CVE-2026-20941
published 2026-01-13CVE-2026-20941: Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
PriorityP346high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.46%
36.4th percentile
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_11_24h2 | < 10.0.26100.7623 | 10.0.26100.7623 |
| microsoft | windows_11_25h2 | < 10.0.26200.7623 | 10.0.26200.7623 |
| microsoft | windows_11_version_24h2 | >= 10.0.26100.0 < 10.0.26100.7623 | 10.0.26100.7623 |
| microsoft | windows_11_version_25h2 | >= 10.0.26200.0 < 10.0.26200.7623 | 10.0.26200.7623 |
| microsoft | windows_server_2025 | < 10.0.26100.32230 | 10.0.26100.32230 |
| microsoft | windows_server_2025 | >= 10.0.26100.0 < 10.0.26100.32230 | 10.0.26100.32230 |
| msrc | windows_11_version_24h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_24h2_for_x64-based_systems | — | — |
| msrc | windows_11_version_25h2_for_arm64-based_systems | — | — |
| msrc | windows_11_version_25h2_for_x64-based_systems | — | — |
| msrc | windows_server_2025 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x52h-wv3h-pxc9: Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges l
ghsa_unreviewed·2026-01-13
CVE-2026-20941 [HIGH] CWE-59 GHSA-x52h-wv3h-pxc9: Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges l
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
Microsoft
Host Process for Windows Tasks Elevation of Privilege Vulnerability
vendor_msrc·2026-01-13·CVSS 7.8
CVE-2026-20941 [HIGH] CWE-59 Host Process for Windows Tasks Elevation of Privilege Vulnerability
Host Process for Windows Tasks Elevation of Privilege Vulnerability
Description: Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability?
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
Host Process for Windows Tasks: Host Process for Windows Tasks
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5073379
Reference: https://support.microsoft.com
No detection rules found.
No public exploits indexed.
Qualys
Microsoft and Adobe Patch Tuesday, January 2026 Security Update Review
blogs_qualys·2026-01-13
Microsoft and Adobe Patch Tuesday, January 2026 Security Update Review
## Table of Contents
Microsoft Patch Tuesday forJanuary2026
Adobe Patches for January 2026
Zero-day Vulnerabilities Patched inJanuaryPatch Tuesday Edition
Critical Severity Vulnerabilities Patched inJanuaryPatch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
Rapid Response with TruRisk Eliminate
EVALUATE Vendor-Suggested Mitigation withPolicy Audit(PA)
Qualys Monthly Webinar Series
Starting the year on a security-first note, Microsoft’s January 2026 Patch Tuesday resolves several vulnerabilities that could impact enterprise environments. Here’s a quick breakdown of what you need to know.
## Microsoft Patch Tuesday for January 2026
This month’s rel
Bleepingcomputer
Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws
blogs_bleepingcomputer·2026-01-13·CVSS 5.5
[MEDIUM] Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws
## Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws
## Lawrence Abrams
57 Elevation of Privilege vulnerabilities
3 Security Feature Bypass vulnerabilities
22 Remote Code Execution vulnerabilities
22 Information Disclosure vulnerabilities
2 Denial of Service vulnerabilities
5 Spoofing vulnerabilities
When BleepingComputer reports on Patch Tuesday security updates, we only count those released by Microsoft today. Therefore, the number of flaws does not include Microsoft Edge (1 flaw) and Mariner vulnerabilities fixed earlier this month.
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5074109 & KB5073455 cumulative updates and Windows 10 KB5073724 extended security update .
## 3 zero-days, one ex
Qualys
Microsoft and Adobe Patch Tuesday, January 2026 Security Update Review | Qualys
blogs_qualys·2026-01-13
Microsoft and Adobe Patch Tuesday, January 2026 Security Update Review | Qualys
#### Table of Contents
- Microsoft Patch Tuesday forJanuary2026
- Adobe Patches for January 2026
- Zero-day Vulnerabilities Patched inJanuaryPatch Tuesday Edition
- Critical Severity Vulnerabilities Patched inJanuaryPatch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities inVulnerability Management, Detection & Response (VMDR)
- Rapid Response with TruRisk Eliminate
- EVALUATE Vendor-Suggested Mitigation withPolicy Audit(PA)
- Qualys Monthly Webinar Series
Starting the year on a security-first note, Microsoft’s January 2026 Patch Tuesday resolves several vulnerabilities that could impact enterprise environments. Here’s a quick breakdown of what you need to know.
## Microsoft Patch Tuesday for January 2026
Thi
Wiz
CVE-2026-20941 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.8
CVE-2026-20941 [HIGH] CVE-2026-20941 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-20941 :
vulnerability analysis and mitigation
Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
Source : NVD
## 7.8
Score
Published January 13, 2026
Severity HIGH
CNA Score 7.8
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 12
Exploitation Probability (EPSS) N/A
Sources
NVD
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.
Free Vulnerability Assessment
## Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark
2026-01-13
Published