Microsoft January 2026 Patch Tuesday 114-flaw security update (multiple vulnerabilities)
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft released its January 2026 Patch Tuesday update, fixing 114 flaws and raising urgency because it includes one actively exploited issue and two publicly disclosed zero-days. The bundle matters because it covers both a live in-the-wild flaw and certificate/driver issues that affect Windows trust and privilege boundaries.
Related Happenings
Microsoft Defender BlueHammer (CVE-2026-33825) ransomware exploitation wave
Exploitation Wave
H score41
First: 30.06.2026 11:53
Last: 30.06.2026 11:53
Sources 1
About this happening:
CISA has flagged **BlueHammer (CVE-2026-33825)** as exploited in **ransomware campaigns**, expanding the risk to **Windows devices** exposed to privilege escalation. The flaw in *...
Microsoft Defender BlueHammer (CVE-2026-33825) ransomware exploitation wave
Exploitation WaveAbout this happening: CISA has flagged **BlueHammer (CVE-2026-33825)** as exploited in **ransomware campaigns**, expanding the risk to **Windows devices** exposed to privilege escalation. The flaw in *...
CERT/CC UEFI DBX mitigation for vendor-signed applications
Advisory/Mitigation
H score28
First: 19.06.2026 21:33
Last: 19.06.2026 21:33
Sources 1
About this happening:
**CERT/CC** issued mitigation guidance to apply **UEFI Forbidden Signature Database (DBX)** updates, reducing **Secure Boot bypass** risk for affected vendor-signed **UEFI applica...
CERT/CC UEFI DBX mitigation for vendor-signed applications
Advisory/MitigationAbout this happening: **CERT/CC** issued mitigation guidance to apply **UEFI Forbidden Signature Database (DBX)** updates, reducing **Secure Boot bypass** risk for affected vendor-signed **UEFI applica...
Microsoft releases RoguePlanet Defender security update for CVE-2026-50656
Security Patch Release
H score32
First: 17.06.2026 20:36
Last: 17.06.2026 20:36
Sources 1
About this happening:
**Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...
Microsoft releases RoguePlanet Defender security update for CVE-2026-50656
Security Patch ReleaseAbout this happening: **Microsoft** has released a **security update** for **CVE-2026-50656**, remediating **RoguePlanet** in the **Microsoft Malware Protection Engine (mpengine.dll)**. The flaw is a *...
Latest development: 09.07.2026 11:48
Microsoft released security updates for CVE-2026-50656, remediating the RoguePlanet privilege-escalation flaw in Microsoft Malware Protection Engine (mpengine.dll) with version 1.1.26060.3008 and additional defense-in-depth updates. Microsoft said no customer action is required to install the update.
ESET analysis of SprySOCKS Windows variants adds IOC-backed detection guidance
Technical Analysis
H score34
First: 16.06.2026 12:00
Last: 16.06.2026 12:00
Sources 1
About this happening:
**ESET** identified previously undocumented **Windows variants** of **SprySOCKS**, a backdoor attributed to **FishMonger** and linked to **I-Soon**. The **WIN_DRV** and **WIN_PLUS...
ESET analysis of SprySOCKS Windows variants adds IOC-backed detection guidance
Technical AnalysisAbout this happening: **ESET** identified previously undocumented **Windows variants** of **SprySOCKS**, a backdoor attributed to **FishMonger** and linked to **I-Soon**. The **WIN_DRV** and **WIN_PLUS...
Microsoft YellowKey patch release (CVE-2026-45585)
Security Patch Release
H score20
First: 11.06.2026 20:43
Last: 11.06.2026 20:43
Sources 1
About this happening:
Microsoft's **Patch Tuesday** updates this week patched **YellowKey (CVE-2026-45585)**, closing a **Windows BitLocker** bypass that could expose protected volumes. The vendor rele...
Microsoft YellowKey patch release (CVE-2026-45585)
Security Patch ReleaseAbout this happening: Microsoft's **Patch Tuesday** updates this week patched **YellowKey (CVE-2026-45585)**, closing a **Windows BitLocker** bypass that could expose protected volumes. The vendor rele...
Timeline
-
13.01.2026 20:34 2 articles · 5mo ago
Microsoft releases January 2026 Patch Tuesday with 114 fixes
Initial DisclosureMicrosoft released January 2026 Patch Tuesday security updates for 114 flaws in Windows and related components, including one actively exploited zero-day and two publicly disclosed zero-days. The bundle also includes eight Critical vulnerabilities.
Show sources
- Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws — www.bleepingcomputer.com — 13.01.2026 20:34
- Microsoft Fixes Three Zero-Days on Busy Patch Tuesday — www.infosecurity-magazine.com — 14.01.2026 12:45
-
13.01.2026 20:34 1 articles · 5mo ago
CVE-2026-20805 affects Desktop Window Manager and leaks memory information
Technical Analysis UpdateCVE-2026-20805 is an actively exploited information disclosure flaw in Desktop Window Manager that can let a locally authorized attacker disclose sensitive memory information, including a section address from a remote ALPC port. Microsoft attributes the issue to Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC).
Show sources
- Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws — www.bleepingcomputer.com — 13.01.2026 20:34
-
13.01.2026 20:34 1 articles · 5mo ago
Microsoft renews Secure Boot certificates and removes vulnerable Agere drivers
Mitigation Patch UpdateMicrosoft renewed Windows Secure Boot trust-chain certificates that were nearing expiration and removed the vulnerable agrsm64.sys and agrsm.sys Agere Soft Modem drivers in the January 2026 cumulative update. The update addresses the CVE-2026-21265 Secure Boot bypass risk and the CVE-2023-31096 driver elevation-of-privilege issue.
Show sources
- Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws — www.bleepingcomputer.com — 13.01.2026 20:34