The first Patch Tuesday of the year brings some major security updates from Microsoft. This month’s release fixes 112 vulnerabilities across various products, including eight classified as critical and three zero-day flaws. One of these zero-day vulnerabilities is already being exploited in the wild, making it urgent for organizations to act quickly.

Zero-Day Flaw and Urgent Fixes

The zero-day vulnerability, identified as CVE-2026-20805, affects the Desktop Window Manager and can lead to information disclosure. Because it is actively exploited, the Cybersecurity and Infrastructure Security Agency (CISA) has added it to its Known Exploited Vulnerabilities catalog, with a remediation deadline of February 3, 2026. Organizations should prioritize updating Windows and Office, especially since the vulnerabilities allow code execution through the Preview Pane without fully opening malicious documents.

To help IT teams manage the updates, Microsoft’s Readiness team has shared a helpful infographic detailing the risks associated with deploying updates on different platforms. It’s a good idea to review this guidance to ensure smooth and secure updates across all systems.

Known Issues and Workarounds

Microsoft has also published several known issues related to this update. One common problem involves authentication errors when connecting to Azure Virtual Desktop or Windows 365 Cloud PCs after installing specific updates (KB5074109, KB5073455, or KB5073724). A temporary solution is to use the Remote Desktop client for Windows or the Windows App Web Client until Microsoft releases an out-of-band fix.

Another ongoing issue affects some users who notice that the password icon disappears from the Windows login screen. This problem has persisted since the August 2025 update. Microsoft has provided a rollback option for Windows Pro and Home editions, allowing enterprise administrators to restore the icon using Group Policy settings.

Additionally, the update removes legacy modem drivers related to Agere and Motorola soft modems, which addresses a security vulnerability (CVE-2023-31096). However, this change means that devices relying on these drivers will no longer function properly after installing the update. Organizations using hardware dependent on these drivers should plan accordingly.

Important Certificate Updates

Another critical aspect involves digital certificates used by Windows devices. The certificates issued in 2011 are set to expire starting in June, with a second batch expiring in October. Devices that don’t have the updated 2023 certificates risk failing to boot securely or losing access to future security updates for Secure Boot. Ensuring these certificates are current is vital for maintaining device security.

This month’s updates also resolve several issues affecting enterprise environments. For example, a bug causing applications like Outlook, Teams, Edge, Chrome, and Excel to close unexpectedly when entering text has been fixed in KB5073455 for Windows 11 23H2 users. Other fixes address battery drain issues on AI-powered PCs and various performance problems.

Overall, organizations should review these updates carefully, prioritize critical patches, and stay alert for Microsoft’s ongoing fixes and known issues. Timely application of these patches is essential to protect systems against emerging threats and maintain smooth operations.

Inspired by

• https://www.computerworld.com/article/4118142/for-january-patch-tuesday-starts-off-with-a-bang.html

Sources

• microsoft.com
• microsoft.com
• applicationreadiness.com
• microsoft.com
• microsoft.com