Microsoft Releases January 'Patch Tuesday' Update, Addresses Actively Exploited Zero-Day Flaw

Microsoft released its first 'Patch Tuesday' of 2026, addressing 112 vulnerabilities across its product portfolio. The update fixes eight critical flaws and three zero-day exploits.

One zero-day is already being actively exploited in the wild. This specific flaw, the Desktop Window Manager vulnerability tracked as CVE-2026-20805, prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to its Known Exploited Vulnerabilities catalog.

The security release also patched 16 vulnerabilities in Microsoft Office products. These include several critical remote code execution flaws affecting Outlook, File Explorer, and Excel. Some are particularly serious as they can be triggered via the Preview Pane, meaning a user does not need to fully open a malicious document to be compromised.

Financial news sources noted no significant market reaction to the routine security update.

Related News

OpenAI Nears Record $100B Funding at $850B Valuation to Fuel AI Infrastructure

Microsoft Announces 240 New Marketplace Offers; Stock Up 1.06% Amid Broader Market Decline

Reliance’s JioHotstar Taps OpenAI for India’s First ChatGPT-Powered Streaming Search

Reliance to Invest $110 Billion in Sovereign AI and Green Data Centers

Microsoft Expands CrowdStrike Alliance and Hits 100% Renewable Milestone as Stock Tracks Tech Gains