Microsoft January 2026 Patch Tuesday 114-flaw security update (multiple vulnerabilities)
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft released its January 2026 Patch Tuesday update, fixing 114 flaws and raising urgency because it includes one actively exploited issue and two publicly disclosed zero-days. The bundle matters because it covers both a live in-the-wild flaw and certificate/driver issues that affect Windows trust and privilege boundaries.
Related Happenings
Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498
Security Patch Release
First: 21.05.2026 10:49
Last: 21.05.2026 10:49
Sources 1
About this happening:
Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...
Microsoft security patch release for CVE-2026-41091 and CVE-2026-45498
Security Patch ReleaseAbout this happening: Microsoft rolled out security updates for Defender and related malware protection components to address two zero-days: CVE-2026-41091 and CVE-2026-45498. The fixes cover affected...
Latest development: 21.05.2026 12:52
Microsoft released patches for Microsoft Defender Antimalware Platform version 4.18.26040.7 to address CVE-2026-41091, a link-following privilege-escalation flaw that can let an authorized attacker elevate privileges locally to System, and CVE-2026-45498, a denial-of-service flaw. Microsoft said both vulnerabilities were publicly disclosed and exploited in the wild as zero-days. CISA added both flaws to its Known Exploited Vulnerabilities (KEV) list and urged federal agencies to patch them by June 3.
Windows BitLocker YellowKey mitigation guidance (CVE-2026-45585)
Advisory/Mitigation
First: 20.05.2026 10:31
Last: 20.05.2026 10:31
Sources 1
About this happening:
Microsoft issued **mitigation guidance** for **YellowKey**, a **Windows BitLocker zero-day** that can expose **BitLocker-protected drives** before the security update is available...
Windows BitLocker YellowKey mitigation guidance (CVE-2026-45585)
Advisory/MitigationAbout this happening: Microsoft issued **mitigation guidance** for **YellowKey**, a **Windows BitLocker zero-day** that can expose **BitLocker-protected drives** before the security update is available...
Microsoft Windows 11 KB5089549 cumulative update
Security Patch Release
First: 18.05.2026 11:33
Last: 18.05.2026 11:33
Sources 1
About this happening:
Microsoft's **KB5089549** **Windows 11** security update is failing to install on some systems, forcing affected devices to roll back during reboot. The problem is tied to a nearl...
Microsoft Windows 11 KB5089549 cumulative update
Security Patch ReleaseAbout this happening: Microsoft's **KB5089549** **Windows 11** security update is failing to install on some systems, forcing affected devices to roll back during reboot. The problem is tied to a nearl...
Microsoft Edge stops loading saved passwords into cleartext memory at startup
Security Tool/Service
First: 15.05.2026 17:49
Last: 15.05.2026 17:49
Sources 1
About this happening:
**Microsoft Edge** is changing its built-in password manager so **saved passwords** are no longer loaded into **process memory in clear text** at startup, reducing the risk of loc...
Microsoft Edge stops loading saved passwords into cleartext memory at startup
Security Tool/ServiceAbout this happening: **Microsoft Edge** is changing its built-in password manager so **saved passwords** are no longer loaded into **process memory in clear text** at startup, reducing the risk of loc...
Microsoft adds Cloud-Initiated Driver Recovery for Windows Update driver rollbacks
Security Tool/Service
First: 15.05.2026 15:29
Last: 15.05.2026 15:29
Sources 1
About this happening:
Microsoft is adding **Cloud-Initiated Driver Recovery** to **Windows Update**, giving it a remote rollback control for **problematic Windows drivers**. The capability reduces how...
Microsoft adds Cloud-Initiated Driver Recovery for Windows Update driver rollbacks
Security Tool/ServiceAbout this happening: Microsoft is adding **Cloud-Initiated Driver Recovery** to **Windows Update**, giving it a remote rollback control for **problematic Windows drivers**. The capability reduces how...
Timeline
-
13.01.2026 20:34 2 articles · 4mo ago
Microsoft releases January 2026 Patch Tuesday with 114 fixes
Initial DisclosureMicrosoft released January 2026 Patch Tuesday security updates for 114 flaws in Windows and related components, including one actively exploited zero-day and two publicly disclosed zero-days. The bundle also includes eight Critical vulnerabilities.
Show sources
- Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws — www.bleepingcomputer.com — 13.01.2026 20:34
- Microsoft Fixes Three Zero-Days on Busy Patch Tuesday — www.infosecurity-magazine.com — 14.01.2026 12:45
-
13.01.2026 20:34 1 articles · 4mo ago
CVE-2026-20805 affects Desktop Window Manager and leaks memory information
Technical Analysis UpdateCVE-2026-20805 is an actively exploited information disclosure flaw in Desktop Window Manager that can let a locally authorized attacker disclose sensitive memory information, including a section address from a remote ALPC port. Microsoft attributes the issue to Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC).
Show sources
- Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws — www.bleepingcomputer.com — 13.01.2026 20:34
-
13.01.2026 20:34 1 articles · 4mo ago
Microsoft renews Secure Boot certificates and removes vulnerable Agere drivers
Mitigation Patch UpdateMicrosoft renewed Windows Secure Boot trust-chain certificates that were nearing expiration and removed the vulnerable agrsm64.sys and agrsm.sys Agere Soft Modem drivers in the January 2026 cumulative update. The update addresses the CVE-2026-21265 Secure Boot bypass risk and the CVE-2023-31096 driver elevation-of-privilege issue.
Show sources
- Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws — www.bleepingcomputer.com — 13.01.2026 20:34