MS Family January 2026 Routine Security Update Advisory
Overview
Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. users of affected products are advised to update to the latest version.
Affected Products
Azure Family
Azure Connected Machine Agent
Azure Core shared client library for Python
Windows Admin Center in Azure Portal
Developer Tools suite
Windows SDK
ESU Family
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Microsoft Office Suite
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office Deployment Tool
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC 2024 for 32-bit editions
Microsoft Office LTSC 2024 for 64-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft Office LTSC for Mac 2024
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2019
Microsoft SharePoint Server Subscription Edition
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
Office Online Server
SQL Server Family
Microsoft SQL Server 2022 for x64-based Systems (CU 22)
Microsoft SQL Server 2022 for x64-based Systems (GDR)
Microsoft SQL Server 2025 for x64-based Systems (GDR)
Windows Family
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 25H2 for ARM64-based Systems
Windows 11 Version 25H2 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows Server 2025
Windows Server 2025 (Server Core installation)
Resolved Vulnerabilities
8 vulnerabilities rated Critical and 106 rated Important were found.
Azure family
Critical elevation of privilege vulnerability in Azure Connected Machine Agent (CVE-2026-21224)
Critical remote code execution vulnerability in Azure Core shared client library for Python (CVE-2026-21226)
Critical elevation of privilege vulnerability in Windows Admin Center (CVE-2026-20965)
Developer Tools Suite
Critical remote code execution vulnerability in Inbox COM Objects (CVE-2026-21219)
Microsoft Office Suite
Critical Remote Code Execution Vulnerability in Microsoft Office Excel (CVE-2026-20955, CVE-2026-20957)
Critical Security Feature Bypass Vulnerability in Microsoft Office Excel (CVE-2026-20949)
Critical remote code execution vulnerabilities in Microsoft Office Excel (CVE-2026-20946, CVE-2026-20956, CVE-2026-20950)
Critical spoofing vulnerability in Microsoft Office SharePoint (CVE-2026-20959)
Critical remote code execution vulnerabilities in Microsoft Office SharePoint (CVE-2026-20951, CVE-2026-20963, CVE-2026-20947)
Critical information disclosure vulnerability in Microsoft Office SharePoint (CVE-2026-20958)
Critical remote code execution vulnerability in Microsoft Office Word (CVE-2026-20944)
Critical-grade remote code execution vulnerability in Microsoft Office Word (CVE-2026-20948)
Critical-rated remote code execution vulnerabilities in Microsoft Office (CVE-2026-20953, CVE-2026-20952)
Critical-grade remote code execution vulnerability in Microsoft Office (CVE-2026-20943)
SQL Server Family
Critical elevation of privilege vulnerability in SQL Server (CVE-2026-20803)
Windows Family
Critical elevation of privilege vulnerability in Agere Windows Modem Driver (CVE-2023-31096)
Critical elevation of privilege vulnerabilities in Capability Access Management Service (camsvc) (CVE-2026-20815, CVE-2026-20830, CVE-2026-21221)
Critical information disclosure vulnerabilities in Capability Access Management Service (camsvc) (CVE-2026-20835, CVE-2026-20851)
Critical elevation of privilege vulnerability in the Connected Devices Platform Service (Cdpsvc) (CVE-2026-20864)
Critical elevation of privilege vulnerability in Desktop Window Manager (CVE-2026-20871)
Critical information disclosure vulnerability in Desktop Window Manager (CVE-2026-20805)
Critical information disclosure vulnerability in Dynamic Root of Trust for Measurement (DRTM) (CVE-2026-20962)
Critical elevation of privilege vulnerabilities in Graphics Kernel (CVE-2026-20814, CVE-2026-20836)
Critical elevation of privilege vulnerability in Host Process for Windows Tasks (CVE-2026-20941)
Urgent elevation of privilege vulnerability in Microsoft Graphics Component (CVE-2026-20822)
Critical elevation of privilege vulnerability in Printer Association Object (CVE-2026-20808)
Critical elevation of privilege vulnerability in the Tablet Windows User Interface (TWINUI) Subsystem (CVE-2026-20826)
Critical Information Disclosure Vulnerability in the Tablet Windows User Interface (TWINUI) Subsystem (CVE-2026-20827)
Critical elevation of privilege vulnerabilities in the Windows Ancillary Function Driver for WinSock (CVE-2026-20810, CVE-2026-20831, CVE-2026-20860)
Critical information disclosure vulnerability in Windows Client-Side Caching (CSC) Service (CVE-2026-20839)
Critical elevation of privilege vulnerability in Windows Clipboard Server (CVE-2026-20844)
Critical elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver (CVE-2026-20857, CVE-2026-20940)
Critical elevation of privilege vulnerability in Windows Common Log File System Driver (CVE-2026-20820)
Critical elevation of privilege vulnerability in Windows DWM (CVE-2026-20842)
Critical remote code execution vulnerability in Windows Deployment Services (CVE-2026-0386)
Critical elevation of privilege vulnerability in Windows Error Reporting (CVE-2026-20817)
Critical information disclosure vulnerabilities in Windows File Explorer (CVE-2026-20823, CVE-2026-20932, CVE-2026-20937, CVE-2026-20939)
Critical elevation of privilege vulnerability in Windows HTTP.sys (CVE-2026-20929)
Critical Tampering Vulnerability in Windows Hello (CVE-2026-20804, CVE-2026-20852)
Critical information disclosure vulnerability in Windows Hyper-V (CVE-2026-20825)
Critical elevation of privilege vulnerability in Windows Installer (CVE-2026-20816)
Critical information disclosure vulnerability in Windows Internet Connection Sharing (ICS) (CVE-2026-20828)
Critical elevation of privilege vulnerability in Windows Kerberos (CVE-2026-20849)
Critical information disclosure vulnerability in Windows Kerberos (CVE-2026-20833)
Critical elevation of privilege vulnerability in Windows Kernel Memory (CVE-2026-20809)
Critical elevation of privilege vulnerability in Windows Kernel-Mode Drivers (CVE-2026-20859)
Critical information disclosure vulnerabilities in the Windows Kernel (CVE-2026-20818, CVE-2026-20838)
Critical Tampering Vulnerability in Windows LDAP – Lightweight Directory Access Protocol (CVE-2026-20812)
Critical remote code execution vulnerability in Windows Local Security Authority Subsystem Service (LSASS) (CVE-2026-20854)
Critical-grade denial-of-service vulnerability in Windows Local Security Authority Subsystem Service (LSASS) (CVE-2026-20875)
Critical elevation of privilege vulnerability in Windows Local Session Manager (LSM) (CVE-2026-20869)
Critical elevation of privilege vulnerabilities in Windows Management Services (CVE-2026-20858, CVE-2026-20865, CVE-2026-20877, CVE-2026-20918, CVE-2026-20923, CVE-2026-20924, CVE-2026-20861, CVE-2026-20866, CVE-2026-20867, CVE-2026-20873, CVE-2026-20874)
Critical information disclosure vulnerability in Windows Management Services (CVE-2026-20862)
Critical remote code execution vulnerability in Windows Media (CVE-2026-20837)
Critical elevation of privilege vulnerability in Windows Motorola Soft Modem Driver (CVE-2024-55414)
Critical information disclosure vulnerability in Windows NDIS (CVE-2026-20936)
Critical remote code execution vulnerabilities in Windows NTFS (CVE-2026-20840, CVE-2026-20922)
Critical spoofing vulnerabilities in Windows NTLM (CVE-2026-20925, CVE-2026-20872)
Critical security feature bypass vulnerability in Windows Remote Assistance (CVE-2026-20824)
Critical elevation of privilege vulnerability in Windows Remote Procedure Call Interface Definition Language (IDL) (CVE-2026-20832)
Critical information disclosure vulnerability in Windows Remote Procedure Call (CVE-2026-20821)
Critical elevation of privilege vulnerability in Windows Routing and Remote Access Service (RRAS) (CVE-2026-20843)
Critical remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) (CVE-2026-20868)
Critical elevation of privilege vulnerabilities in Windows SMB Server (CVE-2026-20919, CVE-2026-20921, CVE-2026-20926, CVE-2026-20934, CVE-2026-20848)
Critical denial of service vulnerability in Windows SMB Server (CVE-2026-20927)
Critical security feature bypass vulnerability in Windows Secure Boot (CVE-2026-21265)
Critical remote code execution vulnerability in Windows Server Update Service (CVE-2026-20856)
Critical spoofing vulnerabilities in Windows Shell (CVE-2026-20834, CVE-2026-20847)
Critical information disclosure vulnerability in Windows TPM (CVE-2026-20829)
Critical elevation of privilege vulnerability in Windows Telephony Service (CVE-2026-20931)
Urgent-grade privilege escalation vulnerability in Windows Virtualization-Based Security (VBS) Enclave (CVE-2026-20876)
Critical-grade privilege escalation vulnerability in Windows Virtualization-Based Security (VBS) Enclave (CVE-2026-20938)
Critical information disclosure vulnerabilities in Windows Virtualization-Based Security (VBS) Enclave (CVE-2026-20819, CVE-2026-20935)
Critical elevation of privilege vulnerability in Windows WalletService (CVE-2026-20853)
Critical elevation of privilege vulnerabilities in Windows Win32K – ICOMP (CVE-2026-20811, CVE-2026-20920, CVE-2026-20863, CVE-2026-20870)
Vulnerability Patches
The following product-specific Vulnerability Patches were made available with the January 13, 2026 Update Please use the Windows Update feature for automatic installation or refer to the URLs in the product information below to download and install.