Security Patch Archives

AppWizard

April 9, 2026

The latest Pixel update tackles Android 16’s early stability woes

Google has released its April 2026 security patch for Pixel phones, addressing issues such as app crashes in banking and third-party applications. The update improves app performance across the Pixel lineup, from Pixel 6 to Pixel 10a, and includes a fix for gaming performance on Pixel 10, Pro, and Pro XL models. It also resolves the disappearing Quick Search Bar issue and reinstates the Backup menu for older devices like the Pixel Fold and Pixel 8. The rollout includes essential security updates and is occurring in phases, with users advised to connect to a stable Wi-Fi network to check for updates in Settings.

AppWizard

April 7, 2026

Android 16 April update rolling out: Pixel UI, app crash fixes

Google has started distributing the April 2026 security patch for Android 16 QPR3, affecting devices such as the Pixel 6 series, Pixel 7 series, Pixel 8 series, and Pixel 10 lineup. The patch, dated April 1, 2026, addresses one significant security issue and four additional vulnerabilities in a follow-up update on April 5, 2026. The build numbers for the update are as follows: - Pixel 6: CP1A.260405.005 - Pixel 6 Pro: CP1A.260405.005 - Pixel 6a: CP1A.260405.005 - Pixel 7: CP1A.260405.005 - Pixel 7 Pro: CP1A.260405.005 - Pixel 7a: CP1A.260405.005 - Pixel Tablet: CP1A.260405.005 - Pixel Fold: CP1A.260405.005 - Pixel 8: CP1A.260405.005 - Pixel 8 Pro: CP1A.260405.005 - Pixel 8a: CP1A.260405.005 - Pixel 9: CP1A.260405.005 - Pixel 9 Pro: CP1A.260405.005 - Pixel 9 Pro XL: CP1A.260405.005 - Pixel 9 Pro Fold: CP1A.260405.005 - Pixel 9a: CP1A.260405.005 - Pixel 10: CP1A.260405.005 - Pixel 10 Pro: CP1A.260405.005 - Pixel 10 Pro XL: CP1A.260405.005 - Pixel 10 Pro Fold: CP1A.260405.005 - Pixel 10a: CP1A.260405.005 In Australia, the build numbers for the Pixel 6 series are: - Pixel 6: CP1A.260405.003.A1 - Pixel 6 Pro: CP1A.260405.003.A1 - Pixel 6a: CP1A.260405.003.A1 The update includes various fixes, such as restoring the Backup menu in System settings, addressing crashes in banking and third-party apps, resolving game crashes, fixing the disappearance of the quick search bar, and correcting crashes in Quick Share during file transfers.

AppWizard

April 7, 2026

Researchers find 50 ‘dangerous’ Android apps that are secretly hijacking phones: Who is at risk

Recent findings from McAfee have revealed a malware campaign named Operation NoVoice that has infiltrated over 50 applications on the Google Play Store, which collectively received over 2.3 million downloads before being removed. The malware uses a rootkit attack strategy to gain administrator-level control of Android devices while remaining undetected. Affected apps appeared benign, performing tasks like cleaning files or managing photos, but were secretly communicating with a remote server to send device information. This allowed attackers to deploy custom exploit code, achieving root-level access and posing significant security risks. The malware persists even after factory resets, potentially requiring firmware reinstallation for complete removal. Users with older or unpatched Android versions are at greater risk, as well as anyone who downloaded the compromised apps.

AppWizard

April 3, 2026

Google Responds As 50 Apps With 2 Million Downloads Hit By Malware

Researchers at McAfee Labs discovered that 50 Android applications on the Google Play Store contain malware known as NoVoice, which can grant full remote access to infected smartphones. These apps have over 2.3 million downloads. The malware can communicate with remote servers, profile devices, and download tailored root exploits, potentially compromising specific hardware and software configurations. However, devices with an Android security patch level of May 2021 or later are not vulnerable to these exploits, as the vulnerabilities were patched by Android between 2016 and 2021. Google Play Protect removes these apps and blocks new installs, and users are advised to keep their devices updated with the latest security patches.

AppWizard

April 1, 2026

‘NoVoice’ Android malware on Google Play infected 2.3 million devices

A new Android malware called NoVoice has been found in over 50 applications on Google Play, with more than 2.3 million downloads. The malware targets older Android versions, specifically those patched between 2016 and 2021, and attempts to gain root access by exploiting vulnerabilities. It conceals malicious components within the com.facebook.utils package and uses steganography to hide an encrypted payload within a PNG image file. NoVoice avoids infecting devices in certain regions and has checks to detect emulators and VPNs. Once activated, the malware contacts its command-and-control server to gather device information and polls it every 60 seconds for tailored exploits aimed at rooting the device. It can exploit 22 vulnerabilities, including kernel bugs, and establishes persistence by replacing key system libraries and installing recovery scripts. The malware injects code into applications, particularly targeting WhatsApp to extract sensitive data for session replication, which is then exfiltrated to the C2 server. The malicious apps containing NoVoice have been removed from Google Play, but users who installed them should consider their devices compromised. Upgrading to devices with later security patches is recommended to mitigate the threat.

AppWizard

March 19, 2026

Here’s everything new in Android Canary 2603: App lock, Bubbles, Wi-Fi & Mobile data toggles

Google has released Android Canary channel version 2603, which includes the March 2026 security patch for various Pixel devices. Key features of this update include a redesigned screen recording interface, enhanced system UI with increased blur effects, separate Quick Settings toggles for Wi-Fi and mobile data, and new options for App lock and Bubbles accessible through a long-press on apps. The screen recording feature allows users to record the entire screen or a single app, with options to manage audio and touch visibility. The update aims to improve usability and functionality for developers and users.

AppWizard

March 19, 2026

Android 16 Bug Silently Breaks VPNs, Say Providers

Multiple VPN providers, including Proton VPN, Mullvad, WireGuard, and TunnelBear, are experiencing a persistent bug in Android 16 that causes their services to disconnect unexpectedly after app updates. Google has acknowledged the issue but has not provided a timeline for a fix. The bug occurs when the network stack enters a problematic state during a VPN app update while still connected, leading to a "connecting" loop and potential loss of internet connectivity or exposure of non-VPN traffic. Restarting the VPN app does not resolve the issue; a device reboot or app reinstallation is required. This bug undermines Android's safety features like Always-on VPN and "Block connections without VPN." The issue affects a significant number of users, given Android's 70% market share and the 30-35% of internet users utilizing VPNs. Temporary workarounds include rebooting the device, manually disconnecting the VPN before updates, and pausing auto-updates. The bug poses operational risks for organizations enforcing always-on VPN policies, and developers are seeking app-side mitigations while emphasizing the need for a platform-level fix. Users are advised to monitor their VPN status after updates and report issues to assist in troubleshooting.

Winsage

February 14, 2026

Microsoft Fixes Critical Windows 11 Notepad Flaw

Microsoft has released a patch for a significant vulnerability in Notepad on Windows 11 that could allow attackers to execute code by opening a Markdown file and clicking on a malicious link. This vulnerability was due to how Notepad processed links within Markdown files, which could trigger unverified protocols to load remote content. The patch now includes a security warning before such links can be activated. Users are advised to check for updates via Windows Update and the Microsoft Store to ensure Notepad and related components are up to date. Security tips include inspecting URLs before clicking and keeping Microsoft Defender features enabled.

Winsage

January 26, 2026

Some PCs can’t boot after latest Windows 11 security update, no fix in sight —mostly affects 24H2 and 25H2 versions

A segment of Windows 11 users has encountered an issue with the January 2026 security update, resulting in some devices displaying an “UNMOUNTABLEBOOTVOLUME” error and becoming unresponsive. Users see a black screen with a message prompting a restart. This follows previous complications from security updates, including problems with shutdowns, hibernation, and disruptions to cloud applications like Outlook, OneDrive, and Dropbox. Microsoft has released emergency updates, but the unbootable error persists. Affected users can only temporarily resolve the issue by accessing the Windows Recovery Environment to uninstall the problematic patch. Additionally, the August 2025 security update disrupted recovery tools, and an October update rendered USB keyboards and mice inoperable in the Recovery Environment, complicating troubleshooting efforts.

AppWizard

January 21, 2026