top of page
Search

Microsoft Patch Tuesday for January 2026 — Snort rules and prominent vulnerabilities

  • Jan 14
  • 2 min read

Key Findings


  • Microsoft released its January 2026 security update, addressing 112 vulnerabilities, including 8 critical flaws

  • One of the "important" vulnerabilities, CVE-2026-20805, is being exploited in the wild

  • 6 out of the 8 critical vulnerabilities are remote code execution (RCE) affecting Windows services and Microsoft Office

  • The remaining 2 critical vulnerabilities are elevation of privilege (EoP) affecting Windows Graphic Component and Windows Virtualization-Based Security (VBS) Enclave


Background


Microsoft's January 2026 Patch Tuesday release addresses a wide range of security issues across its product portfolio. The update includes a total of 112 vulnerabilities, with 8 marked as "critical" by the tech giant.


Critical Vulnerabilities


CVE-2026-20822 - Windows Graphic Component EoP


  • A use-after-free (UAF) vulnerability that could enable an attacker to obtain SYSTEM privileges

  • Issued a CVSS 3.1 base score of 7.8, exploitation is considered "less likely"

  • Not publicly disclosed


CVE-2026-20854 - Windows LSASS RCE


  • A vulnerability that could allow an authorized attacker to execute code on affected systems over a network

  • Issued a CVSS 3.1 base score of 7.5, Microsoft considers exploitation "less likely"

  • Not publicly disclosed


CVE-2026-20876 - Windows VBS Enclave EoP


  • A heap-based buffer overflow vulnerability that could grant an attacker VTL2 privileges

  • Issued a CVSS 3.1 base score of 6.7, assessed by Microsoft to be "less likely" to be exploited

  • Not publicly disclosed


CVE-2026-20944 - Microsoft Word RCE


  • An out-of-bounds read vulnerability that could enable arbitrary code execution

  • Issued a CVSS 3.1 base score of 7.8, Microsoft considers exploitation "less likely"

  • Not publicly disclosed


CVE-2026-20952 and CVE-2026-20953 - Microsoft Office RCE


  • User-after-free vulnerabilities that could allow unauthorized code execution

  • Both issued a CVSS 3.1 base score of 8.4, assessed by Microsoft as "less likely" to be exploited

  • Neither vulnerability was publicly disclosed


CVE-2026-20955 and CVE-2026-20957 - Microsoft Excel RCE


  • Untrusted pointer reference and integer underflow vulnerabilities respectively

  • Both issued a CVSS 3.1 base score of 7.8, considered "less likely" to be exploited by Microsoft

  • Neither vulnerability was publicly disclosed


Notable "Important" Vulnerability


CVE-2026-20805 - Desktop Window Manager Information Disclosure


  • An unauthenticated information disclosure vulnerability being exploited in the wild

  • Issued a CVSS 3.1 base score of 5.5


Sources


  • https://blog.talosintelligence.com/microsoft-patch-tuesday-january-2026/

  • https://securityonline.info/patch-tuesday-jan-2026-microsoft-fixes-114-flaws-3-zero-days/

  • https://www.reddit.com/r/SecOpsDaily/comments/1qc01ft/microsoft_patch_tuesday_for_january_2026_snort/

Recent Posts

See All

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page