security updates Archives

Winsage

April 16, 2026

Microsoft April Update Forces BitLocker Recovery on Servers

A recent Microsoft security update, April 2026 KB5082063, has caused issues for administrators of Windows Server 2025 and Windows 11 systems, with many devices entering BitLocker recovery mode after reboot, requiring a 48-digit recovery key. This issue primarily affects enterprise-managed systems with specific TPM Group Policy settings involving PCR7 validation. Similar problems have been reported with updates KB5083769 and KB5082052 on Windows 11. The issue arises from five conditions: BitLocker must be enabled on the OS drive, the Group Policy must include PCR7, the msinfo32.exe tool must show Secure Boot State PCR7 Binding as “Not Possible,” the Windows UEFI CA 2023 certificate must be in the Secure Boot Signature Database, and the device must not be using the 2023-signed Windows Boot Manager. Microsoft suggests two workarounds: removing the TPM validation Group Policy before the update and re-enabling BitLocker, or applying a Known Issue Rollback (KIR) before installation. Skipping the April updates is not advisable due to the addressing of 167 vulnerabilities, including two zero-days. BitLocker recovery issues following updates have been recurring since 2022, with similar incidents reported in August 2022, August 2024, and May 2025, indicating ongoing challenges with Secure Boot certificates and TPM validation bindings in enterprise environments.

Winsage

April 16, 2026

Microsoft: April updates trigger BitLocker key prompts on some servers

Microsoft announced that certain Windows Server 2025 devices may experience a BitLocker recovery prompt after installing the April 2026 KB5082063 Windows security update. The recovery mode will be triggered under specific conditions: BitLocker must be enabled on the operating system drive, the Group Policy for TPM validation must be configured with PCR7, the Secure Boot State PCR7 Binding must indicate "Not Possible," the Windows UEFI CA 2023 certificate must be in the Secure Boot Signature Database, and the device must not be using the 2023-signed Windows Boot Manager. Microsoft stated that this issue is unlikely to affect personal devices, as the configurations are mainly found in enterprise-managed systems. They are working on a resolution and recommend administrators remove the Group Policy configuration before deploying the update. If removal is not possible, applying a Known Issue Rollback (KIR) is advised to prevent triggering the recovery prompt. Microsoft has previously addressed similar BitLocker recovery prompt issues in May 2025, August 2024, and August 2022.

Winsage

April 16, 2026

CISA flags Windows Task Host vulnerability as exploited in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in the Windows Task Host, identified as CVE-2025-60710, which poses a risk of privilege escalation, potentially allowing attackers to gain SYSTEM privileges. This flaw affects devices running Windows 11 and Windows Server 2025 and arises from a weakness in link following. Microsoft released a patch for this issue in November 2025. CISA has added CVE-2025-60710 to its list of actively exploited vulnerabilities and mandated that Federal Civilian Executive Branch agencies secure their systems within two weeks. CISA encourages all organizations, including those in the private sector, to implement necessary patches and improve network security. CISA also advised organizations to follow vendor instructions for mitigations or discontinue use of the affected product if mitigations are unavailable.

Winsage

April 15, 2026

Microsoft fixes bug behind Windows Server 2025 automatic upgrades

Microsoft has resolved an issue that caused unexpected upgrades from Windows Server 2019 and 2022 to Windows Server 2025. This problem was first reported in September 2024 when administrators found their servers upgraded without the necessary licenses. Initially, Microsoft attributed the issue to misconfigured third-party update management software, while developers claimed it was due to Microsoft's procedural errors regarding update release speed and classification. Microsoft confirmed the resolution of the issue and re-enabled the upgrade offer through the Windows Update settings. Additionally, Microsoft released an out-of-band update to address complications from a previous non-security preview update and deployed emergency updates to fix sign-in disruptions across various applications. Other updates were issued to resolve Bluetooth visibility issues and security vulnerabilities in the Routing and Remote Access Service management tool.

Winsage

April 14, 2026

Windows 11 KB5083769 out with improved /scannow, direct download links for offline installers (.msu)

Windows 11 has started rolling out update KB5083769, which introduces the ability to disable Smart App Control and provides offline installers for direct download. The update will automatically download and install unless users have paused updates for up to five weeks. Upon installation, Windows 11 25H2 will advance to Build 26200.8246, while version 24H2 will progress to Build 26100.8246. Users can check their update status in Settings > System > About. The update includes several .NET Framework security updates (KB5082417, KB5086097, KB5086096). The size of the April 2026 Update is approximately 5.1GB for x64 systems and under 4.5GB for arm64. New features include the ability to toggle Smart App Control, enhanced integration of Microsoft 365 in Windows Settings, modernized dialogs in Settings, and improvements to the sfc /scannow feature for accurate status reports.

Winsage

April 9, 2026

Google’s New $3 USB Kit Converts Old Windows 10 PCs to ChromeOS Flex Machines

Google, in collaboration with Back Market, has launched a USB kit for installing ChromeOS Flex on aging Windows 10 PCs for a fee. This kit simplifies the installation process, allowing users to replace their existing Windows system easily. ChromeOS Flex is compatible with various PCs and some Macs, focusing on cloud-based tasks and supporting browser-based and Android applications only. A study indicated that ChromeOS consumes 19% less energy than similar systems. For every USB drive produced, an equivalent weight of electronic waste is recycled. Google plans to provide software updates for Chromebooks for 10 years and for Pixel phones for 7 years. Windows 10 support will end in October 2025, with Microsoft offering a free extended security update until October 2026. Approximately 32% of the market still uses Windows 10, with 121 million enterprise devices estimated to be operating on it. The ChromeOS Flex USB Kit is considered a pilot program, with potential for increased production based on demand.

AppWizard

April 9, 2026

The latest Pixel update tackles Android 16’s early stability woes

Google has released its April 2026 security patch for Pixel phones, addressing issues such as app crashes in banking and third-party applications. The update improves app performance across the Pixel lineup, from Pixel 6 to Pixel 10a, and includes a fix for gaming performance on Pixel 10, Pro, and Pro XL models. It also resolves the disappearing Quick Search Bar issue and reinstates the Backup menu for older devices like the Pixel Fold and Pixel 8. The rollout includes essential security updates and is occurring in phases, with users advised to connect to a stable Wi-Fi network to check for updates in Settings.

Winsage

April 8, 2026

Google shares simple fix for millions of Windows 10 users

Google, in collaboration with refurbished electronics retailer Back Market, is offering a USB memory stick that allows users to install ChromeOS Flex for free, providing an alternative to Windows 10 and addressing the end of support for the operating system. The ChromeOS Flex USB Kit simplifies the installation process and aims to extend the lifespan of aging PCs, potentially preventing millions of functioning devices from being discarded. As of October 14, 2025, Microsoft ceased all support for Windows 10, leaving vulnerabilities unaddressed. Approximately one-third of Windows devices still run on Windows 10, and users can opt for an additional year of updates at a cost of around £22. ChromeOS Flex has lower system requirements than Windows 11 but lacks features like Android app installation. It helps ensure security updates for existing devices and contributes to environmental sustainability by reducing electronic waste and carbon emissions associated with new device manufacturing. The physical kit is priced at around €3 and is reusable.

Winsage

April 7, 2026

How to prevent updates on Windows 10 desktops

Organizations may pause or block Windows updates to maintain system stability and compatibility, particularly to avoid disruptions with legacy applications or customized environments, manage bandwidth consumption, and protect fortified Windows configurations. IT departments can disable updates using several methods: 1. Centralized patch management tools like WSUS or Microsoft Intune allow control over update deployment. 2. Configuring Group Policy settings can notify users of available updates without automatic installation. 3. Disabling the Windows Update service halts all future updates until re-enabled. 4. Setting a connection as metered can reduce automatic updates, though some critical updates may still download. In Windows 11, similar strategies apply, but organizations must consider the risks of blocking updates due to the end of regular security updates for Windows 10 and align their strategies with Microsoft's evolving update delivery methods.

AppWizard

April 6, 2026

Dangerous “NoVoice” malware found in over 50 Play Store apps that were installed 2.3 million times

A new malware threat called "NoVoice" has been found in over 50 applications on the Google Play Store, with 2.3 million installations on Android devices. Discovered by McAfee, this malware is hidden in seemingly harmless apps like system cleaners, games, and image galleries. It exploits Android vulnerabilities to gain root access, potentially allowing attackers to steal sensitive information and manipulate applications without user consent. In some cases, it may persist even after a factory reset. Google has stated that Android devices updated since May 2021 are protected against this threat and that Google Play Protect actively removes malicious apps and blocks new installations. The malware was not able to infect devices in Beijing and Shenzhen, suggesting the attackers may be avoiding local law enforcement. One identified app carrying the NoVoice payload is SwiftClean, developed by Biodun Popoola. The malware operates using a silent audio file, executing its code without user detection. Users are advised to download apps only from the Google Play Store and keep their devices updated.