Microsoft’s January Patch Tuesday focuses on security fixes and legacy modem driver removal in Windows 11 and 10

Microsoft releases its first Patch Tuesday of 2026, prioritising security enhancements and bug fixes for Windows 11 and 10, including the removal of outdated modem drivers to address security risks.

Microsoft has issued its first regular Patch Tuesday of 2026, distributing cumulative updates for Windows 11 (25H2 and 24H2 via KB5074109, and 23H2 via KB5073455) and for eligible Windows 10 systems (KB5073724). According to ComputerBase, the roll‑out is focused on bug fixes and security hardening rather than new features, following the omission of an optional update at the end of December because of the holidays. ^[1][6]

The updates address a range of stability issues. Microsoft says the Windows 11 package corrects a WSL (Windows Subsystem for Linux) bug that could cause VPN connections to abort with a “No Route to Host” error, and fixes a condition in devices with a neural processing unit (NPU) that could leave the AI processor active while idle, increasing power draw. The WinSqlite3.dll component has also been updated after some security products flagged it as vulnerable. These changes are documented in Microsoft’s support notes for the January 13, 2026 releases. ^[1][4]

A notable and user‑impacting change is the removal of several legacy modem drivers, agrsm64.sys, agrsm.sys, smserl64.sys and smserial.sys, from supported builds. Microsoft warns that modems dependent on these drivers will no longer function after the update because of an identified security risk. ComputerBase and the Microsoft support pages make clear this is an intentional removal to mitigate those risks. ^[1][2][4]

For Windows 10, the January update is being made available primarily through the Extended Security Updates (ESU) channel for 22H2 and 21H2 customers and for organisations with extended servicing, rather than general consumer channels. PureInfotech and Microsoft support documentation note that the same modem‑driver removals and component updates apply to the Windows 10 ESU release (KB5073724). Administrators running legacy modem hardware should therefore validate device compatibility before deploying the update broadly. ^[3][2]

The Patch Tuesday packages also include platform security improvements beyond individual component fixes. Microsoft describes enhancements to Secure Boot certificate management that limit the delivery of new certificates until devices have demonstrated a sufficient history of successful updates, a measure intended to reduce the risk of improperly validated boot components. Industry coverage summarises these platform‑level hardenings alongside the other bug fixes. ^[4][5][6]

Across the January releases Microsoft has closed 112 security vulnerabilities, with some entries reaching up to 8.8 on the CVE severity scale, underlining the importance of timely installation for systems exposed to internet‑facing risks. Security reporting and the vendor advisories recommend patching promptly while testing for any hardware compatibility issues that the modem driver removals might create. ^[1][6]

There are no new consumer features in this cycle; the update is principally maintenance and mitigation. Organisations and users with legacy modem hardware or who rely on Windows 10 beyond mainstream support should consult Microsoft’s support articles and their hardware vendors for compatibility guidance before applying the updates. ^[1][2][3]

📌 Reference Map:

• ^[1] (ComputerBase) – Paragraph 1, Paragraph 2, Paragraph 3, Paragraph 6, Paragraph 7
• ^[2] (Microsoft Support KB5073724) – Paragraph 3, Paragraph 4, Paragraph 6, Paragraph 7
• ^[3] (PureInfotech) – Paragraph 4, Paragraph 6
• ^[4] (Microsoft Support KB5074109) – Paragraph 2, Paragraph 5, Paragraph 6
• ^[5] (PureInfotech Windows 11 summary) – Paragraph 5, Paragraph 6
• ^[6] (WindowsReport) – Paragraph 1, Paragraph 2, Paragraph 5, Paragraph 6

Source: Noah Wire Services