The first Patch Tuesday of 2026 is here, and it’s a significant one. Microsoft has rolled out patches for approximately 114 vulnerabilities, a number that could be higher or lower depending on where you find your source.
Major Takeaways
For IT professionals overseeing a large or small fleet of endpoints, this month’s updates reinforce two main points:
1. The number and seriousness of Windows vulnerabilities remains substantial.
2. Third-party apps are still a common entry point for attacks, and patching them consistently continues to be a major challenge without the right solutions.
Microsoft Vulnerabilities
CVE-2026-20805 – Desktop Window Manager Info Disclosure (Actively Exploited)
This bug lets attackers extract sensitive memory data from the Desktop Window Manager (DWM). When combined with other exploits, it can defeat protections like ASLR, paving the way for more advanced attacks.
Operating System: Windows
CVE-2026-21265 – Secure Boot Certificate Expiry (Security Feature Bypass)
Windows Secure Boot certificates from 2011 are expiring soon. Without updates, devices will be more susceptible to Secure Boot bypass techniques.
Operating System: Windows
CVE-2023-31096 – Agere Soft Modem Driver Elevation of Privilege
Microsoft has finally removed old, vulnerable modem drivers that have shipped with Windows for decades. Attackers have been leveraging these to escalate privileges all the way to SYSTEM.
Operating System: Windows
Top Critical Flaws to Address
Microsoft Office RCE Issues (CVE-2026-20952 & CVE-2026-20953)
These remote code execution vulnerabilities can compromise devices just by previewing a malicious message with no user interaction required.
Operating System: Windows
Additional Critical Remote Code Execution (RCE) Bugs
Six critical RCE vulnerabilities span different Windows components this month.
How Recast makes a difference
With Right Click Tools Core and add-ons for Patching and Privileged Access, Recast helps IT teams bridge patching gaps, especially for third-party applications.
1. Address third-party app shortcomings
Spot outdated third-party software, remove unused apps, and standardize versions automatically.
2. Speed up patch troubleshooting
Leverage Remote Software Center and interactive diagnostics to quickly fix patch failures and accelerate remediation.
3. Reduce risk with robust device baselines
Ensure devices meet security standards for encryption, BIOS/firmware status, Secure Boot, and both hardware and software inventories.
4. Remove privileged account access
Implement zero trust by removing unnecessary elevated accounts and allowing users to elevate access only with strict controls to minimize risks from over-privileged accounts.
Summary
January 2026’s Patch Tuesday demonstrates the ongoing rise in both the volume and sophistication of vulnerabilities. Recast empowers organizations to build stronger patch management processes for both Microsoft and third-party apps.
Next steps
Download our free tools to help you automate, troubleshoot, and validate configurations in your test environment.
