top of page
Search

Microsoft Patch Tuesday for January 2026 — Snort rules and prominent vulnerabilities

  • Jan 14
  • 2 min read

Key Findings


  • Microsoft released its January 2026 security update, addressing 112 vulnerabilities, including 8 critical flaws

  • One of the "important" vulnerabilities, CVE-2026-20805, is being exploited in the wild

  • 6 out of the 8 critical vulnerabilities are remote code execution (RCE) affecting Windows services and Microsoft Office

  • The remaining 2 critical vulnerabilities are elevation of privilege (EoP) affecting Windows Graphic Component and Windows Virtualization-Based Security (VBS) Enclave


Background


Microsoft's January 2026 Patch Tuesday release addresses a wide range of security issues across its product portfolio. The update includes a total of 112 vulnerabilities, with 8 marked as "critical" by the tech giant.


Critical Vulnerabilities


CVE-2026-20822 - Windows Graphic Component EoP


  • A use-after-free (UAF) vulnerability that could enable an attacker to obtain SYSTEM privileges

  • Issued a CVSS 3.1 base score of 7.8, exploitation is considered "less likely"

  • Not publicly disclosed


CVE-2026-20854 - Windows LSASS RCE


  • A vulnerability that could allow an authorized attacker to execute code on affected systems over a network

  • Issued a CVSS 3.1 base score of 7.5, Microsoft considers exploitation "less likely"

  • Not publicly disclosed


CVE-2026-20876 - Windows VBS Enclave EoP


  • A heap-based buffer overflow vulnerability that could grant an attacker VTL2 privileges

  • Issued a CVSS 3.1 base score of 6.7, assessed by Microsoft to be "less likely" to be exploited

  • Not publicly disclosed


CVE-2026-20944 - Microsoft Word RCE


  • An out-of-bounds read vulnerability that could enable arbitrary code execution

  • Issued a CVSS 3.1 base score of 7.8, Microsoft considers exploitation "less likely"

  • Not publicly disclosed


CVE-2026-20952 and CVE-2026-20953 - Microsoft Office RCE


  • User-after-free vulnerabilities that could allow unauthorized code execution

  • Both issued a CVSS 3.1 base score of 8.4, assessed by Microsoft as "less likely" to be exploited

  • Neither vulnerability was publicly disclosed


CVE-2026-20955 and CVE-2026-20957 - Microsoft Excel RCE


  • Untrusted pointer reference and integer underflow vulnerabilities respectively

  • Both issued a CVSS 3.1 base score of 7.8, considered "less likely" to be exploited by Microsoft

  • Neither vulnerability was publicly disclosed


Notable "Important" Vulnerability


CVE-2026-20805 - Desktop Window Manager Information Disclosure


  • An unauthenticated information disclosure vulnerability being exploited in the wild

  • Issued a CVSS 3.1 base score of 5.5


Sources


  • https://blog.talosintelligence.com/microsoft-patch-tuesday-january-2026/

  • https://securityonline.info/patch-tuesday-jan-2026-microsoft-fixes-114-flaws-3-zero-days/

  • https://www.reddit.com/r/SecOpsDaily/comments/1qc01ft/microsoft_patch_tuesday_for_january_2026_snort/

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page