Microsoft Patch Tuesday – January 2026

Microsoft Patch Tuesday — January 2026: Microsoft released updates addressing 112 vulnerabilities, including an actively exploited zero-day (CVE-2026-20805) that allows a local authorized attacker to retrieve sensitive information via the Desktop Window Manager. The advisory also warns of expiring Secure Boot certificates that could enable bypasses if not updated and documents removal of Agere Soft Modem drivers to mitigate CVE-2023-31096.