January 2026 – Page 7 – TheWindowsUpdate.com

CVE-2026-20869 Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Local Session Manager (LSM) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20869 Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Management Services allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20873 Windows Management Services Elevation of Privilege Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20865 Windows Management Services Elevation of Privilege Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20871 Desktop Windows Manager Elevation of Privilege Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20864 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. Continue reading CVE-2026-20868 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Access of resource using incompatible type (‘type confusion’) in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20860 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability→

Posted on January 13, 2026 by Syndicated News — No Comments ↓

Concurrent execution using shared resource with improper synchronization (‘race condition’) in Windows Management Services allows an authorized attacker to elevate privileges locally. Continue reading CVE-2026-20866 Windows Management Services Elevation of Privilege Vulnerability→