Hi, Folks!
It’s Patch Tuesday. Quite often you’ll read my posts about what needs to be updated and when, but this month I’d like to take the opportunity to remind you to remove stuff. If you’re not using it, remove it. If you don’t need it, remove it. If you aren’t sure whether you need something, chances are good you don’t, so remove it. You can almost always reinstall whatever you remove, so if you’re not sure, ask your IT guy (or me) and *then* you can remove it.
One of the primary principles of security is to “reduce the attack surface.” What this means is to make yourself a smaller target for attackers in order to avoid at least some of the attacks that might otherwise get through. Installing regular updates is the most important thing you can do, but removing unsupported software is a very close second. Beyond these two principles are several other behavioral changes (user education) which can make the difference between victim and victor.
Here’s a couple examples of recent software where the vendor will no longer support it, and the risk of leaving it on is too great:
IBM/Lenovo has discovered a security vulnerability in their Lenovo Accelerator Application, and instead of releasing an update to it they advise all users remove it immediately.
https://support.lenovo.com/us/en/product_security/len_6718
This is a good time to remind you that Apple QuickTime for Windows is also unsupported and has known security vulnerabilities. If you have it installed, remove it, now!
https://saferpc.info/2016/04/on_the_death_of_quicktime/
Now back to Patch Tuesday…
The typical computer should see roughly 1.5gb in updates today. Let’s get started.
Microsoft released updates to Windows, Office, Edge, Internet Explorer, .NET, DNS, Group Policy, SMB Server, Netlogon, WPAD, Kernel drivers, Exchange, Windows PDF, Active Directory, Windows Diagnostic Hub, and Windows Search (~1.2gb). This includes security updates. A reboot is required.
http://update.microsoft.com/
Apple released updates for OS X El Capitan 10.11.5, Safari 9.1.1, tvOS 9.2.1, watchOS 2.2.1, iOS 9.3.2, iTunes 12.4.1, AirPort Base Station 7.7.7 and Brother Printer drivers. These are security updates. Use Apple Software Update to install these updates. A reboot is required.
Be aware that while iOS 9.3.2 is released, there are known problems with it bricking certain hardware. Caveat Emptor!
http://www.forbes.com/sites/gordonkelly/2016/05/16/apple-ios-9-3-2-ipad-pro-problems/#6646f5f05db7
Adobe AIR 21.0.0.215 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac
Adobe Flash Player 21.0.0.242 is a security update. Another Flash security update will be released this week.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Important Notes
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
Driver Updates
If youโre using this hardware โ these updates are for you.
Display Driver Uninstaller 16.0.0.2 fixes a couple bugs. This is not a security update.
http://www.wagnardmobile.com/DDU/
Browser Updates
One or more of these are likely to be of interest to everyone.
Google Chrome 51.0.2704.84 is a security update. Use Menu, Help, About to get the most current version.
Firefox 47.0 is a security update. Use Menu, Help, About to install the most current version.
Email Updates
One or more of these are likely to be of interest to everyone.
NK2Edit 3.21 is a cosmetic update. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html
OutlookAttachView 2.93 is a cosmetic update. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html
Thunderbird 45.1.0 is a security update. Use Menu, Help, About to get the most current version.
Internet Updates
One or more of these are likely to be of interest to everyone.
Skype 7.24.0.104 is not a security update.
https://12pd.com/click?skype
WGet 1.18 is a security update.
https://eternallybored.org/misc/wget/
aria2 1.23.0 fixes several bugs. This is not a security update.
https://aria2.github.io/
curl 7.49.1 is a security update.
http://winampplugins.co.uk/curl/
DynDNS Updater 5.3.1 fixes a couple bugs. This is not a security update.
https://www.dyndns.com/
Dropbox 4.4.29 is the first stable update in the new major release. Dropbox doesn’t provide a detailed changelog, so this should be treated as a security update.
https://12pd.com/click?dropbox
Evernote 6.1.2.2292 fixes several bugs and adds Quick Search, improved switching and zoom. This is not a security update.
http://www.evernote.com/
FileZilla 3.18.0 fixes several bugs. This is not a security update.
http://filezilla-project.org/
MaxMind GeoIP Data 201606 updates geolocation data. This is not a security update.
http://dev.maxmind.com/geoip/
DNSDataView 1.46 adds select-all support. This is not a security update.
http://www.nirsoft.net/utils/dns_records_viewer.html
Media Updates
These are unlikely to be of interest to most people.
CDBurnerXP 4.5.7.6139 updates libraries, new default behaviors. This is not a security update.
http://cdburnerxp.se/
FastStone Viewer 5.7 fixes several bugs. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm
iTunes 12.4.1 is a security update. Use Apple Software Update to install the most current version.
Game Updates
These are unlikely to be of interest to most people.
Battle.net Client 20160520 removes Windows XP support (!) so be aware that your games will no longer run on your older hardware.
http://us.battle.net/en/app/
Minecraft 1.10 adds polar bear, Husk, Stray, auto-jump, structure blocks, underground fossils, Magma block, Nether Wart and Red Nether bricks, and much more. This is not a security update.
http://www.minecraft.net/
Office Updates
One or more of these are likely to be of interest to most people.
Adobe has released security updates to Creative Cloud Desktop Application, DNG Software Development Kit (SDK), Brackets, and Cold Fusion.
https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html
https://helpx.adobe.com/security/products/dng-sdk/apsb16-19.html
https://helpx.adobe.com/security/products/brackets/apsb16-20.html
LibreOffice 5.1.3 fixes several bugs. This is not a security update.
http://www.libreoffice.org/
Notepad++ 6.9.2 adds log monitoring. This is not a security update.
https://12pd.com/click?npp
Adobe Reader DC 15.016.20045 is a security update.
http://get.adobe.com/reader
Kindle for PC 1.16.0 Build 44025 doesn’t provide a changelog, so should be treated as a security update.
http://www.amazon.com/kindleforpc
Security Software Updates
One or more of these is likely to be of interest to most people.
Wireshark 2.0.4 fixes several bugs. This is a security update.
http://www.wireshark.org/
RogueKiller 12.3.3 adds themes, detections, and stability problems. This is a security update.
http://www.adlice.com/softwares/roguekiller/
Symantec Anti-Virus 20151.1.1.4 is a security update.
SuperAntiSpyware 6.0.1220 updates detection. This is not a security update.
http://www.superantispyware.com/download.html
Capture Updates
These are unlikely to be of interest to most people.
SnagIt 13.0.0 adds several new features. This is not a security update.
http://download.techsmith.com/snagit/enu/snagit.exe
XSplit Broadcaster 2.7.1602.2244 is a security update.
http://www.xsplit.com/get/
XSplit Gamecaster 2.7.1602.1938 is a security update.
http://www.xsplit.com/get/
Converter Updates
These are unlikely to be of interest to most people.
DVDFab 9.3.0.4 is a security update.
http://www.dvdfab.cn/download.htm
MKVToolNix 9.2.0 doesn’t provide a detailed changelog, so should be treated as a security update.
http://www.videohelp.com/software/MKVtoolnix
Utility Updates
These are unlikely to be of interest to most people.
NTLite 1.1.0.3960 updates drivers and fixes bugs. This is not a security update.
https://www.ntlite.com/download/
SpaceSniffer 1.3.0.1 improves performance and fixes bugs. This is not a security update.
http://www.uderzo.it/main_products/space_sniffer/
7-Zip 16.02 add multi-volume zip support and fixes bugs. This is not a security update.
http://www.7-zip.org/
RoboForm 7.9.19 fixes several bugs and improves performance. This is not a security update.
https://12pd.com/click?rf
CintaNotes 3.1.4 fixes several bugs. This is not a security update.
http://cintanotes.com/download
iExplorer 3.9.6.0 fixes several bugs. This is not a security update.
https://www.macroplant.com/iexplorer/
FileLocator Pro 8.0.2657 fixes several bugs. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download
FolderChangesView 1.90 adds auditory feedback and autocomplete support. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html
NirCmd 2.81 fixes bugs. This is not a security update.
http://www.nirsoft.net/utils/nircmd.html
SearchMyFiles 2.71 fixes several bugs and adds several new features. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html
SimpleWMIView 1.17 adds several new features. This is not a security update.
http://www.nirsoft.net/utils/simple_wmi_view.html
WifiInfoView 2.05 adds a cosmetic change. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html
CCleaner 5.18.5607 fixes several bugs. This is not a security update.
https://12pd.com/click?ccleaner
Recuva 1.53.1087 improves partition support and fixes bugs. This is not a security update.
https://12pd.com/click?recuva
Rufus 2.9 adds support for new partition structures, fixes several bugs. This is not a security update.
http://rufus.akeo.ie/
SystemRescueCD 4.7.3 is a security update.
http://www.sysresccd.org/
TaskSchedulerView 1.21 adds export encoding support. This is not a security update.
http://www.nirsoft.net/utils/task_scheduler_view.html
TeamViewer 11.0.59518 fixes several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/
WizTree 2.01 fixes a restart loop bug. This is not a security update.
http://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/
8GadgetPack 19.0 fixes several bugs. This is not a security update.
http://8gadgetpack.net/
HWMonitor 1.29 adds support for newer hardware. This is not a security update.
http://www.cpuid.com/softwares/hwmonitor.html
Connectify Hotspot 2016.4 is a stability fix. This is not a security update.
http://www.connectify.me/
Developer Updates
These are unlikely to be of interest to most people.
MySQL 5.7.13 is a security update.
http://www.mysql.com/downloads/installer/
StrawberryPerl 5.24.0.1 updates to core Perl and bug fixes. This is not a security update.
http://strawberryperl.com/
Web Package Updates
These are likely to be of interest only to web developers.
Adminer 4.2.5 is a security update.
http://www.adminer.org/en/
Coppermine Gallery 1.5.42 is a security update.
http://coppermine-gallery.net/
ownCloud Client 2.2.1 fixes several bugs. This is not a security update.
https://owncloud.org/install/
ColdFusion 2016.2, 11.9 and 10.20 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb16-22.html
phpList 3.2.5 is a security update.
http://www.phplist.com/download
Plupload 2.1.9 is a security update.
http://www.plupload.com/
TinyMCE 4.3.13 fixes several bugs. This is not a security update.
http://www.tinymce.com/download/
WP Update Server 20160611 fixes several bugs. This is not a security update.
https://github.com/YahnisElsts/wp-update-server
Drupal 8.1.2 does not provide a detailed changelog, so should be treated as a security update.
http://drupal.org/download
jQuery 3.0 is a new major release adding several new features and the end-of-life of previous versions 1.12.4 and 2.2.4, which will now only receive critical updates.
http://blog.jquery.com/
MailEnable Enterprise 9.13 fixes several bugs. This is not a security update.
http://www.mailenable.com/
phpMyAdmin 4.6.2 is a security update.
http://www.phpmyadmin.net/home_page/news.php
ScreenConnect 5.6.10870.6001 adds dozens of new features and bug fixes. This is not a security update.
http://www.screenconnect.com/Download
BuddyPress 2.5.3 fixes several bugs. This is not a security update.
Multisite Enhancements 1.3.5 improves site detection. This is not a security update.
Theme My Login 6.4.5 fixes several bugs and updates requirements. This is not a security update.
WP Edit 3.8.1 fixes several bugs. This is not a security update.
WPtouch 4.1.4 fixes several bugs and updates libraries. This is not a security update.
WooCommerce 2.6.0 fixes many bugs, adds new features and improvements. This is not a security update.
That’s all for now folks. Keep it clean out there. ๐
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/