Overview
- The update addresses more than 110 vulnerabilities, including eight rated critical across Windows core services and Microsoft Office.
- Microsoft confirms CVE-2026-20805, a Desktop Window Manager information disclosure bug, has been exploited in the wild and was added to CISA’s Known Exploited Vulnerabilities catalog with a February 3 patch deadline.
- High-priority fixes include remote code execution in LSASS and Office apps plus elevation-of-privilege flaws in the Graphics Component and VBS Enclave, with most critical issues assessed as less likely to be exploited.
- Microsoft warns of a Secure Boot certificate expiration risk covered by CVE-2026-21265 that could allow boot protection bypass on systems without updated certificates.
- Security vendors issued detection and guidance as Cisco Talos released new Snort rules and urged SRU updates, Qualys published analysis, and Microsoft removed legacy Agere modem drivers tied to an elevation-of-privilege issue (CVE-2023-31096).