What critical vulnerabilities did Microsoft patch in January 2026?

Microsoft patched an actively exploited elevation of privilege flaw in the cloud file mini-filter driver and other critical issues.

Are Windows 10 and Windows 11 affected by the January security update?

Yes, Windows 10, Windows 11, and Windows Server are among the affected systems receiving security fixes.

What is CVE-2025-62221 and why is it important?

CVE-2025-62221 is a high-risk privilege escalation vulnerability in a Windows driver that attackers are actively exploiting.

Home / Technology / Microsoft Patches Exploited Flaw in January Update

Microsoft Patches Exploited Flaw in January Update

10 Dec

•

Summary

Microsoft is releasing security fixes on January 13th, 2026.
An actively exploited privilege escalation vulnerability is addressed.
Multiple Windows versions and services receive crucial security updates.

Microsoft Patches Exploited Flaw in January Update

Microsoft is set to release its next major security update on January 13th, 2026, focusing on a range of vulnerabilities across its product ecosystem. A significant portion of these fixes, totaling 38, targets multiple Windows versions, including Windows 10, Windows 11, and Windows Server.

The update specifically addresses CVE-2025-62221, a high-risk elevation of privilege vulnerability in the cloud file mini-filter driver that has been actively exploited. This flaw, if combined with other vulnerabilities, could allow attackers to execute code with system-level rights.

Furthermore, the January patch batch includes fixes for other vulnerabilities, such as Denial of Service flaws in DirectX and a publicly known Remote Code Execution flaw in PowerShell. The Routing and Remote Access Service also sees several security issues resolved.