Jan 18, 2026
3 min read
The January update (KB5074109) fixed 117 vulnerabilities, three of which were zero days and are actively exploited by attackers.
Updating Windows with the latest security patches is not only important, it's also necessary to keep your computer safe.Every month, new vulnerabilities emerge that put your data at risk.Taking advantage of the fact that yesterday was the second Tuesday in January, Microsoft released a new patch to protect Windows 11.These patches focus on fixing all security flaws, bugs, and other issues found within your system in recent weeks and preventing malware and attackers from gaining control of your computer.
Just a few hours ago, Windows 11 users started receiving the first security patches for 2026. These patches correspond to the numbers KB5074109 and KB5073455 (depending on the version of the system we use) and fix a total of 117 security flaws, 3 of them zero-day and exploited by malicious users on the Internet.
Edits and changes in January 2026 patches
As we have already explained, Microsoft has fixed 117 security flaws in its operating system.This is not a large number of defects in recent months, but it is very large.What is more disturbing is that, among these 117, 3 of them are zero-day (that is, errors that Microsoft does not know but hackers know about), and are widely used in the network.
Today's three zero failures are:
- CVE-2026-20805 – Information disclosure in Desktop Window Manager.This is the most serious zero-day of the month because it has been actively exploited.The bug was discovered in the Desktop Window Manager, a core component of Windows responsible for managing desktop graphics.According to Microsoft, the vulnerability could allow an authenticated attacker to read sensitive information from memory.Although the attack is local, it can be used to facilitate exfiltration of internal system data and obtain memory addresses associated with remote ALPC ports.
- CVE-2026-21265 - Change Secure Boot due to certificate expiration. This bug affects the expiration of Secure Boot certificates issued in 2011. Microsoft warns that systems that have not been updated are at risk of bypassing Secure Boot and may lose the integrity of the boot chain.
- CVE-2023-31096 – Vulnerability in Agere soft modem drivers.This case is particularly interesting because it was not patched using traditional patches, but by directly removing vulnerable drivers.These are legacy modem drivers (agrsm64.sys and agrsm.sys) that were included for historical compatibility, but allowed administrator elevation of privileges and were being actively exploited.
The remaining wounds are therefore divided;
- 57 Elevation of privilege vulnerability.These types of security flaws allow attackers who already have access to the system (for example, with a normal user account) to gain higher-level privileges, such as administrator or even system privileges.
- 3 security features bypass vulnerabilities.These vulnerabilities can bypass security mechanisms designed to protect Windows, without directly breaking them.
- 22 remote code execution vulnerabilities.It is among the most serious.They allow an attacker to execute malicious code on a victim's computer without requiring prior access, usually through special files, network connections, or exposed services.
- 22 Information Disclosure Vulnerability.In this group, we find bugs that allow an attacker to access information that should not be available, such as memory addresses, internal system data, or sensitive process information.
- 2 denial of service vulnerabilities.Denial of Service (DoS) effects do not seek to steal data or control a system, but rather to cause it to stop working properly.
- 5 vulnerabilities to identity theft (replication).These vulnerabilities allow an attacker to impersonate another legitimate entity, such as another user, system service, or trusted component.
These packages are also used to fix certain problems related to the operating system, such as:
- Fixed network issues related to the Windows Subsystem for Linux (WSL) that could cause connection errors, especially when using corporate VPNs.
- Bug in Azure Virtual Desktop where some RemoteApp connections could fail after installing previous updates, which is important in business and telecommuting environments.
- On modern computers with NPU (neural processing unit), these updates improve energy management, preventing the body from losing energy during sleep, which has become more important with the emergence of native AI functions in Windows.
- On Windows 11 23h2, fix unexpected app crashes, graphics issues, and errors related to text input and remote desktop connections.
We have to remember that the updates that Microsoft sends us on Patch Tuesday every month are not just about the operating system.While this is the core element in which all kinds of security flaws are fixed, these fixes are important because they address vulnerabilities related to other platforms and products, the Edge browser, and other software solutions from the tech giant.
However, some users may prefer to wait a few days to avoid some problems that occur after installing these latest updates.Some computers experience automatic shutdown of the operating system and connection-related errors when using Windows 11 Remote Desktop.
How to update Windows 11
The first January 2026 security patches are divided into two different types:
- KB5074109, a release targeted at users of Windows 11 24H2 and 25H2, the latest versions of the system.Since they share the base, the patch is the same.
- KB5073455, corresponds to Windows 11 23H2, which remains one of the most used versions, even though the end of support is around the corner.
Although the patches will certainly be downloaded and installed automatically without us doing anything, we can download them manually by going to Settings > Windows Update > Check for updates.
In addition, as always, we can also search for them in the Microsoft Update directory.This way we can download and install patches even without an internet connection.In both cases, we're talking about cumulative updates, so they contain all previously released fixes, even if we haven't installed previous patches.
Windows 10 and its ESU updates
Although Windows 10 has been out of regular support since October of last year, computers enrolled in ESU (Extended Security Updates) continue to receive security updates.Today, these users also get their first 2026 patch, which is included in the KB5073724 update.
This patch, as expected, does not introduce any new features or user-visible changes.Its purpose is to fix security vulnerabilities found in the operating system and to protect computers that cannot run Windows 11 for technical or commercial reasons.
