Security Patch Archives

Winsage

May 3, 2026

You shouldn’t delay your Windows 11 updates, experts reveal

Experts advise against postponing Windows updates, as Microsoft has introduced features allowing users to control when updates occur. Users can pause updates for up to 35 days indefinitely, but delaying updates can lead to security vulnerabilities. Microsoft releases several types of updates: security updates, feature updates, quality updates, driver updates, optional updates, out-of-band updates, and zero-day updates. Zero-day updates are critical and should be installed immediately to avoid exploitation. Recent reports indicate that critical OS patching for Windows 10 and 11 is lagging by an average of 256 days, increasing the risk of cyber incidents.

Winsage

April 28, 2026

Incomplete Windows Patch Creates New Zero-Click Attack Risk

A new vulnerability in Microsoft Windows, designated as CVE-2026-32202, has been discovered due to an incomplete security patch for a previous flaw (CVE-2026-21510). This new vulnerability allows attackers to execute zero-click attacks by processing specially crafted shortcut files, enabling automatic authentication requests without user interaction. The vulnerabilities are linked to another flaw (CVE-2026-21513) in Microsoft’s MSHTML framework, and cybercriminals, specifically the APT28 group, have exploited these issues in attacks against Ukraine and the European Union. Microsoft has released a fix for the new vulnerability in its April 2026 security updates.

Winsage

April 22, 2026

Microsoft Changes Windows Security After 15 Years—Update By ‘End Of April’

Microsoft is updating the Secure Boot certificates for Windows PCs, which have been in place since 2011. This update will begin with the April security patch rollout and is expected to be fully deployed across PCs by the end of April 2026. Users can check the status of the Secure Boot update by navigating to Windows Security > Device security > Secure Boot, where a color-coded badge will indicate the current status. The update will install new certificates and confirm if user action is necessary. If the badge is red, immediate attention is required. Microsoft is enhancing the visibility of the Secure Boot certificate status within Windows Security to aid users in verifying the update. The certificates will not expire for several more weeks, so users should check their systems by the end of the month.

AppWizard

April 9, 2026

The latest Pixel update tackles Android 16’s early stability woes

Google has released its April 2026 security patch for Pixel phones, addressing issues such as app crashes in banking and third-party applications. The update improves app performance across the Pixel lineup, from Pixel 6 to Pixel 10a, and includes a fix for gaming performance on Pixel 10, Pro, and Pro XL models. It also resolves the disappearing Quick Search Bar issue and reinstates the Backup menu for older devices like the Pixel Fold and Pixel 8. The rollout includes essential security updates and is occurring in phases, with users advised to connect to a stable Wi-Fi network to check for updates in Settings.

AppWizard

April 7, 2026

Android 16 April update rolling out: Pixel UI, app crash fixes

Google has started distributing the April 2026 security patch for Android 16 QPR3, affecting devices such as the Pixel 6 series, Pixel 7 series, Pixel 8 series, and Pixel 10 lineup. The patch, dated April 1, 2026, addresses one significant security issue and four additional vulnerabilities in a follow-up update on April 5, 2026. The build numbers for the update are as follows: - Pixel 6: CP1A.260405.005 - Pixel 6 Pro: CP1A.260405.005 - Pixel 6a: CP1A.260405.005 - Pixel 7: CP1A.260405.005 - Pixel 7 Pro: CP1A.260405.005 - Pixel 7a: CP1A.260405.005 - Pixel Tablet: CP1A.260405.005 - Pixel Fold: CP1A.260405.005 - Pixel 8: CP1A.260405.005 - Pixel 8 Pro: CP1A.260405.005 - Pixel 8a: CP1A.260405.005 - Pixel 9: CP1A.260405.005 - Pixel 9 Pro: CP1A.260405.005 - Pixel 9 Pro XL: CP1A.260405.005 - Pixel 9 Pro Fold: CP1A.260405.005 - Pixel 9a: CP1A.260405.005 - Pixel 10: CP1A.260405.005 - Pixel 10 Pro: CP1A.260405.005 - Pixel 10 Pro XL: CP1A.260405.005 - Pixel 10 Pro Fold: CP1A.260405.005 - Pixel 10a: CP1A.260405.005 In Australia, the build numbers for the Pixel 6 series are: - Pixel 6: CP1A.260405.003.A1 - Pixel 6 Pro: CP1A.260405.003.A1 - Pixel 6a: CP1A.260405.003.A1 The update includes various fixes, such as restoring the Backup menu in System settings, addressing crashes in banking and third-party apps, resolving game crashes, fixing the disappearance of the quick search bar, and correcting crashes in Quick Share during file transfers.

AppWizard

April 7, 2026

Researchers find 50 ‘dangerous’ Android apps that are secretly hijacking phones: Who is at risk

Recent findings from McAfee have revealed a malware campaign named Operation NoVoice that has infiltrated over 50 applications on the Google Play Store, which collectively received over 2.3 million downloads before being removed. The malware uses a rootkit attack strategy to gain administrator-level control of Android devices while remaining undetected. Affected apps appeared benign, performing tasks like cleaning files or managing photos, but were secretly communicating with a remote server to send device information. This allowed attackers to deploy custom exploit code, achieving root-level access and posing significant security risks. The malware persists even after factory resets, potentially requiring firmware reinstallation for complete removal. Users with older or unpatched Android versions are at greater risk, as well as anyone who downloaded the compromised apps.

AppWizard

April 3, 2026

Google Responds As 50 Apps With 2 Million Downloads Hit By Malware

Researchers at McAfee Labs discovered that 50 Android applications on the Google Play Store contain malware known as NoVoice, which can grant full remote access to infected smartphones. These apps have over 2.3 million downloads. The malware can communicate with remote servers, profile devices, and download tailored root exploits, potentially compromising specific hardware and software configurations. However, devices with an Android security patch level of May 2021 or later are not vulnerable to these exploits, as the vulnerabilities were patched by Android between 2016 and 2021. Google Play Protect removes these apps and blocks new installs, and users are advised to keep their devices updated with the latest security patches.

AppWizard

April 1, 2026

‘NoVoice’ Android malware on Google Play infected 2.3 million devices

A new Android malware called NoVoice has been found in over 50 applications on Google Play, with more than 2.3 million downloads. The malware targets older Android versions, specifically those patched between 2016 and 2021, and attempts to gain root access by exploiting vulnerabilities. It conceals malicious components within the com.facebook.utils package and uses steganography to hide an encrypted payload within a PNG image file. NoVoice avoids infecting devices in certain regions and has checks to detect emulators and VPNs. Once activated, the malware contacts its command-and-control server to gather device information and polls it every 60 seconds for tailored exploits aimed at rooting the device. It can exploit 22 vulnerabilities, including kernel bugs, and establishes persistence by replacing key system libraries and installing recovery scripts. The malware injects code into applications, particularly targeting WhatsApp to extract sensitive data for session replication, which is then exfiltrated to the C2 server. The malicious apps containing NoVoice have been removed from Google Play, but users who installed them should consider their devices compromised. Upgrading to devices with later security patches is recommended to mitigate the threat.

AppWizard

March 19, 2026

Here’s everything new in Android Canary 2603: App lock, Bubbles, Wi-Fi & Mobile data toggles

Google has released Android Canary channel version 2603, which includes the March 2026 security patch for various Pixel devices. Key features of this update include a redesigned screen recording interface, enhanced system UI with increased blur effects, separate Quick Settings toggles for Wi-Fi and mobile data, and new options for App lock and Bubbles accessible through a long-press on apps. The screen recording feature allows users to record the entire screen or a single app, with options to manage audio and touch visibility. The update aims to improve usability and functionality for developers and users.

AppWizard

March 19, 2026

Android 16 Bug Silently Breaks VPNs, Say Providers

Multiple VPN providers, including Proton VPN, Mullvad, WireGuard, and TunnelBear, are experiencing a persistent bug in Android 16 that causes their services to disconnect unexpectedly after app updates. Google has acknowledged the issue but has not provided a timeline for a fix. The bug occurs when the network stack enters a problematic state during a VPN app update while still connected, leading to a "connecting" loop and potential loss of internet connectivity or exposure of non-VPN traffic. Restarting the VPN app does not resolve the issue; a device reboot or app reinstallation is required. This bug undermines Android's safety features like Always-on VPN and "Block connections without VPN." The issue affects a significant number of users, given Android's 70% market share and the 30-35% of internet users utilizing VPNs. Temporary workarounds include rebooting the device, manually disconnecting the VPN before updates, and pausing auto-updates. The bug poses operational risks for organizations enforcing always-on VPN policies, and developers are seeking app-side mitigations while emphasizing the need for a platform-level fix. Users are advised to monitor their VPN status after updates and report issues to assist in troubleshooting.