Microsoft Patch Tuesday Addresses Critical Windows Vulnerabilities

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively ExploitedMicrosoft on Tuesday rolled out its first security update for 2026, addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities have been classified as privilege escalation, followed by 22 information disclosure, 21 remote code2026-01-14T09:38:00.000Z

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. Eight of the vulnerabilities earned Microsoft's most-dire "critical" rating, and the company warns that attackers are already exploiting one of the bugs fixed today.

Microsoft has released its February 2026 Patch Tuesday updates, addressing 59 vulnerabilities across a wide range of products — including six zero-day vulnerabilities that were actively exploited in the wild prior to the release. Among these are security feature bypass flaws in Windows Shell and MSHTML, and privilege escalation issues in Desktop Window Manager and Remote Desktop Services, as well as other high-risk defects.  👉 Read More: https://lnkd.in/d4tcRphr

Microsoft on Tuesday rolled out its first security update for 2026, addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities have been classified as privilege escalation, followed by 22 information disclosure, 21 remote code

Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks. Learn more: https://lnkd.in/g8_qzqQP #microsoft #cybersecurityawareness

Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks.

🚨 Microsoft patches 114 vulnerabilities—one zero-day already under active attack. Microsoft's January 2026 Patch Tuesday delivers a massive security update addressing 114 vulnerabilities across Windows, Office, and Azure platforms. The most critical concern: CVE-2026-20805, a Desktop Window Manager zero-day that's being actively exploited and has already landed on CISA's Known Exploited Vulnerabilities catalog. This isn't just another patch cycle. With 8 critical CVEs demanding immediate attention and threat actors already weaponizing at least one vulnerability, organizations face a compressed response window. The Desktop Window Manager component affects core Windows functionality, making this particularly concerning for enterprise environments. The speed at which this zero-day moved from discovery to active exploitation highlights how quickly threat actors are adapting. Traditional patch management timelines may no longer be sufficient when dealing with components this fundamental to the OS. How are your teams prioritizing these 114 patches? Are you seeing any indicators of the CVE-2026-20805 exploitation in your environment? #CyberSecurity #ZeroDay #ThreatIntelligence #CVE

🔐 Cyber Byte of the Day : Microsoft Patches Actively Exploited Windows Zero-Day. - Microsoft has released its January security updates, fixing 114 Windows vulnerabilities, including an actively exploited zero-day in the Desktop Window Manager (DWM). - Attackers are using this flaw for privilege escalation, often chaining it with phishing or malware to gain SYSTEM-level access. Why This Matters: This is a live, in-the-wild exploit. With many systems still unpatched, unaddressed endpoints remain exposed. 🛡️ What to Do: Apply January updates immediately across all Windows systems. Prioritize endpoints and servers used by admins and executives. Monitor for suspicious privilege escalation and abnormal process behavior. Reinforce phishing defenses like email filtering, MFA, and user awareness. #cybersecurity #cyberbyte #microsoft #windows #zeroday #patchnow #infosec #veteran #veteranowned #smallbusiness https://lnkd.in/geYDnjPM?

Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks. [...] #Microsoft #Security