Microsoft January 2026 Patch Tuesday Fixes 114 Flaws, Including 3 Zero-Days

   January 14, 2026  Posted in GBHackers

Microsoft January 2026 Patch Tuesday Fixes 114 Flaws, Including 3 Zero-Days

CVE-2026-20822 Windows Graphics Component Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20876 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20944 Microsoft Word Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20953 Microsoft Office Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20955 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20854 Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20952 Microsoft Office Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20957 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20962 Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability Information Disclosure CVE-2026-21265 Secure Boot Certificate Expiration Security Feature Bypass Vulnerability Security Feature Bypass CVE-2026-0386 Windows Deployment Services Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20803 Microsoft SQL Server Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20965 Windows Admin Center Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20804 Windows Hello Tampering Vulnerability Tampering CVE-2026-20805 Desktop Window Manager Information Disclosure Vulnerability Information Disclosure CVE-2026-20808 Windows File Explorer Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20809 Windows Kernel Memory Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20810 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20811 Win32k Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20812 LDAP Tampering Vulnerability Tampering CVE-2026-20814 DirectX Graphics Kernel Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20815 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20816 Windows Installer Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20817 Windows Error Reporting Service Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20818 Windows Kernel Information Disclosure Vulnerability Information Disclosure CVE-2026-20819 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability Information Disclosure CVE-2026-20820 Windows Common Log File System Driver Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20821 Remote Procedure Call Information Disclosure Vulnerability Information Disclosure CVE-2026-20823 Windows File Explorer Information Disclosure Vulnerability Information Disclosure CVE-2026-20824 Windows Remote Assistance Security Feature Bypass Vulnerability Security Feature Bypass CVE-2026-20825 Windows Hyper-V Information Disclosure Vulnerability Information Disclosure CVE-2026-20826 Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability Elevation of Privilege CVE-2026-20827 Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability Information Disclosure CVE-2026-20828 Windows rndismp6.sys Information Disclosure Vulnerability Information Disclosure CVE-2026-20829 TPM Trustlet Information Disclosure Vulnerability Information Disclosure CVE-2026-20831 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20832 Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20833 Windows Kerberos Information Disclosure Vulnerability Information Disclosure CVE-2026-20834 Windows Spoofing Vulnerability Spoofing CVE-2026-20835 Capability Access Management Service (camsvc) Information Disclosure Vulnerability Information Disclosure CVE-2026-20836 DirectX Graphics Kernel Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20837 Windows Media Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20838 Windows Kernel Information Disclosure Vulnerability Information Disclosure CVE-2026-20839 Windows Client-Side Caching (CSC) Service Information Disclosure Vulnerability Information Disclosure CVE-2026-20840 Windows NTFS Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20842 Microsoft DWM Core Library Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20844 Windows Clipboard Server Elevation of Privilege Vulnerability Elevation of Privilege CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20847 Microsoft Windows File Explorer Spoofing Vulnerability Spoofing CVE-2026-20851 Capability Access Management Service (camsvc) Information Disclosure Vulnerability Information Disclosure CVE-2026-20852 Windows Hello Tampering Vulnerability Tampering CVE-2026-20856 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20857 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20858 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20859 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20860 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20864 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20865 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20869 Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20875 Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability Denial of Service CVE-2026-20877 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20918 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20919 Windows SMB Server Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20920 Win32k Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20921 Windows SMB Server Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20922 Windows NTFS Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20923 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20924 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20925 NTLM Hash Disclosure Spoofing Vulnerability Spoofing CVE-2026-20926 Windows SMB Server Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20927 Windows SMB Server Denial of Service Vulnerability Denial of Service CVE-2026-20932 Windows File Explorer Information Disclosure Vulnerability Information Disclosure CVE-2026-20934 Windows SMB Server Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20938 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20940 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20943 Microsoft Office Click-To-Run Elevation of Privilege Vulnerability Remote Code Execution CVE-2026-20946 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20951 Microsoft SharePoint Server Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20956 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20959 Microsoft SharePoint Server Spoofing Vulnerability Spoofing CVE-2026-20963 Microsoft SharePoint Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20830 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-21221 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-21224 Azure Connected Machine Agent Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20947 Microsoft SharePoint Server Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20843 Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20848 Windows SMB Server Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20849 Windows Kerberos Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20853 Windows WalletService Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-21219 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20861 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20862 Windows Management Services Information Disclosure Vulnerability Information Disclosure CVE-2026-20863 Win32k Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20866 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20867 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20868 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20870 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20871 Desktop Windows Manager Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20872 NTLM Hash Disclosure Spoofing Vulnerability Spoofing CVE-2026-20873 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20874 Windows Management Services Elevation of Privilege Vulnerability Elevation of Privilege CVE-2024-55414 Windows Motorola Soft Modem Driver Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20929 Windows HTTP.sys Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20931 Windows Telephony Service Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-20935 Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability Information Disclosure CVE-2026-20936 Windows NDIS Information Disclosure Vulnerability Information Disclosure CVE-2026-20937 Windows File Explorer Information Disclosure Vulnerability Information Disclosure CVE-2026-20939 Windows File Explorer Information Disclosure Vulnerability Information Disclosure CVE-2026-20948 Microsoft Word Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20949 Microsoft Excel Security Feature Bypass Vulnerability Security Feature Bypass CVE-2026-20950 Microsoft Excel Remote Code Execution Vulnerability Remote Code Execution CVE-2026-20958 Microsoft SharePoint Information Disclosure Vulnerability Information Disclosure CVE-2026-20941 Host Process for Windows Tasks Elevation of Privilege Vulnerability Elevation of Privilege CVE-2026-21226 Azure Core shared client library for Python Remote Code Execution Vulnerability Remote Code Execution



Source link