Gaming

Microsoft Shares 112 Vulnerabilities It Addressed In January, Which

2026-01-14 0 views admin
Microsoft Shares 112 Vulnerabilities It Addressed In January, Which

Microsoft releases a list of all the bugs it knows about in Windows 11 every month, and the first of the year reveals over 100 of the pesky lil' guys in the popular operating system.

Microsoft has fixed 112 vulnerabilities in its own services and has flagged a further three in non-Microsoft products. Those products are all linked to Microsoft, like the Windows Motorola Soft Modem Driver or Agere Windows Modem Driver. Usually, the addressing of vulnerabilities can go from an official fix to recommended mitigations, but 111 of those this month have an official fix, with one having a temporary fix.

That sounds like a high number of vulnerabilities but it's actually a fairly large drop from this time last year, which saw 165 Microsoft vulnerabilities and 18 from non-Microsoft products. That's 115 versus 183. In December, Microsoft addressed just 65 vulnerabilities, 18 from non-Microsoft services.

The majority of this month's vulnerabilities are considered less likely or unlikely to be exploited, with eight considered "more likely". Every vulnerability in the 'more likely' category has been given a severity score of 7.8/10.

The highest severity issues are both logged at 8.8. The first is a way of executing code remotely by "tricking a domain-joined user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in". The second is also about executing code remotely; this time, one with Site Member permissions could get access via a SharePoint Server.

Security updates for January 2026 are now available. Details are here: https://t.co/WW89TchdN8#PatchTuesday #SecurityUpdateGuide pic.twitter.com/sFxAqWcufQJanuary 13, 2026

Last January saw a vulnerability with a whopping 9.9 CVSS, though that was mitigated by Microsoft before the release went live. It allowed users to bypass authentication in the Azura AI Face service, which could allow an attacker to elevate privileges over a network.

It's worth noting that a high severity score doesn't mean that just anyone can take over your PC tomorrow. Score tends to be a mixture of ease with which a bad actor can exploit it, and the types of privileges that bad actors would be granted from it. You can find vulnerabilities with very high scores that are niche or hard to pull off. For instance, just last week, Asus urged users to update MyAsus because of an 8.5 security vulnerability, as one could inject code without permission, but this required local access.

Keep up to date with

Source: PC Gamer

🏷️ Tags

release

More from Gaming

Breaking: One Of The Elder Scrolls Online's Oldest Problems, Overland...

Breaking: One Of The Elder Scrolls Online's Oldest Problems, Overland...

2026-01-14 0
Steam Glitch Convinced Some Fallout Fans A New Vegas Remaster Was

Steam Glitch Convinced Some Fallout Fans A New Vegas Remaster Was

2026-01-14 0
Update: Breaking Best Hytale Mods And How To Install Them 2026

Update: Breaking Best Hytale Mods And How To Install Them 2026

2026-01-14 0
Factorio From Over 1,000 Floppy Disks Is A Masochistically... Running

Factorio From Over 1,000 Floppy Disks Is A Masochistically... Running

2026-01-14 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views