Security Patch Archives

Winsage

May 15, 2026

Microsoft confirms next Windows 11 update will “accelerate app launch and core shell experiences”

Microsoft will roll out Low Latency Profile enhancements for Windows 11 in the coming weeks, currently being tested in Release Preview builds. This feature optimizes CPU performance by temporarily boosting frequency during brief intervals, potentially improving app launch responsiveness by up to 40% and system flyouts by up to 70%. Preliminary tests indicate significant performance improvements, especially for users with lower-end hardware. The feature operates in the background and is not user-configurable. It will be included in an upcoming optional non-security preview update expected by the end of the month, followed by integration into the next monthly security patch on June 9. Updates will be rolled out in phases. These enhancements are part of Microsoft's Windows K2 initiative.

Winsage

May 10, 2026

Microsoft Confirms KB5083769 Breaks Macrium and Acronis Backups

Microsoft's April 2026 Windows security update, KB5083769, may disrupt image-mount operations for backup applications such as Macrium Reflect, Acronis Cyber Protect Cloud, UrBackup Server, and NinjaOne Backup due to the addition of the psmounterex.sys kernel driver to its Vulnerable Driver Blocklist. This action was taken to address a high-severity buffer overflow vulnerability, CVE-2023-43896. The inclusion of this driver in the blocklist has rendered several backup products inoperable, and Microsoft will not retract the block for security reasons. Administrators can use Event ID 3077 in the Code Integrity log to confirm that the blocklist is causing the failures. Microsoft advises updating backup applications to versions that include necessary driver protections instead of uninstalling or pausing the security patch. Additionally, the April updates have caused other issues, such as failures in Windows Server installations and devices booting into BitLocker recovery mode.

Winsage

May 3, 2026

You shouldn’t delay your Windows 11 updates, experts reveal

Experts advise against postponing Windows updates, as Microsoft has introduced features allowing users to control when updates occur. Users can pause updates for up to 35 days indefinitely, but delaying updates can lead to security vulnerabilities. Microsoft releases several types of updates: security updates, feature updates, quality updates, driver updates, optional updates, out-of-band updates, and zero-day updates. Zero-day updates are critical and should be installed immediately to avoid exploitation. Recent reports indicate that critical OS patching for Windows 10 and 11 is lagging by an average of 256 days, increasing the risk of cyber incidents.

Winsage

April 28, 2026

Incomplete Windows Patch Creates New Zero-Click Attack Risk

A new vulnerability in Microsoft Windows, designated as CVE-2026-32202, has been discovered due to an incomplete security patch for a previous flaw (CVE-2026-21510). This new vulnerability allows attackers to execute zero-click attacks by processing specially crafted shortcut files, enabling automatic authentication requests without user interaction. The vulnerabilities are linked to another flaw (CVE-2026-21513) in Microsoft’s MSHTML framework, and cybercriminals, specifically the APT28 group, have exploited these issues in attacks against Ukraine and the European Union. Microsoft has released a fix for the new vulnerability in its April 2026 security updates.

Winsage

April 22, 2026

Microsoft Changes Windows Security After 15 Years—Update By ‘End Of April’

Microsoft is updating the Secure Boot certificates for Windows PCs, which have been in place since 2011. This update will begin with the April security patch rollout and is expected to be fully deployed across PCs by the end of April 2026. Users can check the status of the Secure Boot update by navigating to Windows Security > Device security > Secure Boot, where a color-coded badge will indicate the current status. The update will install new certificates and confirm if user action is necessary. If the badge is red, immediate attention is required. Microsoft is enhancing the visibility of the Secure Boot certificate status within Windows Security to aid users in verifying the update. The certificates will not expire for several more weeks, so users should check their systems by the end of the month.

AppWizard

April 9, 2026

The latest Pixel update tackles Android 16’s early stability woes

Google has released its April 2026 security patch for Pixel phones, addressing issues such as app crashes in banking and third-party applications. The update improves app performance across the Pixel lineup, from Pixel 6 to Pixel 10a, and includes a fix for gaming performance on Pixel 10, Pro, and Pro XL models. It also resolves the disappearing Quick Search Bar issue and reinstates the Backup menu for older devices like the Pixel Fold and Pixel 8. The rollout includes essential security updates and is occurring in phases, with users advised to connect to a stable Wi-Fi network to check for updates in Settings.

AppWizard

April 7, 2026

Android 16 April update rolling out: Pixel UI, app crash fixes

Google has started distributing the April 2026 security patch for Android 16 QPR3, affecting devices such as the Pixel 6 series, Pixel 7 series, Pixel 8 series, and Pixel 10 lineup. The patch, dated April 1, 2026, addresses one significant security issue and four additional vulnerabilities in a follow-up update on April 5, 2026. The build numbers for the update are as follows: - Pixel 6: CP1A.260405.005 - Pixel 6 Pro: CP1A.260405.005 - Pixel 6a: CP1A.260405.005 - Pixel 7: CP1A.260405.005 - Pixel 7 Pro: CP1A.260405.005 - Pixel 7a: CP1A.260405.005 - Pixel Tablet: CP1A.260405.005 - Pixel Fold: CP1A.260405.005 - Pixel 8: CP1A.260405.005 - Pixel 8 Pro: CP1A.260405.005 - Pixel 8a: CP1A.260405.005 - Pixel 9: CP1A.260405.005 - Pixel 9 Pro: CP1A.260405.005 - Pixel 9 Pro XL: CP1A.260405.005 - Pixel 9 Pro Fold: CP1A.260405.005 - Pixel 9a: CP1A.260405.005 - Pixel 10: CP1A.260405.005 - Pixel 10 Pro: CP1A.260405.005 - Pixel 10 Pro XL: CP1A.260405.005 - Pixel 10 Pro Fold: CP1A.260405.005 - Pixel 10a: CP1A.260405.005 In Australia, the build numbers for the Pixel 6 series are: - Pixel 6: CP1A.260405.003.A1 - Pixel 6 Pro: CP1A.260405.003.A1 - Pixel 6a: CP1A.260405.003.A1 The update includes various fixes, such as restoring the Backup menu in System settings, addressing crashes in banking and third-party apps, resolving game crashes, fixing the disappearance of the quick search bar, and correcting crashes in Quick Share during file transfers.

AppWizard

April 7, 2026

Researchers find 50 ‘dangerous’ Android apps that are secretly hijacking phones: Who is at risk

Recent findings from McAfee have revealed a malware campaign named Operation NoVoice that has infiltrated over 50 applications on the Google Play Store, which collectively received over 2.3 million downloads before being removed. The malware uses a rootkit attack strategy to gain administrator-level control of Android devices while remaining undetected. Affected apps appeared benign, performing tasks like cleaning files or managing photos, but were secretly communicating with a remote server to send device information. This allowed attackers to deploy custom exploit code, achieving root-level access and posing significant security risks. The malware persists even after factory resets, potentially requiring firmware reinstallation for complete removal. Users with older or unpatched Android versions are at greater risk, as well as anyone who downloaded the compromised apps.

AppWizard

April 3, 2026

Google Responds As 50 Apps With 2 Million Downloads Hit By Malware

Researchers at McAfee Labs discovered that 50 Android applications on the Google Play Store contain malware known as NoVoice, which can grant full remote access to infected smartphones. These apps have over 2.3 million downloads. The malware can communicate with remote servers, profile devices, and download tailored root exploits, potentially compromising specific hardware and software configurations. However, devices with an Android security patch level of May 2021 or later are not vulnerable to these exploits, as the vulnerabilities were patched by Android between 2016 and 2021. Google Play Protect removes these apps and blocks new installs, and users are advised to keep their devices updated with the latest security patches.

AppWizard

April 1, 2026

‘NoVoice’ Android malware on Google Play infected 2.3 million devices

A new Android malware called NoVoice has been found in over 50 applications on Google Play, with more than 2.3 million downloads. The malware targets older Android versions, specifically those patched between 2016 and 2021, and attempts to gain root access by exploiting vulnerabilities. It conceals malicious components within the com.facebook.utils package and uses steganography to hide an encrypted payload within a PNG image file. NoVoice avoids infecting devices in certain regions and has checks to detect emulators and VPNs. Once activated, the malware contacts its command-and-control server to gather device information and polls it every 60 seconds for tailored exploits aimed at rooting the device. It can exploit 22 vulnerabilities, including kernel bugs, and establishes persistence by replacing key system libraries and installing recovery scripts. The malware injects code into applications, particularly targeting WhatsApp to extract sensitive data for session replication, which is then exfiltrated to the C2 server. The malicious apps containing NoVoice have been removed from Google Play, but users who installed them should consider their devices compromised. Upgrading to devices with later security patches is recommended to mitigate the threat.