Security Archives

Winsage

April 2, 2026

Windows Security App Gains Secure Boot Certificate Status Ahead of Major Certificate Refresh

The Secure Boot certificates used by the Unified Extensible Firmware Interface (UEFI) on Windows PCs will expire in late June 2026. Microsoft is rolling out updated certificates through Windows Update to ensure user protection. Starting in April 2026, users can check their device's status in the Windows Security app, which will feature a color-coded badge system: - Green Checkmark: New certificates are installed, no action needed. - Yellow Caution Badge: Update pending or blocked due to hardware/firmware issues (expected in May 2026). - Red Stop Icon: Alerts users that older certificates are expiring, potentially preventing essential boot-level security updates (may appear as early as June 2026). The status will also be indicated in the Windows Security system tray icon. Most users will have a seamless update process by keeping Windows Update enabled, with devices from 2025 and many from 2024 covered. Older machines will receive updates gradually, guided by major OEMs. Microsoft advises against ignoring yellow or red warnings, as devices without updated certificates may be vulnerable to security threats and incompatible with future Windows updates. A support resource is available at aka.ms/getsecureboot.

AppWizard

April 2, 2026

‘This rootkit is highly persistent; a standard factory reset will not remove it’: “NoVoice” Android malware on Google Play infects 50 apps across 2.3 million devices, here’s what we know

Researchers at McAfee have identified a malware strain named NoVoice that has infiltrated over 50 applications on the Google Play Store, leading to more than 2.3 million downloads. NoVoice exploits vulnerabilities in older Android kernels and GPU architectures, remaining active even after factory resets. It can inject malicious code into applications like WhatsApp, allowing it to hijack user sessions and spy on private conversations. Google has removed the affected applications, but the malware continues to pose a threat to already compromised devices.

AppWizard

April 2, 2026

Google is Finally Forcing 64-bit on All Wear OS Apps

As of September 15, 2026, all new apps and updates for Wear OS must include a 64-bit version in addition to the existing 32-bit version. The Play Store will block uploads of non-compliant apps after this deadline. Current users of smartwatches running on a 32-bit version of Wear OS will continue to receive app support. The introduction of 64-bit app versions is expected to improve performance, enhance security, and allow for the use of more than 4GB of RAM in smartwatches.

Tech Optimizer

April 2, 2026

Cybersecurity expert highlights mobile device vulnerabilities

Cybersecurity expert John Joyce emphasizes the vulnerabilities of mobile devices, noting that many users mistakenly believe their smartphones are secure. He highlights that smartphones often serve as primary computing devices, storing sensitive personal information, which makes them attractive targets for cybercriminals. Joyce advises users to look for signs of compromise, such as device slowdowns or unusual app behavior, and to keep their devices updated with the latest operating systems and security patches to reduce risks. He recommends using a Virtual Private Network (VPN) when on public Wi-Fi and suggests utilizing security apps like Norton and TotalAV for additional protection. Joyce also points individuals to Cirrus Technology Consultants' online resources for further information on mobile cybersecurity.

AppWizard

April 2, 2026

How to use and deploy Android Work Profile in your business

The mobile device has become a dual-purpose tool for personal and professional needs, enhancing productivity but also introducing security challenges for organizations with bring-your-own-device (BYOD) policies. Samsung addresses these challenges with its Android Work Profile feature, which separates business applications and data from personal content on devices like the Galaxy S26 Series, Galaxy Z Fold7, and Galaxy Z Flip7. Android Work Profile creates two isolated profiles on a single device, allowing IT teams to manage corporate applications while keeping personal information private. IT administrators can monitor work profile applications and data but cannot access personal profiles, ensuring employee privacy. Employees can easily switch between work and personal applications and activate a “pause work apps” feature during off-hours. To set up Android Work Profile, organizations need an Enterprise Mobility Management (EMM) solution and the Android Device Policy app. The Samsung Knox Suite provides tools for managing and securing devices, including Knox Mobile Enrollment and Knox Attestation. Android Work Profile benefits businesses by enhancing data security and reputation while promoting work-life balance for employees.

AppWizard

April 2, 2026

Google embraces the future, mandates 64-bit apps for Wear OS

Google has mandated that all Wear OS applications must include a 64-bit version starting September 15, 2026. This requirement is part of a broader strategy that also applies to Android TV and Google TV, which will require 64-bit app versions from August 2026. Developers can still offer a 32-bit version alongside the new 64-bit applications, and the Play Store will continue to support legacy applications. A majority of Wear OS developers have already adopted the 64-bit architecture, although some dormant apps may present challenges. The transition to a 64-bit architecture is expected to enhance performance, security, and efficiency for chip manufacturers, as well as allow smartwatches to utilize more than 4GB of RAM.

Tech Optimizer

April 2, 2026

Norton Review 2026: Solid Antivirus With Great Safe Browsing Tools and Parental Controls

Norton Antivirus has a score of 8.3/10. It offers extensive parental controls on some plans, cloud backups for sensitive data, and a high-quality safe browser. However, its identity theft protection features are limited to US-based users, it has higher resource usage than most competitors, and reaching human customer support can be difficult. Norton began as an antivirus company in 1982 and has expanded to include a password manager, safe browser, cloud backups, and privacy monitoring tools. The LifeLock plans provide identity theft protection and insurance for US users. The antivirus software features easy setup, optimization tools for Windows and MacOS, scam detection, and privacy monitoring. Norton offers various plans, including Norton AntiVirus Plus, Norton 360 Standard, Norton 360 Deluxe, and Norton 360 with LifeLock Select Plus, each with different features and pricing. The plans can cover multiple devices, with costs starting at a competitive rate for the first year. Norton’s antivirus software includes real-time protection, manual and automated scans, and scan scheduling. Its parental controls are a notable feature, and while cloud backups are available, storage may be limited. Free tools include a password manager, data breach scan, and safe browser. Norton’s usability is straightforward, with an intuitive account setup and installation process. The antivirus operates with moderate resource usage, maintaining a low footprint during routine tasks. Norton has a strong reputation for malware detection, maintaining a perfect security ranking from AV-Test and high online detection rates from AV-Comparatives. Its password manager and backup systems use AES-256 encryption, and its VPN follows a no-logs policy. Customer support options include a community forum, knowledge base, and 24/7 live chat and phone support, though email support is not available. Norton is considered a good value for families and budget-conscious users, with pricing starting at an affordable rate for single-device coverage. It is suitable for users seeking active threat protection and parental controls, though alternatives like Bitdefender or Malwarebytes may be better for those prioritizing efficiency and advanced features.

Winsage

April 2, 2026

Don’t blame Windows 11 updates for every problem, Microsoft veteran says

Corporate clients often report to Microsoft that Windows updates disrupt their systems, particularly after Patch Tuesday. A 2026 report from Omnissa indicates that Windows environments experience more application crashes and forced shutdowns than macOS. However, Raymond Chen, a Windows expert, suggests that many systems are already compromised before updates are installed. Engineers at Microsoft frequently find that issues persist even after rolling back updates, and similar failures can occur on machines that haven't received the update yet. The actual triggers for system failures often stem from changes made by IT departments prior to updates, such as new drivers or configuration modifications. These changes may not show immediate issues until a reboot occurs during Patch Tuesday, revealing existing instability. Best practices for IT admins include controlled change management, validating drivers and policies before deployment, using staged rollouts, rebooting after major changes, and maintaining logging and monitoring systems. Microsoft conducts extensive testing of updates to ensure system security and stability, and delaying updates can increase risks.

AppWizard

April 1, 2026

‘NoVoice’ Android malware on Google Play infected 2.3 million devices

A new Android malware called NoVoice has been found in over 50 applications on Google Play, with more than 2.3 million downloads. The malware targets older Android versions, specifically those patched between 2016 and 2021, and attempts to gain root access by exploiting vulnerabilities. It conceals malicious components within the com.facebook.utils package and uses steganography to hide an encrypted payload within a PNG image file. NoVoice avoids infecting devices in certain regions and has checks to detect emulators and VPNs. Once activated, the malware contacts its command-and-control server to gather device information and polls it every 60 seconds for tailored exploits aimed at rooting the device. It can exploit 22 vulnerabilities, including kernel bugs, and establishes persistence by replacing key system libraries and installing recovery scripts. The malware injects code into applications, particularly targeting WhatsApp to extract sensitive data for session replication, which is then exfiltrated to the C2 server. The malicious apps containing NoVoice have been removed from Google Play, but users who installed them should consider their devices compromised. Upgrading to devices with later security patches is recommended to mitigate the threat.

Winsage

April 1, 2026

Microsoft issues emergency update for Windows 11 — fixes broken March preview update rollout from last week

Microsoft released an optional non-security update for Windows 11, identified as KB5079391, which caused significant installation issues for users, marked by error code 0x80073712. In response, Microsoft issued an emergency update, KB5086672, to address these problems for affected Windows 11 systems, including versions 25H2 and 24H2. This new update supersedes previous updates and includes protections and improvements from the March 2026 Windows security and non-security preview updates, along with an installation fix. The update also offers enhancements such as refresh rates exceeding 1000 Hz, improved auto-rotation and HDR reliability, and enhanced power efficiency for USB 4-connected monitors during sleep. Earlier in the year, the January security update, KB5074109, caused issues for gamers with Nvidia GPUs, leading to frame rate drops and system instability, with some users experiencing boot failures and errors like “UNMOUNTABLEBOOTVOLUME.” Additionally, users reported problems with shutting down or hibernating their PCs and disruptions in cloud-based applications like Outlook, OneDrive, and Dropbox.