities in its products. None of the flaws are known to be exploited so far. Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities across its products. The IT giant addressed flaws across Windows, Office, Edge, Azure, SQL Server, Hyper-V, and ReFS. Including […]