Arctic Wolf Customer,
Microsoft’s January 2026 Patch Tuesday update includes four vulnerabilities impacting Microsoft Windows and Office that Arctic Wolf has highlighted due to their potential risk. Organizations using these products are encouraged to review the details below and apply the necessary updates.
Summary
On January 13, 2026, Microsoft released its January 2026 security update, addressing 112 newly disclosed vulnerabilities. Arctic Wolf has highlighted four vulnerabilities affecting Microsoft Windows and Office in this bulletin due to their potential risk.
Vulnerabilities
|
Vulnerability
|
CVSS
|
Description
|
Exploited?
|
|
8.4
|
Microsoft Office Remote Code Execution – A use-after-free vulnerability in Microsoft Office allows unauthorized threat actors to execute code locally. Exploitation requires a victim to open a malicious file or log on to the system. Although the threat actor is remote, the exploitation and code execution occur on the victim’s local system. |
No
|
|
|
8.4
|
Microsoft Office Remote Code Execution – A use-after-free vulnerability in Microsoft Office allows unauthorized threat actors to execute code locally. Exploitation requires a victim to open a malicious file or log on to the system. Although the threat actor is remote, the exploitation and code execution occur on the victim’s local system.
|
No
|
|
|
8.4
|
Microsoft Word Remote Code Execution – A remote threat actor can exploit an out-of-bounds read vulnerability in Microsoft Office Word to execute code locally by sending a malicious file and convincing a victim to open it. Although the threat actor is remote, the exploitation and code execution occur on the victim’s local system.
|
No
|
|
|
5.5
|
Desktop Window Manager Information Disclosure Vulnerability – A vulnerability in Desktop Window Manager could allow an authorized threat actor to disclose sensitive information locally to an unauthorized actor. The information exposed may include a section address from a remote Advanced Local Procedure Call (ALPC) port in user‑mode memory, which could aid further exploitation. At this time, exploitation details have not been publicly disclosed.
|
Yes
|
Arctic Wolf will follow its standard internal processes to assess the impact of the newly reported vulnerabilities within its own environment and, if impacted, will address them within the established remediation timelines in our Security Patching Policy.
Recommendation
Upgrade to the Latest Fixed Versions
Arctic Wolf strongly recommends that customers upgrade to the latest fixed versions.
|
Affected Product
|
Vulnerability
|
Update Article
|
|
Windows Server 2025
|
CVE-2026-20805
|
|
|
Windows Server 2022, 23H2 Edition
|
CVE-2026-20805
|
|
|
Windows Server 2022
|
CVE-2026-20805
|
|
|
Windows Server 2019
|
CVE-2026-20805
|
|
|
Windows Server 2016
|
CVE-2026-20805
|
|
|
Windows Server 2012 R2
|
CVE-2026-20805
|
|
|
Windows Server 2012
|
CVE-2026-20805
|
|
|
Windows 11 Version 25H2 for x64-based, and ARM64-based Systems
|
CVE-2026-20805
|
|
|
Windows 11 Version 24H2 for x64-based, and ARM64-based Systems
|
CVE-2026-20805
|
|
|
Windows 11 Version 23H2 for x64-based, and ARM64-based Systems
|
CVE-2026-20805
|
|
|
Windows 10 Version 22H2 for 32-bit, x64-based, and ARM64-based Systems
|
CVE-2026-20805
|
|
|
Windows 10 Version 21H2 for 32-bit, x64-based, and ARM64-based Systems
|
CVE-2026-20805
|
|
|
Windows 10 Version 1809 for 32-bit, x64-based Systems
|
CVE-2026-20805
|
|
|
Windows 10 Version 1607 for 32-bit, x64-based Systems
|
CVE-2026-20805
|
|
|
Microsoft Office LTSC for Mac 2021 and 2024
|
CVE-2026-20952, CVE-2026-20953, CVE-2026-20944
|
|
|
Microsoft Office LTSC 2024 for 32-bit and 64-bit editions
|
CVE-2026-20952, CVE-2026-20953
|
|
|
Microsoft Office LTSC 2021 for 32-bit and 64-bit editions
|
CVE-2026-20952, CVE-2026-20953
|
|
|
Microsoft Office 2019 for 32-bit and 64-bit editions
|
CVE-2026-20952, CVE-2026-20953
|
|
|
Microsoft Office 2016 for 32-bit and 64-bit editions
|
CVE-2026-20952, CVE-2026-20953
|
|
|
Microsoft 365 Apps for Enterprise for 32-bit and 64-bit Systems
|
CVE-2026-20952, CVE-2026-20953, CVE-2026-20944
|
Please follow your organization’s patching and testing guidelines to minimize potential operational impact.
References
- Microsoft Patch Tuesday (January 2026): https://msrc.microsoft.com/update-guide/releaseNote/2026-jan
- CVE-2026-20952: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20952
- CVE-2026-20953: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20953
- CVE-2026-20944: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20944
- CVE-2026-20805: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-20805
If you have any additional questions, please reach out to your CST at security@arcticwolf.com.
Thank you,
Arctic Wolf