Multiple vulnerabilities have been reported in Microsoft Edge, which could allow a remote attacker to execute arbitrary code, bypass security restrictions, and gain elevated privileges on the targeted system.

Software Affected:

Microsoft Edge versions before 144.0.3719.82

Apply appropriate security updates as mentioned below:

https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#january-14-2026

A vulnerability has been reported in Google Chrome, which could allow a remote attacker to execute arbitrary code on the targeted system.

Software Affected:

Google Chrome versions before 144.0.7559.96/.97 for Windows/Mac

Google Chrome versions before 144.0.7559.96 for Linux

Apply appropriate security updates as mentioned below:

https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_20.html

A vulnerability has been reported in Microsoft Word, which could allow an unauthorized attacker to execute arbitrary code locally on the targeted system.

Software Affected:

Microsoft Office LTSC for Mac 2024

Microsoft Office LTSC for Mac 2021

Microsoft 365 Apps for Enterprise for 64-bit Systems

Microsoft 365 Apps for Enterprise for 32-bit System

Apply appropriate security updates as mentioned below:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20944

Multiple vulnerabilities have been reported in Mozilla products, which could be exploited by a remote attacker to execute arbitrary code, perform a spoofing attack, or cause a Denial of Service (DoS) condition on the targeted system.

Software Affected:

Mozilla Firefox for ESR versions before 115.32

Mozilla Firefox for ESR versions before 140.7

Mozilla Firefox versions before 147

Apply appropriate security updates as mentioned below:

https://www.mozilla.org/en-US/security/advisories/

https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/

https://www.mozilla.org/en-US/security/advisories/mfsa2026-02/

https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/

Multiple vulnerabilities have been reported in Google Chrome, which could allow a remote attacker to execute arbitrary code and bypass security restrictions on the targeted system.

Software Affected:

Google Chrome versions before 144.0.7559.59/60 for Windows

Google Chrome versions before 144.0.7559.59/60 for Mac

Google Chrome versions before 144.0.7559.59 for Linux

Apply appropriate security updates as mentioned below:

https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html

Multiple vulnerabilities have been reported in Microsoft Office, which could allow an attacker to execute arbitrary code in the context of the current user on the affected system.

Software Affected:

Microsoft Office

Apply appropriate security updates as mentioned below:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20952

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20953

A vulnerability has been reported in Google Chrome, which could allow a remote attacker to bypass security restrictions on the targeted system.

Software Affected:

Google Chrome before 143.0.7499.192 (Linux)

Google Chrome before 143.0.7499.192/.193 (Mac)

Google Chrome before 143.0.7499.192/.193 (Windows)

Apply appropriate security updates as mentioned below:

https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop.html

An information disclosure vulnerability has been reported in the Desktop Window Manager component of Microsoft Windows, which could allow an authenticated local attacker to disclose sensitive information on the affected system.

Software Affected:

Windows 10: Versions 1607, 1809, 21H2, and 22H2.

Windows 11: Versions 23H2, 24H2, and 25H2.

Windows Server: 2012, 2012 R2, 2016, 2019, 2022, 2022 (23H2 Edition), and 2025.

Apply appropriate updates as mentioned below:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20805

These vulnerabilities exist in Microsoft Excel due to memory handling flaws. A remote attacker could exploit these vulnerabilities by enticing the target user to execute a specially crafted Excel file. Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code, resulting in system compromise or data theft.

Software Affected:

Microsoft Office

Apply appropriate security updates as mentioned below:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20955

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20957

A vulnerability has been reported in Windows Secure Boot, which could allow an attacker to bypass security restrictions on the affected system.

Software Affected:

Windows 10 Version 1607 for 32-bit Systems, x64-based Systems

Windows 10 Version 1809 for 32-bit Systems, x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems, x64-based Systems, ARM64-based Systems

Windows 10 Version 22H2 for 32-bit Systems, x64-based Systems, ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems, ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems, ARM64-based Systems

Windows 11 Version 25H2 for x64-based Systems, ARM64-based Systems

Windows Server 2012

Windows Server 2012 R2

Windows Server 2016

Windows Server 2019

Windows Server 2022

Windows Server 2025

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016 (Server Core installation)

Windows Server 2019 (Server Core installatio0n)

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

Windows Server 2025 (Server Core installation)

Microsoft certificates in the UEFI KEK and DB

Apply appropriate updates as mentioned in:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21265

A vulnerability has been reported in Google Android, which could allow a remote attacker to execute arbitrary code on the targeted system.

Software Affected:

Android Dolby UDC 4.5 through 4.13

Apply appropriate updates as mentioned in:

https://source.android.com/docs/security/bulletin/2026/2026-01-01

Multiple vulnerabilities have been reported in Microsoft Products, which could allow an attacker to gain elevated privileges, obtain sensitive information, conduct remote code execution attacks, perform spoofing attacks, or cause denial-of-service conditions on the targeted system.

Software Affected:

Microsoft Office

Windows

Extended Security Updates (ESU)

Azure

Developer Tools

SQL Server

Apply the security updates released by Microsoft:

https://msrc.microsoft.com/update-guide/releaseNote/2026-Jan

A vulnerability has been reported in Microsoft Edge (Chromium-based), which could allow a remote attacker to bypass security restrictions on the targeted system.

Software Affected:

Microsoft Edge (Chromium-based) version before 143.0.3650.139

Apply appropriate updates as mentioned in:

https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#january-9-2026

Multiple vulnerabilities have been reported in Google ChromeOS, which could allow a remote attacker to execute arbitrary code on the targeted system

Software Affected:

Google ChromeOS version before 138.0.7204.300 (Platform Version: 16295.85.0)

Apply appropriate updates as mentioned in:

https://chromereleases.googleblog.com/2026/01/long-term-support-channel-update-for.html