Breaking
Pluralistic: Ada Palmer’s “Inventing the Renaissance” (25 Apr 2026)
This Week’s Awesome Tech Stories From Around the Web (Through April 25)
AI + Seismic Data: The Secret Behind Faster Oil Discovery
How AI and Smart Automation Are Revolutionising Bottle Filling Machines in Modern Manufacturing
AI Is Reshaping How Additive Manufacturing Fits Into Production
AI + Seismic Data: The Secret Behind Faster Oil Discovery
How AI and Smart Automation Are Revolutionising Bottle Filling Machines in Modern Manufacturing
AI Is Reshaping How Additive Manufacturing Fits Into Production
The AI Toolstack for Running a Video Production Company
The AI Toolstack for Running a Video Production Company
26 Apr 2026, Sun
Launch Your Site in 5 Minutes
Cyber Security News

Microsoft Patch Tuesday January 2026 – 114 Vulnerabilities Fixed Including 3 Zero-days

By rssfeeds-admin No Comments
Microsoft’s January 2026 updates fix 114 vulnerabilities, with several remote code execution bugs rated critical across Office applications and Windows services such as LSASS.

This Patch Tuesday addresses critical remote code execution flaws and numerous elevation of privilege issues that could enable attackers to compromise systems.

Vulnerability TypeCount
Remote Code Execution22
Denial of Service2
Elevation of Privilege57
Information Disclosure22
Security Feature Bypass3
Spoofing5
Tampering3
Total114

The release includes 12 critical CVEs and over 90 important CVEs, primarily elevation-of-privilege flaws in kernel drivers and management services.

Zero-Day Vulnerabilities

CVE-2026-20805 involves Desktop Windows Manager flaws exposing information, rated high by researchers. CVE-2026-21265 targets digital media handling for privilege gains, common in chained attacks. CVE-2023-31096 appears as a backported or related fix in the cumulative updates.

CVE IDComponentTypeSeverityKey Notes
CVE-2026-20805Desktop Windows ManagerInformation DisclosureImportant (High per Check Point)Allows unauthorized access to sensitive data; patched January 13, 2026 ​
CVE-2026-21265Windows Digital MediaElevation of PrivilegeNot specifiedEnables local privilege escalation ​
CVE-2023-31096Unknown (legacy)Zero-day (contextual)Not specifiedIncluded in January 2026 updates despite earlier assignment 

Critical Vulnerabilities

Several critical remote code execution vulnerabilities stand out, including CVE-2026-20854 in Windows LSASS, stemming from a use-after-free error exploitable over networks.

The Office suite faces multiple threats: CVE-2026-20944 (Word out-of-bounds read), CVE-2026-20953 and CVE-2026-20952 (use-after-free), and CVE-2026-20955 and CVE-2026-20957 (Excel pointer issues and integer underflow).

Additional critical elevation-of-privilege bugs affect the Graphics Component (CVE-2026-20822) and the VBS Enclave (CVE-2026-20876), both of which exhibit use-after-free vulnerabilities locally.​

CVE IDAffected ComponentDescription SummarySeverity
CVE-2026-20854Windows LSASSUse-after-free RCECritical 
CVE-2026-20944Microsoft WordOut-of-bounds read RCECritical 
CVE-2026-20953Microsoft OfficeUse-after-free RCECritical 

Windows components dominate the most critical-rated issues, with over 30 elevation-of-privilege flaws in services such as Management Services, SMB Server, and Win32k, often via race conditions or use-after-free. Information disclosure bugs in File Explorer and VBS round out notable risks.

Deploy updates starting with internet-facing systems like WSUS (CVE-2026-20856) and SMB servers, then Office endpoints. Test in staging environments due to potential regressions in drivers like Cloud Files Mini Filter. Enable automatic updates for consumer devices and monitor CISA KEV for any rapid additions, as zero-days heighten urgency.

Microsoft Patch Tuesday Vulnerabilities Table

CVE NumberCVE TitleImpact
CVE-2026-20822Windows Graphics Component Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20876Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20944Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20953Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20955Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20854Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20952Microsoft Office Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20957Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20962Dynamic Root of Trust for Measurement (DRTM) Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-21265Secure Boot Certificate Expiration Security Feature Bypass VulnerabilitySecurity Feature Bypass
CVE-2026-0386Windows Deployment Services Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20803Microsoft SQL Server Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20965Windows Admin Center Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20804Windows Hello Tampering VulnerabilityTampering
CVE-2026-20805Desktop Window Manager Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20808Windows File Explorer Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20809Windows Kernel Memory Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20810Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20811Win32k Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20812LDAP Tampering VulnerabilityTampering
CVE-2026-20814DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20815Capability Access Management Service (camsvc) Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20816Windows Installer Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20817Windows Error Reporting Service Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20818Windows Kernel Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20819Windows Virtualization-Based Security (VBS) Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20820Windows Common Log File System Driver Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20821Remote Procedure Call Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20823Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20824Windows Remote Assistance Security Feature Bypass VulnerabilitySecurity Feature Bypass
CVE-2026-20825Windows Hyper-V Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20826Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure VulnerabilityElevation of Privilege
CVE-2026-20827Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20828Windows rndismp6.sys Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20829TPM Trustlet Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20831Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20832Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20833Windows Kerberos Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20834Windows Spoofing VulnerabilitySpoofing
CVE-2026-20835Capability Access Management Service (camsvc) Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20836DirectX Graphics Kernel Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20837Windows Media Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20838Windows Kernel Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20839Windows Client-Side Caching (CSC) Service Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20840Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20842Microsoft DWM Core Library Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20844Windows Clipboard Server Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2023-31096MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20847Microsoft Windows File Explorer Spoofing VulnerabilitySpoofing
CVE-2026-20851Capability Access Management Service (camsvc) Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20852Windows Hello Tampering VulnerabilityTampering
CVE-2026-20856Windows Server Update Service (WSUS) Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20857Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20858Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20859Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20860Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20864Windows Connected Devices Platform Service Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20865Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20869Windows Local Session Manager (LSM) Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20875Windows Local Security Authority Subsystem Service (LSASS) Denial of Service VulnerabilityDenial of Service
CVE-2026-20877Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20918Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20919Windows SMB Server Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20920Win32k Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20921Windows SMB Server Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20922Windows NTFS Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20923Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20924Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20925NTLM Hash Disclosure Spoofing VulnerabilitySpoofing
CVE-2026-20926Windows SMB Server Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20927Windows SMB Server Denial of Service VulnerabilityDenial of Service
CVE-2026-20932Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20934Windows SMB Server Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20938Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20940Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20943Microsoft Office Click-To-Run Elevation of Privilege VulnerabilityRemote Code Execution
CVE-2026-20946Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20951Microsoft SharePoint Server Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20956Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20959Microsoft SharePoint Server Spoofing VulnerabilitySpoofing
CVE-2026-20963Microsoft SharePoint Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20830Capability Access Management Service (camsvc) Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-21221Capability Access Management Service (camsvc) Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-21224Azure Connected Machine Agent Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20947Microsoft SharePoint Server Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20843Windows Routing and Remote Access Service (RRAS) Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20848Windows SMB Server Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20849Windows Kerberos Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20853Windows WalletService Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-21219Inbox COM Objects (Global Memory) Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20861Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20862Windows Management Services Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20863Win32k Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20866Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20867Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20868Windows Routing and Remote Access Service (RRAS) Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20870Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20871Desktop Windows Manager Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20872NTLM Hash Disclosure Spoofing VulnerabilitySpoofing
CVE-2026-20873Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20874Windows Management Services Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2024-55414Windows Motorola Soft Modem Driver Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20929Windows HTTP.sys Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20931Windows Telephony Service Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-20935Windows Virtualization-Based Security (VBS) Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20936Windows NDIS Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20937Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20939Windows File Explorer Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20948Microsoft Word Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20949Microsoft Excel Security Feature Bypass VulnerabilitySecurity Feature Bypass
CVE-2026-20950Microsoft Excel Remote Code Execution VulnerabilityRemote Code Execution
CVE-2026-20958Microsoft SharePoint Information Disclosure VulnerabilityInformation Disclosure
CVE-2026-20941Host Process for Windows Tasks Elevation of Privilege VulnerabilityElevation of Privilege
CVE-2026-21226Azure Core shared client library for Python Remote Code Execution VulnerabilityRemote Code Execution

Other Patch Tuesday Updates

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Microsoft Patch Tuesday January 2026 – 114 Vulnerabilities Fixed Including 3 Zero-days appeared first on Cyber Security News.

Discover more from RSS Feeds Cloud

Subscribe to get the latest posts sent to your email.

By rssfeeds-admin

Related Posts

Cyber Security News

73 Open VSX Sleeper Extensions Linked to GlassWorm Activate New Malware Campaign

rssfeeds-admin
Cyber Security News

73 Open VSX Sleeper Extensions Linked to GlassWorm Activate New Malware Campaign

rssfeeds-admin
Cyber Security News

Litecoin Zero-Day Vulnerability Exploited in DoS Attack, Disrupts Major Mining Pools

rssfeeds-admin

You Missed

Pluralistic

Pluralistic: Ada Palmer’s “Inventing the Renaissance” (25 Apr 2026)

Singularity Hub

This Week’s Awesome Tech Stories From Around the Web (Through April 25)

AI Tech

AI + Seismic Data: The Secret Behind Faster Oil Discovery

AI Tech

How AI and Smart Automation Are Revolutionising Bottle Filling Machines in Modern Manufacturing

Discover more from RSS Feeds Cloud

Subscribe now to keep reading and get access to the full archive.

Continue reading