Microsoft January 2026 Security Updates

Security 10918 Published by

Microsoft has released its January 2026 security updates, addressing a total of 112 separate vulnerabilities across various parts of the Windows operating system and server software. The updates aim to resolve these issues in relevant components, including critical vulnerabilities in the Windows Server Update Service component with a CVSS score of 8.1.





Microsoft January 2026 Security Updates

Microsoft has released its January 2026 security updates. These roll out across Windows Deployment Services, SQL Server, and various other parts of the operating system and server software.

The updates tackle a total of 112 separate vulnerabilities identified through Common Vulnerabilities and Exposures reporting. They're designed to resolve these issues one by one in relevant components.

A particularly nasty vulnerability exists within the Windows Server Update Service component. It carries a CVSS score of 8.1, meaning it's rated highly for severity because attackers could potentially exploit it remotely without needing any user interaction; that makes it especially concerning since users might not even be aware it's happening.

While the SQL Server update covers multiple flaws ranging from lower to higher impact levels, other affected areas include Windows Management Services and Windows Hello. The list also extends to components like LSASS (Local Security Authority Subsystem Service).

Notably, there's an issue in NTFS with a CVSS score of 7.8; attackers could leverage that flaw for potentially more widespread or targeted attacks than lower-scored flaws.

Two vulnerabilities are listed specifically within the Routing and Remote Access Service, RRAS, carrying CVSS scores of 7.8 and 8.8, respectively, suggesting these specific issues warrant close attention due to their potential risk level.

Security Update Guide - Microsoft Security Response Center

TagCVEBase ScoreExploitability
Windows Deployment Services CVE-2026-03867.5Exploitation Unlikely
SQL Server CVE-2026-208037.2Exploitation Less Likely
Windows Hello CVE-2026-208047.7Exploitation Unlikely
Desktop Window Manager CVE-2026-208055.5Exploitation Detected
Printer Association Object CVE-2026-208087.0Exploitation Less Likely
Windows Kernel Memory CVE-2026-208097.8Exploitation Less Likely
Windows Ancillary Function Driver for WinSock CVE-2026-208107.8Exploitation Less Likely
Windows Win32K - ICOMP CVE-2026-208117.8Exploitation Less Likely
Windows LDAP - Lightweight Directory Access Protocol CVE-2026-208126.5Exploitation Less Likely
Graphics Kernel CVE-2026-208147.0Exploitation Less Likely
Capability Access Management Service (camsvc) CVE-2026-208157.0Exploitation Less Likely
Windows Installer CVE-2026-208167.8Exploitation More Likely
Windows Error Reporting CVE-2026-208177.8Exploitation More Likely
Windows Kernel CVE-2026-208186.2Exploitation Unlikely
Windows Virtualization-Based Security (VBS) Enclave CVE-2026-208195.5Exploitation Less Likely
Windows Common Log File System Driver CVE-2026-208207.8Exploitation More Likely
Windows Remote Procedure Call CVE-2026-208216.2Exploitation Unlikely
Microsoft Graphics Component CVE-2026-208227.8Exploitation Less Likely
Windows File Explorer CVE-2026-208235.5Exploitation Unlikely
Windows Remote Assistance CVE-2026-208245.5Exploitation Less Likely
Windows Hyper-V CVE-2026-208254.4Exploitation Less Likely
Tablet Windows User Interface (TWINUI) Subsystem CVE-2026-208267.8Exploitation Less Likely
Tablet Windows User Interface (TWINUI) Subsystem CVE-2026-208275.5Exploitation Unlikely
Windows Internet Connection Sharing (ICS) CVE-2026-208284.6Exploitation Less Likely
Windows TPM CVE-2026-208295.5Exploitation Less Likely
Capability Access Management Service (camsvc) CVE-2026-208307.0Exploitation Unlikely
Windows Ancillary Function Driver for WinSock CVE-2026-208317.8Exploitation Less Likely
Windows Remote Procedure Call Interface Definition Language (IDL) CVE-2026-208327.8Exploitation Less Likely
Windows Kerberos CVE-2026-208335.5Exploitation Less Likely
Windows Shell CVE-2026-208344.6Exploitation Less Likely
Capability Access Management Service (camsvc) CVE-2026-208355.5Exploitation Less Likely
Graphics Kernel CVE-2026-208367.0Exploitation Less Likely
Windows Media CVE-2026-208377.8Exploitation Less Likely
Windows Kernel CVE-2026-208385.5Exploitation Less Likely
Windows Client-Side Caching (CSC) Service CVE-2026-208395.5Exploitation Unlikely
Windows NTFS CVE-2026-208407.8Exploitation More Likely
Windows DWM CVE-2026-208427.0Exploitation Less Likely
Windows Routing and Remote Access Service (RRAS) CVE-2026-208437.8Exploitation More Likely
Windows Clipboard Server CVE-2026-208447.4Exploitation Less Likely
Windows Shell CVE-2026-208476.5Exploitation Unlikely
Windows SMB Server CVE-2026-208487.5Exploitation Unlikely
Windows Kerberos CVE-2026-208497.5Exploitation Unlikely
Capability Access Management Service (camsvc) CVE-2026-208516.2Exploitation Less Likely
Windows Hello CVE-2026-208527.7Exploitation Less Likely
Windows WalletService CVE-2026-208537.4Exploitation Less Likely
Windows Local Security Authority Subsystem Service (LSASS) CVE-2026-208547.5Exploitation Less Likely
Windows Server Update Service CVE-2026-208568.1Exploitation Less Likely
Windows Cloud Files Mini Filter Driver CVE-2026-208577.8Exploitation Unlikely
Windows Management Services CVE-2026-208587.8Exploitation Less Likely
Windows Kernel-Mode Drivers CVE-2026-208597.8Exploitation Less Likely
Windows Ancillary Function Driver for WinSock CVE-2026-208607.8Exploitation More Likely
Windows Management Services CVE-2026-208617.8Exploitation Less Likely
Windows Management Services CVE-2026-208625.5Exploitation Unlikely
Windows Win32K - ICOMP CVE-2026-208637.0Exploitation Less Likely
Connected Devices Platform Service (Cdpsvc) CVE-2026-208647.8Exploitation Unlikely
Windows Management Services CVE-2026-208657.8Exploitation Less Likely
Windows Management Services CVE-2026-208667.8Exploitation Less Likely
Windows Management Services CVE-2026-208677.8Exploitation Unlikely
Windows Routing and Remote Access Service (RRAS) CVE-2026-208688.8Exploitation Less Likely
Windows Local Session Manager (LSM) CVE-2026-208697.0Exploitation Less Likely
Windows Win32K - ICOMP CVE-2026-208707.8Exploitation Less Likely
Desktop Window Manager CVE-2026-208717.8Exploitation More Likely
Windows NTLM CVE-2026-208726.5Exploitation Less Likely
Windows Management Services CVE-2026-208737.8Exploitation Less Likely
Windows Management Services CVE-2026-208747.8Exploitation Less Likely
Windows Local Security Authority Subsystem Service (LSASS) CVE-2026-208757.5Exploitation Less Likely
Windows Virtualization-Based Security (VBS) Enclave CVE-2026-208766.7Exploitation Less Likely
Windows Management Services CVE-2026-208777.8Exploitation Less Likely
Windows Management Services CVE-2026-209187.8Exploitation Unlikely
Windows SMB Server CVE-2026-209197.5Exploitation Unlikely
Windows Win32K - ICOMP CVE-2026-209207.8Exploitation Unlikely
Windows SMB Server CVE-2026-209217.5Exploitation Unlikely
Windows NTFS CVE-2026-209227.8Exploitation More Likely
Windows Management Services CVE-2026-209237.8Exploitation Less Likely
Windows Management Services CVE-2026-209247.8Exploitation Less Likely
Windows NTLM CVE-2026-209256.5Exploitation Less Likely
Windows SMB Server CVE-2026-209267.5Exploitation Unlikely
Windows SMB Server CVE-2026-209275.3Exploitation Unlikely
Windows HTTP.sys CVE-2026-209297.5Exploitation Unlikely
Windows Telephony Service CVE-2026-209318.0Exploitation Unlikely
Windows File Explorer CVE-2026-209325.5Exploitation Unlikely
Windows SMB Server CVE-2026-209347.5Exploitation Unlikely
Windows Virtualization-Based Security (VBS) Enclave CVE-2026-209356.2Exploitation Less Likely
Windows NDIS CVE-2026-209364.3Exploitation Unlikely
Windows File Explorer CVE-2026-209375.5Exploitation Unlikely
Windows Virtualization-Based Security (VBS) Enclave CVE-2026-209387.8Exploitation Less Likely
Windows File Explorer CVE-2026-209395.5Exploitation Unlikely
Windows Cloud Files Mini Filter Driver CVE-2026-209407.8Exploitation Unlikely
Host Process for Windows Tasks CVE-2026-209417.8Exploitation Less Likely
Microsoft Office CVE-2026-209437.0Exploitation Less Likely
Microsoft Office Word CVE-2026-209448.4Exploitation Less Likely
Microsoft Office Excel CVE-2026-209467.8Exploitation Less Likely
Microsoft Office SharePoint CVE-2026-209478.8Exploitation Unlikely
Microsoft Office Word CVE-2026-209487.8Exploitation Less Likely
Microsoft Office Excel CVE-2026-209497.8Exploitation Less Likely
Microsoft Office Excel CVE-2026-209507.8Exploitation Less Likely
Microsoft Office SharePoint CVE-2026-209517.8Exploitation Less Likely
Microsoft Office CVE-2026-209528.4Exploitation Less Likely
Microsoft Office CVE-2026-209538.4Exploitation Less Likely
Microsoft Office Excel CVE-2026-209557.8Exploitation Less Likely
Microsoft Office Excel CVE-2026-209567.8Exploitation Less Likely
Microsoft Office Excel CVE-2026-209577.8Exploitation Less Likely
Microsoft Office SharePoint CVE-2026-209585.4Exploitation Less Likely
Microsoft Office SharePoint CVE-2026-209594.6Exploitation Less Likely
Dynamic Root of Trust for Measurement (DRTM) CVE-2026-209624.4Exploitation Less Likely
Microsoft Office SharePoint CVE-2026-209638.8Exploitation Less Likely
Windows Admin Center CVE-2026-209657.5Exploitation Less Likely
Inbox COM Objects CVE-2026-212197.0Exploitation Unlikely
Capability Access Management Service (camsvc) CVE-2026-212217.0Exploitation Unlikely
Azure Connected Machine Agent CVE-2026-212247.8Exploitation Less Likely
Azure Core shared client library for Python CVE-2026-212267.5Exploitation Less Likely
Windows Secure Boot CVE-2026-212656.4Exploitation Less Likely

Win10

Security Update Guide - Microsoft Security Response Center

Wine Staging 11.0 released

Ubiquiti UXG-Lite Review and more

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...