Microsoft’s January 2026 Patch Tuesday release addresses 114 security vulnerabilities across Windows, Office, and other Microsoft products, including one flaw that is being actively exploited in the wild.
Actively Exploited Vulnerability
CVE-2026-20805 (CVSS 5.5) is an information disclosure vulnerability in Windows Desktop Window Manager. The flaw has been added to CISA’s Known Exploited Vulnerabilities catalog, with federal agencies required to patch by February 3, 2026.
Vulnerability Breakdown
| Severity | Count |
|---|---|
| Critical | 9 |
| Important | 98 |
| Moderate | 7 |
Critical Vulnerabilities
The nine critical vulnerabilities include remote code execution flaws in:
- Windows Hyper-V
- Windows LDAP
- Microsoft Office
- Windows OLE
- .NET Framework
Known Issues
Microsoft is investigating reports that some Windows 11 devices are failing to boot with “UNMOUNTABLE_BOOT_VOLUME” errors after installing the January 2026 security updates. Affected users should boot into Windows Recovery Environment and run startup repair.
Patching Recommendations
- Prioritize CVE-2026-20805 due to active exploitation
- Test critical system patches in staging environments first
- Monitor for boot issues on Windows 11 devices
- Review Microsoft’s release notes for known issues affecting your environment
Additional Updates
This Patch Tuesday also includes updates for:
- Microsoft Edge (Chromium-based)
- Microsoft Defender
- Azure services
- Visual Studio
Organizations should review the full security update guide on the Microsoft Security Response Center website.