Microsoft addresses critical remote code execution vulnerability affecting multiple products. Organizations must apply patches immediately to prevent potential attacks.
Critical Microsoft Vulnerability CVE-2026-35385 Requires Immediate Patching
Microsoft has released emergency security updates for a critical vulnerability affecting multiple products. The vulnerability, tracked as CVE-2026-35385, allows remote code execution with no user interaction required. Attackers can exploit this vulnerability to take complete control of affected systems.
Impact Assessment
This vulnerability poses a severe threat to organizations worldwide. Successful exploitation could lead to complete system compromise, data theft, and lateral movement across networks. The vulnerability has a CVSS score of 9.8, indicating critical severity.
Affected Products
The following Microsoft products are affected by CVE-2026-35385:
- Windows 10 (version 1809 and later)
- Windows 11 (all versions)
- Windows Server 2019 and 2022
- Microsoft Office 2019 and 2021
- Microsoft 365 Apps for Enterprise
- Microsoft Edge (Chromium-based)
Technical Details
CVE-2026-35385 is a memory corruption vulnerability in the Windows Graphics Component. When processing specially crafted image files, the component fails to properly handle objects in memory. This allows an attacker to execute arbitrary code in the context of the current user.
The vulnerability exists due to improper validation of input when parsing image metadata. An attacker could exploit this by convincing a user to open a malicious image file or by hosting a specially crafted image on a website that a user visits.
Mitigation Steps
Organizations should take immediate action:
- Apply the security updates immediately
- Block suspicious image file attachments in email gateways
- Restrict access to untrusted websites
- Implement application control policies
- Enable Windows Defender Antivirus with real-time protection
Timeline
- Discovery: January 15, 2026
- Notification to Microsoft: January 18, 2026
- Patch Release: February 11, 2026
- Public Disclosure: February 13, 2026
Patch Availability
Microsoft has released security updates as part of the February 2026 Security Updates. The updates are available through:
- Windows Update
- Microsoft Update Catalog
- Microsoft Endpoint Manager
Organizations using Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager should deploy these updates immediately.
Workarounds
If immediate patching is not possible, Microsoft recommends the following workarounds:
- Set the "Graphics Component" to run in a reduced privilege mode
- Disable the processing of image metadata in affected applications
- Implement application allow-listing to block untrusted applications
Additional Resources
For more information, visit:
Organizations should prioritize patching this vulnerability due to its critical severity and potential for widespread exploitation.
Comments
Please log in or register to join the discussion