Ref# ADV2026_012 | Date: Jan 15th 2026

---

Microsoft published a security advisory addressing vulnerabilities in several products on January 13th, 2026. It is recommended that you take the necessary precautions by ensuring your products are always updated.
 

• Azure Connected Machine Agent 

• Azure Core shared client library for Python 

• Microsoft 365 Apps for Enterprise 

• Microsoft Excel 2016 

• Microsoft Office 2016 

• Microsoft Office 2019 

• Microsoft Office Deployment Tool 

• Microsoft Office LTSC 2021 

• Microsoft Office LTSC 2024 

• Microsoft Office LTSC for Mac 2021 

• Microsoft Office LTSC for Mac 2024 

• Microsoft SQL Server 2022 

• Microsoft SQL Server 2025 

• Microsoft SharePoint Enterprise Server 2016 

• Microsoft SharePoint Server 2019 

• Microsoft SharePoint Server Subscription Edition 

• Microsoft Word 2016 

• Office Online Server 

• Windows 10 

• Windows 11 

• Windows Admin Center in Azure Portal 

• Windows SDK 

• Windows Server 2008 

• Windows Server 2008 R2 

• Windows Server 2012 

• Windows Server 2012 R2 

• Windows Server 2016 

• Windows Server 2019 

• Windows Server 2022 

• Windows Server 2025 

Microsoft has received reports that CVE-2026-20805 is being exploited. 

For more information on these updates, you can follow these URLs: 

• January 2026 Security Updates 

• Security Update Guide 

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

PDF Download: Microsoft Advisory

References 

• Microsoft Security Advisory. (January 13, 2026). Retrieved from Canadian Centre for Cyber Security.
  https://www.cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-january-2026-monthly-rollup-av26-024  

 

• Security Update Guide. (n.d.). Retrieved from Microsoft.
  https://msrc.microsoft.com/update-guide/en-us