Updates 2019-09-10

Hi, Folks!

Today is Patch Tuesday for September 2019 and it’s another big one.

The next build of Windows 10, version 1909, is scheduled to be released later this month. This version will be minor compared to other Windows 10 upgrades and should be nearly indistinguishable from 1903. Well, hopefully local search will work when Cortana Web Search is disabled, but indistinguishable otherwise.

Windows 7 will fall completely out of support in only 4 months. Don’t run out the clock. If you are running a licensed version of Windows 7 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Get it done before it’s too late. Don’t want to do it yourself? Call me!

Borderlands 3 will be released on Friday! If you haven’t pre-ordered yet, you can still get a hefty discount. It’ll available for preinstallation starting this evening.

This month we’ve had another series of security lessons.

The Jordan Peterson “deepfake” platform was just the tiniest recent example of how such technology would inevitably be abused. Even though it was removed, it was followed shortly by a custom deepfake that cost one company $243,000. Oops.

The most popular email server and web management platforms both had critical security issues allowing malicious third parties to take over the entire server.

Don’t trust your mobile. Apple iOS and Google Android vulnerabilities disclosed and abused this month can be used to take over your device. Patches are not yet available to resolve these recent exploits for either platform, though both have released patches for unrelelated security vulnerabilities. Google finally acknowledged a security issue in Google Calendar that has been exploited for at least 3 years and the Google Play Store has been publishing malicious apps.

Your “automated assistant” (Siri, Alexa, Cortana, and Hello Google) defaults to calling unrelated third parties since the numbers are pulled from search results, which are easily abused. Heck, the “vast majority” of new domain registrations and websites exist only for malicious purposes. Even if you don’t visit unknown websites, your information is exposed to others whenever you use automated assistants and sometimes even if you don’t intend to. The best solution is to use a privacy respecting browser, such as Vivaldi or Brave and disable any automation and voice controls.

You should always assume all hardware and software will eventually be hacked and maintain them religiously. From Ring to lightbulbs, it will happen. This month shows how entire platforms are being exploited remotely through their networking features.

When even Jack gets hacked you should assume that your information is out there somewhere. This is demonstrated with the latest in a too-frequent series of Facebook data leaks, this time including phone numbers for over 419 million users.

Finally, a friendly reminder that even if your data is “backed up” by a third party you should always back it up again yourself. Between unreliable third party services to the potential damage from ransomware and trojans, there’s no good reason not to pick up a cheap USB thumb drive and toss your important data on it, then toss it into your fireproof safe.

Now back to our regularly scheduled program. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, .NET, Edge, Internet Explorer, Flash, and MSRT (~1.1 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Mojave 10.14.6 Supplemental Update, iOS 12.4.1, tvOS 12.4.1, and watchOS 5.3.1. These are security updates. Use Apple Software Update to install the most current versions.

iOS 12.4.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 5.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 12.4.1 is a security update. Use System, Software Update to install the most current version.

Adobe Flash Player 32.0.0.255 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of the Windows 10 (1903) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6 GB through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Intel Driver and Support Assistant 19.8.34 adds OEM links and improved hardware detection and installation. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 436.30 resolves several bugs. This is not s security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Display Driver Uninstaller 18.0.1.8 improves removal for Nvidia devices. This is not a security update. Be aware that DDU is now wallpapered in advertisements for crapware, so you should avoid it unless you know what you’re doing.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 77.0.3865.75 is a security update. Use Menu, Help, About to install the most current version.

Firefox 69.0 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 60.9.0 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.7.1628.33 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.26 resolves a bug when closed prematurely. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Trillian Mac 6.2.0.19 resolves several bugs. This is not a security update.
https://www.trillian.im/

FileZilla Client 3.44.2 resolves several bugs. This is not a security update.
https://filezilla-project.org/

MaxMind GeoIP 201909 is a data refresh.
https://dev.maxmind.com/geoip/

Npcap 0.9983 improves hardware detection, improves Loopback detection and support, and resolves several bugs. This is not a security update.
https://nmap.org/npcap/

ZeroNet 0.7.1 is a security update.
https://zeronet.io/

Media Updates

These are unlikely to be of interest to most people.

VLC Media Player 3.0.8 is a security update.
https://www.videolan.org/vlc/

FastStone Viewer 7.4 improves Clone and Heal, Pencil, Google Maps integration, and resolves several bugs. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

Game Updates

These are unlikely to be of interest to most people.

Steam 2019.08.26 is a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PlayStation PS3 4.85 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps3/

Office Updates

One or more of these are likely to be of interest to most people.

Atom 1.40.1 resolves a package integration update. This is not a security update.
https://atom.io/

Artweaver 7.0.1 resolves several bugs. This is not a security update.
http://www.artweaver.de/

Krita 4.2.6 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 6.3.1 is a security update.
https://www.libreoffice.org/

LibreOffice Still 6.2.7 is a security update.
https://www.libreoffice.org/

Adobe Reader DC Patch 19.012.20040 resolves a font-embedding bug. This is not a security update. Use Help, Check for updates to install the most current version.

Adobe Application Manager 2019.0 is a security update. AAM will be EOL very soon, so if you do not require it, you should remove it instead of updating to the latest version.
https://supportdownloads.adobe.com/detail.jsp?ftpID=4773

Adobe FrameMaker 2019.0.4 doesn’t provide a changelog so should be treated as a security update.
64-bit: https://supportdownloads.adobe.com/detail.jsp?ftpID=6739
32-bit: https://supportdownloads.adobe.com/detail.jsp?ftpID=6737

Security Software Updates

One or more of these is likely to be of interest to most people.

PureOS 9.0 is a major update to PureOS and signals that the Librem 5 release is likely just around the corner.
https://pureos.net/download/

Looking for a secure phone? Check out the Librem 5:
https://puri.sm/products/librem-5/

MSRT 5.76 updates detections. This is a security update.

RogueKiller 13.4.3 resolves several bugs and updates options. This is a security update.
https://www.adlice.com/softwares/roguekiller/

TinyWall 2.1.12 resolves a bug. This is not a security update.
http://tinywall.pados.hu/

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.14.5 resolves several bugs. This is not a security update.
https://12pd.com/click?makemkv

MKVToolnix 37.0.0 resolves several bugs. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

DVDFab 11.0.4.8 adds support for new encodings, improves Meta Info detection, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 4.2.1 resolves several bugs. This is not a security update.
https://ffmpeg.org/ffmpeg.html

Utility Updates

These are unlikely to be of interest to most people.

Windows 10 Upgrade v1903 updates the installation package for the Windows 10 v1903 build in preparation for v1909.
https://www.microsoft.com/en-us/software-download/windows10

ControlMyMonitor 1.20 improves refresh and default monitor behavior. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

CPU-Z Installer 1.90 adds support for newer hardware. This is not a security update.
http://www.cpuid.com/softwares/cpu-z.html

DesktopOK 6.56 improves portability, adds options for reporting and export analysis, window positions, and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 3.6.0 adds support for new filesystems, resolves several bugs. This is a security update.
https://dmde.com/

FolderChangesView 2.28 resolves a notification bug. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

GoodSync 10.10.7 removes support for Amazon Cloud Drive, resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

HWMonitor 1.41 adds support for newer hardware. This is not a security update.
http://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 1.84 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 1.8.0.7115 adds support for Windows 10 v1909, resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 7.0.1003 resolves several bugs. This is not a security update.
http://www.osforensics.com/download.html

PointerStick 3.68 improves multi-monitor operation. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Sysmon 10.4 adds nested rule support, improved conditions, and resolves several bugs. This is not a security update.
https://live.sysinternals.com/

Process Explorer 16.30 adds Shared Commit, and resolves several bugs. This is not a security update.
https://live.sysinternals.com/

Rufus 3.7 adds persistent partition support for Debian and Ubuntu flavored ISOs, reports SuperSpeed+ devices, resolves several bugs. This is not a security update.
https://rufus.ie/en_IE.html

SimpleWMIView 1.40 adds Case Sensitive option to Quick Filters. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Synergy 1.10.3 resolves several bugs and updates the VC++ dependency to 2019. If you’re having problems with the update, install the VC++ 2019 runtime, reboot, then reinstall.
https://members.symless.com/synergy/downloads/list/s1

TaskSchedulerView 1.52 adds Case Sensitive option to Quick Filters. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TraceRouteOK 1.51 updates language files and improves compatibility with Windows 10 v1909. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinScan2PDF 4.94 adds page selection and improved compatibility with Windows 10 v1909. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 3.5.0.21 integrates several automated improvements, performance optimizations, diagnostics, and resolves several bugs. This is not a security update.
https://developer.android.com/studio/index.html

Node.js 12.10.0 resolves many bugs, improves documentation, and updates dependencies. This is not a security update.
https://nodejs.org/en/

Visual Studio Code 1.38 improves search and replace, resolves several bugs, and adds new features. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.12-133076 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.7.3 improves performance and stability, resolves several bugs. This is not a security update.
https://www.adminer.org/en/

Drupal 8.7.7 resolves several bugs. This is not a security update.
https://drupal.org/download

Nextcloud Server 16.0.4 updates libraries and resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

ScreenConnect 19.3.25270.7185 resolves bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.2.3 is a security update.
https://wordpress.org/

myStickymenu 2.2.2 resolves a cosmetic bug. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.9 resolves several bugs, improves integration with Blogger, Reddit, Pinterest, and WordPress.com. This is not a security update.

Theme My Login 7.0.15 resolves update bug, adds two new filters. This is not a security update.

W3 Total Cache 0.10.0 resolves several bugs, adds support for new S3 regions, webp caching, and other improvements. This is not a security update.

WP Mail SMTP 1.6.2 improves reliability and resolves several bugs. This is not a security update.

Show IDs 1.1.3 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Leave a Reply

Your email address will not be published. Required fields are marked *