Updates 2014-10-14

Hi, Folks!

It’s BASH Tuesday! October is here. September was awful. There were 3.5 update cycles in September and a large number of vulnerabilities released for a wide array of software and hardware. The most significant of these was Shellshock, a vulnerability discovered in late September which directly impacts almost every Linux-powered device and operating system for over 20 years. The scope of this particular vulnerability made Heartbleed look minor. However, as significant as it is, it doesn’t directly affect most consumers. The most significant issue for most consumers is going to be those devices they don’t think of as having an operating system: stuff like security cameras, automatic lights and even cars. Many of these run a form of Linux that if networking is enabled opens them up to the potential for exploitation. When in doubt call the vendor. Or me. πŸ˜‰

Today brings a relatively light load of updates. The typical computer will require less than 300mb in updates today.

I always remind everyone to do their backups, but this month it’s really important. Yesterday HP disclosed that they “accidentally” allowed one of their certificates to be used to “sign” malware, enabling the malware to bypass various security precautions on many computers. They plan to revoke this certificate and re-key their software next month, but this will invalidate the recovery partition on many HP and Compaq computers. If something happens to an affected computer that requires reinstalling the operating system, it could be prevented unless media (which you have to make yourself) is used. Back your content up now, and if you haven’t done so yet, create your “recovery media” as soon as possible.

And now back to our regularly scheduled program.

Microsoft released updates for Windows, Internet Explorer, MS Office, Developer tools, and .Net. This includes security updates (80-185mb). A reboot is required.
http://update.microsoft.com/

Apple released updates for iOS, printer drivers and BASH. This includes security updates. Use Apple Software Update to install these updates. A reboot is required. Apple plans to release OS X Yosemite (10.10) this Friday. Yosemite will support all hardware supported by Mavericks, so if you are running Mavericks, you can update to Yosemite for free through Apple Software Update this weekend.

iOS 8.0.2 is the first mostly-stable release of iOS. You can install it now. Use iTunes or Settings, General, About to install this update. Back it up first!

Adobe Flash Player 15.0.0.189 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Adobe AIR 15.0.0.293 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Samsung SideSync 3.0.3.663 does not provide a detailed changelog, so should be treated as a security update.
http://www.samsung.com/us/sidesync

Display Driver Uninstaller 13.4.1.0 improves cleanup. This is not a security update.
http://www.wagnardmobile.com/DDU/downloads.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 38.0.2125.101 is a security update. Use Menu, About to get the most current version.

Firefox 33.0 is a security update. Use Help, About to get the most current version.

SeaMonkey 2.29.1 is a security update. Use Help, About to get the most current version.

K-Meleon 74 is a security update. Use Help, About to get the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 31.2.0 is a security update. Use Menu, About to get the most current version.

NK2Edit 3.00 adds the ability to control autocomplete list limit. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 6.21.0.104 reduces interface clutter. This is not a security update.
https://12pd.com/click?skype

DynDNS Updater 5.2.0 is a security update.
http://dyn.com/apps/updater/

BrowsingHistoryView 1.55 adds configuration import and export options. This is not a security update.
http://www.nirsoft.net/utils/browsing_history_view.html

IPNetInfo 1.56 improves sorting for IP. This is not a security update.
http://www.nirsoft.net/utils/ipnetinfo.html

Connectify Hotspot 9.2.1 improves the look and feel, performance, and stability. This is not a security update.
http://www.connectify.me/

Dropbox 2.10.41 is a cosmetic update. This is not a security update.
https://12pd.com/click?dropbox

ARChon 1.2 improves cross-platform reliability. This is not a security update.
https://github.com/vladikoff/chromeos-apk/blob/master/archon.md

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codec Package 7 Codecs Advanced 4.7.8 updates included codecs, improves hardware and subtitle support. To install the update, you must uninstall and reinstall the application.
http://shark007.net/win7codecs.html

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.5.4.5118 is a security update.
https://12pd.com/click?cdbxp

MPC HC 1.7.7 updates included libraries and corrects dozens of bugs. This should be treated as a security update.
https://12pd.com/click?mpchc

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 2.0.6 corrects a number of bugs. This is not a security update.
http://audacity.sourceforge.net/download/windows

Blender 2.72 adds several new features, improves performance and fixes dozens of bugs. This is a security update.
http://www.blender.org/download/

Lightworks NLE 12.0 adds dozens of new features, improved controls and rendering, and nearly a hundred bug fixes. This is not a security update.
http://www.lwks.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes’ Anti-Malware 2.0.3 fixes dozens of bugs including performance and stability. This should be treated as a security update.
https://12pd.com/click?mbam

KeePass 1.28 provides several bug fixes and a new quality indicator. This is not a security update.
http://keepass.sourceforge.net/

OpenSSL 1.0.2 is a security update.
https://www.openssl.org/

DNSQuerySniffer 1.28 adds secondary sorting support. This is not a security update.
http://www.nirsoft.net/utils/dns_query_sniffer.html

SmartSniff 2.11 adds always-on-top and secondary sorting support. This is not a security update.
http://www.nirsoft.net/utils/smsniff.html

Wireless Network Watcher 1.73 updates the MAC address database. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

Junkware Removal Tool 6.3.3 does not provide a changelog, so should be treated as a security update.
http://thisisudax.org/

RogueKiller 10.0.1 is a security update.
http://www.adlice.com/softwares/roguekiller/

SuperAntiSpyware 6.0.1158 is a security update.
http://www.superantispyware.com/download.html

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 2.76 improves Chrome support. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 7.9.10 improves reliability and corrects several bugs. This is not a security update.
https://12pd.com/click?rf

GoodSync 9.9.9.7 improves sync with several services, corrects several bugs. This is not a security update.
https://12pd.com/click?goodsync

BFGMiner 4.9.0 updates included libraries, provides dozens of bugfixes and improves stability. This should be treated as a security update.
https://github.com/luke-jr/bfgminer/

Bitcoin 0.9.3 fixes minor bugs and adds translations. This is not a security update.
http://bitcoin.org/en/download

UpdateChecker 1.040 fixes several minor bugs. This is not a security update.
http://www.filehippo.com/download_update_checker/

FileLocator Pro 7.5.2067 provides several bug fixes, adds msg file export for PST files, adds bulk copy, improved UTF-8 detection, ‘search within’, and summary information. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

SearchMyFiles 2.51 adds ‘size on disk’ column. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

USBDeview 2.37 adds the ability to decode device serial numbers. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

CCleaner 4.18.4844 provides several bug fixes, improves application support and 64-bit support. This is not a security update.
https://12pd.com/click?ccleaner

CPU-Z Installer 1.71 adds newer hardware support. This is not a security update.
http://www.cpuid.com/softwares/cpu-z.html

LicenseCrawler 1.43.732 improves Adobe support and network support, updates engine and provides several bug fixes. This is not a security update.
http://www.klinzmann.name/licensecrawler_download.htm

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 4.3.18-96516 fixes several bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Many VMware devices are subject to the Shellshock vulnerability disclosed late September. Check your specific hardware against the list below for updates:
http://www.vmware.com/security/advisories/VMSA-2014-0010.html

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 4.0.10.4, 4.1.14.5 and 4.2.9.1 are security fixes. phpMyAdmin 4.2.10 provides several additional bug fixes.
http://www.phpmyadmin.net/home_page/news.php

ColdFusion 11u2, 10u14, and 9.0.2u7 are security updates.

MailEnable 8.55 corrects several bugs and improves webmail. This is not a security update.
http://www.mailenable.com/

Coppermine Gallery 1.5.32 is a security update.
http://coppermine-gallery.net/

Joomla 3.3.6 is a security update.
http://www.joomla.org/

SMF 2.0.9 is a security update.
http://download.simplemachines.org/
That’s all for now folks. Keep it clean out there. πŸ˜‰

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Leave a Reply

Your email address will not be published. Required fields are marked *