updates Archives

Winsage

May 20, 2026

Microsoft shares mitigation for YellowKey Windows zero-day

Microsoft has addressed the YellowKey vulnerability, a zero-day flaw in Windows BitLocker identified as CVE-2026-45585. This vulnerability allows unauthorized access to BitLocker-protected drives through a specific exploitation process involving 'FsTx' files. The flaw was disclosed by an anonymous researcher known as 'Nightmare Eclipse.' Microsoft has released mitigation strategies, including removing the autofstx.exe entry from the Session Manager's BootExecute REGMULTISZ value and reestablishing BitLocker trust for WinRE. Additionally, users are advised to change BitLocker settings from "TPM-only" to "TPM+PIN" mode, requiring a pre-boot PIN for drive decryption, and to enable "Require additional authentication at startup" for unencrypted devices.

AppWizard

May 20, 2026

Google adds Android app generation and Managed Agents to Gemini developer tools

Google unveiled enhancements to its Gemini technology at the I/O 2026 event, introducing new developer tools in AI Studio and the Gemini API. Key features include the ability to generate native Android applications directly from AI Studio, which produces Kotlin code using Jetpack Compose patterns and supports hardware features like camera and GPS. The platform includes an embedded Android Emulator and allows direct publishing to the Google Play Console while adhering to Google Play's quality standards. Additionally, Google introduced Antigravity 2.0, an agent-first development platform with a revamped desktop application and SDK for custom workflows. Projects from AI Studio can be exported to Antigravity for local development. The Managed Agents feature in the Gemini API enables developers to create agents with a single API call, allowing them to reason and execute code in a secure Linux environment. This feature is available in Public Preview and simplifies infrastructure tasks for production-grade agents. Custom agents can be defined and registered, with Google encouraging developers to create their own managed agents.

AppWizard

May 20, 2026

Big changes are coming to Android Auto — these are the music apps in line for a major redesign

Google has announced design enhancements for music applications in Android Auto as part of the Android Auto 17.0 beta, revealed at the I/O 2026 developer event. The update will benefit apps like Spotify, YouTube Music, Amazon Music, Gaana, PocketFM, and TuneIn. The Car App Library updates provide developers with more flexibility in app interface design, allowing for user-friendly experiences that reduce distractions. New features include an adaptive mini-player for media apps and additional component types like Chip and CondensedItem. Developers are encouraged to join the early-access beta program to utilize the new Car Library App templates.

BetaBeacon

May 20, 2026

The Best Android Games to Download This Summer 2026

Balatro is a poker-inspired roguelike deckbuilder game that has no aggressive monetization or energy systems, allowing players to pay once and own it.

Winsage

May 20, 2026

Microsoft confirms Windows 11’s May 2026 update is failing to install with error 0x800f0922 and outlines a mitigation for affected PCs

Microsoft has acknowledged installation issues with the May 2026 Security Update for Windows 11, specifically error code 0x800f0922, affecting devices on versions 24H2 and 25H2 after installing update (KB5089549) released on May 12. The failures occur during the reboot phase, often around 35 percent, primarily on devices with 10MB or less free space in the EFI System Partition (ESP). For consumer and unmanaged business devices, Microsoft has implemented a Known Issue Rollback (KIR), and restarting the computer may resolve the issue. For managed devices, network administrators must manually deploy a Group Policy workaround. Microsoft suggests modifying a Registry value to decrease reserved padding in the EFI partition as a potential fix, along with restarting the computer and checking for updates. A permanent solution is planned for a future Windows update.

AppWizard

May 20, 2026

Google AI Studio has learnt to create Android apps from a text query

Google has introduced a new feature in AI Studio that enables users to create native Android applications from text descriptions, automatically generating Kotlin code and using Jetpack Compose for the user interface. Developers can build Android apps directly in the browser without needing to install Android Studio or additional libraries. AI Studio includes a built-in Android Emulator for real-time testing and allows immediate installation of applications on Android devices via USB. Users can publish builds to Google Play's internal test track and export projects as ZIP archives or push them to GitHub. The service is ideal for developing simple utilities and applications that utilize various Android hardware features. Future updates will include support for Firebase and other tools.

Tech Optimizer

May 20, 2026

Critical PostgreSQL Flaws Enable Code Execution and SQL Injection

On May 14, 2026, PostgreSQL released critical security updates for versions 18.4, 17.10, 16.14, 15.18, and 14.23, addressing 11 Common Vulnerabilities and Exposures (CVEs) related to stack buffer overflows, SQL injection, memory disclosure, and denial-of-service vulnerabilities. The most critical vulnerability, CVE-2026-6637, has a CVSS score of 8.8 and allows remote, unprivileged database users to execute arbitrary code. Other notable vulnerabilities include CVE-2026-6473, which affects memory allocation leading to potential memory corruption, and CVE-2026-6475, which allows overwriting sensitive OS-level files. Additional vulnerabilities include SQL injection flaws and authentication issues, with various CVSS scores ranging from 3.7 to 7.5. The updates can be implemented without a database dump, and PostgreSQL 14 will reach its end-of-life on November 12, 2026.

Tech Optimizer

May 20, 2026

PoC Exploit Released for 20-Year Old PostgreSQL RCE Vulnerability

A proof-of-concept exploit has been developed for CVE-2026-2005, a remote code execution vulnerability in the pgcrypto extension of PostgreSQL. This vulnerability, stemming from legacy code, allows attackers to trigger a heap-based buffer overflow through specially crafted PGP messages, enabling arbitrary memory read and write operations. Successful exploitation can escalate privileges to PostgreSQL superuser status and execute commands on the operating system. The exploit targets PostgreSQL instances compiled from a specific vulnerable commit and circumvents protections like Address Space Layout Randomization (ASLR). It involves corrupting heap memory structures, leading to a controlled pointer leak that reveals the heap layout. Security researcher Varik Matevosyan has published the PoC on GitHub, demonstrating the exploitation process. The exploit requires a compatible PostgreSQL binary and utilizes Python-based tools for interaction. Organizations are advised to review their PostgreSQL deployments, disable unnecessary extensions, and apply security updates to mitigate risks.

AppWizard

May 20, 2026

Your Nvidia drivers could be insecure, and you should update now

Nvidia has issued a security bulletin regarding vulnerabilities in its GPU drivers, urging users to update to the latest versions for products including GeForce, Quadro, and Tesla GPUs. Users with Nvidia GPU drivers older than version 596.36 are advised to update to protect against vulnerabilities related to kernel-mode driver issues and resource management, which include time-of-check/time-of-use vulnerabilities, improper GPU resource access, and driver-lock leaks. The potential risks include denial of service, privilege escalation, information disclosure, data tampering, and code execution, with Nvidia classifying these vulnerabilities as "High." Users can check their current driver version in the Nvidia Control Panel or the Nvidia App and should visit Nvidia's driver page to download the latest updates.

AppWizard

May 20, 2026

Android 17’s Live Updates will be a boon for workout and travel apps

Android 17 will introduce a new "Metric Style" notification template for Live Updates, enhancing user experience by allowing health, fitness, timers, and travel applications to present vital information more accessibly. The Metric Style template can showcase up to three distinct data points simultaneously on the Always-On Display, lock screen, and status bar, focusing on real-time raw data rather than milestones. It features three display modes: a glanceable view prioritizing the most relevant metric, an expanded view showing all metrics side-by-side, and a collapsed view condensing information into a single line. This standardization provides app developers with a reliable framework for delivering critical information directly on the lock screen and status bar. Google has not confirmed whether this feature will be included in the first stable Android 17 update or a subsequent QPR release.