Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft January 2026 Patch Tuesday 114-flaw security update (multiple vulnerabilities)

Security Patch Release
First reported
Last updated
Happening score
H score 40
2 unique sources, 2 articles

Summary

Hide ▲

Microsoft released its January 2026 Patch Tuesday update, fixing 114 flaws and raising urgency because it includes one actively exploited issue and two publicly disclosed zero-days. The bundle matters because it covers both a live in-the-wild flaw and certificate/driver issues that affect Windows trust and privilege boundaries.

Related Happenings

Microsoft Defender BlueHammer (CVE-2026-33825) ransomware exploitation wave

Exploitation Wave
H score41 First: 30.06.2026 11:53 Last: 30.06.2026 11:53 Sources 1

About this happening: CISA has flagged **BlueHammer (CVE-2026-33825)** as exploited in **ransomware campaigns**, expanding the risk to **Windows devices** exposed to privilege escalation. The flaw in *...

CERT/CC UEFI DBX mitigation for vendor-signed applications

Advisory/Mitigation
H score28 First: 19.06.2026 21:33 Last: 19.06.2026 21:33 Sources 1

About this happening: **CERT/CC** issued mitigation guidance to apply **UEFI Forbidden Signature Database (DBX)** updates, reducing **Secure Boot bypass** risk for affected vendor-signed **UEFI applica...

Microsoft releases RoguePlanet Defender security update for CVE-2026-50656

Security Patch Release
H score32 First: 17.06.2026 20:36 Last: 17.06.2026 20:36 Sources 1

About this happening: **Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...

Latest development: 09.07.2026 11:48

Microsoft released security updates for CVE-2026-50656, remediating the RoguePlanet privilege-escalation flaw in Microsoft Malware Protection Engine (mpengine.dll) with version 1.1.26060.3008 and additional defense-in-depth updates. Microsoft said no customer action is required to install the update.

ESET analysis of SprySOCKS Windows variants adds IOC-backed detection guidance

Technical Analysis
H score34 First: 16.06.2026 12:00 Last: 16.06.2026 12:00 Sources 1

About this happening: **ESET** identified previously undocumented **Windows variants** of **SprySOCKS**, a backdoor attributed to **FishMonger** and linked to **I-Soon**. The **WIN_DRV** and **WIN_PLUS...

Microsoft YellowKey patch release (CVE-2026-45585)

Security Patch Release
H score20 First: 11.06.2026 20:43 Last: 11.06.2026 20:43 Sources 1

About this happening: Microsoft's **Patch Tuesday** updates this week patched **YellowKey (CVE-2026-45585)**, closing a **Windows BitLocker** bypass that could expose protected volumes. The vendor rele...

Timeline

  1. 13.01.2026 20:34 2 articles · 5mo ago

    Microsoft releases January 2026 Patch Tuesday with 114 fixes

    Initial Disclosure

    Microsoft released January 2026 Patch Tuesday security updates for 114 flaws in Windows and related components, including one actively exploited zero-day and two publicly disclosed zero-days. The bundle also includes eight Critical vulnerabilities.

    Show sources
  2. 13.01.2026 20:34 1 articles · 5mo ago

    CVE-2026-20805 affects Desktop Window Manager and leaks memory information

    Technical Analysis Update

    CVE-2026-20805 is an actively exploited information disclosure flaw in Desktop Window Manager that can let a locally authorized attacker disclose sensitive memory information, including a section address from a remote ALPC port. Microsoft attributes the issue to Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC).

    Show sources
  3. 13.01.2026 20:34 1 articles · 5mo ago

    Microsoft renews Secure Boot certificates and removes vulnerable Agere drivers

    Mitigation Patch Update

    Microsoft renewed Windows Secure Boot trust-chain certificates that were nearing expiration and removed the vulnerable agrsm64.sys and agrsm.sys Agere Soft Modem drivers in the January 2026 cumulative update. The update addresses the CVE-2026-21265 Secure Boot bypass risk and the CVE-2023-31096 driver elevation-of-privilege issue.

    Show sources