Patch tracker / KB5002822
KB5002822
Microsoft security update released 2026-01-13. Fixes 6 CVEs.
CriticalCISA KEV
Download KB5002822
Get the official update for KB5002822. The download and file size for each supported product are on the Microsoft Update Catalog page.
Update summary
Released
2026-01-13
CVEs fixed
6
Max CVSS
9.8
Severity
Critical
Exploitation and severity
Fixes 6 CVEs. At least one is actively exploited (CISA KEV). Most severe CVSS 9.8 (Critical). EPSS exploit probability up to 31%.
Among the top half of tracked Microsoft updates by EPSS exploit probability.
What to do
Treat as urgent: it is being exploited in the wild (CISA KEV), so patch ahead of items that are not. Senserva flags whether KB5002822 is missing on your devices.
CVEs fixed by this update
Affected products
- Microsoft Office 2016 (32-bit edition)
- Microsoft Office 2016 (64-bit edition)
- Microsoft SharePoint Server 2019
See this and every Microsoft update ranked by real-world risk on the Microsoft Patch Tracker.