Patch [FIX] Tuesday – January 2026 [New Year, New Vulns, New Certs], E27

Happy New Year! In this episode, Automox cybersecurity experts Ryan Braunstein and Seth Hoyt break down the security vulnerabilities you need to know heading into 2026.

First up: a ticking time bomb. Microsoft's 2011 Secure Boot certificates expire in June and October 2026, making this your top patching priority for the year. If your BIOS and OS aren't both updated, you're leaving the door wide open for rootkit attacks. Start auditing your hardware now. You have six months.

Next up: a Windows Installer Elevation of Privilege Vulnerability that exploits a time-of-check to time-of-use (TOCTOU) race condition. Think of it like swapping wristbands after the bouncer checks you at the door.

Finally, an actively exploited flaw in Desktop Window Manager that can leak sensitive information and even break out of sandboxes.

Patch your systems. Patch your BIOS. See you next month.