On 13 January Microsoft released its January 2026 security update, addressing 112 newly disclosed vulnerabilities. Arctic Wolf has highlighted four vulnerabilities affecting Microsoft Windows and Office in this bulletin due to their potential risk.?
Vulnerabilities?
| Vulnerability? | CVSS? | Description? | Exploited?? |
| ? | 8.4? | Microsoft Office Remote Code Execution?– A use-after-free vulnerability in Microsoft Office allows unauthorised threat actors to execute code locally. Exploitation requires a victim to open a malicious file or log on to the system. Although the threat actor is remote, the exploitation and code execution occur on the victim¡¯s local system.? | No? |
| ? | 8.4? | Microsoft Office Remote Code Execution?– A use-after-free vulnerability in Microsoft Office allows unauthorised threat actors to execute code locally. Exploitation requires a victim to open a malicious file or log on to the system. Although the threat actor is remote, the exploitation and code execution occur on the victim¡¯s local system.? | No? |
| ? | 8.4? | Microsoft Word Remote Code Execution?– A remote threat actor can exploit an out-of-bounds?read vulnerability in Microsoft Office Word to execute code locally by sending a malicious file and convincing a victim to open it. Although the?threat?actor is remote, the exploitation and code execution occur on the victim¡¯s local system.? | No? |
| ? | 5.5? | Desktop Window Manager Information Disclosure Vulnerability – A vulnerability in Desktop Window Manager could allow an authorised threat actor to disclose sensitive information locally to an unauthorised actor. The information exposed may include a section address from a remote Advanced Local Procedure Call (ALPC) port in user?mode memory, which could aid further exploitation. At this time, exploitation details have not been publicly disclosed.? | Yes? |
Recommendation?
Upgrade to Latest Fixed Versions
Arctic Wolf strongly recommends that customers upgrade to the latest fixed versions.?
| Affected Product? | Vulnerability? | Update Article? |
| Windows Server 2025? | CVE-2026-20805? | ? |
| Windows Server 2022, 23H2 Edition?? | CVE-2026-20805? | ? |
| Windows Server 2022? | CVE-2026-20805? | ? |
| Windows Server 2019? | CVE-2026-20805? | ? |
| Windows Server 2016? | CVE-2026-20805? | ? |
| Windows Server 2012 R2? | CVE-2026-20805? | ? |
| Windows Server 2012? | CVE-2026-20805? | ? |
| Windows 11 Version 25H2 for x64-based, and ARM64-based Systems? | CVE-2026-20805? | ? |
| Windows 11 Version 24H2 for x64-based, and ARM64-based Systems? | CVE-2026-20805? | ? |
| Windows 11 Version 23H2 for x64-based, and ARM64-based Systems? | CVE-2026-20805? | ? |
| Windows 10 Version 22H2 for 32-bit, x64-based, and ARM64-based Systems? | CVE-2026-20805? | ? |
| Windows 10 Version 21H2 for 32-bit, x64-based, and ARM64-based Systems? | CVE-2026-20805? | ? |
| Windows 10 Version 1809 for 32-bit, x64-based Systems? | CVE-2026-20805? | ? |
| Windows 10 Version 1607 for 32-bit, x64-based Systems? | CVE-2026-20805? | ? |
| Microsoft Office LTSC for Mac 2021 and 2024? | CVE-2026-20952, CVE-2026-20953, CVE-2026-20944? | ? |
| Microsoft Office LTSC 2024 for 32-bit and 64-bit editions? | CVE-2026-20952, CVE-2026-20953? | ? |
| Microsoft Office LTSC 2021 for 32-bit and 64-bit editions? | CVE-2026-20952, CVE-2026-20953? | ? |
| Microsoft Office 2019 for 32-bit and 64-bit editions? | CVE-2026-20952, CVE-2026-20953? | ? |
| Microsoft Office 2016 for 32-bit and 64-bit editions? | CVE-2026-20952, CVE-2026-20953? | ? |
| Microsoft 365 Apps for Enterprise for 32-bit and 64-bit Systems? | CVE-2026-20952, CVE-2026-20953, CVE-2026-20944? | ? |
Please follow your organisation’s patching and testing guidelines to minimise potential operational impact.?
References?
