On January 13, Microsoft released its January 2026 Patch Tuesday release which patched 113 CVEs with eight rated as critical and 105 rated as important. This month's update included patches for two zero-days, one of which was exploited in the wild.

CVE-2026-20805 is an information disclosure vulnerability affecting Desktop Window Manager. It was assigned a CVSSv3 score of 5.5 and was rated as important. Successful exploitation allows an authenticated attacker to access sensitive data. According to Microsoft, this vulnerability was exploited in the wild as a zero-day.

This month’s update includes patches for:

• Azure Connected Machine Agent
• Azure Core shared client library for Python
• Capability Access Management Service (camsvc)
• Connected Devices Platform Service (Cdpsvc)
• Desktop Window Manager
• Dynamic Root of Trust for Measurement (DRTM)
• Graphics Kernel
• Host Process for Windows Tasks
• Inbox COM Objects
• Microsoft Graphics Component
• Microsoft Office
• Microsoft Office Excel
• Microsoft Office SharePoint
• Microsoft Office Word
• Printer Association Object
• SQL Server
• Tablet Windows User Interface (TWINUI) Subsystem
• Windows Admin Center
• Windows Ancillary Function Driver for WinSock
• Windows Client-Side Caching (CSC) Service
• Windows Clipboard Server
• Windows Cloud Files Mini Filter Driver
• Windows Common Log File System Driver
• Windows DWM
• Windows Deployment Services
• Windows Error Reporting
• Windows File Explorer
• Windows HTTP.sys
• Windows Hello
• Windows Hyper-V
• Windows Installer
• Windows Internet Connection Sharing (ICS)
• Windows Kerberos
• Windows Kernel
• Windows Kernel Memory
• Windows Kernel-Mode Drivers
• Windows LDAP - Lightweight Directory Access Protocol
• Windows Local Security Authority Subsystem Service (LSASS)
• Windows Local Session Manager (LSM)
• Windows Management Services
• Windows Media
• Windows NDIS
• Windows NTFS
• Windows NTLM
• Windows Remote Assistance
• Windows Remote Procedure Call
• Windows Remote Procedure Call Interface Definition Language (IDL)
• Windows Routing and Remote Access Service (RRAS)
• Windows SMB Server
• Windows Secure Boot
• Windows Server Update Service
• Windows Shell
• Windows TPM
• Windows Telephony Service
• Windows Virtualization-Based Security (VBS) Enclave
• Windows WalletService
• Windows Win32K - ICOMP

For more information, please visit our blog.