<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>KB5074109 &#8211; Grams IT &#8211; Blog</title>
	<atom:link href="https://blog.grams-it.com/tag/kb5074109/feed/" rel="self" type="application/rss+xml" />
	<link>https://blog.grams-it.com</link>
	<description></description>
	<lastBuildDate>Wed, 21 Jan 2026 18:35:04 +0000</lastBuildDate>
	<language>de</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	
	<item>
		<title>Microsoft: Neues Jahr und immer noch miserable Patch-Qualität!</title>
		<link>https://blog.grams-it.com/2026/01/21/microsoft-neues-jahr-und-immer-noch-miserable-patch-qualitaet/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Wed, 21 Jan 2026 18:29:46 +0000</pubDate>
				<category><![CDATA[Betriebssystem]]></category>
		<category><![CDATA[IT]]></category>
		<category><![CDATA[Microsoft]]></category>
		<category><![CDATA[Microsoft Windows]]></category>
		<category><![CDATA[Patch]]></category>
		<category><![CDATA[Business-Kontinuität]]></category>
		<category><![CDATA[IT-Administration]]></category>
		<category><![CDATA[IT-Security]]></category>
		<category><![CDATA[IT-Sicherheit Risiko]]></category>
		<category><![CDATA[KB5074109]]></category>
		<category><![CDATA[KB5074109 Fehler]]></category>
		<category><![CDATA[Microsoft Qualitätsmanagement]]></category>
		<category><![CDATA[Patch Management]]></category>
		<category><![CDATA[Patch Tuesday 2026]]></category>
		<category><![CDATA[Update-Fehler]]></category>
		<category><![CDATA[Windows 11]]></category>
		<category><![CDATA[Windows 11 Update Probleme]]></category>
		<category><![CDATA[Windows Wartung Business]]></category>
		<guid isPermaLink="false">https://blog.grams-it.com/?p=873</guid>

					<description><![CDATA[<p><img width="400" height="400" src="https://blog.grams-it.com/wp-content/uploads/2025/03/Microsoft.png" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="Microsoft" decoding="async" fetchpriority="high" srcset="https://blog.grams-it.com/wp-content/uploads/2025/03/Microsoft.png 400w, https://blog.grams-it.com/wp-content/uploads/2025/03/Microsoft-300x300.png 300w, https://blog.grams-it.com/wp-content/uploads/2025/03/Microsoft-150x150.png 150w" sizes="(max-width: 400px) 100vw, 400px" /></p>Eigentlich hatte ich gehofft, dass Microsoft aus den über 20 massiven Update-Problemen des turbulenten Jahres 2025 gelernt hätte. Doch kaum hat das Jahr 2026 begonnen, wiederholt sich das frustrierende Muster für Administratoren und Nutzer weltweit. Das erste obligatorische Update des Jahres, bekannt unter der Kennung KB5074109, sorgt bereits in den ersten Wochen für instabile Systeme [&#8230;]]]></description>
										<content:encoded><![CDATA[<p><img width="400" height="400" src="https://blog.grams-it.com/wp-content/uploads/2025/03/Microsoft.png" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="Microsoft" decoding="async" srcset="https://blog.grams-it.com/wp-content/uploads/2025/03/Microsoft.png 400w, https://blog.grams-it.com/wp-content/uploads/2025/03/Microsoft-300x300.png 300w, https://blog.grams-it.com/wp-content/uploads/2025/03/Microsoft-150x150.png 150w" sizes="(max-width: 400px) 100vw, 400px" /></p>
<p class="wp-block-paragraph">Eigentlich hatte ich gehofft, dass <strong>Microsoft</strong> aus den über 20 massiven Update-Problemen des turbulenten Jahres 2025 gelernt hätte. Doch kaum hat das Jahr 2026 begonnen, wiederholt sich das frustrierende Muster für Administratoren und Nutzer weltweit. Das erste obligatorische Update des Jahres, bekannt unter der Kennung <strong>KB5074109</strong>, sorgt bereits in den ersten Wochen für instabile Systeme und verzweifelte IT-Abteilungen.</p>



<p class="wp-block-paragraph">Was von Microsoft offiziell als notwendiger Sicherheitsgewinn und Stabilitätsverbesserung verkauft wird, entpuppt sich in der täglichen Praxis zunehmend als massives Risiko für die Business-Kontinuität. Wenn der Schutz vor Hackern gleichzeitig die Funktionsfähigkeit der Hardware lahmlegt, stellt sich die existenzielle Frage: Ist das Patch-Management von Microsoft selbst zum Sicherheitsrisiko geworden? In diesem Artikel analysieren wir die aktuelle Krise und zeigen Wege auf, wie Sie Ihr Unternehmen schützen können.</p>



<h2 class="wp-block-heading">1. Die aktuelle Lage im Januar 2026: Ein Protokoll des Scheiterns</h2>



<p class="wp-block-paragraph">Das Januar-Update 2026 sollte eigentlich einen sauberen Start in das neue Geschäftsjahr markieren. Stattdessen löste es eine Kette von Fehlfunktionen aus, die so gravierend sind, dass Microsoft in Rekordzeit mehrere &#8222;Out-of-Band&#8220;-Fixes (Notfall-Patches) nachschieben musste, um den kompletten Stillstand in kritischen Infrastrukturen zu verhindern.</p>



<h3 class="wp-block-heading">Die kritischsten Fehler im Überblick:</h3>



<ul class="wp-block-list">
<li><strong>Der Shutdown-Loop (KB5073455):</strong> Ein besonders bizarrer Fehler betrifft Rechner mit aktiviertem <em>System Guard Secure Launch</em>. Diese lassen sich schlicht nicht mehr ordnungsgemäß herunterfahren. Statt auszuschalten, initiieren die Systeme einen sofortigen Neustart. Für Unternehmen, die auf Energieeffizienz und nächtliche Wartungsfenster angewiesen sind, ein logistischer Albtraum.</li>



<li><strong>Authentifizierungs-Fehler in der Cloud:</strong> Viele Nutzer berichteten, dass Verbindungen zu <strong>Azure Virtual Desktop</strong> und <strong>Windows 365</strong> mit dem kryptischen Fehlercode <code>0x80080005</code> scheiterten. In einer Arbeitswelt, die zunehmend auf Cloud-Infrastrukturen setzt, bedeutet dies den sofortigen Arbeitsausfall für tausende Mitarbeiter.</li>



<li><strong>Outlook-Paralyse:</strong> Die Classic-Version von Outlook – nach wie vor der Standard in vielen Konzernen – zeigt sich unter dem neuen Patch instabil. Besonders bei der Nutzung von POP-Konten stürzt die Anwendung ab oder bleibt als &#8222;Geisterprozess&#8220; im Task-Manager hängen, was einen manuellen Eingriff erfordert.</li>



<li><strong>Black Screens &amp; UI-Glitches:</strong> Instabilitäten in der Kommunikation mit Grafiktreibern führen zu flackernden Bildschirmen und zurückgesetzten Desktop-Einstellungen. Was wie ein kosmetisches Problem wirkt, deutet auf tiefsitzende Inkompatibilitäten im Kernel-Bereich hin.</li>
</ul>



<h2 class="wp-block-heading">2. Die Basis des Problems: &#8222;Qualität als Sicherheitsrisiko&#8220;</h2>



<p class="wp-block-paragraph">Bereits im Mai 2025 habe ich hier im Blog dargelegt, dass sich das Verständnis von &#8222;Servicequalität&#8220; (Quality of Service, QoS) bei Microsoft gefährlich verschoben hat. Wir beobachten eine Entwicklung, bei der die Quantität der Features über die Stabilität des Kernsystems gestellt wird.</p>



<h3 class="wp-block-heading">Die zentrale These im Realitätscheck 2026</h3>



<p class="wp-block-paragraph">Wie ich bereits in meiner früheren Analyse postulierte: <em>&#8222;<a href="https://blog.grams-it.com/2025/05/17/microsoft-qualitaet-der-dienstleistung-bzgl-windows-updates-als-sicherheitsrisiko/" title="">Die mangelhafte Qualität der Dienstleistung im Bereich der Windows Updates entwickelt sich zunehmend zu einem eigenständigen Sicherheitsrisiko</a>&#8220; (im Mai 2025)</em> Diese Prognose hat sich Anfang 2026 leider bewahrheitet. Das Problem ist psychologisch wie technisch: Wenn Administratoren aufgrund schlechter Erfahrungen dazu übergehen, Updates so lange wie möglich hinauszuzögern, bleiben kritische Sicherheitslücken unnötig lange offen.</p>



<p class="wp-block-paragraph"><strong>Das unlösbare Dilemma für IT-Abteilungen:</strong></p>



<ol class="wp-block-list">
<li><strong>Szenario Patch:</strong> Sie schließen kritische Zero-Day-Lücken, riskieren aber, dass die Fernwartung (RDP) zusammenbricht oder die Rechner der Mitarbeiter unbrauchbar werden.</li>



<li><strong>Szenario Warten:</strong> Das System bleibt stabil und produktiv, ist aber ein offenes Scheunentor für Ransomware-Angriffe.</li>
</ol>



<p class="wp-block-paragraph">Microsoft zwingt professionelle Anwender damit in eine &#8222;Lose-Lose-Situation&#8220;. Die Zuverlässigkeit des Betriebssystems wird gegen die notwendige Sicherheit ausgespielt – ein Zustand, der für global agierende Unternehmen untragbar ist.</p>



<h2 class="wp-block-heading">3. Ursachenforschung: Systemversagen statt Einzelfälle</h2>



<p class="wp-block-paragraph">Warum schafft es ein Billionen-Dollar-Konzern wie Microsoft nicht, stabile Updates auszuliefern? Die Wiederholung der Fehler aus 2025 im neuen Jahr deutet auf tief verwurzelte, systemische Defizite hin.</p>



<h3 class="wp-block-heading">Unzureichendes Testing in realen Umgebungen</h3>



<p class="wp-block-paragraph">Dass Funktionen wie der &#8222;Shutdown&#8220; bei Standard-Sicherheitsfeatures wie <em>Secure Launch</em> versagen, ist ein klares Indiz dafür, dass die internen Test-Szenarien von Microsoft die Realität in modernen Unternehmen nicht mehr abbilden. Es scheint, als fänden Tests vornehmlich in sterilen Laborumgebungen statt.</p>



<h3 class="wp-block-heading">Der Komplexitäts-Overload von Windows 11</h3>



<p class="wp-block-paragraph">Die Verzahnung von Windows 11 mit unzähligen Cloud-Komponenten macht das Betriebssystem zu einem fragilen Konstrukt. Jede Änderung kann unvorhersehbare Welleneffekte in scheinbar unbeteiligten Modulen auslösen.</p>



<h3 class="wp-block-heading">Der &#8222;Agile-Servicing&#8220;-Wahn</h3>



<p class="wp-block-paragraph">Der Druck, in einem rasanten Rhythmus neue KI-Features auszurollen, lässt keine Zeit für eine tiefe Qualitätssicherung. Die Nutzer im &#8222;Stable Channel&#8220; werden de facto zu Beta-Testern degradiert.</p>



<h2 class="wp-block-heading">4. Handlungsempfehlungen für IT-Administratoren</h2>



<p class="wp-block-paragraph">Was können Sie tun, um Ihr Unternehmen zu schützen? Da man sich auf die Erstauslieferungsqualität von Microsoft-Updates aktuell nicht verlassen kann, sind eigene Schutzwälle unerlässlich.</p>



<ol class="wp-block-list">
<li><strong>Staging ist Pflicht:</strong> Rollen Sie Updates niemals am ersten Tag auf die gesamte Flotte aus. Nutzen Sie Testgruppen für verschiedene Hardware-Konfigurationen.</li>



<li><strong>KIR-Tools (Known Issue Rollback):</strong> Machen Sie sich mit den KIR-Mechanismen vertraut. Sie sind oft der einzige Weg, einen fehlerhaften Patch schnell rückgängig zu machen.</li>



<li><strong>Diversifizierte Informationsquellen:</strong> Verlassen Sie sich nicht nur auf das offizielle Microsoft Dashboard. Nutzen Sie Fachportale wie <em>Windows Latest</em> oder verfolgen Sie meine regelmäßigen Updates hier im Blog als Frühwarnsysteme.</li>



<li><strong>Backup-Strategie für Cloud-Endpunkte:</strong> Stellen Sie sicher, dass kritische Mitarbeiter alternative Zugangswege haben, falls Cloud-Authentifizierungen (AVD/Windows 365) scheitern.</li>
</ol>



<h2 class="wp-block-heading">Fazit: Ein notwendiger Kurswechsel steht aus</h2>



<p class="wp-block-paragraph">Das Jahr 2026 hat bereits in seinen ersten Wochen bewiesen: Die Qualität der Windows-Updates ist kein rein technisches Ärgernis mehr, sondern eine ernsthafte strategische Schwachstelle in der globalen IT-Infrastruktur. Die mangelnde Sorgfalt bei Microsoft gefährdet die Produktivität von Millionen Unternehmen.</p>



<p class="wp-block-paragraph">Solange Microsoft die Stabilität nicht über den schnellen Feature-Release stellt, bleibt der Update-Prozess selbst eine Bedrohung für den Geschäftsbetrieb. Es ist an der Zeit, eine Rückbesinnung auf handwerkliche Qualität im Software-Engineering zu fordern.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>2026-01 Patchday</title>
		<link>https://blog.grams-it.com/2026/01/14/2026-01-patchday/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Wed, 14 Jan 2026 06:34:03 +0000</pubDate>
				<category><![CDATA[Betriebssystem]]></category>
		<category><![CDATA[IT]]></category>
		<category><![CDATA[IT-Sicherheit]]></category>
		<category><![CDATA[Microsoft]]></category>
		<category><![CDATA[Microsoft Windows]]></category>
		<category><![CDATA[Microsoft Windows 11]]></category>
		<category><![CDATA[Microsoft Windows Server 2019]]></category>
		<category><![CDATA[Microsoft Windows Server 2025]]></category>
		<category><![CDATA[Patch]]></category>
		<category><![CDATA[Patchday]]></category>
		<category><![CDATA[Sicherheit]]></category>
		<category><![CDATA[Sicherheitslücke]]></category>
		<category><![CDATA[CVE-2023-31096]]></category>
		<category><![CDATA[CVE-2026-20805]]></category>
		<category><![CDATA[CVE-2026-20952]]></category>
		<category><![CDATA[CVE-2026-20953]]></category>
		<category><![CDATA[CVE-2026-21265]]></category>
		<category><![CDATA[Cyber Security]]></category>
		<category><![CDATA[DWM]]></category>
		<category><![CDATA[Elevation of Privilege]]></category>
		<category><![CDATA[Januar 2026]]></category>
		<category><![CDATA[KB5073455]]></category>
		<category><![CDATA[KB5073724]]></category>
		<category><![CDATA[KB5074109]]></category>
		<category><![CDATA[Microsoft Office]]></category>
		<category><![CDATA[Remote Code Execution]]></category>
		<category><![CDATA[Schwachstelle]]></category>
		<category><![CDATA[Secure Boot]]></category>
		<category><![CDATA[Sicherheitsupdate]]></category>
		<category><![CDATA[Windows 10 ESU]]></category>
		<category><![CDATA[Windows 11]]></category>
		<category><![CDATA[Zero-Day]]></category>
		<guid isPermaLink="false">https://blog.grams-it.com/?p=847</guid>

					<description><![CDATA[<p><img width="400" height="400" src="https://blog.grams-it.com/wp-content/uploads/2025/04/Windows-Update.png" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="Windows Update" decoding="async" srcset="https://blog.grams-it.com/wp-content/uploads/2025/04/Windows-Update.png 400w, https://blog.grams-it.com/wp-content/uploads/2025/04/Windows-Update-300x300.png 300w, https://blog.grams-it.com/wp-content/uploads/2025/04/Windows-Update-150x150.png 150w" sizes="(max-width: 400px) 100vw, 400px" /></p>Microsoft startet das Jahr 2026 mit einem massiven Sicherheitspaket. Am ersten Patchday des Jahres, dem 13. Januar 2026, wurden insgesamt 114 Sicherheitslücken geschlossen. Besonders besorgniserregend sind dabei drei Zero-Day-Schwachstellen, von denen eine bereits aktiv für gezielte Angriffe ausgenutzt wird. Hier ist die detaillierte Analyse der wichtigsten Sicherheitsupdates für IT-Administratoren und Sicherheitsexperten. Die Highlights im Überblick [&#8230;]]]></description>
										<content:encoded><![CDATA[<p><img width="400" height="400" src="https://blog.grams-it.com/wp-content/uploads/2025/04/Windows-Update.png" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="Windows Update" decoding="async" srcset="https://blog.grams-it.com/wp-content/uploads/2025/04/Windows-Update.png 400w, https://blog.grams-it.com/wp-content/uploads/2025/04/Windows-Update-300x300.png 300w, https://blog.grams-it.com/wp-content/uploads/2025/04/Windows-Update-150x150.png 150w" sizes="(max-width: 400px) 100vw, 400px" /></p>
<p class="wp-block-paragraph">Microsoft startet das Jahr 2026 mit einem massiven Sicherheitspaket. Am ersten Patchday des Jahres, dem 13. Januar 2026, wurden insgesamt <strong>114 Sicherheitslücken</strong> geschlossen. Besonders besorgniserregend sind dabei drei Zero-Day-Schwachstellen, von denen eine bereits aktiv für gezielte Angriffe ausgenutzt wird.</p>



<p class="wp-block-paragraph">Hier ist die detaillierte Analyse der wichtigsten Sicherheitsupdates für IT-Administratoren und Sicherheitsexperten.</p>



<h2 class="wp-block-heading">Die Highlights im Überblick</h2>



<ul class="wp-block-list">
<li><strong>Gesamtzahl der Patches:</strong> 114 (darunter 8 als &#8222;Kritisch&#8220; eingestuft)</li>



<li><strong>Zero-Days:</strong> 3 (1 aktiv ausgenutzt, 2 öffentlich bekannt)</li>



<li><strong>Schwachstellen-Kategorien:</strong>
<ul class="wp-block-list">
<li>57 Erhöhungen von Privilegien (Elevation of Privilege)</li>



<li>22 Remote Code Execution (RCE)</li>



<li>22 Offenlegung von Informationen (Information Disclosure)</li>



<li>5 Spoofing-Schwachstellen</li>



<li>3 Umgehungen von Sicherheitsfunktionen (Security Feature Bypass)</li>



<li>2 Denial of Service (DoS)</li>
</ul>
</li>
</ul>



<h2 class="wp-block-heading">Detaillierte Analyse der Zero-Day-Schwachstellen</h2>



<p class="wp-block-paragraph">Drei Sicherheitslücken erfordern diesen Monat sofortiges Handeln, da sie entweder bereits aktiv angegriffen werden oder Informationen über sie bereits vorab im Umlauf waren.</p>



<h3 class="wp-block-heading">1. CVE-2026-20805: Information Disclosure im Desktop Window Manager (DWM)</h3>



<p class="wp-block-paragraph"><strong>Status:</strong> Aktiv ausgenutzt (&#8222;Exploited in the wild&#8220;)</p>



<p class="wp-block-paragraph"><strong>Schweregrad:</strong> Wichtig (CVSS 5.5)</p>



<p class="wp-block-paragraph">Der Desktop Window Manager (DWM) ist eine zentrale Windows-Komponente, die für das Zeichnen der grafischen Benutzeroberfläche zuständig ist.</p>



<ul class="wp-block-list">
<li><strong>Das Risiko:</strong> Diese Schwachstelle ermöglicht es einem lokalen Angreifer mit geringen Berechtigungen, sensible Speicheradressen über einen Remote-ALPC-Port (Advanced Local Procedure Call) auszulesen.</li>



<li><strong>Die Tragweite:</strong> Auch wenn eine &#8222;Information Disclosure&#8220; auf dem Papier weniger gefährlich wirkt als eine Code-Ausführung, ist sie oft der entscheidende erste Schritt. Angreifer nutzen diese Lücke, um die <strong>Address Space Layout Randomization (ASLR)</strong> zu umgehen. Sobald die Speicherstruktur des Systems bekannt ist, können andere Sicherheitslücken (wie Buffer Overflows) wesentlich präziser und zuverlässiger für eine vollständige Systemübernahme genutzt werden. Da die CISA (Cybersecurity and Infrastructure Security Agency) bereits vor dieser Lücke warnt, ist schnelles Patching hier oberste Priorität.</li>
</ul>



<h3 class="wp-block-heading">2. CVE-2026-21265: Security Feature Bypass in Secure Boot</h3>



<p class="wp-block-paragraph"><strong>Status:</strong> Öffentlich bekannt</p>



<p class="wp-block-paragraph"><strong>Schweregrad:</strong> Wichtig (CVSS 6.4)</p>



<p class="wp-block-paragraph">Diese Schwachstelle betrifft das Fundament der Windows-Sicherheit: den Boot-Prozess.</p>



<ul class="wp-block-list">
<li><strong>Das Problem:</strong> Microsoft-Zertifikate für Secure Boot aus dem Jahr 2011 erreichen in diesem Jahr ihr Ablaufdatum. Bestimmte Firmware-Implementierungen könnten bei der Rotation dieser Zertifikate Fehler aufweisen.</li>



<li><strong>Das Risiko:</strong> Ein Angreifer könnte diese fehlerhafte Zertifikatsprüfung nutzen, um Sicherheitsfunktionen von Secure Boot zu umgehen und bösartige Bootloader zu laden (ähnlich wie beim berüchtigten BlackLotus-Bootkit). Microsoft hat mit diesem Patch neue 2023-Zertifikate in die Trust-Chain integriert. Administratoren müssen beachten, dass hier neben dem Windows-Patch eventuell auch manuelle Schritte zur Aktualisierung der DBX (Revocation List) notwendig sein könnten.</li>
</ul>



<h3 class="wp-block-heading">3. CVE-2023-31096: Elevation of Privilege im Agere Soft Modem Driver</h3>



<p class="wp-block-paragraph"><strong>Status:</strong> Öffentlich bekannt</p>



<p class="wp-block-paragraph"><strong>Schweregrad:</strong> Wichtig (CVSS 7.8)</p>



<p class="wp-block-paragraph">Hierbei handelt es sich um eine kuriose, aber gefährliche Altlast. Es betrifft Treiber von Drittanbietern (Agere), die seit Jahrzehnten nativ mit Windows ausgeliefert wurden.</p>



<ul class="wp-block-list">
<li><strong>Die Lösung:</strong> Microsoft hat sich dazu entschieden, die Treiber <code>agrsm64.sys</code> und <code>agrsm.sys</code> mit dem Januar-Update <strong>vollständig aus dem Betriebssystem zu entfernen</strong>.</li>



<li><strong>Das Risiko:</strong> Da die Schwachstelle bereits seit 2023 öffentlich dokumentiert war, bot sie ein leichtes Ziel für Angreifer, um lokale SYSTEM-Berechtigungen zu erlangen. Da kaum noch jemand physische Soft-Modems nutzt, ist die Entfernung die sicherste Methode, um diese Angriffsfläche dauerhaft zu schließen.</li>
</ul>



<h2 class="wp-block-heading">Kritische Infrastruktur-Updates</h2>



<h3 class="wp-block-heading">Schwere Lücken in Microsoft Office (CVE-2026-20952, CVE-2026-20953)</h3>



<p class="wp-block-paragraph">Besonders hervorzuheben sind zwei kritische RCE-Lücken in Word und Excel. Diese können bereits durch das bloße Anzeigen einer manipulierten Datei im <strong>Vorschaufenster (Preview Pane)</strong> von Outlook ausgelöst werden. Ein Nutzer muss die Datei also nicht einmal aktiv öffnen, um das System zu kompromittieren.</p>



<h3 class="wp-block-heading">Windows Graphics (Virtualization Escape)</h3>



<p class="wp-block-paragraph">Ein Fehler in der Windows Graphics-Komponente ermöglichte es Angreifern in virtualisierten Umgebungen (z. B. Azure oder Hyper-V), aus einer Gast-VM auszubrechen und Zugriff auf den zugrunde liegenden Host-Server zu erhalten. Dies ist ein hochkritisches Szenario für Cloud-Anbieter und Unternehmen mit VDI-Infrastrukturen.</p>



<h2 class="wp-block-heading">Die Sicherheitsupdates vom Patch Tuesday im Januar 2026</h2>



<p class="wp-block-paragraph">Nachfolgend finden Sie die vollständige Liste der behobenen Sicherheitslücken in den Updates vom Patch Tuesday im Januar 2026.</p>



<figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><th class="has-text-align-center" data-align="center">Tag</th><th class="has-text-align-center" data-align="center">CVE ID</th><th class="has-text-align-center" data-align="center">CVE Title</th><th class="has-text-align-center" data-align="center">Severity</th></tr><tr><td>Agere Windows Modem Driver</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-31096" rel="noreferrer noopener" target="_blank">CVE-2023-31096</a></td><td>MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Azure Connected Machine Agent</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21224" rel="noreferrer noopener" target="_blank">CVE-2026-21224</a></td><td>Azure Connected Machine Agent Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Azure Core shared client library for Python</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21226" rel="noreferrer noopener" target="_blank">CVE-2026-21226</a></td><td>Azure Core shared client library for Python Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Capability Access Management Service (camsvc)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20835" rel="noreferrer noopener" target="_blank">CVE-2026-20835</a></td><td>Capability Access Management Service (camsvc) Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Capability Access Management Service (camsvc)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20851" rel="noreferrer noopener" target="_blank">CVE-2026-20851</a></td><td>Capability Access Management Service (camsvc) Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Capability Access Management Service (camsvc)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20830" rel="noreferrer noopener" target="_blank">CVE-2026-20830</a></td><td>Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Capability Access Management Service (camsvc)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21221" rel="noreferrer noopener" target="_blank">CVE-2026-21221</a></td><td>Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Capability Access Management Service (camsvc)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20815" rel="noreferrer noopener" target="_blank">CVE-2026-20815</a></td><td>Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Connected Devices Platform Service (Cdpsvc)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20864" rel="noreferrer noopener" target="_blank">CVE-2026-20864</a></td><td>Windows Connected Devices Platform Service Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Desktop Window Manager</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20805" rel="noreferrer noopener" target="_blank">CVE-2026-20805</a></td><td>Desktop Window Manager Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Desktop Window Manager</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20871" rel="noreferrer noopener" target="_blank">CVE-2026-20871</a></td><td>Desktop Windows Manager Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Dynamic Root of Trust for Measurement (DRTM)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20962" rel="noreferrer noopener" target="_blank">CVE-2026-20962</a></td><td>Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Graphics Kernel</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20836" rel="noreferrer noopener" target="_blank">CVE-2026-20836</a></td><td>DirectX Graphics Kernel Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Graphics Kernel</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20814" rel="noreferrer noopener" target="_blank">CVE-2026-20814</a></td><td>DirectX Graphics Kernel Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Host Process for Windows Tasks</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20941" rel="noreferrer noopener" target="_blank">CVE-2026-20941</a></td><td>Host Process for Windows Tasks Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Inbox COM Objects</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21219" rel="noreferrer noopener" target="_blank">CVE-2026-21219</a></td><td>Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21444" rel="noreferrer noopener" target="_blank">CVE-2026-21444</a></td><td>libtpms returns wrong initialization vector when certain symmetric ciphers are used</td><td>Moderate</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68758" rel="noreferrer noopener" target="_blank">CVE-2025-68758</a></td><td>backlight: led-bl: Add devlink to supplier LEDs</td><td>Moderate</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68757" rel="noreferrer noopener" target="_blank">CVE-2025-68757</a></td><td>drm/vgem-fence: Fix potential deadlock on release</td><td>Moderate</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68764" rel="noreferrer noopener" target="_blank">CVE-2025-68764</a></td><td>NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags</td><td>Moderate</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68756" rel="noreferrer noopener" target="_blank">CVE-2025-68756</a></td><td>block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set-&gt;tag_list_lock</td><td>Important</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68763" rel="noreferrer noopener" target="_blank">CVE-2025-68763</a></td><td>crypto: starfive &#8211; Correctly handle return of sg_nents_for_len</td><td>Moderate</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68755" rel="noreferrer noopener" target="_blank">CVE-2025-68755</a></td><td>staging: most: remove broken i2c driver</td><td>Moderate</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68759" rel="noreferrer noopener" target="_blank">CVE-2025-68759</a></td><td>wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring()</td><td>Important</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68766" rel="noreferrer noopener" target="_blank">CVE-2025-68766</a></td><td>irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()</td><td>Important</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68753" rel="noreferrer noopener" target="_blank">CVE-2025-68753</a></td><td>ALSA: firewire-motu: add bounds check in put_user loop for DSP events</td><td>Important</td></tr><tr><td>Mariner</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68765" rel="noreferrer noopener" target="_blank">CVE-2025-68765</a></td><td>mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()</td><td>Moderate</td></tr><tr><td>Microsoft Edge (Chromium-based)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0628" rel="noreferrer noopener" target="_blank">CVE-2026-0628</a></td><td>Chromium: CVE-2026-0628 Insufficient policy enforcement in WebView tag</td><td>Unknown</td></tr><tr><td>Microsoft Graphics Component</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20822" rel="noreferrer noopener" target="_blank">CVE-2026-20822</a></td><td>Windows Graphics Component Elevation of Privilege Vulnerability</td><td><strong>Critical</strong></td></tr><tr><td>Microsoft Office</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20952" rel="noreferrer noopener" target="_blank">CVE-2026-20952</a></td><td>Microsoft Office Remote Code Execution Vulnerability</td><td><strong>Critical</strong></td></tr><tr><td>Microsoft Office</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20953" rel="noreferrer noopener" target="_blank">CVE-2026-20953</a></td><td>Microsoft Office Remote Code Execution Vulnerability</td><td><strong>Critical</strong></td></tr><tr><td>Microsoft Office</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20943" rel="noreferrer noopener" target="_blank">CVE-2026-20943</a></td><td>Microsoft Office Click-To-Run Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office Excel</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20949" rel="noreferrer noopener" target="_blank">CVE-2026-20949</a></td><td>Microsoft Excel Security Feature Bypass Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office Excel</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20950" rel="noreferrer noopener" target="_blank">CVE-2026-20950</a></td><td>Microsoft Excel Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office Excel</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20956" rel="noreferrer noopener" target="_blank">CVE-2026-20956</a></td><td>Microsoft Excel Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office Excel</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20957" rel="noreferrer noopener" target="_blank">CVE-2026-20957</a></td><td>Microsoft Excel Remote Code Execution Vulnerability</td><td><strong>Critical</strong></td></tr><tr><td>Microsoft Office Excel</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20946" rel="noreferrer noopener" target="_blank">CVE-2026-20946</a></td><td>Microsoft Excel Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office Excel</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20955" rel="noreferrer noopener" target="_blank">CVE-2026-20955</a></td><td>Microsoft Excel Remote Code Execution Vulnerability</td><td><strong>Critical</strong></td></tr><tr><td>Microsoft Office SharePoint</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20958" rel="noreferrer noopener" target="_blank">CVE-2026-20958</a></td><td>Microsoft SharePoint Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office SharePoint</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20959" rel="noreferrer noopener" target="_blank">CVE-2026-20959</a></td><td>Microsoft SharePoint Server Spoofing Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office SharePoint</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20947" rel="noreferrer noopener" target="_blank">CVE-2026-20947</a></td><td>Microsoft SharePoint Server Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office SharePoint</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20951" rel="noreferrer noopener" target="_blank">CVE-2026-20951</a></td><td>Microsoft SharePoint Server Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office SharePoint</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20963" rel="noreferrer noopener" target="_blank">CVE-2026-20963</a></td><td>Microsoft SharePoint Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office Word</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20948" rel="noreferrer noopener" target="_blank">CVE-2026-20948</a></td><td>Microsoft Word Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Microsoft Office Word</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20944" rel="noreferrer noopener" target="_blank">CVE-2026-20944</a></td><td>Microsoft Word Remote Code Execution Vulnerability</td><td><strong>Critical</strong></td></tr><tr><td>Printer Association Object</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20808" rel="noreferrer noopener" target="_blank">CVE-2026-20808</a></td><td>Windows File Explorer Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>SQL Server</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20803" rel="noreferrer noopener" target="_blank">CVE-2026-20803</a></td><td>Microsoft SQL Server Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Tablet Windows User Interface (TWINUI) Subsystem</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20827" rel="noreferrer noopener" target="_blank">CVE-2026-20827</a></td><td>Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Tablet Windows User Interface (TWINUI) Subsystem</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20826" rel="noreferrer noopener" target="_blank">CVE-2026-20826</a></td><td>Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Admin Center</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20965" rel="noreferrer noopener" target="_blank">CVE-2026-20965</a></td><td>Windows Admin Center Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Ancillary Function Driver for WinSock</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20831" rel="noreferrer noopener" target="_blank">CVE-2026-20831</a></td><td>Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Ancillary Function Driver for WinSock</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20860" rel="noreferrer noopener" target="_blank">CVE-2026-20860</a></td><td>Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Ancillary Function Driver for WinSock</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20810" rel="noreferrer noopener" target="_blank">CVE-2026-20810</a></td><td>Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Client-Side Caching (CSC) Service</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20839" rel="noreferrer noopener" target="_blank">CVE-2026-20839</a></td><td>Windows Client-Side Caching (CSC) Service Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Clipboard Server</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20844" rel="noreferrer noopener" target="_blank">CVE-2026-20844</a></td><td>Windows Clipboard Server Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Cloud Files Mini Filter Driver</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20940" rel="noreferrer noopener" target="_blank">CVE-2026-20940</a></td><td>Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Cloud Files Mini Filter Driver</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20857" rel="noreferrer noopener" target="_blank">CVE-2026-20857</a></td><td>Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Common Log File System Driver</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20820" rel="noreferrer noopener" target="_blank">CVE-2026-20820</a></td><td>Windows Common Log File System Driver Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Deployment Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0386" rel="noreferrer noopener" target="_blank">CVE-2026-0386</a></td><td>Windows Deployment Services Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Windows DWM</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20842" rel="noreferrer noopener" target="_blank">CVE-2026-20842</a></td><td>Microsoft DWM Core Library Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Error Reporting</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20817" rel="noreferrer noopener" target="_blank">CVE-2026-20817</a></td><td>Windows Error Reporting Service Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows File Explorer</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20939" rel="noreferrer noopener" target="_blank">CVE-2026-20939</a></td><td>Windows File Explorer Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows File Explorer</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20932" rel="noreferrer noopener" target="_blank">CVE-2026-20932</a></td><td>Windows File Explorer Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows File Explorer</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20937" rel="noreferrer noopener" target="_blank">CVE-2026-20937</a></td><td>Windows File Explorer Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows File Explorer</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20823" rel="noreferrer noopener" target="_blank">CVE-2026-20823</a></td><td>Windows File Explorer Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Hello</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20852" rel="noreferrer noopener" target="_blank">CVE-2026-20852</a></td><td>Windows Hello Tampering Vulnerability</td><td>Important</td></tr><tr><td>Windows Hello</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20804" rel="noreferrer noopener" target="_blank">CVE-2026-20804</a></td><td>Windows Hello Tampering Vulnerability</td><td>Important</td></tr><tr><td>Windows HTTP.sys</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20929" rel="noreferrer noopener" target="_blank">CVE-2026-20929</a></td><td>Windows HTTP.sys Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Hyper-V</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20825" rel="noreferrer noopener" target="_blank">CVE-2026-20825</a></td><td>Windows Hyper-V Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Installer</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20816" rel="noreferrer noopener" target="_blank">CVE-2026-20816</a></td><td>Windows Installer Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Internet Connection Sharing (ICS)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20828" rel="noreferrer noopener" target="_blank">CVE-2026-20828</a></td><td>Windows rndismp6.sys Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Kerberos</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20849" rel="noreferrer noopener" target="_blank">CVE-2026-20849</a></td><td>Windows Kerberos Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Kerberos</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20833" rel="noreferrer noopener" target="_blank">CVE-2026-20833</a></td><td>Windows Kerberos Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Kernel</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20838" rel="noreferrer noopener" target="_blank">CVE-2026-20838</a></td><td>Windows Kernel Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Kernel</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20818" rel="noreferrer noopener" target="_blank">CVE-2026-20818</a></td><td>Windows Kernel Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Kernel Memory</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20809" rel="noreferrer noopener" target="_blank">CVE-2026-20809</a></td><td>Windows Kernel Memory Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Kernel-Mode Drivers</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20859" rel="noreferrer noopener" target="_blank">CVE-2026-20859</a></td><td>Windows Kernel-Mode Driver Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows LDAP &#8211; Lightweight Directory Access Protocol</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20812" rel="noreferrer noopener" target="_blank">CVE-2026-20812</a></td><td>LDAP Tampering Vulnerability</td><td>Important</td></tr><tr><td>Windows Local Security Authority Subsystem Service (LSASS)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20854" rel="noreferrer noopener" target="_blank">CVE-2026-20854</a></td><td>Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability</td><td><strong>Critical</strong></td></tr><tr><td>Windows Local Security Authority Subsystem Service (LSASS)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20875" rel="noreferrer noopener" target="_blank">CVE-2026-20875</a></td><td>Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability</td><td>Important</td></tr><tr><td>Windows Local Session Manager (LSM)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20869" rel="noreferrer noopener" target="_blank">CVE-2026-20869</a></td><td>Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20924" rel="noreferrer noopener" target="_blank">CVE-2026-20924</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20874" rel="noreferrer noopener" target="_blank">CVE-2026-20874</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20862" rel="noreferrer noopener" target="_blank">CVE-2026-20862</a></td><td>Windows Management Services Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20866" rel="noreferrer noopener" target="_blank">CVE-2026-20866</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20867" rel="noreferrer noopener" target="_blank">CVE-2026-20867</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20861" rel="noreferrer noopener" target="_blank">CVE-2026-20861</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20865" rel="noreferrer noopener" target="_blank">CVE-2026-20865</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20858" rel="noreferrer noopener" target="_blank">CVE-2026-20858</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20918" rel="noreferrer noopener" target="_blank">CVE-2026-20918</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20877" rel="noreferrer noopener" target="_blank">CVE-2026-20877</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20923" rel="noreferrer noopener" target="_blank">CVE-2026-20923</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Management Services</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20873" rel="noreferrer noopener" target="_blank">CVE-2026-20873</a></td><td>Windows Management Services Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Media</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20837" rel="noreferrer noopener" target="_blank">CVE-2026-20837</a></td><td>Windows Media Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Windows Motorola Soft Modem Driver</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-55414" rel="noreferrer noopener" target="_blank">CVE-2024-55414</a></td><td>Windows Motorola Soft Modem Driver Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows NDIS</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20936" rel="noreferrer noopener" target="_blank">CVE-2026-20936</a></td><td>Windows NDIS Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows NTFS</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20922" rel="noreferrer noopener" target="_blank">CVE-2026-20922</a></td><td>Windows NTFS Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Windows NTFS</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20840" rel="noreferrer noopener" target="_blank">CVE-2026-20840</a></td><td>Windows NTFS Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Windows NTLM</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20925" rel="noreferrer noopener" target="_blank">CVE-2026-20925</a></td><td>NTLM Hash Disclosure Spoofing Vulnerability</td><td>Important</td></tr><tr><td>Windows NTLM</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20872" rel="noreferrer noopener" target="_blank">CVE-2026-20872</a></td><td>NTLM Hash Disclosure Spoofing Vulnerability</td><td>Important</td></tr><tr><td>Windows Remote Assistance</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20824" rel="noreferrer noopener" target="_blank">CVE-2026-20824</a></td><td>Windows Remote Assistance Security Feature Bypass Vulnerability</td><td>Important</td></tr><tr><td>Windows Remote Procedure Call</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20821" rel="noreferrer noopener" target="_blank">CVE-2026-20821</a></td><td>Remote Procedure Call Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Remote Procedure Call Interface Definition Language (IDL)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20832" rel="noreferrer noopener" target="_blank">CVE-2026-20832</a></td><td>Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Routing and Remote Access Service (RRAS)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20868" rel="noreferrer noopener" target="_blank">CVE-2026-20868</a></td><td>Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Windows Routing and Remote Access Service (RRAS)</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20843" rel="noreferrer noopener" target="_blank">CVE-2026-20843</a></td><td>Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Secure Boot</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21265" rel="noreferrer noopener" target="_blank">CVE-2026-21265</a></td><td>Secure Boot Certificate Expiration Security Feature Bypass Vulnerability</td><td>Important</td></tr><tr><td>Windows Server Update Service</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20856" rel="noreferrer noopener" target="_blank">CVE-2026-20856</a></td><td>Windows Server Update Service (WSUS) Remote Code Execution Vulnerability</td><td>Important</td></tr><tr><td>Windows Shell</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20834" rel="noreferrer noopener" target="_blank">CVE-2026-20834</a></td><td>Windows Spoofing Vulnerability</td><td>Important</td></tr><tr><td>Windows Shell</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20847" rel="noreferrer noopener" target="_blank">CVE-2026-20847</a></td><td>Microsoft Windows File Explorer Spoofing Vulnerability</td><td>Important</td></tr><tr><td>Windows SMB Server</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20926" rel="noreferrer noopener" target="_blank">CVE-2026-20926</a></td><td>Windows SMB Server Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows SMB Server</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20921" rel="noreferrer noopener" target="_blank">CVE-2026-20921</a></td><td>Windows SMB Server Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows SMB Server</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20919" rel="noreferrer noopener" target="_blank">CVE-2026-20919</a></td><td>Windows SMB Server Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows SMB Server</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20927" rel="noreferrer noopener" target="_blank">CVE-2026-20927</a></td><td>Windows SMB Server Denial of Service Vulnerability</td><td>Important</td></tr><tr><td>Windows SMB Server</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20848" rel="noreferrer noopener" target="_blank">CVE-2026-20848</a></td><td>Windows SMB Server Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows SMB Server</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20934" rel="noreferrer noopener" target="_blank">CVE-2026-20934</a></td><td>Windows SMB Server Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Telephony Service</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20931" rel="noreferrer noopener" target="_blank">CVE-2026-20931</a></td><td>Windows Telephony Service Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows TPM</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20829" rel="noreferrer noopener" target="_blank">CVE-2026-20829</a></td><td>TPM Trustlet Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Virtualization-Based Security (VBS) Enclave</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20938" rel="noreferrer noopener" target="_blank">CVE-2026-20938</a></td><td>Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Virtualization-Based Security (VBS) Enclave</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20935" rel="noreferrer noopener" target="_blank">CVE-2026-20935</a></td><td>Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Virtualization-Based Security (VBS) Enclave</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20819" rel="noreferrer noopener" target="_blank">CVE-2026-20819</a></td><td>Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability</td><td>Important</td></tr><tr><td>Windows Virtualization-Based Security (VBS) Enclave</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20876" rel="noreferrer noopener" target="_blank">CVE-2026-20876</a></td><td>Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability</td><td><strong>Critical</strong></td></tr><tr><td>Windows WalletService</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20853" rel="noreferrer noopener" target="_blank">CVE-2026-20853</a></td><td>Windows WalletService Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Win32K &#8211; ICOMP</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20811" rel="noreferrer noopener" target="_blank">CVE-2026-20811</a></td><td>Win32k Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Win32K &#8211; ICOMP</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20870" rel="noreferrer noopener" target="_blank">CVE-2026-20870</a></td><td>Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Win32K &#8211; ICOMP</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20920" rel="noreferrer noopener" target="_blank">CVE-2026-20920</a></td><td>Win32k Elevation of Privilege Vulnerability</td><td>Important</td></tr><tr><td>Windows Win32K &#8211; ICOMP</td><td><a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20863" rel="noreferrer noopener" target="_blank">CVE-2026-20863</a></td><td>Win32k Elevation of Privilege Vulnerability</td><td>Important</td></tr></tbody></table></figure>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
