patches Archives

AppWizard

June 17, 2026

New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps

Zimperium’s zLabs researchers have analyzed a newly identified Android banking trojan named Rokarolla, which targets 217 distinct banking and cryptocurrency applications. It is distributed through malicious websites that impersonate popular platforms like TikTok and Google Chrome, with one identified distribution point being hxxps://infocontablidades[.]it[.]com/. The malware uses a dropper disguised as Google Play Protect to install a second-stage payload and gain Accessibility Services access, allowing it to simulate user interactions and manipulate on-screen elements. Rokarolla downloads counterfeit HTML login pages for targeted applications and overlays them to capture user credentials, including sensitive card information. It can also deploy a fraudulent PIN entry screen, read and send SMS messages, intercept one-time codes from banks, and block incoming calls. The malware rewrites the clipboard, operates a keylogger and screen content logger, and scrapes WhatsApp contact data. It captures screenshots without alerting users and has a resilient command-and-control infrastructure with multiple fallback domains. No product flaws are exploited, and defenses against it include installing apps only from Google Play and being cautious with Accessibility Services. Zimperium’s Mobile Threat Defense and zDefend products can detect Rokarolla, and a list of indicators of compromise is available on their GitHub repository.

Winsage

June 17, 2026

Google’s £3 upgrade for Windows is finally back in stock

Google, in collaboration with Back Market, is offering a USB memory stick that allows users to install the free ChromeOS Flex operating system on their existing PCs and Macs. This initiative aims to provide a cost-effective alternative for Windows 10 users, especially after Microsoft ceased support for the operating system in October 2022. The USB kits, designed for easy installation, have sold out quickly since their launch. ChromeOS Flex offers essential security updates and is designed to run on hardware originally intended for Windows and macOS, although it does not support Android apps or Windows virtual machines. The initiative also emphasizes environmental benefits by extending the life of existing devices and reducing e-waste.

AppWizard

June 17, 2026

Less than a month before launch, survival RPG Outward 2 delayed into 2027

Nine Dots Studio announced that the release of the survival RPG, Outward 2, has been delayed from July 2026 to 2027. CEO Guillaume Boucher-Vidal expressed regret over the delay, emphasizing the importance of meeting player expectations and the role of feedback from the open beta, which began on June 7. Players reported encountering issues during the beta, and the studio is prioritizing quality over sticking to the original timeline. Boucher-Vidal acknowledged the challenges of ensuring stability for an early access title and apologized to players who planned their summer around the original release date.

Winsage

June 13, 2026

For June, Patch Tuesday means an IT scramble

A systematic approach to testing is essential following the latest updates. The process begins with installing the .NET SDK update, then building and executing representative applications to ensure existing projects compile and run without issues. For SQL Server users, the GDR update must be installed on the appropriate branch, followed by a service restart and standard transaction execution to verify stability. Backup and restore verification is also necessary, including checking the health of Always On availability groups and testing patch installation and removal. The Readiness team recommends prioritizing testing for Remote Desktop this month due to its frequent patches and high-risk classification. The focus should be on printer redirection, followed by general connectivity, RemoteApp functionality, clipboard and device redirection, gateway access, and licensing considerations. The next priority is validating NTLM authentication updates, including domain and standalone logon processes, file-share access, and application sign-in capabilities. Other updates are security-focused with no functional changes, requiring routine regression testing across networking, Hyper-V, storage, and graphics components. Office remains MSI-only, with Click-to-Run installations unaffected by these updates. The updates for .NET and SQL Server complete the landscape for developers and database administrators.

Winsage

June 12, 2026

Microsoft fixes Windows update failures linked to WUSA installer

Microsoft resolved an issue affecting the installation of Windows updates released since May 2025, which primarily impacted users using the Windows Update Standalone Installer (WUSA) from a network share, especially in enterprise environments. The problem was significant for devices running Windows 11 24H2/25H2 and Windows Server 2025, but did not occur when handling a single .msu file or when files were stored locally. In August 2025, Microsoft acknowledged that updates installed using WUSA might fail with error ERRORBADPATHNAME when multiple .msu files were involved. A Known Issue Rollback Group Policy was implemented in September 2025 to mitigate the impact on home and non-managed business devices. The issue was ultimately resolved with cumulative updates released in June 2026 for Windows 11 (KB5079391) and Windows Server 2025 (KB5094125). Microsoft provided a workaround for users experiencing difficulties with prior updates by suggesting they save .msu files locally for installation. Users were also advised to wait at least 15 minutes after installing an .msu file via WUSA before checking the Update History page. Additionally, Microsoft had previously addressed another issue in April 2025 that affected enterprise customers installing security updates via WSUS, which recurred in the August 2025 updates. Microsoft warned customers about potential issues with installing the latest monthly updates on devices upgraded to Windows 11 24H2 or 25H2.

AppWizard

June 12, 2026

Save Big and Play Bigger: GeForce NOW Summer Sale Brings Major Membership Savings

The GeForce NOW summer sale offers discounts on 12-month memberships, with significant savings on both Performance and Ultimate plans. The Performance membership supports streaming up to 1080p at 60 fps, while the Ultimate membership provides RTX 4080 or 5080-class performance, enabling up to 4K resolution and 120 fps. The service simplifies gaming by managing installations and updates in the cloud, allowing access to a vast library of games without the need for expensive hardware. Upcoming titles include Guild Wars 3, which is set to launch soon, and players can currently enjoy Guild Wars 2 and Guild Wars Reforged with exclusive rewards. New releases on GeForce NOW include NBA THE RUN, Witchspire, SpaceCraft, Duet Night Abyss, DOOM Eternal, and The Elder Scrolls Online. Pro Cycling Manager 26 is set to launch on June 15, and Denshattack! is expected on July 15.

Winsage

June 11, 2026

New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files

Security researcher Chaotic Eclipse has released a Windows BitLocker bypass tool named GreatXML, following a previously disclosed exploit targeting Microsoft Defender. The discovery was made accidentally and took four hours. A critical vulnerability exists for users who have used the Windows Defender Offline Scan feature, making them susceptible to the BitLocker bypass. The exploit involves copying an XML file and a recovery folder to the recovery partition and rebooting into the Windows Recovery Environment (WinRE). If the Defender offline scan was not initiated, users must log in to start it or find a way to boot into WinRE in offline scan state. GreatXML is the second BitLocker bypass tool released by Chaotic Eclipse, following the earlier exploit known as YellowKey (CVE-2026-45585), which has been patched by Microsoft.

Winsage

June 11, 2026

Nightmare Eclipse drops claimed BitLocker bypass for Microsoft Windows

Nightmare Eclipse has released a new zero-day vulnerability exploit called GreatXML, which allows unrestricted access to BitLocker volumes on Windows systems that have previously run a Microsoft Defender Offline scan. This discovery was made in four hours and adds to Nightmare Eclipse's total of eight zero-day vulnerabilities. Microsoft is investigating the claims related to another exploit, RoguePlanet, but has not commented on GreatXML or provided a patch timeline. Nightmare Eclipse, rumored to be a former Microsoft employee, has faced backlash from the security community for previous disclosures and has vowed to continue releasing vulnerabilities. Security expert Will Dormann has raised concerns about the practicality of the GreatXML exploit, noting that it requires administrative access and questioning the accuracy of the instructions provided by Nightmare.

Winsage

June 11, 2026

Microsoft patches a record 206 flaws—and one is already being exploited

Microsoft patched 206 vulnerabilities during June's Patch Tuesday, surpassing the previous record of 175 vulnerabilities patched in October 2025. Among the patched vulnerabilities, 118 are related to different versions of Windows, including Windows 10, Windows 11, and Windows Server. One critical vulnerability, CVE-2026-41091, in Microsoft Defender is actively being exploited, prompting an update to the Malware Protection Engine. Microsoft also addressed ten vulnerabilities in the Security Feature Bypass category due to the expiration of old Secure Boot certificates. Of the 118 Windows vulnerabilities, 19 are classified as critical Remote Code Execution (RCE) vulnerabilities, including CVE-2026-47288 and CVE-2026-47291. In Microsoft Office, 54 vulnerabilities were patched, including 25 RCE vulnerabilities, with nine classified as critical. Microsoft patched eight vulnerabilities in Exchange Server, including CVE-2026-45583, which can be exploited in a man-in-the-middle scenario. Additionally, the update for Edge addressed 74 Chromium vulnerabilities, including a zero-day vulnerability (CVE-2026-11645).

Winsage

June 11, 2026

New Windows Zero-Day Exploit ‘RoguePlanet’ Released

A new zero-day exploit named RoguePlanet has been discovered targeting Microsoft’s Windows operating system, disclosed by security researcher Nightmare Eclipse. The exploit allows local privilege escalation (LPE) by exploiting a race condition in Microsoft Defender and can facilitate remote code execution (RCE) through deceptive .vhd(x) files. RoguePlanet may also bypass BitLocker encryption. The proof-of-concept has been tested on Windows 10 and Windows 11 systems but does not function on Windows Server, although the researcher believes all Windows Server versions are vulnerable. Following its release, RoguePlanet was confirmed by other researchers to spawn a command prompt with SYSTEM privileges on patched computers. This disclosure comes after Microsoft released patches for earlier exploits by Nightmare Eclipse, including GreenPlasma and YellowKey. The researcher has expressed dissatisfaction with Microsoft’s vulnerability disclosure process, alleging legal action against them and the suspension of their GitHub account, leading to the publication of RoguePlanet under a new account.