patches Archives

Winsage

May 13, 2026

Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

Microsoft has introduced a multi-model AI system called MDASH, designed to enhance vulnerability discovery and remediation processes. Currently in limited private preview testing with select customers, MDASH employs over 100 specialized AI agents for various classes of vulnerabilities, enabling autonomous discovery, validation, and demonstration of exploitable defects in complex codebases. The system operates through a structured pipeline that analyzes source code, constructs threat models, and validates findings using auditor and debater agents. MDASH has successfully identified 16 vulnerabilities in its initial tests, including two critical flaws affecting Windows networking and authentication: 1. CVE-2026-33824 (CVSS score: 9.8) - A double-free vulnerability in "ikeext.dll" allowing remote code execution via specially crafted packets. 2. CVE-2026-33827 (CVSS score: 8.1) - A race condition vulnerability in Windows TCP/IP ("tcpip.sys") enabling remote code execution through specially crafted IPv6 packets.

AppWizard

May 13, 2026

Unknown Worlds confirms early Subnautica 2 leak, but warns it’s an “incomplete” build

Unknown Worlds has acknowledged the existence of "unofficial builds" of Subnautica 2 circulating online ahead of its official launch. They confirmed these versions are incomplete and do not represent the final product, warning that they "cannot be verified for safety or stability." The studio emphasized that players should avoid downloading these unofficial versions, as they may not function as intended. The complete Subnautica 2 Early Access experience will only be available through official channels. The launch is imminent, and there have been challenges, including legal disputes with publisher Krafton, but the studio is moving forward.

Winsage

May 13, 2026

Windows 11 security update fixes critical Bing and Azure flaws

Microsoft released its May 2026 Patch Tuesday updates for Windows 11, addressing 97 security vulnerabilities across various components, including Windows, Microsoft Office, Azure services, SQL Server, SharePoint, Hyper-V, and .NET. The updates are encapsulated in KB5089549 for Windows 11 versions 24H2 and 25H2, elevating systems to builds 26100.8457 and 26200.8457. Notable vulnerabilities include CVE-2026-32169, a critical flaw in Azure Cloud Shell with a CVSS score of 10.0, and CVE-2026-21536, a critical remote code execution vulnerability in the Microsoft Devices Pricing Program with a CVSS score of 9.8. Other critical vulnerabilities include CVE-2026-32191 and CVE-2026-32194, impacting Microsoft Bing Images, both with CVSS scores of 9.8. The update also addresses multiple Windows privilege escalation vulnerabilities and remote code execution vulnerabilities in Microsoft Office and Excel. Microsoft has warned of upcoming Secure Boot certificate expirations starting in June 2026 and has improved boot reliability related to BitLocker recovery issues. Users can install the updates via Settings → Windows Update, with a system restart required.

AppWizard

May 12, 2026

Marathon reconsiders bug abuse approach after player uses Cryo Archive exploit to butcher an entire team

Bungie is reviewing its policies regarding player actions that exploit bugs in Marathon following a viral incident where a player used a flaw in the Cryo Archive map to eliminate another team. The company plans to compensate those affected by this incident and will address the bug before reintroducing the map. Bungie has historically not penalized players for going out of bounds but is considering stricter penalties for deliberate exploitation of bugs that negatively impact others. Since the launch of the Cryo Archive map, players have faced numerous issues, prompting ongoing patches and updates.

Winsage

May 12, 2026

Windows 11’s May Update Is Actually Good This Time – Here’s What’s Coming on Tuesday

Microsoft's Windows 11 May update is scheduled for release on May 12, 2026, featuring several enhancements. Key highlights include the introduction of Xbox Mode, which provides a console-like gaming experience on PCs, and a rethinking of AI integration, with changes to the Copilot features in various tools. The update also fixes the white flash issue in File Explorer, improves loading speeds, and allows users to maintain view preferences in Downloads and Documents folders. Additional updates include the renaming and relocation of Drop Tray, FAT32 formatting support for drives up to 2 TB, expanded haptic feedback features, and stricter controls on batch file execution for enhanced security. Users can access the update by navigating to Settings > Windows Update > Check for updates.

Winsage

May 12, 2026

Windows 11’s New Speed Boost Could Bring 70% Faster Load Times

Microsoft is developing an update for Windows 11 that includes a new high-performance mode called the Low Latency Profile, which improves startup times for tasks. Early testing shows app load times can be up to 40% faster and interface launches up to 70% quicker. The Low Latency Profile temporarily boosts the CPU to its maximum frequency for one to three seconds when a user opens an application or interface. It primarily benefits Microsoft applications like Edge and Outlook, and some third-party apps may also qualify. The feature operates automatically without manual activation and has minimal impact on battery life and thermal performance. This update is part of the Windows K2 project aimed at enhancing Windows 11's performance. As of the end of the previous year, approximately 1 billion computers were still using Windows 10, which is set to lose support in October 2025, raising security concerns for users who do not transition to Windows 11.

AppWizard

May 12, 2026

Game industry lobby group that argued against preservation efforts from libraries is now pushing back on Stop Killing Games, saying it could prevent ‘new games, features, and technology’

Stop Killing Games has evolved from a grassroots initiative to a significant international player, with presentations at the European Parliament and collaborations with global NGOs expected by 2026. In April, the organization endorsed the Protect Our Games Act (AB 1921), which aims to require game developers to inform consumers of server shutdowns and provide options such as offline versions, patches, or refunds. Smaller game studios are adapting their titles to remain playable post-server closure, with examples including Lunarch Studios and 1047 Games. The Entertainment Software Association (ESA) opposes the bill, claiming it burdens developers, while Stop Killing Games clarifies that the legislation does not require perpetual server maintenance. Historically, the ESA has lobbied against measures to preserve game access, including opposing a DMCA exemption for libraries and museums. The ESA's concerns mirror those of Video Games Europe, warning that Stop Killing Games' demands could lead to unsafe content and financial burdens on developers.

AppWizard

May 11, 2026

New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps

Modern Android banking malware is evolving with architectural enhancements for increased stealth, resilience, and operational flexibility. In early 2026, a new variant of the TrickMo Android banking trojan was identified, actively targeting banking and wallet users in France, Italy, and Austria. This variant has replaced its predecessor in ongoing campaigns and has transitioned its command-and-control traffic to The Open Network (TON). Key features of the new TrickMo variant include: - The primary command-and-control channel now operates over TON, utilizing .adnl endpoints through an embedded local TON proxy. - It employs a runtime-loaded APK (dex.module) with enhanced functionalities, including reconnaissance, SSH tunneling, and SOCKS5 proxying, allowing infected devices to act as network pivots. - TrickMo is classified as Device Take Over (DTO) malware, targeting banking, fintech, wallet, and authenticator applications on Android devices. - Operators gain control over infected devices through accessibility-service permissions, enabling capabilities such as credential phishing, keylogging, screen recording, remote control, and SMS interception. The new variant features a modular architecture with a host APK functioning as a launcher and persistence layer, while offensive capabilities are delivered through the dynamically loaded dex.module. Significant enhancements include network reconnaissance commands (curl, dnslookup, ping, telnet, traceroute) and socket-level tunneling via an embedded SSH client. Indicators of compromise include specific SHA-256 hashes and package names associated with TrickMo dropper applications and host applications. The malware retains unused permissions for NFC capabilities, suggesting a strategic approach to device filtering.

Winsage

May 10, 2026

I dug into the new Windows Update rules coming to Windows 11, and these are the 5 things you need to know

Microsoft is implementing enhancements in Windows 11 to improve the Windows Update experience for users. Key changes include new pause controls, a redesigned Power menu, reduced forced restarts, and smarter recovery features for failed updates. A new system will automatically resolve installation issues in the background, reducing the need for manual troubleshooting. Users can now skip system updates during the Out-of-box Experience (OOBE), but doing so will prevent the download of the latest drivers, features, or security patches until a manual download is initiated or automatic updates resume. Despite these improvements, there are still limitations on user control over updates, such as the need for manual extensions to pause updates indefinitely and the requirement to confirm skipping updates twice during setup.

Winsage

May 9, 2026

Windows 11 is changing how Windows Update works — here are the 5 things Microsoft says will matter most

Microsoft is making changes to Windows Update in Windows 11 to improve the user experience. Key updates include: 1. Users can now pause automatic updates indefinitely, although they must reschedule the pause before the initial 35-day limit expires. 2. The Power menu will clearly separate update-related actions from standard power options, allowing users to choose "Update and shut down" or "Update and restart" without unintentionally installing updates. 3. Driver updates will have more descriptive labels, and a collapsible "Available updates" section will organize updates awaiting installation. Microsoft plans to consolidate updates into a single monthly cycle to reduce required restarts to one per month. 4. A new system will automatically resolve installation issues during updates, reducing the need for user intervention. 5. Users can skip system updates during the Out-of-box Experience (OOBE), but doing so will prevent the download of the latest drivers, features, or security patches until updates are manually triggered or resumed automatically.