Key Takeaways
1. The January 2026 Patch Tuesday update addressed 114 security issues, including three zero-day vulnerabilities.
2. Eight vulnerabilities are rated as Critical, with many others rated as Important, focusing on elevation-of-privilege and remote-code-execution vulnerabilities.
3. Notable zero-day vulnerabilities include an information disclosure issue in Desktop Window Manager, Secure Boot certificate expirations, and removal of outdated Agere Soft Modem drivers.
4. Windows 11 cumulative updates include KB5074109 and KB5073455, upgrading systems to specific builds while providing quality-of-life improvements.
5. Microsoft reports no widespread issues post-update, with only a minor cosmetic glitch affecting the password visibility icon.
A day after Microsoft’s January Patch Tuesday for 2026, things are looking clearer: the recent Windows updates address 114 security issues, which includes three zero-day vulnerabilities. So far, the update process appears to be going smoothly for most users of Windows 11.
Security Fixes Overview
The January 2026 Patch Tuesday release deals with 114 CVEs across various products like Windows, Office, SQL Server, Azure components, and more. Among these, eight vulnerabilities are rated as Critical, while many others are listed as Important. A significant portion of the issues involves elevation-of-privilege problems in essential Windows services and drivers, along with numerous remote-code-execution vulnerabilities found in Office and SharePoint.
Notable Vulnerabilities
This month, Microsoft has highlighted three zero-day vulnerabilities:
1. An information disclosure issue in Desktop Window Manager (CVE-2026-20805) that can leak sensitive memory data, which could be combined with other bugs to enhance exploit reliability.
2. A problem with Secure Boot certificates, where older UEFI certificates are set to expire in mid-2026; the January updates renew these certificates to ensure ongoing secure booting.
3. Long-standing vulnerabilities in outdated Agere Soft Modem drivers (CVE-2023-31096 and related issues). Microsoft has tackled this by completely removing the affected drivers (agrsm64.sys, agrsm.sys, and others) from supported Windows builds. As a result, hardware still using these old modems will no longer function after the update.
Update Details
For Windows 11, the security updates from Patch Tuesday come in the form of cumulative updates: KB5074109 (for 24H2/25H2) and KB5073455 (for 23H2). After installation, systems will upgrade to Build 26200.7623 for 25H2, 26100.7623 for 24H2, and 226×1.6050 for 23H2.
Apart from security fixes, KB5074109 brings along several quality-of-life improvements for both laptops and desktops.
As of the day following the release, Microsoft reports no widespread issues associated with the January updates. The only known quirk so far is a cosmetic glitch that can conceal the “show password” eye icon next to password fields on certain systems, which makes it trickier to verify what you’ve entered, although it does not prevent logins.
Given that one zero-day is already being exploited and Secure Boot certificates are on a countdown to expiry, the risks associated with skipping this patch cycle are likely higher than the risks of installing it—especially for devices that frequently connect to the internet.
Source:
Link
Leave a Reply