This report contains detail for the following vulnerabilities:
| CVE Issued by | Tag | CVE ID | CVE Title |
|---|---|---|---|
| MITRE Corporation | Agere Windows Modem Driver | CVE-2023-31096 | MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability |
| Microsoft | Azure Connected Machine Agent | CVE-2026-21224 | Azure Connected Machine Agent Elevation of Privilege Vulnerability |
| Microsoft | Azure Core shared client library for Python | CVE-2026-21226 | Azure Core shared client library for Python Remote Code Execution Vulnerability |
| Microsoft | Capability Access Management Service (camsvc) | CVE-2026-20851 | Capability Access Management Service (camsvc) Information Disclosure Vulnerability |
| Microsoft | Capability Access Management Service (camsvc) | CVE-2026-20835 | Capability Access Management Service (camsvc) Information Disclosure Vulnerability |
| Microsoft | Capability Access Management Service (camsvc) | CVE-2026-20815 | Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability |
| Microsoft | Capability Access Management Service (camsvc) | CVE-2026-21221 | Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability |
| Microsoft | Capability Access Management Service (camsvc) | CVE-2026-20830 | Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability |
| Microsoft | Connected Devices Platform Service (Cdpsvc) | CVE-2026-20864 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability |
| Microsoft | Desktop Window Manager | CVE-2026-20871 | Desktop Windows Manager Elevation of Privilege Vulnerability |
| Microsoft | Desktop Window Manager | CVE-2026-20805 | Desktop Window Manager Information Disclosure Vulnerability |
| Microsoft | Dynamic Root of Trust for Measurement (DRTM) | CVE-2026-20962 | Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability |
| Microsoft | Graphics Kernel | CVE-2026-20836 | DirectX Graphics Kernel Elevation of Privilege Vulnerability |
| Microsoft | Graphics Kernel | CVE-2026-20814 | DirectX Graphics Kernel Elevation of Privilege Vulnerability |
| Microsoft | Host Process for Windows Tasks | CVE-2026-20941 | Host Process for Windows Tasks Elevation of Privilege Vulnerability |
| Microsoft | Inbox COM Objects | CVE-2026-21219 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability |
| Linux | Mariner | CVE-2025-68758 | backlight: led-bl: Add devlink to supplier LEDs |
| Linux | Mariner | CVE-2025-68756 | block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock |
| Linux | Mariner | CVE-2025-68763 | crypto: starfive - Correctly handle return of sg_nents_for_len |
| GitHub_M | Mariner | CVE-2026-21444 | libtpms returns wrong initialization vector when certain symmetric ciphers are used |
| Linux | Mariner | CVE-2025-68759 | wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() |
| Linux | Mariner | CVE-2025-68766 | irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() |
| Linux | Mariner | CVE-2025-68753 | ALSA: firewire-motu: add bounds check in put_user loop for DSP events |
| Linux | Mariner | CVE-2025-68765 | mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() |
| Linux | Mariner | CVE-2025-68757 | drm/vgem-fence: Fix potential deadlock on release |
| Linux | Mariner | CVE-2025-68764 | NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags |
| Linux | Mariner | CVE-2025-68755 | staging: most: remove broken i2c driver |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2026-0628 | Chromium: CVE-2026-0628 Insufficient policy enforcement in WebView tag |
| Microsoft | Microsoft Graphics Component | CVE-2026-20822 | Windows Graphics Component Elevation of Privilege Vulnerability |
| Microsoft | Microsoft Office | CVE-2026-20952 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office | CVE-2026-20943 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability |
| Microsoft | Microsoft Office | CVE-2026-20953 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Excel | CVE-2026-20956 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Excel | CVE-2026-20946 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Excel | CVE-2026-20955 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Excel | CVE-2026-20949 | Microsoft Excel Security Feature Bypass Vulnerability |
| Microsoft | Microsoft Office Excel | CVE-2026-20957 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Excel | CVE-2026-20950 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office SharePoint | CVE-2026-20963 | Microsoft SharePoint Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office SharePoint | CVE-2026-20958 | Microsoft SharePoint Information Disclosure Vulnerability |
| Microsoft | Microsoft Office SharePoint | CVE-2026-20951 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office SharePoint | CVE-2026-20947 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office SharePoint | CVE-2026-20959 | Microsoft SharePoint Server Spoofing Vulnerability |
| Microsoft | Microsoft Office Word | CVE-2026-20944 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Word | CVE-2026-20948 | Microsoft Word Remote Code Execution Vulnerability |
| Microsoft | Printer Association Object | CVE-2026-20808 | Windows File Explorer Elevation of Privilege Vulnerability |
| Microsoft | SQL Server | CVE-2026-20803 | Microsoft SQL Server Elevation of Privilege Vulnerability |
| Microsoft | Tablet Windows User Interface (TWINUI) Subsystem | CVE-2026-20827 | Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability |
| Microsoft | Tablet Windows User Interface (TWINUI) Subsystem | CVE-2026-20826 | Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability |
| Microsoft | Windows Admin Center | CVE-2026-20965 | Windows Admin Center Elevation of Privilege Vulnerability |
| Microsoft | Windows Ancillary Function Driver for WinSock | CVE-2026-20810 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| Microsoft | Windows Ancillary Function Driver for WinSock | CVE-2026-20860 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| Microsoft | Windows Ancillary Function Driver for WinSock | CVE-2026-20831 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| Microsoft | Windows Client-Side Caching (CSC) Service | CVE-2026-20839 | Windows Client-Side Caching (CSC) Service Information Disclosure Vulnerability |
| Microsoft | Windows Clipboard Server | CVE-2026-20844 | Windows Clipboard Server Elevation of Privilege Vulnerability |
| Microsoft | Windows Cloud Files Mini Filter Driver | CVE-2026-20940 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| Microsoft | Windows Cloud Files Mini Filter Driver | CVE-2026-20857 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| Microsoft | Windows Common Log File System Driver | CVE-2026-20820 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Microsoft | Windows Deployment Services | CVE-2026-0386 | Windows Deployment Services Remote Code Execution Vulnerability |
| Microsoft | Windows DWM | CVE-2026-20842 | Microsoft DWM Core Library Elevation of Privilege Vulnerability |
| Microsoft | Windows Error Reporting | CVE-2026-20817 | Windows Error Reporting Service Elevation of Privilege Vulnerability |
| Microsoft | Windows File Explorer | CVE-2026-20932 | Windows File Explorer Information Disclosure Vulnerability |
| Microsoft | Windows File Explorer | CVE-2026-20937 | Windows File Explorer Information Disclosure Vulnerability |
| Microsoft | Windows File Explorer | CVE-2026-20939 | Windows File Explorer Information Disclosure Vulnerability |
| Microsoft | Windows File Explorer | CVE-2026-20823 | Windows File Explorer Information Disclosure Vulnerability |
| Microsoft | Windows Hello | CVE-2026-20804 | Windows Hello Tampering Vulnerability |
| Microsoft | Windows Hello | CVE-2026-20852 | Windows Hello Tampering Vulnerability |
| Microsoft | Windows HTTP.sys | CVE-2026-20929 | Windows HTTP.sys Elevation of Privilege Vulnerability |
| Microsoft | Windows Hyper-V | CVE-2026-20825 | Windows Hyper-V Information Disclosure Vulnerability |
| Microsoft | Windows Installer | CVE-2026-20816 | Windows Installer Elevation of Privilege Vulnerability |
| Microsoft | Windows Internet Connection Sharing (ICS) | CVE-2026-20828 | Windows rndismp6.sys Information Disclosure Vulnerability |
| Microsoft | Windows Kerberos | CVE-2026-20849 | Windows Kerberos Elevation of Privilege Vulnerability |
| Microsoft | Windows Kerberos | CVE-2026-20833 | Windows Kerberos Information Disclosure Vulnerability |
| Microsoft | Windows Kernel | CVE-2026-20818 | Windows Kernel Information Disclosure Vulnerability |
| Microsoft | Windows Kernel | CVE-2026-20838 | Windows Kernel Information Disclosure Vulnerability |
| Microsoft | Windows Kernel Memory | CVE-2026-20809 | Windows Kernel Memory Elevation of Privilege Vulnerability |
| Microsoft | Windows Kernel-Mode Drivers | CVE-2026-20859 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
| Microsoft | Windows LDAP - Lightweight Directory Access Protocol | CVE-2026-20812 | LDAP Tampering Vulnerability |
| Microsoft | Windows Local Security Authority Subsystem Service (LSASS) | CVE-2026-20854 | Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability |
| Microsoft | Windows Local Security Authority Subsystem Service (LSASS) | CVE-2026-20875 | Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability |
| Microsoft | Windows Local Session Manager (LSM) | CVE-2026-20869 | Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20862 | Windows Management Services Information Disclosure Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20861 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20866 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20867 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20874 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20865 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20924 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20918 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20858 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20877 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20923 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Management Services | CVE-2026-20873 | Windows Management Services Elevation of Privilege Vulnerability |
| Microsoft | Windows Media | CVE-2026-20837 | Windows Media Remote Code Execution Vulnerability |
| MITRE Corporation | Windows Motorola Soft Modem Driver | CVE-2024-55414 | Windows Motorola Soft Modem Driver Elevation of Privilege Vulnerability |
| Microsoft | Windows NDIS | CVE-2026-20936 | Windows NDIS Information Disclosure Vulnerability |
| Microsoft | Windows NTFS | CVE-2026-20840 | Windows NTFS Remote Code Execution Vulnerability |
| Microsoft | Windows NTFS | CVE-2026-20922 | Windows NTFS Remote Code Execution Vulnerability |
| Microsoft | Windows NTLM | CVE-2026-20925 | NTLM Hash Disclosure Spoofing Vulnerability |
| Microsoft | Windows NTLM | CVE-2026-20872 | NTLM Hash Disclosure Spoofing Vulnerability |
| Microsoft | Windows Remote Assistance | CVE-2026-20824 | Windows Remote Assistance Security Feature Bypass Vulnerability |
| Microsoft | Windows Remote Procedure Call | CVE-2026-20821 | Remote Procedure Call Information Disclosure Vulnerability |
| Microsoft | Windows Remote Procedure Call Interface Definition Language (IDL) | CVE-2026-20832 | Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability |
| Microsoft | Windows Routing and Remote Access Service (RRAS) | CVE-2026-20843 | Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability |
| Microsoft | Windows Routing and Remote Access Service (RRAS) | CVE-2026-20868 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| Microsoft | Windows Secure Boot | CVE-2026-21265 | Secure Boot Certificate Expiration Security Feature Bypass Vulnerability |
| Microsoft | Windows Server Update Service | CVE-2026-20856 | Windows Server Update Service (WSUS) Remote Code Execution Vulnerability |
| Microsoft | Windows Shell | CVE-2026-20834 | Windows Spoofing Vulnerability |
| Microsoft | Windows Shell | CVE-2026-20847 | Microsoft Windows File Explorer Spoofing Vulnerability |
| Microsoft | Windows SMB Server | CVE-2026-20921 | Windows SMB Server Elevation of Privilege Vulnerability |
| Microsoft | Windows SMB Server | CVE-2026-20919 | Windows SMB Server Elevation of Privilege Vulnerability |
| Microsoft | Windows SMB Server | CVE-2026-20934 | Windows SMB Server Elevation of Privilege Vulnerability |
| Microsoft | Windows SMB Server | CVE-2026-20926 | Windows SMB Server Elevation of Privilege Vulnerability |
| Microsoft | Windows SMB Server | CVE-2026-20927 | Windows SMB Server Denial of Service Vulnerability |
| Microsoft | Windows SMB Server | CVE-2026-20848 | Windows SMB Server Elevation of Privilege Vulnerability |
| Microsoft | Windows Telephony Service | CVE-2026-20931 | Windows Telephony Service Elevation of Privilege Vulnerability |
| Microsoft | Windows TPM | CVE-2026-20829 | TPM Trustlet Information Disclosure Vulnerability |
| Microsoft | Windows Virtualization-Based Security (VBS) Enclave | CVE-2026-20876 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability |
| Microsoft | Windows Virtualization-Based Security (VBS) Enclave | CVE-2026-20819 | Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability |
| Microsoft | Windows Virtualization-Based Security (VBS) Enclave | CVE-2026-20935 | Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability |
| Microsoft | Windows Virtualization-Based Security (VBS) Enclave | CVE-2026-20938 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability |
| Microsoft | Windows WalletService | CVE-2026-20853 | Windows WalletService Elevation of Privilege Vulnerability |
| Microsoft | Windows Win32K - ICOMP | CVE-2026-20920 | Win32k Elevation of Privilege Vulnerability |
| Microsoft | Windows Win32K - ICOMP | CVE-2026-20863 | Win32k Elevation of Privilege Vulnerability |
| Microsoft | Windows Win32K - ICOMP | CVE-2026-20870 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| Microsoft | Windows Win32K - ICOMP | CVE-2026-20811 | Win32k Elevation of Privilege Vulnerability |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20962
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.4/TemporalScore:3.9
Executive Summary: Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Windows cryptographic secrets. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20962 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20962 | Andrea Allievi Hilal Asmat |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| CVE-2026-21265
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Secure Boot Certificate Expiration Security Feature Bypass Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.4/TemporalScore:5.6
Executive Summary: Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes related to Windows boot manager or Secure Boot. The operating system’s certificate update protection mechanism relies on firmware components that might contain defects, which can cause certificate trust updates to fail or behave unpredictably. This leads to potential disruption of the Secure Boot trust chain and requires careful validation and deployment to restore intended security guarantees.
For more information see this CVE and Windows Secure Boot certificate expiration and CA updates. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass Secure Boot. Where can I find more information about Windows Secure Boot certificate expiration? To understand more about Windows Secure Boot and the importance of taking immediate action to renew your certificates see Windows Secure Boot certificate expiration and CA updates. See also the following links for the actions you need to take based on your Windows device:
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to have a deep understanding of the system and the ability to manipulate its components to trigger a specific condition. Successful exploitation is not guaranteed and depends on a combination of factors that may include the environment, system configuration, and the presence of additional security measures. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Security Feature Bypass | ||||||||||||||||||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | Yes | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-21265 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Security Feature Bypass | 5071543 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Security Feature Bypass | 5071543 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Security Feature Bypass | 5071544 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Security Feature Bypass | 5071544 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Security Feature Bypass | 5071417 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Security Feature Bypass | 5071417 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Security Feature Bypass | 5071505 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Security Feature Bypass | 5071505 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Security Feature Bypass | 5071503 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Security Feature Bypass | 5071503 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Security Feature Bypass | 5071543 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Security Feature Bypass | 5071543 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Security Feature Bypass | 5071544 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Security Feature Bypass | 5071544 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Security Feature Bypass | 5071547 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Security Feature Bypass | 5071547 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Security Feature Bypass | 5071542 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 6.4 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-21265 | Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-0386
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Deployment Services Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Improper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network. FAQ: Are there additional steps I need to take to be protected from this vulnerability? Admins should take the following steps to be protected from CVE-2026-0386:
This security protection will be enabled by default in a future security update release and no additional administrator action will be required. How is Microsoft addressing this vulnerability? To address this vulnerability, by default the hands-free deployment feature will not be supported beginning with a security update in a future release in mid-2026. Why is the WDS Unattended Installation feature being deprecated? The legacy WDS workflow transmits unattend.xml over unauthenticated RPC, exposing sensitive credentials during PXE boot. This creates a security risk, including potential machine-in-the-middle (MITM) attacks. To strengthen security posture, Microsoft is enforcing authenticated RPC by default and removing the insecure workflow. Isn’t using WDS within a network-isolated environment sufficient to mitigate this vulnerability? Even in isolated networks, unauthenticated RPC introduces attack surfaces that can be exploited internally. Security best practices require eliminating unencrypted credential transmission and enforcing authenticated channels. What is the impact of this change? Hands-free deployments that rely on unauthenticated RPC will no longer work by default. Administrators can override this behavior via a registry key (See Windows Deployment Services (WDS) Hands-Free Deployment Hardening Guidance, but this is not recommended for production environments. Are there any recommended alternative solutions? Please see Windows Deployment Services (WDS) boot.wim support for alternate recommendations by Microsoft. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack. According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability? An authenticated attacker could exploit this vulnerability with LAN access. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-0386 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Remote Code Execution | 5071501 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Remote Code Execution | 5071501 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Remote Code Execution | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Remote Code Execution | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Remote Code Execution | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Remote Code Execution | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Remote Code Execution | 5071542 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-0386 | Microsoft Offensive Research and Security Engineering (MORSE) with Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| CVE-2026-20803
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft SQL Server Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.2/TemporalScore:6.3
Executive Summary: Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network. FAQ: I am running SQL Server on my system. What action do I need to take? Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates. There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?
Note If your SQL Server version number is not represented in the table below, your SQL Server version is no longer supported. Please upgrade to the latest Service Pack or SQL Server product to apply this and future security updates.
What are the GDR and CU update designations and how do they differ? The General Distribution Release (GDR) and Cumulative Update (CU) designations correspond to the two different servicing options in place for SQL Server baseline releases. A baseline can be either an RTM release or a Service Pack release.
For any given baseline, either the GDR or CU updates could be options (see below).
Note: You are allowed to make a change from GDR updates to CU updates ONE TIME. Once a SQL Server CU update is applied to a SQL Server installation, there is NO way to go back to the GDR update path. Can the security updates be applied to SQL Server instances on Windows Azure (IaaS)? Yes. SQL Server instances on Windows Azure (IaaS) can be offered the security updates through Microsoft Update, or customers can download the security updates from Microsoft Download Center and apply them manually. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain debugging privileges including the ability to dump memory. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20803 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft SQL Server 2022 for x64-based Systems (CU 22) | 5072936 (Security Update) | Important | Elevation of Privilege | 5068450 |
Base: 7.2 Temporal: 6.3 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.4230.2 |
Maybe | None |
| Microsoft SQL Server 2022 for x64-based Systems (GDR) | 5073031 (Security Update) | Important | Elevation of Privilege | 5068407 |
Base: 7.2 Temporal: 6.3 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.1165.1 |
Maybe | None |
| Microsoft SQL Server 2025 for x64-based Systems (GDR) | 5073177 (Security Update) | Important | Elevation of Privilege | Base: 7.2 Temporal: 6.3 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.0.1050.2 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2026-20803 | Anonymous Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20965
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Admin Center Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker to invest in some measurable amount of effort in preparation or execution against the vulnerable component before a successful attack can be expected. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited the vulnerability could gain local admin privileges on targeted WAC-managed machines within a tenant. According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? This vulnerability could lead to the attacker gaining the ability to interact with other tenant’s applications and content. How could an attacker exploit this vulnerability? An attacker with local administrator privileges could exploit this vulnerability by sending a specially crafted HTTPS request to the targeted head node. How do I get the update for Windows Admin Center (WAC) in Azure? You can upgrade WAC in the Portal extension on your VM on Azure Portal by:
For more information see Manage a Windows VM using Windows Admin Center in Azure Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20965 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Admin Center in Azure Portal | Release Notes (Security Update) | Important | Elevation of Privilege | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
0.70.0.0 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2026-20965 | Ben Zamir with Cymulate Ilan Kalenadrov with Cymulate Elad Beber with Cymulate |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20804
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Hello Tampering Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.7/TemporalScore:6.7
Executive Summary: Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Tampering | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20804 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Tampering | 5071417 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Tampering | 5071417 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Tampering | 5071547 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Tampering | 5071547 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Tampering | 5071542 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20804 | Microsoft Offensive Research & Security Engineering |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20805
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Desktop Window Manager Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is a section address from a remote ALPC port which is user-mode memory. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Detected | No | Yes |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20805 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20805 | Microsoft Threat Intelligence Center and Microsoft Security Response Center Microsoft Threat Intelligence Center and Microsoft Security Response Center |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20808
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows File Explorer Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Printer Association Object allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain the privileges of the compromised user. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20808 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20808 | Taewoo (Tae_ω02) |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20809
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kernel Memory Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Time-of-check time-of-use (toctou) race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain Kernel Memory Access. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20809 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20809 | Microsoft Offensive Research & Security Engineering |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20810
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Free of memory not on the heap in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20810 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20810 | haowei yan(jingdong dawnslab) |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20811
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20811 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20811 | Daniil Romanovych |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20812
MITRE NVD Issuing CNA: Microsoft |
CVE Title: LDAP Tampering Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Executive Summary: Improper input validation in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to perform tampering over a network. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Tampering | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20812 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Tampering | 5071417 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Tampering | 5071417 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Tampering | 5071547 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Tampering | 5071547 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Tampering | 5071542 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Tampering | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Tampering | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20812 | Active Directory team with Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20814
MITRE NVD Issuing CNA: Microsoft |
CVE Title: DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20814 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20814 | cyanbamboo and b2ahex |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20815
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20815 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20815 | k0shl |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20816
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Installer Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Time-of-check time-of-use (toctou) race condition in Windows Installer allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20816 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20816 | JaGoTu with DCIT, a.s. |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20817
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Error Reporting Service Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20817 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20817 | Ruslan Sayfiev with GMO Cybersecurity by Ierae Denis Faiustov with GMO Cybersecurity by Ierae |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20818
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kernel Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.2/TemporalScore:5.4
Executive Summary: Insertion of sensitive information into log file in Windows Kernel allows an unauthorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20818 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20818 | Microsoft Offensive Research & Security Engineering |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20819
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could view Virtual Trust Level 1 (VTL1) data from Virtual Trust 0 (VTL0) which is the least privileged level. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20819 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20819 | Microsoft Offensive Research and Security Engineering |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20820
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20820 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20820 | 0rb1t with None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20821
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Remote Procedure Call Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.2/TemporalScore:5.4
Executive Summary: Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an unauthorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is one byte of kernel memory could be leaked back to the attacker. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20821 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Information Disclosure | 5071501 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Information Disclosure | 5071501 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20821 | Communications Security Establishment |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20822
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Graphics Component Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In a GPU paravirtualization scenario, an attacker who successfully exploited this vulnerability could traverse the guest’s security boundary to gain access to the host environment. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Critical | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20822 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Critical | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Critical | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Critical | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Critical | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Critical | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Critical | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Critical | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Critical | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Critical | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Critical | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Critical | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Critical | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Critical | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Critical | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Critical | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Critical | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Critical | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Critical | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Critical | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20822 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20823
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows File Explorer Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L),but lead to no loss of availability (A:N) and integrity (I:N)? What does that mean for this vulnerability? An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability). What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an address from an object operating at a High Integrity Level in a contained ("sandboxed") execution environment. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20823 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20823 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20824
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Remote Assistance Security Feature Bypass Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. * In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file. What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited the vulnerability could evade Mark of the Web (MOTW) defenses. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Security Feature Bypass | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20824 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Security Feature Bypass | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Security Feature Bypass | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Security Feature Bypass | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Security Feature Bypass | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Security Feature Bypass | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Security Feature Bypass | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Security Feature Bypass | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Security Feature Bypass | 5071505 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Security Feature Bypass | 5071505 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Security Feature Bypass | 5071503 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Security Feature Bypass | 5071503 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Security Feature Bypass | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Security Feature Bypass | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Security Feature Bypass | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Security Feature Bypass | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Security Feature Bypass | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Security Feature Bypass | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Security Feature Bypass | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Security Feature Bypass | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20824 | Allan Hedegaard with GPV Group A/S |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20825
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Hyper-V Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.4/TemporalScore:3.9
Executive Summary: Improper access control in Windows Hyper-V allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Guest VM to Hyper-V host server - virtualization security boundary. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20825 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.4 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20825 | Andrey Markovytch |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20826
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Tablet Windows User Interface (TWINUI) Subsystem allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20826 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20826 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20827
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Exposure of sensitive information to an unauthorized actor in Tablet Windows User Interface (TWINUI) Subsystem allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20827 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20827 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20828
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows rndismp6.sys Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.6/TemporalScore:4.0
Executive Summary: Out-of-bounds read in Windows Internet Connection Sharing (ICS) allows an unauthorized attacker to disclose information with a physical attack. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20828 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Information Disclosure | 5071501 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Information Disclosure | 5071501 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20828 | B1aN |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20829
MITRE NVD Issuing CNA: Microsoft |
CVE Title: TPM Trustlet Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is secrets or privileged information belonging to the user of the affected application. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20829 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20829 | Microsoft Offensive Research & Security Engineering |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20831
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Time-of-check time-of-use (toctou) race condition in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20831 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20831 | Angelboy (@scwuaptx) with DEVCORE dungnm with Viettel Cyber Security Lê Trần Hải Tùng with Viettel Cyber Security |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20832
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Remote Procedure Call Interface Definition Language (IDL) Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could create, modify, or delete files in the security context of the "NT AUTHORITY\SYSTEM" account. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20832 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20832 | Pwnforr777 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20833
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kerberos Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Use of a broken or risky cryptographic algorithm in Windows Kerberos allows an authorized attacker to disclose information locally. FAQ: Are there other steps that need to be done to protect from exploitation of this vulnerability? Yes, please see How to manage Kerberos protocol changes related to CVE-2026-20833 for more information about how to protect from this vulnerability. What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is secrets or privileged information belonging to the user of the affected application. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20833 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Information Disclosure | 5071501 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Information Disclosure | 5071501 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20833 | Windows Authentication Platform team |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20834
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.6/TemporalScore:4.0
Executive Summary: Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a physical attack. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Spoofing | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20834 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Spoofing | 5071417 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Spoofing | 5071417 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Spoofing | 5071501 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Spoofing | 5071501 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Spoofing | 5071505 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Spoofing | 5071505 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Spoofing | 5071503 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Spoofing | 5071503 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Spoofing | 5071547 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Spoofing | 5071547 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Spoofing | 5071542 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Spoofing | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Spoofing | 5072033 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20834 | Nacl |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20835
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Capability Access Management Service (camsvc) Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Out-of-bounds read in Capability Access Management Service (camsvc) allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read the memory of the Capability Access Manager service. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20835 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20835 | Jongseong Kim (nevul37), SEC-agent team Hwiwon Lee (hwiwonl), SEC-agent team k0shl |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20836
MITRE NVD Issuing CNA: Microsoft |
CVE Title: DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Graphics Kernel allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20836 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20836 | cyanbamboo and b2ahex |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20837
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Media Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20837 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Remote Code Execution | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Remote Code Execution | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Remote Code Execution | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20837 | Kai Lu with Palo Alto Networks |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20838
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kernel Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20838 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20838 | Microsoft Offensive Research & Security Engineering |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20839
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Client-Side Caching (CSC) Service Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read portions of heap memory. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20839 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Information Disclosure | 5071501 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Information Disclosure | 5071501 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20839 | Microsoft Offensive Research & Security Engineering |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20840
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows NTFS Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20840 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Remote Code Execution | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Remote Code Execution | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Remote Code Execution | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Remote Code Execution | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Remote Code Execution | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Remote Code Execution | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Remote Code Execution | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Remote Code Execution | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Remote Code Execution | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20840 | Sergey Tarasov with Positive Technologies |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20842
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? For an attacker to exploit this vulnerability, they would need to have knowledge of a specific operation that triggers a memory allocation failure, specifically a use after free. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20842 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20842 | Varun Goel |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20844
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Clipboard Server Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.4/TemporalScore:6.4
Executive Summary: Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20844 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20844 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2023-31096
MITRE NVD Issuing CNA: MITRE Corporation |
CVE Title: MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.2
Executive Summary: Microsoft is aware of vulnerabilities in the third party Agere Soft Modem drivers that ship natively with supported Windows operating systems. This is an announcement of the removal of agrsm64.sys and agrsm.sys drivers. The drivers have been removed in the January 2026 cumulative update. Soft modem hardware dependent on these specific drivers will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware. This vulnerability was documented in 2023 via a CVE-2023-31096 issued by MITRE. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Is the vulnerability only exploitable if the Agere Soft Modem is actively being used? No. All supported versions of Windows can be affected by a successful exploitation of this vulnerability, even if the modem is not actively being used. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | Yes | No |
The following tables list the affected software details for the vulnerability.
| CVE-2023-31096 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 7.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2023-31096 | Zeze with TeamT5 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20847
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Windows File Explorer Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Executive Summary: Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Spoofing | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20847 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Spoofing | 5071417 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Spoofing | 5071417 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Spoofing | 5071501 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Spoofing | 5071501 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Spoofing | 5071505 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Spoofing | 5071505 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Spoofing | 5071503 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Spoofing | 5071503 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Spoofing | 5071547 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Spoofing | 5071547 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Spoofing | 5071542 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20847 | Ruben Enkaoua |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20851
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Capability Access Management Service (camsvc) Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.2/TemporalScore:5.4
Executive Summary: Out-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20851 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20851 | k0shl |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20852
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Hello Tampering Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.7/TemporalScore:6.7
Executive Summary: Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Tampering | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20852 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Tampering | 5071546 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Tampering | 5071417 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Tampering | 5071417 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Tampering | 5071543 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Tampering | 5071544 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Tampering | 5071547 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Tampering | 5071547 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Tampering | 5071542 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Tampering | 5072033 |
Base: 7.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20852 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20856
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.1
Executive Summary: Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? The attacker must inject themselves into the logical network path between the target and the resource requested by the victim to read or modify network communications. This is called a machine-in-the-middle (MITM) attack. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20856 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Remote Code Execution | 5071417 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Remote Code Execution | 5071417 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Remote Code Execution | 5071505 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Remote Code Execution | 5071505 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Remote Code Execution | 5071503 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Remote Code Execution | 5071503 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Remote Code Execution | 5071542 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.1 Temporal: 7.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20856 | Chris Ward |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20857
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Untrusted pointer dereference in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20857 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20857 | haowei yan(jingdong dawnslab) |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20858
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.9
Executive Summary: Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20858 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:T/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20858 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20859
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20859 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20859 | hazard |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20860
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20860 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20860 | Angelboy (@scwuaptx) with DEVCORE |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20864
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20864 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20864 | Zhang WangJunJie, He YiSheng with Hillstone Networks Security Research Institute |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20865
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20865 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20865 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20869
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Local Session Manager (LSM) allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20869 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20869 | Jose Polo Bolano with Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20875
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. FAQ: None Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20875 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Denial of Service | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Denial of Service | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Denial of Service | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Denial of Service | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Denial of Service | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Denial of Service | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Denial of Service | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Denial of Service | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Denial of Service | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Denial of Service | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Denial of Service | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Denial of Service | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Denial of Service | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Denial of Service | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Denial of Service | 5071501 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Denial of Service | 5071501 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Denial of Service | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Denial of Service | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Denial of Service | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Denial of Service | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Denial of Service | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Denial of Service | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Denial of Service | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Denial of Service | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Denial of Service | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Denial of Service | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Denial of Service | 5071542 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Denial of Service | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Denial of Service | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20875 | Ziran Lin with Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20876
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.7/TemporalScore:5.8
Executive Summary: Heap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain Virtual Trust Level 2 (VTL2) privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Critical | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20876 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Critical | Elevation of Privilege | 5071417 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Critical | Elevation of Privilege | 5071417 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Critical | Elevation of Privilege | 5071542 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Critical | Elevation of Privilege | 5072033 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20876 | Andrey Markovytch and Kas Dekel with Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20877
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20877 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20877 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20918
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20918 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20918 | Anonymous Jongseong Kim (nevul37), SEC-agent team Hwiwon Lee (develacker), SEC-agent team |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20919
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows SMB Server Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20919 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20919 | Microsoft Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20920
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20920 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20920 | Varun Goel |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20921
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows SMB Server Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20921 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20921 | Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20922
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows NTFS Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20922 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Remote Code Execution | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Remote Code Execution | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Remote Code Execution | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Remote Code Execution | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Remote Code Execution | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Remote Code Execution | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Remote Code Execution | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Remote Code Execution | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Remote Code Execution | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20922 | Sergey Tarasov with Positive Technologies |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20923
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20923 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20923 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20924
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20924 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20924 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20925
MITRE NVD Issuing CNA: Microsoft |
CVE Title: NTLM Hash Disclosure Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Executive Summary: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Minimal interaction with a malicious file by a user such as selecting (single-click), inspecting (right-click), or performing an action other than opening or executing the file could trigger this vulnerability. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Spoofing | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20925 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Spoofing | 5071417 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Spoofing | 5071417 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Spoofing | 5071501 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Spoofing | 5071501 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Spoofing | 5071505 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Spoofing | 5071505 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Spoofing | 5071503 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Spoofing | 5071503 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Spoofing | 5071547 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Spoofing | 5071547 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Spoofing | 5071542 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20925 | Richard Medlin (BoDYRoTx) |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20926
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows SMB Server Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20926 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20926 | Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20927
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows SMB Server Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:4.6
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20927 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Denial of Service | 5071543 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Denial of Service | 5071543 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Denial of Service | 5071544 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Denial of Service | 5071544 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Denial of Service | 5071546 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Denial of Service | 5071417 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Denial of Service | 5071417 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Denial of Service | 5072033 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Denial of Service | 5072033 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Denial of Service | 5072033 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Denial of Service | 5072033 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Denial of Service | 5071504 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Denial of Service | 5071504 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Denial of Service | 5071504 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Denial of Service | 5071504 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Denial of Service | 5071501 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Denial of Service | 5071501 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Denial of Service | 5071505 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Denial of Service | 5071505 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Denial of Service | 5071503 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Denial of Service | 5071503 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Denial of Service | 5071543 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Denial of Service | 5071543 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Denial of Service | 5071544 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Denial of Service | 5071544 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Denial of Service | 5071547 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Denial of Service | 5071547 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Denial of Service | 5071542 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Denial of Service | 5072033 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Denial of Service | 5072033 |
Base: 5.3 Temporal: 4.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20927 | Microsoft Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20932
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows File Explorer Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an address from an object operating at a High Integrity Level in a contained ("sandboxed") execution environment. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20932 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20932 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20934
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows SMB Server Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20934 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20934 | Microsoft Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20938
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain Virtual Trust Level 1 (VTL1) privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20938 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20938 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20940
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20940 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20940 | Vimal Sindh |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20943
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain ADMINISTRATOR privileges. Are there additional steps I need to take to be protected from this vulnerability? Customers should download the latest Office Deployment Tool (ODT) and ensure that this version, or any newer version, is used for all future deployments to remain protected against CVE-2026-20943. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? A user would need to be tricked into opening a folder that contains a specially crafted file. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20943 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Office 2016 (32-bit edition) | 5002826 (Security Update) | Important | Remote Code Execution | 5002819 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Office 2016 (64-bit edition) | 5002826 (Security Update) | Important | Remote Code Execution | 5002819 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Office Deployment Tool | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.19426.20170 |
Maybe | None | |
| Microsoft SharePoint Enterprise Server 2016 | 5002828 (Security Update) | Important | Remote Code Execution | 5002821 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1001 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002825 (Security Update) | Important | Remote Code Execution | 5002816 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20083 |
Maybe | None |
| Microsoft SharePoint Server Subscription Edition | 5002822 (Security Update) | Important | Remote Code Execution | 5002815 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.19127.20442 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2026-20943 | Kazuma Matsumoto, Security Researcher at GMO Cybersecurity by IERAE, Inc. |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20944
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Executive Summary: Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. Is the Preview Pane an attack vector for this vulnerability? Yes, the Preview Pane is an attack vector. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20944 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2026-20944 | Mose Nilsson |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20946
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20946 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Excel 2016 (32-bit edition) | 5002831 (Security Update) | Important | Remote Code Execution | 5002820 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Excel 2016 (64-bit edition) | 5002831 (Security Update) | Important | Remote Code Execution | 5002820 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2026-20946 | wh1tc@Kunlun lab& devoke & Zhiniang Peng with HUST |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20951
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user must open or load attacker‑controlled content—such as importing a malicious WSDL or opening a file—so the application processes it and triggers the vulnerability. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20951 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft SharePoint Enterprise Server 2016 | 5002828 (Security Update) | Important | Remote Code Execution | 5002821 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1001 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002825 (Security Update) | Important | Remote Code Execution | 5002816 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20083 |
Maybe | None |
| Microsoft SharePoint Server Subscription Edition | 5002822 (Security Update) | Important | Remote Code Execution | 5002815 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.19127.20442 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2026-20951 | Piotr Bazydło (@chudypb) |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20953
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Executive Summary: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file. How could an attacker exploit this vulnerability? Exploitation of this vulnerability requires that an attacker send a malicious link to the victim via email, or that they convince the user to click the link, typically by way of an enticement in an email or Instant Messenger message. In the worst-case email attack scenario, an attacker could send a specially crafted email to the user without a requirement that the victim open, read, or click on the link. This could result in the attacker executing remote code on the victim's machine. When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk (UI:N). Is the Preview Pane an attack vector for this vulnerability? Yes, the Preview Pane is an attack vector. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20953 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2016 (32-bit edition) | 5002826 (Security Update) | Critical | Remote Code Execution | 5002819 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Office 2016 (64-bit edition) | 5002826 (Security Update) | Critical | Remote Code Execution | 5002819 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2026-20953 | wh1tc@Kunlun lab & devoke & Zhiniang Peng with HUST wh1tc@Kunlun lab & devoke & Zhiniang Peng with HUST |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20955
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. FAQ: Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20955 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Office Online Server | 5002824 (Security Update) | Critical | Remote Code Execution | 5002817 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20083 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2026-20955 | Minjea Park |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20956
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20956 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2026-20956 | Minjea Park |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20959
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft SharePoint Server Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.6/TemporalScore:4.0
Executive Summary: Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability? An authorized attacker must send the user a malicious link and convince the user to open it. According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability? An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability). Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Spoofing | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20959 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft SharePoint Enterprise Server 2016 | 5002828 (Security Update) | Important | Spoofing | 5002821 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
16.0.5535.1001 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002825 (Security Update) | Important | Spoofing | 5002816 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
16.0.10417.20083 |
Maybe | None |
| Microsoft SharePoint Server Subscription Edition | 5002822 (Security Update) | Important | Spoofing | 5002815 |
Base: 4.6 Temporal: 4.0 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
16.0.19127.20442 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2026-20959 | Martin Wrona (martin_jw) with Digitec Galaxus AG |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20963
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft SharePoint Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. How could an attacker exploit the vulnerability? In a network-based attack, an attacker authenticated as at least a Site Owner, could write arbitrary code to inject and execute code remotely on the SharePoint Server. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20963 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft SharePoint Enterprise Server 2016 | 5002828 (Security Update) | Important | Remote Code Execution | 5002821 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1001 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002825 (Security Update) | Important | Remote Code Execution | 5002816 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20083 |
Maybe | None |
| Microsoft SharePoint Server Subscription Edition | 5002822 (Security Update) | Important | Remote Code Execution | 5002815 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.19127.20442 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2026-20963 | Anonymous f7d8c52bec79e42795cf15888b85cbad Anonymous Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20830
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20830 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2025 | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20830 | k0shl |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-21221
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-21221 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 24H2 for ARM64-based Systems | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2025 | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-21221 | k0shl |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-21224
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metric, the attack vector is local (AV:L). What does that mean for this vulnerability? An attacker could trigger this vulnerability remotely by having valid permissions on the Azure Resource Manager (ARM) API to access the Azure Relay. In the worst case scenario, an attacker could locally trigger this vulnerability by running code as a lower-privileged user on the same computer that Azure Arc is running on (AV:L). When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-21224 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Connected Machine Agent | Release Notes (Windows Update) Release Notes (Linux Update) |
Important | Elevation of Privilege | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
1.60.03293.2680 1.60.03293.809 |
No | None | |
| CVE ID | Acknowledgements |
| CVE-2026-21224 | Amir Gombo with Microsoft Yonatan Migdal with Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20947
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. How could an attacker exploit the vulnerability? In a network-based attack, an authenticated attacker, who has a minimum of Site Member permissions (PR:L), could execute code remotely on the SharePoint Server. There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software? Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20947 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft SharePoint Enterprise Server 2016 | 5002828 (Security Update) 5002827 (Security Update) |
Important | Remote Code Execution | 5002821 5002804 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1001 16.0.5535.1000 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002825 (Security Update) 5002823 (Security Update) |
Important | Remote Code Execution | 5002816 5002802 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20083 |
Maybe | None |
| Microsoft SharePoint Server Subscription Edition | 5002822 (Security Update) | Important | Remote Code Execution | 5002815 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.19127.20442 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2026-20947 | 41ae55e9310ff27fa6f26af4727e5590 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20843
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20843 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20843 | Ezrakie |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20848
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows SMB Server Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20848 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20848 | Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20849
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kerberos Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? A high attack complexity means the attacker must be able to perform a precise machine‑in‑the‑middle modification of Kerberos traffic, which requires specific network positioning and conditions to succeed. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20849 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20849 | Naveen |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20853
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows WalletService Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.4/TemporalScore:6.4
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain the privileges of the compromised user. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20853 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20853 | Zhang WangJunJie, He YiSheng with Hillstone Networks Security Research Institute |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20854
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Use after free in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An attacker with the ability to modify certain directory attributes could provide crafted data that causes the system to reference invalid memory during authentication, potentially leading to a crash or other unintended behavior. According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20854 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Critical | Remote Code Execution | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Critical | Remote Code Execution | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Critical | Remote Code Execution | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Critical | Remote Code Execution | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Critical | Remote Code Execution | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Critical | Remote Code Execution | 5072033 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20854 | Howard McGreehan with MSRC V&M |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-21219
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-21219 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows SDK | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7463 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2026-21219 | Zhiniang Peng with HUST & R4nger with CyberKunLun |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20861
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20861 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20861 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20862
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Exposure of sensitive information to an unauthorized actor in Windows Management Services allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read portions of process memory. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20862 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20862 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20863
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.0/TemporalScore:6.1
Executive Summary: Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20863 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.0 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20863 | goodbyeselene |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20866
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20866 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20866 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20867
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20867 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20867 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20868
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. FAQ: How could an attacker exploit this vulnerability? An attacker authenticated on the domain could exploit this vulnerability by tricking a domain-joined user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20868 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Remote Code Execution | 5071546 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Remote Code Execution | 5071417 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Remote Code Execution | 5071417 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Remote Code Execution | 5071504 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Remote Code Execution | 5071501 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Remote Code Execution | 5071501 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Remote Code Execution | 5071505 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Remote Code Execution | 5071505 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Remote Code Execution | 5071503 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Remote Code Execution | 5071503 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Remote Code Execution | 5071543 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Remote Code Execution | 5071544 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Remote Code Execution | 5071547 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Remote Code Execution | 5071542 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Remote Code Execution | 5072033 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20868 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20870
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20870 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20870 | goodbyeselene |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20871
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Desktop Windows Manager Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20871 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20871 | Anonymous working with Trend Zero Day Initiative |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20872
MITRE NVD Issuing CNA: Microsoft |
CVE Title: NTLM Hash Disclosure Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:5.7
Executive Summary: External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Minimal interaction with a malicious file by a user such as selecting (single-click), inspecting (right-click), or performing an action other than opening or executing the file could trigger this vulnerability. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Spoofing | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20872 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Spoofing | 5071546 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Spoofing | 5071417 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Spoofing | 5071417 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Spoofing | 5071504 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Spoofing | 5071501 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Spoofing | 5071501 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Spoofing | 5071505 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Spoofing | 5071505 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Spoofing | 5071503 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Spoofing | 5071503 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Spoofing | 5071543 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Spoofing | 5071544 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Spoofing | 5071547 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Spoofing | 5071547 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Spoofing | 5071542 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Spoofing | 5072033 |
Base: 6.5 Temporal: 5.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20872 | Saumyajeet Das |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20873
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20873 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20873 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20874
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Management Services Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from a Low Integrity Level in a contained ("sandboxed") execution environment to a Medium Integrity Level. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20874 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20874 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-55414
MITRE NVD Issuing CNA: MITRE Corporation |
CVE Title: Windows Motorola Soft Modem Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Microsoft is aware of vulnerabilities in the third party Motorola Soft Modem drivers that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of smserl64.sys and smserial.sys drivers. The drivers have been removed in the January cumulative update. Soft modem hardware dependent on these specific drivers will no longer work on Windows. Microsoft recommends removing any existing dependencies on this hardware. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-55414 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-55414 | k0shl |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20929
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows HTTP.sys Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? The Attack requires an Service Principal Name (SPN) that is registered to an account that no longer exists or is not in use, to be on the target machine. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20929 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20929 | Andrea Pierini with Semperis Ben Zamir with Cymulate Howard McGreehan with MSRC V&M |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20931
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Telephony Service Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.0/TemporalScore:7.0
Executive Summary: External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. How could an attacker exploit this vulnerability? An attacker with a low‑privileged domain account could remotely send crafted RPC requests to the Telephony service, causing it to write attacker‑controlled data into files on the server. By overwriting Telephony’s configuration file, the attacker can make themselves a Telephony administrator and trigger the service to load a malicious DLL, resulting in remote code execution under a privileged service account. According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires that an attacker needs to be in the same restricted Active Directory domain as the target system. The attack surface is not reachable from broader networks, which is why the attack vector is considered adjacent (AV:A). Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20931 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Elevation of Privilege | 5071546 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Elevation of Privilege | 5071417 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Elevation of Privilege | 5071504 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Elevation of Privilege | 5071501 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Elevation of Privilege | 5071505 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Elevation of Privilege | 5071503 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Elevation of Privilege | 5071543 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Elevation of Privilege | 5071544 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Elevation of Privilege | 5071547 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Elevation of Privilege | 5071542 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 8.0 Temporal: 7.0 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20931 | Sergey Bliznyuk with Positive Technologies |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20935
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Virtualization-Based Security (VBS) Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.2/TemporalScore:5.4
Executive Summary: Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an unauthorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could view Virtual Trust Level 1 (VTL1) data from Virtual Trust 0 (VTL0) which is the least privileged level. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20935 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 6.2 Temporal: 5.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20935 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20936
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows NDIS Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.3/TemporalScore:3.8
Executive Summary: Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack. FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of certain kernel memory content. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20936 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5073697 (Monthly Rollup) 5073700 (Security Only) |
Important | Information Disclosure | 5071504 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.0.6003.23717 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Information Disclosure | 5071501 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5073695 (Monthly Rollup) 5073699 (Security Only) |
Important | Information Disclosure | 5071501 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.1.7601.28117 |
Yes | None |
| Windows Server 2012 | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 (Server Core installation) | 5073698 (Monthly Rollup) | Important | Information Disclosure | 5071505 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.2.9200.25868 |
Yes | None |
| Windows Server 2012 R2 | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5073696 (Monthly Rollup) | Important | Information Disclosure | 5071503 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
6.3.9600.22968 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20936 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20937
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows File Explorer Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is an address from an object operating at a High Integrity Level in a contained ("sandboxed") execution environment. Please refer to AppContainer isolation and Mandatory Integrity Control for more information. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20937 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20937 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20939
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows File Explorer Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the local memory address. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Unlikely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20939 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for 32-bit Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.6809 |
Yes | None |
| Windows 10 Version 22H2 for 32-bit Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for ARM64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 10 Version 22H2 for x64-based Systems | 5073724 (Security Update) | Important | Information Disclosure | 5071546 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.6809 |
Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5073455 (Security Update) | Important | Information Disclosure | 5071417 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.6491 |
Yes | None |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2016 | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2016 (Server Core installation) | 5073722 (Security Update) | Important | Information Disclosure | 5071543 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.8783 |
Yes | None |
| Windows Server 2019 | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2019 (Server Core installation) | 5073723 (Security Update) | Important | Information Disclosure | 5071544 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.8276 |
Yes | None |
| Windows Server 2022 | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022 (Server Core installation) | 5073457 (Security Update) | Important | Information Disclosure | 5071547 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.4648 |
Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5073450 (Security Update) | Important | Information Disclosure | 5071542 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.2092 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Information Disclosure | 5072033 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20939 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20948
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Word Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software? Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20948 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft SharePoint Enterprise Server 2016 | 5002828 (Security Update) 5002827 (Security Update) |
Important | Remote Code Execution | 5002821 5002804 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1001 16.0.5535.1000 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002825 (Security Update) 5002823 (Security Update) |
Important | Remote Code Execution | 5002816 5002802 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20083 |
Maybe | None |
| Microsoft Word 2016 (32-bit edition) | 5002829 (Security Update) | Important | Remote Code Execution | 5002789 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Word 2016 (64-bit edition) | 5002829 (Security Update) | Important | Remote Code Execution | 5002806 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2026-20948 | wh1tc@Kunlun lab& devoke & Zhiniang Peng with HUST |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20949
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Excel Security Feature Bypass Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? The security feature bypassed is the macro security controls, specifically the setting that disables XL4 macros (Excel 4.0 macros). According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user must open the malicious workbook, enable editing, and then click the attacker‑supplied Quick Access Toolbar (QAT) button, which triggers the XL4 macro despite Trust Center protections. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Security Feature Bypass | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20949 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Important | Security Feature Bypass | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Important | Security Feature Bypass | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Security Feature Bypass | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Security Feature Bypass | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Security Feature Bypass | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Security Feature Bypass | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Important | Security Feature Bypass | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Security Feature Bypass | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2026-20949 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20950
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20950 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Excel 2016 (32-bit edition) | 5002831 (Security Update) | Important | Remote Code Execution | 5002820 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Excel 2016 (64-bit edition) | 5002831 (Security Update) | Important | Remote Code Execution | 5002820 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Important | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Office Online Server | 5002824 (Security Update) | Important | Remote Code Execution | 5002817 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20083 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2026-20950 | Minjea Park |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20952
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.4/TemporalScore:7.3
Executive Summary: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. FAQ: Is the Preview Pane an attack vector for this vulnerability? Yes, the Preview Pane is an attack vector. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker could convince a local user to open a malicious file. The attacker would have to convince the user to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file. How could an attacker exploit this vulnerability? Exploitation of this vulnerability requires that an attacker send a malicious link to the victim via email, or that they convince the user to click the link, typically by way of an enticement in an email or Instant Messenger message. In the worst-case email attack scenario, an attacker could send a specially crafted email to the user without a requirement that the victim open, read, or click on the link. This could result in the attacker executing remote code on the victim's machine. When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk (UI:N). Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20952 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2016 (32-bit edition) | 5002826 (Security Update) | Critical | Remote Code Execution | 5002819 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Office 2016 (64-bit edition) | 5002826 (Security Update) | Critical | Remote Code Execution | 5002819 |
Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 8.4 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2026-20952 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20957
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. FAQ: Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20957 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Excel 2016 (32-bit edition) | 5002831 (Security Update) | Critical | Remote Code Execution | 5002820 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Excel 2016 (64-bit edition) | 5002831 (Security Update) | Critical | Remote Code Execution | 5002820 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5535.1000 |
Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 32-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC 2024 for 64-bit editions | Click to Run (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases |
No | None | |
| Microsoft Office LTSC for Mac 2021 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Microsoft Office LTSC for Mac 2024 | Release Notes (Security Update) | Critical | Remote Code Execution | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.105.26011018 |
Maybe | None | |
| Office Online Server | 5002824 (Security Update) | Critical | Remote Code Execution | 5002817 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10417.20083 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2026-20957 | Minjea Park & "Jmini" |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20958
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft SharePoint Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.4/TemporalScore:4.7
Executive Summary: Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network. FAQ: What type of information could be disclosed through this issue? The vulnerability may allow limited exposure of data returned from outbound requests SharePoint makes on the attacker’s behalf, such as external HTTP responses or basic network metadata, but not internal network content or sensitive server information. According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L), and integrity (I:L) but lead to no loss of availability (A:N). What is the impact of this vulnerability? An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability). Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20958 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft SharePoint Enterprise Server 2016 | 5002828 (Security Update) | Important | Information Disclosure | 5002821 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
16.0.5535.1001 |
Maybe | None |
| Microsoft SharePoint Server 2019 | 5002825 (Security Update) | Important | Information Disclosure | 5002816 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
16.0.10417.20083 |
Maybe | None |
| Microsoft SharePoint Server Subscription Edition | 5002822 (Security Update) | Important | Information Disclosure | 5002815 |
Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
16.0.19127.20442 |
Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2026-20958 | Anonymous Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-20941
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Host Process for Windows Tasks Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally. FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: The following workaround might be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible: Customers running Windows Server 2025 who have Desktop Experience installed are affected by this vulnerability. To protect yourself you can disable the following task in Task Scheduler: \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration You should reenable the task once you have installed the fix. Important: Do NOT undo the workaround until after you have installed the update. Revision: 1.0 13-Jan-26 Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-20941 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 24H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 24H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.7623 |
Yes | None |
| Windows 11 Version 25H2 for ARM64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows 11 Version 25H2 for x64-based Systems | 5074109 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26200.7623 |
Yes | None |
| Windows Server 2025 | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| Windows Server 2025 (Server Core installation) | 5073379 (Security Update) | Important | Elevation of Privilege | 5072033 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.26100.32230 |
Yes | None |
| CVE ID | Acknowledgements |
| CVE-2026-20941 | Filip Dragović Nacl |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||
| CVE-2026-0628
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2026-0628 Insufficient policy enforcement in WebView tag
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: What is the version information for this release?
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0 09-Jan-26 Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-0628 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
143.0.3650.139 |
No | None | |
| CVE ID | Acknowledgements |
| CVE-2026-0628 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-68759
MITRE NVD Issuing CNA: Linux |
CVE Title: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring()
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 06-Jan-26 Information published. |
Important | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-68759 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 | Important | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-68759 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-68763
MITRE NVD Issuing CNA: Linux |
CVE Title: crypto: starfive - Correctly handle return of sg_nents_for_len
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 06-Jan-26 Information published. |
Moderate | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-68763 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 | Moderate | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-68763 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-68758
MITRE NVD Issuing CNA: Linux |
CVE Title: backlight: led-bl: Add devlink to supplier LEDs
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 06-Jan-26 Information published. |
Moderate | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-68758 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 | Moderate | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-68758 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-68756
MITRE NVD Issuing CNA: Linux |
CVE Title: block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 06-Jan-26 Information published. |
Important | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-68756 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 | Important | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-68756 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-68764
MITRE NVD Issuing CNA: Linux |
CVE Title: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 06-Jan-26 Information published. |
Moderate | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-68764 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 | Moderate | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-68764 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-68755
MITRE NVD Issuing CNA: Linux |
CVE Title: staging: most: remove broken i2c driver
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 06-Jan-26 Information published. |
Moderate | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-68755 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 | Moderate | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-68755 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-68765
MITRE NVD Issuing CNA: Linux |
CVE Title: mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 06-Jan-26 Information published. |
Moderate | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-68765 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 | Moderate | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-68765 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-68753
MITRE NVD Issuing CNA: Linux |
CVE Title: ALSA: firewire-motu: add bounds check in put_user loop for DSP events
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 06-Jan-26 Information published. 2.0 08-Jan-26 Information published. |
Important | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-68753 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 | Important | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-68753 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-68766
MITRE NVD Issuing CNA: Linux |
CVE Title: irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 06-Jan-26 Information published. 2.0 08-Jan-26 Information published. |
Important | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-68766 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 | Important | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-68766 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2025-68757
MITRE NVD Issuing CNA: Linux |
CVE Title: drm/vgem-fence: Fix potential deadlock on release
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 06-Jan-26 Information published. |
Moderate | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2025-68757 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 kernel 6.6.117.1-1 on Azure Linux 3.0 | Moderate | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2025-68757 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2026-21444
MITRE NVD Issuing CNA: GitHub_M |
CVE Title: libtpms returns wrong initialization vector when certain symmetric ciphers are used
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0 07-Jan-26 Information published. |
Moderate | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-21444 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| azl3 libtpms 0.9.6-8 on Azure Linux 3.0 | Moderate | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2026-21444 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2026-21226
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Azure Core shared client library for Python Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. According to the CVSS metric, privileges required is low (PR:L) but the attack occurs remotely. What does that mean for this vulnerability? To exploit this vulnerability, an attacker would be required change a valid token to be malicious to the service/app which would require developer-type authorization. Mitigations: None Workarounds: None Revision: 1.0 13-Jan-26 Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2026-21226 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Core shared client library for Python | Change Log (Security Update) | Important | Remote Code Execution | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
1.38.0 |
Maybe | None | |
| CVE ID | Acknowledgements |
| CVE-2026-21226 | Muhammad Fadilullah Dzaki |