By Tyler Reguly, Associate Director, Security R&D, Fortra
CISOs this month should be paying a lot of attention to CVE-2026-21265 and the guidance associated with it. More specifically, they should be looking at the Windows Secure Boot certificate expiration and CA Updates that Microsoft published June 26, 2025. When the Secure Boot certificates expire in June of this year, organizations that haven’t prepared will not only find Secure Boot no longer operational, but they may also find that Windows boot manager and Secure Boot vulnerabilities have become an issue. It is important to note that the document is not a single page, but contains a multitude of links – including an entire deployment playbook for IT professionals. With less than half a year to prepare, it is time to ensure that environments and teams are prepared for this update.
One of the more interesting updates this month is the Windows Agere Soft Modem Driver elevation of privilege (CVE-2023-31096). It is not often that you see a CVE from 3 years ago show up, but Microsoft is finally cleaning up a problem that has been around for a while. This driver ships with Microsoft Windows, but according to a post about this vulnerability, the driver has been EOL since 2016. The solution to this vulnerability is simply to remove the impacted drivers, agrsm64.sys and agrsm.sys, from systems.
If you’re a fan of statistics, here’s one for you. Microsoft moved away from the security bulletin system in February of 2017 and ushered in the new era of security guidance. Last year, January 2025, saw the largest January Patch Tuesday under this new system with 162 CVEs. This year, we see the third largest January Patch Tuesday with 115 CVEs. For those wondering, 2022 had the second largest January Patch Tuesday with 127 CVEs. This is also only the third time that we’ve seen more than 100 CVEs under the security guidance system. We’re sitting above the average 89 CVEs that we’ve seen over the 9 January Patch Tuesdays that we’ve had under the new system.
Related
This entry was posted on January 13, 2026 at 6:25 pm and is filed under Commentary with tags Fortra. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Guest Post: 115 CVEs Mark One of the Biggest January Patch Tuesdays Yet
By Tyler Reguly, Associate Director, Security R&D, Fortra
CISOs this month should be paying a lot of attention to CVE-2026-21265 and the guidance associated with it. More specifically, they should be looking at the Windows Secure Boot certificate expiration and CA Updates that Microsoft published June 26, 2025. When the Secure Boot certificates expire in June of this year, organizations that haven’t prepared will not only find Secure Boot no longer operational, but they may also find that Windows boot manager and Secure Boot vulnerabilities have become an issue. It is important to note that the document is not a single page, but contains a multitude of links – including an entire deployment playbook for IT professionals. With less than half a year to prepare, it is time to ensure that environments and teams are prepared for this update.
One of the more interesting updates this month is the Windows Agere Soft Modem Driver elevation of privilege (CVE-2023-31096). It is not often that you see a CVE from 3 years ago show up, but Microsoft is finally cleaning up a problem that has been around for a while. This driver ships with Microsoft Windows, but according to a post about this vulnerability, the driver has been EOL since 2016. The solution to this vulnerability is simply to remove the impacted drivers, agrsm64.sys and agrsm.sys, from systems.
If you’re a fan of statistics, here’s one for you. Microsoft moved away from the security bulletin system in February of 2017 and ushered in the new era of security guidance. Last year, January 2025, saw the largest January Patch Tuesday under this new system with 162 CVEs. This year, we see the third largest January Patch Tuesday with 115 CVEs. For those wondering, 2022 had the second largest January Patch Tuesday with 127 CVEs. This is also only the third time that we’ve seen more than 100 CVEs under the security guidance system. We’re sitting above the average 89 CVEs that we’ve seen over the 9 January Patch Tuesdays that we’ve had under the new system.
Share this:
Like this:
Related
This entry was posted on January 13, 2026 at 6:25 pm and is filed under Commentary with tags Fortra. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.