Serial number: AV26-024
Date: January 13, 2026
On January 13, 2026, Microsoft published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:
- Azure Connected Machine Agent
- Azure Core shared client library for Python
- Microsoft 365 Apps for Enterprise
- Microsoft Excel 2016
- Microsoft Office 2016
- Microsoft Office 2019
- Microsoft Office Deployment Tool
- Microsoft Office LTSC 2021
- Microsoft Office LTSC 2024
- Microsoft Office LTSC for Mac 2021
- Microsoft Office LTSC for Mac 2024
- Microsoft SQL Server 2022
- Microsoft SQL Server 2025
- Microsoft SharePoint Enterprise Server 2016
- Microsoft SharePoint Server 2019
- Microsoft SharePoint Server Subscription Edition
- Microsoft Word 2016
- Office Online Server
- Windows 10
- Windows 11
- Windows Admin Center in Azure Portal
- Windows SDK
- Windows Server 2008
- Windows Server 2008 R2
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server 2022
- Windows Server 2025
Microsoft has received reports that CVE-2026-20805 is being exploited.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.