Updates 2011-12-29

Hi, Folks!

Today Microsoft released out-of-cycle security updates for all versions of .NET that provide protection from an active series of denial of service attacks. While this is most common on servers, every Windows machine should apply these updates. These are security updates. A reboot may be required. Use Windows Update to get these now:
http://update.microsoft.com/

Adobe Reader 9+ and Adobe Acrobat 9+ have released critical security patches to address a severe vulnerability in how they handle embedded content. This is a security update. Use Help, Check for Updates to get the most current version. Since Adobe delays delivery of certain updates, these patches may not be generally available until mid-January. For your own safety, you should check several times from now until then to actually get the download.

Java 6u30 is a security update. This corrects a data parsing bug that has been very actively used to distribute malware over the last few months. Use the link below to download the offline installer, and if you’re running a 64-bit processor, make sure you download and install both the x86 and x64 version.
http://www.java.com/winoffline_installer/

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Driver Updates

If you’re using this hardware – these updates are for you.

RedSn0w 0.9.10b3 implements live iOS 5.0.1 jailbreaking.
http://iphoneroot.com/utilities/

Browser Updates

One or more of these are likely to be of interest to everyone.

Firefox 9.0 and 9.0.1 provide several text, font, script and HTML5 related improvements as well as security and stability updates. This is a security update.
http://www.mozilla.com/en-US/firefox/

SeaMonkey 2.6 and 2.6.1 use the same codebase as Firefox, so it provides several text, font, script and HTML5 related improvements as well as security and stability updates. This is a security update.
http://www.seamonkey-project.org/releases/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 9.0 and 9.0.1 also uses the same codebase as Firefox, so it provides several text, font, script and HTML5 related improvements as well as security and stability updates. This is a security update.
http://www.mozillamessaging.com/en-US/thunderbird/

OutlookAttachView 2.10 improves the user interface. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

WinSCP 4.3.6 is a security update.
http://winscp.net/eng/index.php

Trillian Astra for Windows 5.1.18 corrects the Facebook crash on connection and Google Talk and Facebook avatars showing up mismatched in the contact list and elsewhere, as well as a few other bugs. This is not a security update.
http://www.trillian.im/windows/

uTorrent 3.1 Build 26616 corrects a number of minor bugs and a security issue when used at very high speeds. This is a security update.
http://www.utorrent.com/

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codec Package 3.3.6 updates included codecs and adds support for control panel uninstallation. To install the update, you must uninstall and reinstall the application.
http://shark007.net/win7codecs.html

Win x64 Codec Support 3.3.6 updates included codecs and adds support for control panel uninstallation. This update applies only to 64-bit computers, and requires either the Win7 Codec Package or the Windows Vista Codec package.
http://shark007.net/x64components.html

Media Updates

These are unlikely to be of interest to most people.

Picasa 3.9.135.80 corrects several crash issues, as well as bugs in the tags and contacts features. This is not a security update.
http://picasa.google.com/

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 3.0.1 does not provide a changelog, so it should be treated as a security update.
http://www.artweaver.de/

IrfanView 4.32 improves performance, and provides a number of additional formats, plugins and capabilities. This is a security update.
http://www.irfanview.com/

Kindle for PC 1.8.3.36179 doesn’t provide a changelog, so it should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes’ Anti-Malware 1.60 adds a new defensive mechanism to work around various malware anti-security methods, as well as improvements in removal techniques, and logging. This is a security update.
http://www.malwarebytes.org/products/malwarebytes_free

Password Security Scanner 1.00 is a new application from Nirsoft that helps to detect simple passwords used by your system, in order to better harden your accounts.
http://www.nirsoft.net/utils/password_security_scanner.html

SuperAntiSpyware 5.0.1142 improves heuristic scanning, performance and corrects issues when testing malformed malware. This is a security update.
http://www.superantispyware.com/download.html

Converter Updates

These are unlikely to be of interest to most people.

Freemake Video Converter 3.0.1 is a minor bugfix release. This is not a security update.
http://www.freemake.com/

Utility Updates

These are unlikely to be of interest to most people.

LogMeIn Win 4.01.2126 provides enhancements to enable new Windows features including HD remote control and fixes other performance and stability issues with previous versions of LogMeIn. This should be treated as a security update. Right-click on the LogMeIn icon in your tray and select “Open LogMeIn”, click “About”, then “Check for Updates”. After a few minutes of downloading, the updater will start. You’ll be prompted to click “Update”, approve installation and finally “close” the installer when done.

RoboForm 7.6.7 adds IE64 support, visual improvements, and various minor behavior changes. This is not a security update.
https://12pd.com/click?rfe

Goodsync 8.8.9.9 corrects a number of bugs. This is not a security update.
https://12pd.com/click?goodsync

CCleaner 3.14.1616 provides several bug fixes. This is not a security update.
http://www.piriform.com/ccleaner

GPU-Z 0.5.7 adds newer hardware support. This is not a security update.
http://www.techpowerup.com/downloads/SysInfo/GPU-Z/

USBDeview 1.97 adds several new command line options, accelerator keys and improves window sizing. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

WhatIsHang 1.15 adds a “start as hidden” option to be able to use as a background watch for monitoring when an application hangs. This is not a security update.
http://www.nirsoft.net/utils/what_is_hang.html

Process Explorer 15.11 fixes several bugs, including the fleeting appearance of garbage characters in the status bar. This is not a security update.
http://live.sysinternals.com/

Developer Updates

These are unlikely to be of interest to most people.

Inno Setup 5.4.3 improves performance, adds Rich Edit 4.1 support, and modifies some installation behaviors to make them more logical. This is not a security update.
http://www.jrsoftware.org/isdl.php

TortoiseSVN x64 1.7.3 corrects several bugs, including several with potential security ramifications. This should be treated as a security update.
http://tortoisesvn.net/downloads

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 4.1.8-75467 corrects a couple dozen bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 3.4.9 is a bugfix release with minor security fixes. This is a security update.
http://www.phpmyadmin.net/home_page/news.php

SMF 2.0.2 corrects a dozen bugs, including a potential security issue. This is a security update.
http://www.simplemachines.org/

ColdFusion 9.0.2 updates a security vulnerability in the ColdFusion engine that would enable an attacker to perform an unvalidated XSS. This is a security update. If your server runs ColdFusion, update now.
http://kb2.adobe.com/cps/925/cpsid_92512.html

DotNetNuke 06.01.02 corrects a few dozen bugs. This is not a security update.
http://dotnetnuke.codeplex.com/

Admin Customization 2.0.1 fixes a javascript bug. This is not a security update.
http://wordpress.org/extend/plugins/admin-customization/

Contact Form 7 3.0.2.1 fixes a bug when saving forms. This is not a security update.
http://wordpress.org/extend/plugins/contact-form-7/

Front-end Editor 2.2 suppresses warnings relating to buggy templates and widgets, and introduces editable element grouping. This is not a security update.
http://wordpress.org/extend/plugins/front-end-editor/

Simple Facebook Connect 1.2 cleans up the interface, improves SSL support, corrects permissions and a number of other bugs. This should be treated as a security update.
http://wordpress.org/extend/plugins/simple-facebook-connect/

That’s all for now folks. Keep it clean out there.

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Subscribe To Our Newsletter
Sign up to receive notifications of our new posts.
icon

Leave a Reply

Your email address will not be published. Required fields are marked *