security vulnerabilities Archives

Winsage

June 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.

Winsage

June 16, 2026

Windows 11 update is breaking some PCs with boot and BitLocker issues

Windows 11 update KB5094126 (Build 26200.8655), released on June 9, 2026, has caused boot failures, blue screens, and BitLocker recovery prompts for users, particularly affecting business devices from HP and Dell, including models like HP EliteBook 840 G10 and Dell Precision 7530. The issues stem from changes in Secure Boot and EFI partition modifications, with insufficient EFI partition space leading to errors. A workaround involves disabling Secure Boot in BIOS. Additionally, users have reported disruptions with OneDrive and Microsoft Word integration, particularly in enterprise environments. Microsoft has not yet acknowledged these problems.

Winsage

June 14, 2026

The Windows 11 June update makes your Start menu and Search feel much more snappier

Microsoft released update KB5094126 on June 9, 2026, for Windows 11 versions 24H2 and 25H2 to improve shell responsiveness. This update introduces the Low Latency Profile, which temporarily boosts CPU frequency for one to three seconds during interactions with system features like the Start menu and taskbar, resulting in system flyouts opening up to 70% faster and core applications launching up to 40% quicker. The update also includes features such as Shared Audio for simultaneous audio use by two users, enhanced Windows Task Manager with NPU usage columns, the ability for multiple applications to access the same camera stream, improved Windows Search for locating files with two characters, a refined installation process allowing custom user folder names, and optimizations to Windows Hello for authentication methods. The update also addresses over 200 security vulnerabilities.

Winsage

June 14, 2026

Windows 11 KB5094126 crashes some PCs (HP?) with BSODs, breaks OneDrive in File Explorer, enterprise apps

Windows 11 KB5094126, released on June 9, 2026, is a significant update that introduces new features, including the Low Latency Profile, and addresses up to 200 security vulnerabilities. However, it has caused boot failures for some HP devices, particularly the HP EliteBook 840 G10, leading to BSODs or BitLocker Recovery prompts. The update may conflict with specific BIOS configurations or EFI/System partition settings, especially on devices with older EFI partitions. Users experiencing boot failures may need to disable Secure Boot as a temporary workaround. Additionally, the update has disrupted OneDrive integration in File Explorer, preventing access from the left pane and tray icon, although users can still access cloud folders directly. Similar issues have been reported with Dropbox and iCloud Drive. The update has also affected Microsoft Word integration in various business applications, leading to failures in document handling. Furthermore, changes to desktop.ini files have impacted custom folder icons, requiring users to unblock these files to restore functionality.

Winsage

June 12, 2026

Still on Windows 10? This $13 upgrade to Windows 11 Pro offers better security, AI features, and more

Upgrade to Microsoft Windows 11 Pro for .97 (MSRP 9) until June 14. Windows 11 Pro features a redesigned interface, improved multitasking capabilities, enterprise-grade security functionalities like BitLocker encryption and Windows Hello, and includes Windows Copilot AI for task automation and assistance.

Winsage

June 12, 2026

June’s Windows 10 patch has a BitLocker user lockout problem… again

Microsoft released a cumulative update for Windows 10, designated as KB5094127, during the latest Patch Tuesday. Some users are experiencing issues where they are prompted to enter their BitLocker recovery key after installing the update. This problem is linked to systems with an "unrecommended" BitLocker Group Policy configuration and has occurred in previous updates. Specific conditions that can lead to this issue include having BitLocker enabled on the operating system drive, a certain Group Policy setting configured, the System Information tool reporting a specific Secure Boot State, the presence of a particular certificate in the Secure Boot Signature Database, and not using the 2023-signed Windows Boot Manager. Affected users may face difficulties accessing their BitLocker recovery key, potentially leading to lockouts. Microsoft suggests that personal devices are less likely to be affected, with the issue primarily impacting enterprise setups. The company is working on a resolution and advises IT administrators to consider removing the Group Policy configuration before installing the update. Update KB5094127 is available only to Windows 10 users in the Extended Security Updates program for versions 21H2 and 22H2, addressing various bugs and security vulnerabilities.

AppWizard

June 12, 2026

Android users need to uninstall these apps ASAP as they are a security risk

Google will soon notify Android users when an app they installed has lost developer support. Currently, users only receive alerts from Play Protect for significant security threats or potentially harmful apps. The only way to discover if an app has been delisted is through external sources or by trying to install it on a new device. Recent findings in the Play Store indicate that Google is preparing to inform users when apps have been removed from the Play Store and will no longer receive updates. Abandoned apps pose significant security risks, as they may contain vulnerabilities that can be exploited by malicious actors. Google's new notifications aim to encourage users to uninstall unsupported apps to protect their personal data.

Winsage

June 11, 2026

Microsoft patches a record 206 flaws—and one is already being exploited

Microsoft patched 206 vulnerabilities during June's Patch Tuesday, surpassing the previous record of 175 vulnerabilities patched in October 2025. Among the patched vulnerabilities, 118 are related to different versions of Windows, including Windows 10, Windows 11, and Windows Server. One critical vulnerability, CVE-2026-41091, in Microsoft Defender is actively being exploited, prompting an update to the Malware Protection Engine. Microsoft also addressed ten vulnerabilities in the Security Feature Bypass category due to the expiration of old Secure Boot certificates. Of the 118 Windows vulnerabilities, 19 are classified as critical Remote Code Execution (RCE) vulnerabilities, including CVE-2026-47288 and CVE-2026-47291. In Microsoft Office, 54 vulnerabilities were patched, including 25 RCE vulnerabilities, with nine classified as critical. Microsoft patched eight vulnerabilities in Exchange Server, including CVE-2026-45583, which can be exploited in a man-in-the-middle scenario. Additionally, the update for Edge addressed 74 Chromium vulnerabilities, including a zero-day vulnerability (CVE-2026-11645).

Winsage

June 11, 2026

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

Microsoft announced an update addressing 206 security vulnerabilities, including 39 classified as Critical and 167 as Important. The vulnerabilities include 63 privilege escalation, 56 remote code execution, 30 information disclosure, 27 spoofing, 20 security feature bypass, 7 denial-of-service, and 3 tampering vulnerabilities. Notable critical flaws include CVE-2026-45657 (use-after-free in Windows Kernel, CVSS score 9.8), CVE-2026-47291 (integer overflow in Windows HTTP.sys, CVSS score 9.8), and CVE-2026-44815 (stack-based buffer overflow in Windows DHCP Client, CVSS score 9.8). Microsoft also addressed vulnerabilities related to BitLocker bypass (CVE-2026-45585 and CVE-2026-50507) and introduced a new registry setting to mitigate risks associated with CVE-2026-49160 (denial-of-service vulnerability). The increase in patches is attributed to the use of artificial intelligence in vulnerability discovery, with the current year's reported vulnerabilities surpassing the total from all of 2018.

Winsage

June 11, 2026

Windows 11 Sucks Slightly Less Now, Thanks To A June Update

The June update for Windows 11, identified as KB5094126 (OS Builds 26200.8655 and 26100.8655), introduces significant enhancements and numerous bug fixes and security patches. A key feature is a low-latency profile that improves responsiveness of core system elements like the Start Menu and Search by allowing the CPU to quickly reach maximum clock speed upon user interaction. This update also refines the Start Menu, improves app launch speeds, and addresses longstanding issues such as faster downloads from the Windows Store and optimized Windows Search results. New features include multi-app camera support, Shared Audio functionality for streaming to multiple Bluetooth devices, and the ability to personalize user folder names during installation. Additionally, the update resolves 206 security vulnerabilities, including a critical kernel-level remote code execution vulnerability (CVE-2026-45657) with a threat score of 9.8.