Tag Archives: acrobat

Updates 2022-04-12

Posted on by
Reply

Welcome back, Folks!

Today is Patch Tuesday for April, 2022.

It’s another big one. Sprinkle a little disaster and angst on a world war, give script kiddies a megaphone and encourage them to hack strangers and you end up with the perfect storm of malice.

This Month in Technology

2FA/MFA implementations, Advanced Medical Practice Management, Alacrity Solutions Group, LLC, Alberta vaccine passport system, American Express, ASUS routers, Atlassian, Ballad Health, a large banking platform, Bank of Ireland, Bernards Township School District, Bet9ja, Black River Falls School District, Bradley Airport, Bridgestone Americas, CafePress, Caisse nationale d’assurance maladie, Cancer and Hematology Centers of Western Michigan, Capital Region Medical Center, Cash App, CDEK, Central Indiana Orthopedics, Central Minnesota Mental Health Center, Central Vermont Eye Care, Charleston Area Medical Center, Inc., Chelan Douglas Health District, Christie Clinic, Clinic of North Texas, LLP, Colorado Physician Partners, PLLC, Creative Services Inc, Cytometry Specialists, Denso, Dialyze Direct, LLC, Doctors Me, Duncan Regional Hospital, East Tennessee Children’s Hospital, East Windsor Township, Electoral Services Department of Wandsworth Council, EMC National Life Insurance, Emma Sleep Company, Englewood Health, Ermenegildo Zegna, Finland Department of Defense, Fox, Gainwell Technologies, LLC, GitLab, Globant, hundreds of GoDaddy’s Managed WordPress sites, Google Chrome (over 40 security vulnerabilities fixed in the last month), Grand Coloane Resort, H.P. Hood Dairy, Harris County Jail, Hellenic Post, Highmark Inc, Honda and Acura cars, Horizon Actuarial Services LLC, hundreds of HP printer models, HubSpot, Iberdrola, Isle of Wight EV chargers, Israeli government, Jefferson Dental and Orthodontics, l’Assurance, Labette Health, Law Enforcement Health Benefits, Inc., Local 295 IBT Employer Group Welfare Fund, Lutheran Social Services of Illinois, MailChimp, Major League Baseball Players Benefit Plan, Mansfield company, Medical Surgical Eye Care, Mercado Libre, Microsoft, MikroTik routers, Miratorg Agribusiness HoldingMN District 518, Morgan Stanley Wealth Management, National Rifle Association, New Jersey Brain and Spine, New York City public schools, Nordex, Northern Ireland TrustFord, Norwood Clinic, Okta (though they initially claimed otherwise, then backtracked), Palo Alto Networks, Palo Alto Networks hardware, Parker Hannifin Corp, Partnership HealthPlan of California, PhySynergy, LLC, PressReader, QNAP, Ronin, Rosaviatsia, Roskomnadzor, Rostec, Royal Enfield, Russia’s Federal Security Service (FSB), Russian Lipetsk Mechanical Plant, Russian Orthodox Church, Samsung Electronics, Scottish Association for Mental Health, Scottish Power, Sea Mar Community Health Center, Shutterfly, Snap-On, Sophos Security, South Denver Cardiology Associates, Spokane Regional Health District, Spring Framework for Java, SummaCare, SuperCare, Taylor Regional Hospital, Tennessee Pediatric Hospital, Texas Department of Insurance, The Works, Thomas Allen, Inc., Toei, Toyota, Transneft, TransUnion, Travelio, Trend Micro Apex Central, Trezor, Trinity Home Care, Inc., Ubisoft, Ukrainian IT Army, Ukrtelecom, Valley View Hospital Association, Veeam products, Viasat modems, Virginia Mason Medical Center, Vodafone, WatchGuard, Western Digital My Cloud, Wheeling Health Right Inc, Wynn Palace, Wyze Cam, ZAP-Hosting, and Zyxel hardware were hacked or compromised this month.

Now for the good news:

Internet Explorer is finally going to be going away in only two months. While this will eliminate a program that nobody should be using, it will have some side-effects  for businesses that rely on Active-X objects. Still, net win.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is smaller than it has been in months. The typical computer should see roughly 2.7 GB in updates today. Let’s get started.

Microsoft released updates for .NET Framework, Active Directory Domain Services, Azure SDK, Azure Site Recovery, LDAP, Microsoft Bluetooth Driver, Microsoft Dynamics, Microsoft Edge, Microsoft Graphics Component, Microsoft Local Security Authority Server, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Microsoft Windows Media Foundation, Power BI, Role: DNS Server, Role: Windows Hyper-V, Skype for Business, Visual Studio, Visual Studio Code, Windows Ancillary Function Driver for WinSock, Windows App Store, Windows AppX Package Manager, Windows Cluster Client Failover, Windows Cluster Shared Volume, Windows Common Log File System Driver, Windows Defender, Windows DWM Core Library, Windows Endpoint Configuration Manager, Windows Fax Compose Form, Windows Feedback Hub, Windows File Explorer, Windows File Server, Windows Installer, Windows iSCSI Target Service, Windows Kerberos, Windows Kernel, Windows Local Security Authority Subsystem Service, Windows Media, Windows Network File System, Windows PowerShell, Windows Print Spooler Components, Windows RDP, Windows Remote Procedure Call Runtime, Windows schannel, Windows SMB, Windows Telephony Server, Windows Upgrade Assistant, Windows User Profile Service, Windows Win32K, Windows Work Folder Service, YARP reverse proxy and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.4.1, iPadOS 15.4.1, macOS Big Sur 11.6.5, macOS Monterey 12.3.1, Security Update 2022-003 Catalina, GarageBand 10.4.6, iTunes 12.12.3 for Windows, Logic Pro X 10.7.3, tvOS 15.4, watchOS 8.5.1, Xcode 13.3. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.4.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 15.4.1 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 15.4 is a security update. Use System, Software Update to install the most current version.

watchOS 8.5.1 are security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 100.0.4896.82 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every year and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Hundreds of HP printer models have new firmware security updates or advise disabling the LLMNR protocol. While you’re there consider disabling IPv6, WSD, DHCPv6, as well as SLP unless you’re in a corporate environment, and Bonjour unless you need to print from Apple mobile devices.
https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780

Drivers by Seagull 2022.1 adds support for over 190 new printer models, improves GUI for Driver Wizard and resolves a bug with the GS1 Datamatrix AI 11. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.37.113 is a security update.
https://brave.com/

Google Chrome 100.0.4896.88 is a security update.
https://www.google.com/chrome/

Microsoft Edge 100.0.1185.39 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 99.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.8.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.11.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.2.2623.33 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.2 is a security update.
https://getmailspring.com/

Thunderbird 91.8.0 is a security update.
https://www.thunderbird.net/en-US/

NK2Edit 3.43 adds an option to copy the contents of the selected cell. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.7 resolves several bugs, and improves reliability. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk for macOS 6.5.0 adds permission profiles and resolves a layout bug. This is the last version to support EOL macOS versions. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 145.4.4921 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.59.0 updates libraries. This is a security update.
https://filezilla-project.org/

Google Drive 56.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Nextcloud Server 23.0.3 updates libraries and resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

ownCloud Client 2.10.1.7187 resolves many bugs. This is not a security update.
https://owncloud.com/desktop-app/

Prosody 0.12.0 resolves several bugs and improves security defaults. This should be treated as a security update.
https://prosody.im/download/start

Rclone 1.58.0 adds several new backends and resolves dozens of bugs. This is a security update.
https://rclone.org/

Skype 8.82.0.403 resolves several bugs and makes cosmetic improvements. This is not a security update.
https://www.skype.com/

Syncthing 1.19.2 updates error messaging. This is not a security update.
https://syncthing.net/

Technitium DNS Server 8.0.2 is a major update adding several new features, updates libraries and apps, and resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 3.6.1 resolves several bugs. This is not a security update.
https://telegram.org/

Trillian Mac 6.5.0.11 adds native support for M1, new emoji and history features, and resolves many bugs. This is not a security update.
https://www.trillian.im/

WGet 1.21.3 updates libraries. This is a security update.
https://eternallybored.org/misc/wget/

Zoom 5.10.1.4420 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

FastStone Viewer 7.6 adds several new display controls and improves performance. This is not a security update.
https://www.faststone.org/FSViewerDetail.htm

Plex Desktop 1.43.3.2951 improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.14.0.2935 adds a couple new features and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.25.9.5721 updates scanning behavior, adds support for plexmatch files, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.0.3 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.3.0.625 makes cosmetic and localization changes, adds several new features, and resolves dozens of bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Nintendo Switch 14.1.0 adds PPN. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 22.01-05.00.00 provides many changes to the user interface and nomenclature. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

RetroPie 4.8 updates libraries and apps. This is not a security update.
https://retropie.org.uk/

Steam 2022.03.16 resolves cosmetic issues. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Commerce 2.3.7-p3, 2.4.3-p2, and 2.4.4 are security updates.
https://helpx.adobe.com/security/products/magento/apsb22-13.html

Adobe Acrobat and Reader 22.001.20117, 22.001.20112, 20.005.30334, 20.005.30331, 17.012.30229, and 17.012.30227 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb22-16.html

Adobe After Effects 22.3 and 18.4.6 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb22-19.html

Adobe Photoshop 22.5.7 and 23.3 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-20.html

Blender 3.1 vastly improves performance and adds several new features and controls. This is not a security update.
https://www.blender.org/download/

Calibre 5.40.0 adds new features, news sources, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

IcoFX 3.7.1 resolves several bugs. This is not a security update.
https://icofx.ro/

Kindle for PC 1.35.64251 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Still 7.2.6 resolves over 50 bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.3.2 resolves over 70 bugs, including stability and crash bugs. This should be treated as a security update. The “Fresh” line is beta software so should be avoided by most users.
https://www.libreoffice.org/

Nextcloud Desktop 3.4.4 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.3.3 resolves a crash bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.10 resolves a resize bug. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.3.360.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 1.1.7 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

MalwareBytes Anti-Malware 4.5.7 is a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.0.2 is a security update.
https://curl.se/windows/

OSFClone 1.3.1001 updates operating system. This is not a security update.
https://www.osforensics.com/tools/create-disk-images.html

Tails 4.29 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.42.4 improves reliability. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.10.1 improves organization. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

YARA 4.2.0 updates syntax and resolves several bugs. This is a security update.
https://github.com/countercept/chainsaw

Zorin OS 16.1 updates libraries, apps, improves hardware support, and performance. This is not a security update.
https://zorin.com/os/mirrors/

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD (macOS) 2.11.14 improves Twitch API support. This is not a security update.
https://help.elgato.com/hc/en-us/articles/360027963512

Open Broadcaster Software 27.2.4 resolves several bugs. This is not a security update.
https://obsproject.com/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.6.9 adds support for new encodings.
https://www.dvdfab.cn/download.htm

PDF Creator 4.4.2 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.4 is a major update that adds several new features and resolves two dozen bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9.4 resolves several bugs and improves performance. This is a security update.
https://1password.com/downloads/mac/

Agent Ransack 2022.3314 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Beyond Compare 4.4.2.26348 improves command line support. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 1.32.1 updates Safari extension and resolves several bugs. This is not a security update.
https://bitwarden.com/

Dell Command Update 4.5 improves startup and SRP performance and adds deferral, session management, and WER handling. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 9.81 improves dark theme. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.76 adds new quick filter option. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

dnGrep 3.0.42.0 improves regular expressions and boolean testing and resolves several bugs. This is not a security update.
https://dngrep.github.io/

dupeGuru 4.2.1 resolves several bugs and updates libraries. This should be treated as a security update.
https://dupeguru.voltaicideas.net/

Etcher 1.7.8 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 2022.3314 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

GoodSync 11.10.8 resolves dozens of bugs. This is a security update.
https://www.goodsync.com/

NTLite 2.3.4.8658 adds YubiKey compatibility, upgrades components and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.57.2 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Recuva 1.53.2078 improves licensing controls. This is not a security update.
https://www.ccleaner.com/recuva

RoboForm 9.2.5 is a security update.
https://www.roboform.com/

Rufus 3.18 is a security update.
https://rufus.ie/en_US/

ScreenConnect 22.3.7487.8130 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SearchMyFiles 3.17 adds folder background context option. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

SimpleWMIView 1.51 updates the /columns command line switch behavior. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Ookla Speedtest CLI 1.1.1 doesn’t provide a changelog so should be treated as a security update.
https://www.speedtest.net/apps/cli

TeamViewer 15.28.9 resolves a reliability bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2021.3.0 resolves many bugs and updates libraries. This is not a security update.
https://unity3d.com/get-unity/download/archive

USBDeview 3.03 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

Wazuh Agent 4.2.6 updates Kibana plugin and Splunk app and resolves a bug. This is a security update.
https://wazuh.com/start/

WifiInfoView 2.76 resolves a marking bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Developer Updates

These are unlikely to be of interest to most people.

ADB 33.0.1 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Docker Desktop 4.7.0 is a security update.
https://www.docker.com/products/docker-desktop

GitHub Desktop 2.9.12 adds support for Brackets Editor, JetBrains RubyMine, JetBrains GoLand, and Android Studio, and resolves several bugs. This is not a security update.
https://desktop.github.com/

Godot 3.4.4 resolves several bugs. This is not a security update.
https://godotengine.org/

Node.js 12.22.12 is a security update. This is the final release of the 12.x line.
https://nodejs.org/en/

Node.js 14.19.1 is a security update.
https://nodejs.org/en/

Node.js 16.14.2 is a security update.
https://nodejs.org/en/

Node.js 17.9.0 is a security update.
https://nodejs.org/en/

SQLite 3.38.2 resolves several bugs, improves compatibility and CLI support. This is not a security update.
https://www.sqlite.org/download.html

TortoiseSVN 1.14.3 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.66.1 updates libraries and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.18 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.3.9 is a security update.
https://drupal.org/download

Joomla 4.1.2 is a security update.
https://www.joomla.org/

MailEnable 10.39 resolves several bugs and improves security defaults. This is a security update.
https://www.mailenable.com/

WordPress 5.9.3 resolves several bugs. This is not a security update.
https://wordpress.org/

Autoptimize 3.0.2 improves stability. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 10.2.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Slider Revolution 6.5.19 resolves a couple bugs. This is not a security update.
https://revolution.themepunch.com/

WooCommerce 6.3.1 is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 6.9.0 improves compatibility and resolves several bugs. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-01-11

Posted on by
Reply

Welcome back, Folks!

Today is Patch Tuesday for January, 2022.

It’s a big one. This month has been insane. There’s always a surge in hacking events near holidays, but this month had almost double the *known* hacking events from previous months. What’s worse is that many of the vulnerabilities used were known weeks and sometimes years in advance, though the patches were not yet installed or the specific applications and services were simply not being maintained or secured. Grrrr.

This Month in Technology

A New Leaf, Inc., Advocate Aurora HealthAlabama Department of Rehabilitation ServicesAll in One SEOAmediaAndrew Sauchelli, DMDApache httpdApple Blossom Family PracticeAzure App ServiceBansley and Kiener (B&K), Belgium’s MilitaryBernalillo CountyBioPlus Specialty Pharmacy Services LLCBrazil’s Health MinistryBroward HealthC.E. Niehoff & CompanyChaddockCiox HealthCommission on ElectionsCOVID-19 Home TestsCrawford County Assessors OfficeDaniel J. Edelman Holdings, Inc., DatPiff, The De Montfort SchoolDouglas C Morrow ODPCDuneland School CorporationEvanston Township High SchoolExpresso and SICFertility Centers of Illinois, PLLC, FinalSiteFlexBookerFlorida Digestive Health Specialists LLP, Forensic Science IrelandFresenius Kabi infusion pump systemsGarrett metal detectorsGeorgia Bone & Joint Surgeons, P.C., Google Docs Comment PlatformGrass Valley, CAGumtreeH2 DatabaseHellmann Worldwide LogisticsImpresaInetum GroupiPhone 13James Kagan, MDJefferson Surgical ClinicKearsarge Regional School DistrictLastPassLog4j (several times)Loyola University Medical CenterLuxemburg-Casco School DistrictmacOS powerdirMcMenaminsMedQuest Pharmacy, Inc., Microsoft Active DirectoryMicrosoft TeamsMonkey Kingdom (via Grape), Monongalia Health System Inc., Monroe Public SchoolsMonterey Peninsula Unified School DistrictNetgear NighthawkNorthwest Broward Orthopaedics AssociatesNorth Shore Hebrew Academy High SchoolOG department storeONUSOregon Eye SpecialistsPeck & Associates, PC, Pithadia Medical Professional Services, Inc., ProtempsPulseTVQNAPRavkooRedLine StealerRhode Island Public Transit AuthorityR.R. Donnelley & SonsRunning Warehouse LLC, Sainsbury’sSaltzer HealthSaskatchewan Liquor and Gaming AuthoritySEGAShelley School DistrictShutterflySkate Warehouse LLC, Skin Care Specialty PhysiciansSotheby’s Realty’s BrightcoveSouthern Orthopaedic AssociatesSpar StoresStandard BankSuperior PlusSurgery Group SCT-MobileTackle Warehouse LLC, Tennis Warehouse LCC, Tiyuli and LametayelUAW Retiree Medical Benefits TrustUberUbisoftUK Defence AcademyUltimate Kronos GroupUS Commission on International Religious FreedomUScellular, Utah Department of Health, Virginia Division of Capitol PoliceVirginia General AssemblyVolvoWalgreen Co., WD MyCloudWelfare, Pension and Annuity Funds of Local No. ONE, I.A.T.S.E., and Zoho UEM have been hacked.

Norton 360 is now opting you in for their CPU cryptomining if you have their software installed. The very same software designed to protect you from evildoers that would take advantage of your computer to do this kind of thing…is now doing it. Apple has released an Android app under the auspice of helping users discover Tracker devices that might be tracking them…by enabling your device to allow them to communicate with the Apple Tracker network. Firefox still doesn’t properly support OCSP stapling. Dell BIOS updates are crashing devices. Microsoft has integrated their own financing platform into Edge.

Microsoft rang in the new year by breaking Microsoft Exchange (on-prem) for every server that had filtering enabled (almost all of them). Microsoft acknowledged the problem about 20 hours after it began and released resolution steps by deleting and rebuilding the scanning engine about 31 hours after it began. Sonicwall, too.

CloudflareAWS, Twitch, Zoom, PSN, Slack, Hulu, Imgur have had extended outages this month.

Please, for all that is holy, check your backups!

Phishing is an ever-growing problem. Sophos reminds us how to check for scams like this.

Now for the good news:

Mozilla has added Secure DNS to Firefox, now enabled by default. Unfortunately, this bypasses DNS filtering options you may have assigned yourself – so if you use Firefox you’ll need to enable your own DoH URLs within the settings.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is pretty big. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates for.NET Framework, Microsoft Dynamics, Edge, Exchange Server, Microsoft Office, SharePoint, Microsoft Teams, Active Directory, CLFS, Windows Cryptographic Services, Windows Defender, DirectX, Windows Installer, Windows RDP, Windows Remote Desktop, ReFS, Windows Security Center, Windows Storage Spaces, Windows Tile Data Repository, Windows UEFI, Windows User Profile Service, and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for Safari 15.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Google Chrome OS 96.0.4664.111 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.7 removes support for Vista, updates libraries, and improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.34.80 is a security update.
https://brave.com/

Google Chrome 97.0.4692.71 is a security update.
https://www.google.com/chrome/

Microsoft Edge 97.0.1072.55 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 96.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.5.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Iridium 2021.12.96 is a security update.
https://iridiumbrowser.de/

SeaMonkey 2.53.10.2 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.0.2497.35 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.5.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 6.4.0 resolves a couple bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 7.81.0 is a security update.
https://curl.haxx.se/windows/

Dropbox 139.4.4896 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Server 1.2.0 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.16 updates libraries and resolves several bugs. This is a security update.
https://www.freefilesync.org/download.php

Omada Software Controller 5.0.29 is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Prosody 0.11.11 resolves several bugs. This is not a security update.
https://prosody.im/download/start

Syncthing 1.18.6 improves usability. This is not a security update.
https://syncthing.net/

Telegram 3.4.3 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.9.1.2581 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

darktable 3.8.0 makes nearly 4,000 changes including performance, bug fixes, new hardware support and more. This should be treated as a security update.
https://www.darktable.org/install/

Picard 2.7.2 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

TuneIn 1.25.0 does not provide a changelog so should be treated as a security update.
https://tunein.com/radio/home/

Game Updates

These are unlikely to be of interest to most people.

Steam 2022.12.16 resolves several bugs. This is not a security update.
https://store.steampowered.com/about/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 21.011.20039 is a security update.
https://get.adobe.com/reader

Adobe Acrobat and Reader 21.011.20039, 20.004.30020, and 17.011.30207 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb22-01.html

Adobe Illustrator 26.0.2 and 25.4.3 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-02.html

Adobe Bridge 12.0.1 and 11.1.3 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb22-03.html

Adobe InCopy 16.4.1 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb22-04.html

Adobe InDesign 16.4.1 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb22-05.html

Audacity 3.1.3 improves stability. This is not a security update.
https://www.audacityteam.org/download/

Krita 5.0.2 is a major update. This version adds several features, resolves bugs and improves stability and reliability. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.2.5 resolves almost 100 bugs. This is not a security update. The “Fresh” line is beta software and should be avoided in favor of the stable version (“Still”) by most users.
https://www.libreoffice.org/

Nextcloud Desktop 3.4.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.2 improves stability. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.7 resolves a stability bug. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

elementary OS 6.1
https://elementary.io/

Gpg4win 4.0.0 is a major update adding several new features and updates libraries. This is a security update.
https://www.gpg4win.org/download.html

KeePass 2.50 improves performance and generator, updates libraries, and resolves several bugs. This is not a security update.
https://keepass.info/

OpenSSL 1.1.1m is a security update.
https://www.openssl.org/source/

OpenSSL 3.0.1 is a security update.
https://curl.se/windows/

OpenSSL 3.0.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ReactOS 0.4.13 provides over 250 bug fixes and improvements. This is not a security update.
https://reactos.org/

RogueKiller 15.1.5 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 4.26 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

TinyWall 3.2.5 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.40.6 improves reliability. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.35.4 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.5.1 updates libraries, resolves several bugs and improves stability and reliability. This is not a security update.
https://handbrake.fr/

IsoBuster 4.9 adds support for new hardware, new formats, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

Utility Updates

These are unlikely to be of interest to most people.

7-Zip 21.07 adds VHDX support, improved parameter handling and compatibility. This is not a security update.
https://www.7-zip.org/

Agent Ransack 2022.3283 improves performance and reliability, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Aomei Partition Assistant 9.6.0 resolves several bugs and improves compatibility. This is not a security update.
https://www.diskpart.com/

Autoruns 14.07 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Active Directory Explorer 1.51 fixes a Windows Store packaging crash. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/adexplorer

CacheSet 1.02 fixes a 64 bit OS regression. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/cacheset

Beyond Compare 4.4.1.26165 resolves several bugs and improves compatibility. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

ControlMyMonitor 1.31 adds a new parameter for Secondary displays. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

CPU-Z 1.99 adds support for new hardware and resolves a couple bugs. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 9.51 adds dark mode. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 2.9.482.0 resolves several bugs. This is not a security update.
https://dngrep.github.io/

Etcher 1.7.3 is a security update.
https://www.balena.io/etcher/

Everything 1.4.1.1015 resolves several bugs. This is not a security update.
https://www.voidtools.com/

Everything CLI 1.1.0.21 resolves several bugs. This is not a security update.
https://www.voidtools.com/

FileLocator Pro 2022.3283 provides performance and reliability improvements. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

GoodSync 11.10.0 resolves several bugs and improves stability. This is not a security update.
https://www.goodsync.com/

Homedale 2.02 improves colors. This is not a security update.
https://www.the-sz.com/products/homedale/

Macrium Reflect 8.0.6495 doesn’t provide a changelog, so should be treated as a security update.
https://www.macrium.com/reflectfree

NTLite 2.3.2.8526 updates libraries and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.1.0 adds resource limiting, new objects, and resolves several bugs. This is not a security update.
https://osquery.io/downloads

PowerToys 0.53.1 adds several new features and resolves bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.87 fixes resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Samsung Magician 7.0.1 is a major update, but doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

SearchMyFiles 3.16 is a cosmetic update. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Sysmon 13.31 improves reliability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TeamViewer 15.25.8 fixes a VOIP bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 2.71 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WifiInfoView 2.72 updates the internal MAC database and resolves a high-DPI bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

ZoomText 2022.2112.10.400 resolves several bugs and improves display. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Maraura 3.9.7 updates Java support and libraries, and resolves several bugs. This is a security update.
http://arianne.sourceforge.net/engine/marauroa.html

Docker Desktop 4.3.2 updates the scan engine to detect log4j vulnerabilities. This is a security update.
https://www.docker.com/products/docker-desktop

Godot 3.4.2 updates libraries and resolves several bugs. This is a security update.
https://godotengine.org/

Node.js 12.22.9 is a security update.
https://nodejs.org/en/

Node.js 14.18.3 is a security update.
https://nodejs.org/en/

Node.js 16.13.2 is a security update.
https://nodejs.org/en/

Node.js 17.3.1 is a security update.
https://nodejs.org/en/

SQLite 3.37.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.3.2 resolves a major stability bug. This is not a security update.
https://drupal.org/download

HumHub 1.10.3 is a security update.
https://www.humhub.com/en/download

MailArchiva 8.5.6 resolves several bugs. This is not a security update.
https://mailarchiva.com/

ownCloud Server 10.9 is a security update.
https://owncloud.org/install/

Piwigo 12.2.0 resolves several bugs. This is not a security update.
https://piwigo.org/

ScreenConnect 21.14.5924.8013 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SMF 2.0.19 is a security update.
https://www.simplemachines.org/

WordPress 5.8.3 is a security update.
https://wordpress.org/

Slider Revolution 6.5.14 updates libraries and resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

WPBakery 6.8.0 improves compatibility and resolves several bugs. This is not a security update.
https://wpbakery.com/

Autoptimize 2.9.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 9.2.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Social Post Feed 4.1.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Postie 1.9.59 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/postie/

NextScripts Social Networks Auto-Poster 4.3.25 is a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Visual Composer 41.1 improves compatibility. This is not a security update.
https://visualcomposer.com/

WooCommerce 6.1.0 is a major update, resolving several bugs and adding features. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Zero Spam 5.2.9 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/zero-spam/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-10-12

Posted on by
Reply

Welcome back, Folks!

Today is Patch Tuesday for October, 2021.

This month we’ve got the new Microsoft Office, Windows 11, iOS 15, iPhone 13, and Windows Server 2022…so far. A new build of Windows 10 is still on the horizon, and a security update for Java is slated for next week. That said, Patch Tuesday this month is very large. The typical computer should see roughly 2.3 GB in updates today.

This Month in Technology

Amnesty InternationalAjarnApple AirTag, Apple Game CenterAzure DevOpsBanco PichinchaBank of AmericaBitcoin.orgBrewDog, the Canadian Vaccine Passport systemCanopy Parental ControlCoinbaseCompoundCox Media GroupCrystal ValleyDahua cams, various DVR devicesElastic StackFantasy Football HubGiant GroupForward AirHorizon HouseHuawei Cloud, various IT companiesJVCKenwoodMarketronMedtronic insulin pump controllers, Microsoft Windows Platform Binary TableMoneyLionNeiman MarcusNEW CooperativeOlympus USPacific City BankPlaybookPort of HoustonSandhills GlobalSimon Eye Management90% of the supply chainSyniverseThe TelegraphTwitch (there’s a lot of information out there about this Amazon property hack), United Health Centers, the US Navy, various aerospace and telco firms, various Apache Airflow servers, various Apache services, various Confluence servers, various hotels, various healthcare facilities, various real estate organizations, various University Wi-Fi networks, various VMware ESXi serversVertafore, and Weir Group.

The assets and financial information of 35 world leaders have been exposed in the Pandora Papers.

A Microsoft Azure customerBandwidth.com, and VoIP.ms have been struck by major denial of service attacks.

How serious are the privacy risks of RFID? The US military is using RFID to track their guns. This results in the ability to track (and target) those carrying the weapons.

How serious is ransomware? Another child has died as a result of equipment that was disabled during an attack.

The Google idle detection API can be used to abuse you only when it knows you’re not looking. For a company whose slogan was “don’t be evil,” and that has the highest paid programmers in the world, between idle detection and FLoC, they’re really proving to either not be able to anticipate the potential risks or they simply don’t care.

Firefox is now injecting ads into the address bar. Apple Pay allows hackers to take your money from your locked iPhonePhishing messages posing as Verizon are using mathematical symbols to evade detection. Intuit is warning users of phishing attacks targeting QuickBooks users. Popular projects on public repositories remain high profile targets. If you can’t trust the hacker you bought your exploit kit from, who can you trust? Sigh.

The biggest outage this month was the Facebook, Messenger, Instagram, Oculus, and WhatsApp that has lead to millions of users abandoning FacebookTrello has had a couple outages, too.

Microsoft is planning to randomly disable access to their customers to see if they’re using their services. Personally, I would just check the logs.

Microsoft 365 broke MFA again, locking users out of their accounts. And a bug in their Exchange Autodiscover implementation has leaked over a 100,000 credentials. A newly discovered UEFI bootkit has been backdooring Windows devices for almost a decade.

Google, the same company that warned of the risks of compromise through 2FA (as have many others), will be forcing 150 million accounts to use 2FA.
This is the same company that accidentally sent thousands of past due messages to their users last month. Their Android operating system is very privacy-averse, too.

A new ransomware strain doesn’t even both encrypting your files anymore, simply collecting a copy of your data and using the threat of release to extort their users.

If you’re still using a landline phone it’s probably because you don’t like change. Get ready, change is coming anyway. In order to more easily assist those having a mental health crisis, the FCC is going to require you to use full 1+10-digit dialing
when making any calls on a landline and 10-digit dialing from most mobile phones starting in late October. The intent is to make dialing a 3-digit number possible for the suicide hotline (988).

PG&E has been charged with causing yet another wildfire.

Now for the good news:

For what it’s worth, robocalls are now illegal.

Even the majority of IT professionals think patching is too hard. Don’t do it yourself, let me.

Let’s Get Busy

Now back to our regularly scheduled program.

Windows 11 is out. Even if your hardware supports it, don’t install it yet. Consider it in the “open beta” phase. The new build of macOS (12.0 / Monterey) should be released sometime soon, too. The same goes for that: consider it a beta for at least the first couple months.

Patch Tuesday this month is very large. The typical computer should see roughly 2.9 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~2.3 GB). This includes updates for Windows Server 2008. This includes security updates. A reboot is required.

Apple released updates for watchOS 8.0.1, iOS 12.5.5, iOS 15.0.2, iPadOS 15.0.2, and Security Update 2021-006 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.0.2 and 12.5.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.0.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 8.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 93.0.4577.95 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.4 adds support for Windows 11 and improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

HP LaserJet Stub 13.4.8 doesn’t provide a detailed changelog so should be considered a security update.
https://123.hp.com/us/en/devices/LASERJET

MS Mouse and Keyboard Center 14 adds support for newer hardware, Spotlight and improves Smart Switch. This is not a security update.
https://www.microsoft.com/accessories/en-us/downloads/mouse-keyboard-center

Xerox Smart Start 1.6.26.0 doesn’t provide a detailed changelog so should be considered a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.30.89 is a security update.
https://brave.com/

Google Chrome 94.0.4606.81 is a security update.
https://www.google.com/chrome/

Microsoft Edge 94.0.992.47 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 93.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.15.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.9.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 4.3.2439.44 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.43 adds hi-DPI support and improves sorting behavior. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 91.2.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Telegram 3.1.8 resolves several bugs. This is not a security update.
https://telegram.org/

curl 7.79.1 resolves several bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 132.4.3800 does not provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.56.0 is a security update.
https://filezilla-project.org/

Omada Software Controller 4.4.6 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.56.2 resolves several bugs. This is not a security update.
https://rclone.org/

Syncthing 1.18.3 improves reliability and resolves a cosmetic bug. This should be treated as a security update.
https://syncthing.net/

Technitium DNS Server 7.0 is a major update to the API and Apps feature, each of the Apps, adds several more Apps, and resolves several bugs. This is not a security update.
https://technitium.com/dns/

WGet 1.21.2 is a security update.
https://eternallybored.org/misc/wget/

WinSCP 5.19.3 is a security update.
https://winscp.net/eng/index.php

Zoom 5.8.1.1435 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.12.1.1 doesn’t provide a changelog so should be treated as a security update.
https://www.apple.com/itunes/download/

Picard 2.6.4 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.35.1.2632 corrects a couple minor bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS5 21.02-04.02.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2021.10.07 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.10 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Audacity 3.0.5 resolves bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.5 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.blender.org/download/

LibreOffice Fresh 7.2.1 resolves over 80 bugs. This is not a security update. The “Fresh” line is beta software and should be avoided in favor of the “Still” line.
https://www.libreoffice.org/

LibreOffice Still 7.1.6 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.5 improves security. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.5 adds date insertion and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.11 is a security update.
https://www.openoffice.org/download/

Adobe Reader DC 21.007.20099 is a security update.
https://get.adobe.com/reader

Adobe Acrobat DC 21.007.20099 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb21-104.html

Adobe Connect 11.2.3 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-91.html

Adobe Reader Mobile 21.9.0 is a security update.
https://helpx.adobe.com/security/products/reader-mobile/apsb21-89.html

Adobe ops-cli 2.0.5 is a security update.
https://helpx.adobe.com/security/products/ops_cli/apsb21-88.html

Adobe Commerce 2.4.3-p1 and 2.3.7-p2 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-86.html

Adobe Campaign 21.3.1 is a security update.
https://helpx.adobe.com/security/products/campaign/apsb21-52.html

Security Software Updates

One or more of these is likely to be of interest to most people.

PureOS 10.0 is a security update.
https://pureos.net/download/

Tails 4.23 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

OnionShare 2.4 is a security update.
https://onionshare.org/

RogueKiller 15.1.1 is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.1.1 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.38.4 resolves Twitch filtering and important filters. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.34 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.2 resolves several bugs. This is not a security update.
https://handbrake.fr/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9 adds the ability to “securely” share a link with others. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.9.822 adds the ability to “securely” share a link with others. This is not a security update.
https://1password.com/downloads/windows/

Autoruns 14.03 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Bitwarden 1.28.3 resolves several bugs. This is not a security update.
https://bitwarden.com/

ControlMyMonitor 1.29 adds the ability to set font options. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

dnGrep 2.9.400.0 improves bookmarks and adds option to hide missing files in Everything search. This is not a security update.
https://dngrep.github.io/

Etcher 1.6.0 adds basic auth support and updates libraries. This is not a security update.
https://www.balena.io/etcher/

Everything CLI 1.1.0.20 doesn’t provide a changelog so should be treated as a security update.
https://www.voidtools.com/

Fido 1.26 adds Windows 11 downloads. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 2.7.0 adds user-presence tracking, improves the security tab, and updates libraries. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 11.8.6 resolves several bugs, updates certificates and libraries. This is not a security update.
https://www.goodsync.com/

Homedale 1.99 resolves a privacy bug. This is not a security update.
https://www.the-sz.com/products/homedale/

NTLite 2.3.0.8394 updates libraries and assignment options. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.4.1 adds Windows 11 compatibility. This is not a security update.
https://www.diskpart.com/

PowerToys 0.47.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.85 doesn’t provide a changelog so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Samsung Magician 7.0.0 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

TCPView 4.15 doesn’t provide a changelog so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.22.3 improves chat notification and resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WhyNotWin11 2.4.2.1 improves compatibility and accuracy. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

Windows 11 RCT 1.2.1 updates libraries and improves compatibility. This is not a security update.
https://bytejams.com/

WinGet 1.1.12653 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WizTree 4.03 improves reliability, and improves details when loading exports. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.3.4 resolves over a dozen bugs. This is not a security update.
https://godotengine.org/

Node.js 12.22.7 is a security update.
https://nodejs.org/en/

Node.js 14.18.1 is a security update.
https://nodejs.org/en/

Node.js 16.11.1 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.61 adds split views, improved locking, new decorations, improved pair guides and more. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.12.2 adds support for Android 12, scoped storage, and resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.15 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Dada Mail 11.16.3 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 4.1.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.7 resolves over a dozen bugs. This is not a security update.
https://drupal.org/download

MailArchiva 8.3.2 resolves several bugs. This is a security update.
https://mailarchiva.com/

Nextcloud Server 22.2.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

phpList 3.6.5 resolves several bugs. This is not a security update.
https://www.phplist.org/

ScreenConnect 21.13.5058.7951 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Slider Revolution 6.5.9 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Akismet 4.2.1 resolves an AMP validation bug. This is not a security update.

Contact Form 7 5.5.1 resolves a couple bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.23 is a security update.

Sucuri Security 1.8.30 is now a non-GoDaddy project. This is not a security update.

Visual Composer 39.1 resolves a cosmetic bug. This is not a security update.
https://visualcomposer.com/

WooCommerce 5.7.1 reverts a path change bug. This is not a security update.

WP Mail SMTP 3.1.0 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2021-09-14

Posted on by
Reply

Welcome back, Folks!

This is for Patch Tuesday for September, 2021.

I’m running late with the newsletter this month. I needed to focus on our clients since there was simply so much to do. In the typical month we usually see 85-90 updated applications (some several times). This month there have been over 160. An increase in application release frequency is typical when other major software releases are impending, and the next month will bring Windows 11, iOS 15, a new build of Windows 10, a new version of Microsoft Office, iPhone 13, and Windows Server 2022.

This Month in Technology

AccentureApple devices, and Apple iCloudAT&T (more than once), various airline and IAB staffBangkok AirwaysBanksyBeaumont HealthBlackbaud (more information about a previous hack), Boston Public LibraryBrooklyn Technical High SchoolCampbell Conroy & O’Neil, P.C., Chase Bank, thousands of Coinbase accountsComcast/Xfinity remotes29% increase in attacks targeting the education sector, Cream FinanceDallas Police DepartmentDallas School DistrictDesert Wells Family MedicineDuPage Medical GroupEpikEskyFunFordForHousing and Liberty, over 80,000 Fortinet FortiGate VPN devices, Fortinet FortiWebFortress Home Security, the French Visa ProgramGuntrader (including data of over 100,000 UK gunowners), Howard UniversityHP Omen HubIndiana Department of Health (Contact Tracing System), ImavexEvin (Iranian Prison), JenkinsJohn Deere, JP Morgan Chase, over 1,200 K-12 schoolsKaseya UnitrendsLithuanian Ministry of Foreign AffairsMarketron60,000 domains with MarkMonitorMcDonald’sMemorial Health SystemMicrosoft Power Apps (38 million records!), MikroTik routersMyRepublicNEW Cooperative, a NY Credit UnionOlympusParallels DesktopPeterborough, New HampshireRazer mouse driver (and pretty much all other drivers), Republican Governors AssociationRevere HealthSAC WirelessSonic, various NAS drivesPayPal is sharing user data and transactions with the ADL, pNetworkRazorPayvarious routers from over a dozen vendors, various Russian phonesSouth Africa’s Department of JusticeSpotify data leak, Syracuse UniversityT-MobileTexas GOPTokio Marine, the United NationsUPS, the US Census, the US State Department, hundreds of US financial systems, almost half of all US hospitals, dozens of US government websites, the US Terrorist Screening CenterValveWalgreens, the WordPress Gutenberg Template Library Plugin, and Zoho ManageEngine have been hacked this month.

I separated the Microsoft-specific hacks this month mostly to shame them. The month they claim that “the cloud” is more secure they should absolutely have their noses rubbed in it. Microsoft suffered from yet another nasty, epic, world-wide Exchange attack, but defended their own hosted product by claiming “Microsoft’s Office 365 wasn’t swept up in the breach because it runs in the cloud, which offers more protection,” even though only hours later a critical vulnerability in Microsoft’s Azure Cosmos DB service was confirmed — one of the largest cloud hacks of all time, affecting thousands of service providers. The vulnerability existed for months, so there’s simply no way to know if your accounts were compromised or if permanent access to any victim’s Microsoft Azure services occurred months prior, and Microsoft patched it only two weeks before making the claim above that “the cloud…offers more protection.” As if hammering the point home, yet another series of vulnerabilities in Microsoft’s Azure cloud services were discovered this week which expose millions more endpoints, with thousands already infected. Microsoft’s 365 Cloud PCIIS, Microsoft Teams event data, WSL, and MSHTML used by Microsoft Office have all been hacked this month. Microsoft’s PrintNightmare still isn’t over. In fact, the “fix” breaks printing and printer installation on at least 5% of computers. To top it all off, with all of these incidents they are removing features and they still feel their software is worth a 20% price increase based on the improved security and reliability of their products. Sigh.

The Ragnarok ransomware gang has released a master decryption key. So has REvil (accidentally).

The US Senate is working to make encryption meaningless. Facebook is, too. And Facebook just got slapped by the German Supreme Court for violating free speech rights in Germany. Hypocrisy is their codeword. Facebook actually hid their transparency report. That kinda says it all, doesn’t it? If not, then Apple “considering” removing Facebook for their ties to human trafficking should at least raise an eyebrow. Really, the question should be, why didn’t they? Google geofence warrants are up 1,167%.

Anyone can post a job for any company on LinkedIn. A new fake Captcha tricks the user into keeping malware. ProtonMail, once a beacon of hope for privacy advocates, has shared IP addresses and device information of a user in violation of their own privacy assertions.

Dogfooding is usually a good thing. Not always.

On hardware – GPU-level malware is a thing. Hacking strict hardware security through a silly design flaw. ASUS has made a few serious mistakes with their $2,000 GeForce RTX graphics cards. If you ever wondered why you shouldn’t borrow someone’s charging cable or wall wart, wonder no more. Samsung has acknowledged that they can disable any Samsung TV using a “feature” (read: backdoor) installed on all their televisions. Do you think they limited this “feature” to their TVs?

Apple is still pushing their Jedi Mind Tricks. They want you to use your phone as your ID, but a recent iOS update even broke the “phone” part of iPhones. Why would anyone trust their identity to their phones?

The Epic v Apple case finally has a ruling. One of the two most significant issues, that Apple forbade any payments not through the App Store, was (rightly) ruled illegal. All other counts were dismissed. It’s being appealed, of course. This could cost Apple a huge chunk of a $20+ billion pie. There are some great reads from discovery. South Korea has passed a new law with similar implicationsEpic v Google is really shaping up.

Be careful how you treat your employees – they might turn out to be the “evil insider” for a ransomware gang.

If you’re a government employee and the scope of your abuse was just to use your boss’s computer then you’re really thinking small potatoes.

Oh, and don’t photograph the moon. You might get sued by UMG.

All technology carries risk, but Wi-Fi is probably the most significant risk to your privacy.

Microsoft broke OneDrive for Business, has some major issues with Outlook 365 right now, and VoIP.ms has been extorted by a DDoS attack.

Apple has dropped it’s lawsuit against Corellium over virtual iPhones, lost their Optis trial, and settled with small developers who publish on the App Store, but it still in bed with Big Brother. The US is pushing a bill right now to prevent App Stores from being the sole source of apps and content for their platforms and the EU is pushing for a minimum of seven years of hardware support.

There is no Section 230 in Australia…and it shows. Until social media companies are slapped by the Supreme Court, they will continue to get away with acting on behalf of government while claiming to be independent.

Since nobody is working “full time” anyway, they’re planning to force employers to cut their hours even more.

A federal court has ruled that the HHS can not force doctors to perform transgender surgeries or abortions. If you were concerned about the damage someone might do to your wedding cake, why would you want them holding a scalpel between your legs?

When the MSM has to resort to blatant lies to support their position and the people eat it up you have to acknowledge that they’re the enemy of honesty. The only real pandemic is a curious series of deaths only affecting those leaders opposed to mandates and ignoring the blatantly obvious data. This isn’t the first time. Sadly, absolute fraud passes for science today. There really are proven treatments available.

The science behind face masks demonstrates that this has never been an honest conversation. Instead, politicized (and ineffective) tests and treatments are more lethal
than the disease. Those required to do so are failing or simply refusing to report injuries (does this mean they lose protection under NVICP?) and the events that are reported still resemble a certain climate change “hockey stick.” They’re maliciously and negligently ignoring the dataactual health and safety concernscommitting fraud, and cherry-picking sources so they can make tiktok videos. They’re intentionally falsifying data to coerce and terrorize the publicGeorge Orwell would be proud. The spews media, and by extension, their loyal vidiots, aren’t interested in the truth. They mindlessly supportJab Crow,” racism, rape, tyranny, dehumanizing people, and sweep the scandals under the rug with their massive propaganda machine.

If they were honest and their goals were actually in line with reality, then isolation and replication would be required *before* the creation of a cure, but they’re still pushing tests that can’t distinguish Coronavirus from Influenza. The “vaccines” intentionally, permanently alter your DNA. Claims of effectiveness have repeatedly been disproven, as have their false claims of FDA licenseapproval.” So they push illegal mandates that aren’t intended to protect your health, even going so far as to ban students from online classesPoliticians ignoring mathematics isn’t really anything new. Especially when there’s animportantagendaIt’s time for a human rights commission for war crimes over this bio weapon. After all, more servicemembers have died from the vaccines than the disease.

The anti-privacy passports are not designed to prove you’re immune. They’re not designed to prove you’re not a carrier.

Whether there’s sufficient evidence to determine the cause of any deaths over the last 18 months, one thing is sure: Science no longer has any validity.

At least some regions are waking up to the insanity of a group of super-governmental multi-national corporations with total immunity from any and all liability. Or elseIt’s time to opt out.

The FBI admits no one (else!) orchestrated the Jan 6 protest. Nevertheless, it was, according to “experts,” the darkest day in American history. (And they don’t mean the subsequent human rights violations.) Odd that the same agenda is unfolding through Big Pharma.

A real President doesn’t abandon their people, or commit war crimes when they’re embarrassed, the Speaker shouldn’t be silencing the names of those who died on their watch, and the FCC, the FDA, OSHA, and other government agencies should actually study what they approve. Companies that only answer to consumers do.

Only after the last year of humans treating other humans as trash, and validating it by dumbing down the rest, could a flight attendant say, matter-of-factly, that “we don’t follow federal law” and expect her victim to just roll over and comply.

It makes perfect sense, then, that the Constitution and Declaration of Independence would be labeled “harmful content” by the National Archives. Not to be outdone, the UK – once the standard to measure an open press – will now punish reporters who “embarrass” the government with up to 14 years in prison.

Now for the good news:

Inexpensive batteries are on the horizon and Starlink satellites are being fitted with lasers.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~2.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15 and 14.8, iPadOS 15 and 14.8, tvOS 15, macOS Big Sur 11.6, watchOS 8 and 7.6.2, Safari 15, Safari 14.1.2, Xcode 13, iTunes 12.12 for Windows and Security Update 2021-005 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15 and 14.8 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15 and 14.8 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 8 and 7.6.2 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 15 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 93.0.4577.63 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Citizen Driver 2021.1 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.seagullscientific.com/support/downloads/drivers/citizen/download/

Display Driver Uninstaller 18.0.4.3 improves removal. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

HP Laserjet Stub 13.3.3 doesn’t provide a changelog so should be treated as a security update.
https://123.hp.com/us/en/devices/LASERJET

Nvidia 472.12 adds support for Windows 11, CUDA 11.4, and resolves several bugs. This is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.29.81 adds more advertising, improves IPFS support, resolves several crashes and other bugs. This is not a security update.
https://brave.com/

Google Chrome 94.0.4606.54 is a security update.
https://www.google.com/chrome/

Microsoft Edge 93.0.961.52 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 92.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.14.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 4.2.2406.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.9.2 resolves several bugs. This is not a security update.
https://getmailspring.com/

Thunderbird 91.1.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.75.0.140 resolves several bugs. This is not a security update.
https://www.skype.com/

Telegram 3.1.0 resolves several bugs. This is not a security update.
https://telegram.org/

Trillian 6.5.0.17 updates libraries and resolves upload bug. This is not a security update.
https://www.trillian.im/

AnyDesk 6.3.3 improves connection reliability. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 6.3.2 adds a URL handler and adds a warning for permissions. This is not a security update.
https://anydesk.com/en/downloads

aria2 1.36.0 updates libraries and resolves several bugs. This is not a security update.
https://aria2.github.io/

BrowsingHistoryView 2.50 improves menu sorting behavior. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 7.79.0 is a security update.
https://curl.haxx.se/windows/

DNSDataView 1.61 resolves an international compatibility bug. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 130.4.4978 doesn’t provide a changelog, so should be treated as a security update.
https://www.dropbox.com/

FileZilla Server 1.0.1 (wow! I honestly thought they’d never release a major version) adds ACME Let’s Encrypt support, logging improvements, library updates and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.14 adds OpenSSL 3.0 support, resolves several bugs, adds ability to manage filter settings, and improves cross-platform compatibility. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 51.0 improves reliability and stability. This is not a security update.
https://drive.google.com/start

Npcap 1.55 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 4.4.4 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.56.1 improves reliability and resolves several bugs. This is not a security update.
https://rclone.org/

Technitium DNS Server 6.4.1 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Zoom 5.7.8.1247 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

darktable 3.6.1 improves hardware support and resolves over a dozen bugs. This is not a security update.
https://www.darktable.org/install/

Flickr Downloadr 3.4.3.1 updates libraries. This is not a security update.
https://flickrdownloadr.com/downloads/

iTunes 12.12.0.6 is a security update. Use Apple Software Update to install the most current version.
https://www.apple.com/itunes/download/

MediaMonkey 5.0.3 resolves a duplication bug. This is not a security update.
https://www.mediamonkey.com/windows#download

Plex Home Theater 1.5.1.2629 updates libraries, improves hardware support, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.24.3.5033 adds support for new hardware, updates libraries, resolves stability and reliability bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Steam 2021.09.20 resolves dozens of bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Nintendo Switch 13.0.0 adds Bluetooth Audio, the ability to install Dock updates, and preserve the Internet connection in sleep mode. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS5 21.02-04.00.00 adds M.2 SSD expansion support, 3D audio, and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 3.0.4 resolves a stability bug. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.4 resolves dozens of bugs. This is not a security update.
https://www.blender.org/download/

Gimp 2.10.28 is a major update ported to GEGL, adds multithreading, GPU-side processing, hi-DPI support, and improved user interface, selection tools and more. This is not a security update.
https://www.gimp.org/

IcoFX 3.6.1 resolves a startup bug. This is not a security update.
https://icofx.ro/

Krita 4.4.8 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.2.1 resolves over 400 bugs. This is a security update. The “Fresh” line is beta software, and should be avoided in favor of the “Still” version for most users.
https://www.libreoffice.org/

LibreOffice Still 7.1.6 resolves 44 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.4 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.4 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Adobe XMP Toolkit SDK 2021.08 is a security update.
https://helpx.adobe.com/security/products/xmpcore/apsb21-85.html

Adobe Photoshop 21.2.12 and 22.5.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-84.html

Adobe Experience Manager 6.5.10.0 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb21-82.html

Adobe Genuine Service 7.4 is a security update.
https://helpx.adobe.com/security/products/integrity_service/apsb21-81.html

Adobe Digital Editions 4.5.11.187658 is a security update.
https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html

Adobe Premiere Elements 20210809.daily.2242976 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb21-78.html

Adobe Photoshop Elements 20210811.m.158081 is a security update.
https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html

AdobeCreative Cloud Desktop Application 5.5 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html

Adobe ColdFusion 2018.12 and 2021.2 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb21-75.html

Adobe Framemaker 2019.8 and 2020.3 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb21-74.html

Adobe InDesign 16.4 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb21-73.html

Adobe SVG-Native-Viewer 20210914 is a security update.
https://helpx.adobe.com/security/products/svg-native-viewer/apsb21-72.html

Adobe InCopy 16.4 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-71.html

Adobe Premiere Pro 15.4.1 is a security update.
https://helpx.adobe.com/security/products/premiere_pro/apsb21-67.html

Adobe Acrobat and Reader 2021.007.20091, 2020.004.30015, and 2017.011.30202 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-55.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.22 resolves several stability bugs with Tor. This is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

BelArc Advisor 11.1 adds support for new software and operating systems. This is not a security update.
https://www.belarc.com/products_belarc_advisor

Hashcat 6.2.4 improves performance, adds hash modes, and resolves several bugs. This is not a security update.
http://hashcat.net/hashcat/#downloadlatest

KeePass 2.49 improves accessibility, reliability, and resolves several bugs. This is not a security update.
https://keepass.info/

OnionShare 2.3.3 adds dark mode, updates libraries, and resolves several bugs. This is not a security update.
https://onionshare.org/

OpenSSL 1.1.1l and 3.0.0 are security updates.
https://curl.se/windows/
https://slproweb.com/products/Win32OpenSSL.html

RogueKiller 15.1.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.38.0 adds Node.js support and resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

WebBrowserPassView 2.11 adds a new export/import option, Firefox CSV. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD 3.70.55 adds Facecam support and resolves several bugs. This is not a security update.
https://www.elgato.com/en/game-capture-software

SnagIt 2021.4.4 resolves several bugs. This is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.1 resolves several bugs. This is not a security update.
https://handbrake.fr/

PDF Creator 4.4 resolves several bugs, adds CS Script action, page numbers, and a couple more actions. This is not a security update.
https://www.pdfforge.org/pdfcreator

Education updates

One or more of these are likely to be of interest to most people.

Zotero 5.0.96.3 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8.7 resolves dozens of bugs and compatibility issues. This is not a security update.
https://1password.com/downloads/mac/

Autoruns 14.01 resolves a bug with VirusTotal and adds a dark theme. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Beyond Compare 4.4.0.25886 adds support for TLS 1.3, improves SFTP and resolves several bugs. This should be treated as a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 1.28.2 resolves several bugs. This is not a security update.
https://bitwarden.com/

CPU-Z Installer 1.97 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 9.21 improves support for Windows 11 and resolves bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 2.9.378.0 adds several new features and resolves several bugs. This is a security update.
https://dngrep.github.io/

Drive Snapshot 1.49 adds support for new operating systems and improves encryption. This should be treated as a security update.
http://www.drivesnapshot.de/en/

Etcher 1.5.122 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything Toolbar 0.7.2 resolves a display bug. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.24 adds UEFI Shell downloads and command line support. This is not a security update.
https://github.com/pbatard/Fido/releases

GoodSync 11.8.2 resolves several bugs. This is not a security update.
https://www.goodsync.com/

LessMSI 1.8.2 resolves a CAB parsing bug. This is not a security update.
https://lessmsi.activescott.com/

NTLite 2.3.0.8330 adds support for Windows 11 and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.0.1 adds several new tables and queries, updates libraries and resolves several bugs. This is not a security update.
https://osquery.io/downloads

PowerToys 0.45.0 improves stability and resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.84 adds dark theme. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Process Explorer 16.43 resolves a memory leak and other bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

Synergy 1.14.1 resolves several bugs, improves reliability and adds new operating system support. This is not a security update.
https://symless.com/synergy/

Sysmon 13.24 improves stability and event handling. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.14 adds dark theme. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.21.8 resolves a license warning bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WhyNotWin11 2.4.1 improves compatibility detection. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WifiChannelMonitor 1.70 adds 802.11ac monitoring mode. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.71 improves internationalization. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Windows 11 RCT 1.1.0 improves compatibility detection. This is not a security update.
https://bytejams.com/

WinScan2PDF 7.31 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.03 is a massive update. This version adds zoom, improved search controls and organization, Explorer interaction and improved cosmetic controls. This is not a security update.
https://wiztreefree.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.33.10 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Godot 3.3.3 resolves dozens of bugs. This is not a security update.
https://godotengine.org/

Node.js v12 12.22.6 is a security update.
https://nodejs.org/en/

Node.js v14 14.17.6 is a security update.
https://nodejs.org/en/

Node.js v16 16.9.1 updates libraries, resolves several bugs, and improves error handling. This is a security update.
https://nodejs.org/en/

Unreal Engine 4.27 resolves several bugs. This is not a security update.
https://unrealengine.com/en-US/

Visual Studio Code 1.60 adds debug watch values, improves cosmetics, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

OpenCart 3.0.3.8 resolves an RTL bug. This is not a security update.
https://www.opencart.com/

Coppermine Gallery 1.6.13 is a security update.
https://coppermine-gallery.net/

Dada Mail 11.15.1 updates libraries and resolves several bugs. This is a security update.
https://dadamailproject.com/

Docker Desktop 4.0.1 introduces the new licensing scheme, updates libraries, and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.1.13 is a security update (the second in a week).
https://drupal.org/download

Drupal 9.2.5 resolves dozens of bugs. This is not a security update.
https://drupal.org/download

MailArchiva 8.2.4 resolves several bugs. This is not a security update.
https://mailarchiva.com/

MailEnable 10.36 resolves several bugs, including a certificate assignment bug. This is not a security update.
https://www.mailenable.com/

Nextcloud Server 22.1.1 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

ownCloud Client 2.9.0.5150 resolves several bugs and improves stability. This is not a security update.
https://owncloud.com/desktop-app/

ScreenConnect 21.12.4575.7914 adds several controls for compatibility and reporting, improves stability, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

YOURLS 1.8.2 resolves several bugs. This is a security update.
https://yourls.org/

WordPress 5.8.1 is a security update.
https://wordpress.org/

Akismet 4.1.12 resolves a couple bugs. This is not a security update.

Autoptimize 2.9.2 improves compatibility and resolves several bugs. This is not a security update.

BuddyPress 9.1.1 is a security update.

Duplicator 1.4.3 resolves several bugs. This is not a security update.

Postie 1.9.57 improves attachment handling. This is not a security update.

Show IDs 1.1.8 adds support for the latest WordPress. This is not a security update.

Slider Revolution 6.5.8 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Social Post Feed 4.0 is a major update adding several new features. This is not a security update.

Sucuri Security 1.8.28 removes a warning. This is not a security update.

Visual Composer 38.1 resolves a couple bugs. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.8 resolves several bugs. This is not a security update.

WooCommerce 5.7.0 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-07-13

Posted on by
Reply

Welcome back, Folks!

Today is Patch Tuesday for July, 2021. Bad patches, bad faith, insufferable heat, and a horrific series of holiday events for security professionals has left me in a foul mood. I’ll try to keep my temper.

This Month in Technology

Apex LegendsATMs and PoS platformsBoeingCisco Smart Switchestens of millions of Dell devicesEA (including the source code for dozens of games), IndexsinasiOS activation lock, the IRSKaseya – impacting hundreds of companies and over a million devices, and then, another Linux kernel bugLumaNSW Dept of EducationPlingSolarWinds (again), Southwest AirlinesSwedish Coop supermarkets, VMWare vCenter, Western Digital’s My Book Live devices, and Windows Print Spooler (printnightmare) have been hacked.

Malware was released posing as a Kaseya security update to address their 4th of July horror show, Microsoft signed and published the malware-laden Netfilter rootkit, the Accelion breach keeps getting worse, there’s another strain of ransomware targeting Microsoft Exchange, and 8.4 billion passwords were dumped in a new leak. There has been a 10x increase in businesses targeted by adult phishing messages.

Apple prioritized its own app before competitors in their “fair” app search engine, simply naming a wireless network a certain way can disable iPhone Wi-Fi on devices that connect to it. If it’s an open network, they’ll try to connect to it automatically. Safari broke indexedDB which broke access to almost every web app. Apple uses slave labor while refusing to hire minorities, Siri is still violating your privacy, and if your iPhone is the “key” to your bank or other sensitive information, get a better lock. At least the Woz supports the right-to-repair.

You’re not in charge of your SMART devices. Dell admits to intentionally disabling their hardware. An Australian phone carrier is injecting advertisements into texts. What this says about your use of two-factor authentication (2FA) is that at the very least, your carrier can always access them (and so can any 3-letter agencies). Google has even acknowledged the significance of this risk and is advising developers to stop using texts for 2FA.

Microsoft’s Linux reposMicrosoft Store, and Fastly had major outages. The Fastly CDN outage was caused by “one customer changing a setting.

Microsoft announced the upcoming release of Windows 11, which has only a handful of significant changes (including an uglier user interface and a requirement for home users to use a Microsoft account). This article is a great summary of why forcing a Microsoft account on their users is a bad idea.

If having the Facebook app itself installed weren’t risky enough…they can analyze the photo of a single word to recreate your handwriting, and identify the source of deepfakes, but they can’t bother to follow their own “important rules.” Facebook can be held liable for their facilitation of sex trafficking.

Secretaries of State continue to promote the false “secure election” claims when they, themselves, hold evidence to the contrary. There is now sufficient evidence to demonstrate that election fraud was the norm in 2020. Dominion blames “human error,” and why wouldn’t they? Liberty dies in darkness.

Epic Games is winning appeal in Australia. Robinhood violated the law by getting in bed with Wall Street, and the SEC is targeting independent investors. SpaceX is being investigated for their Starlink expansion (the heat is on). A federal judge has overturned California firearm ban even while California launches a vaccine passport. The Linux Foundation has jumped the shark, by joining the fracas.

The CDC keeps fudging the VAERS numbers so is it any wonder there are bills to ban a federal vaccination database? Why wouldn’t they when there are over 50,000 dead Americans thanks to the CV19 “vaccines,” and the vast majority of “COVID deaths” are to the vaccinated minority? More than half of all (government-funded) COVID “relief” was either stolen or fraudulent. Airlines are banning those who have received the vaccines and Pakistan is banning those who have not from having cell phones. Fauci keeps lying his way around the media, but that’s common when government meets health careProfit-driven labsagenda-driven judges, fake peer reviewand “science” (not to be confused with actual science) have produced defective (unless their intent is to kill) and ineffective vaccines, deadly mask mandates, and insane stay-at-home orders, that have caused irreparable damageJust say no“Voluntary” does not mean “without consent.”

Biden (falsely, in case you weren’t aware) believes “a number of officers” lost their lives during the January 6th “riot“, but is allowing actual murderers go free, even though the capitol staff allowed protesters to enter the magnetically locked doors. This is why Speaker Pelosi refused National Guard assistance. If they were there, their cronies couldn’t have staged this “mostly peaceful” false flag.

The US federal government is researching ways to implement their own version of a social credit system. NCLB=>CRT, and now they’re treating humor as racism. Thanks to interventionalism, gas is going to get much more expensive.

All terrorism is sponsored by the FBI, or concealed by them. That’s not an exaggeration. Anyone that’s turned on a TV knows that there are a lot of pedophiles in government. How many do you think are in the FBI?

Threatening to nuke your citizenry approaches the worst thing any President has ever done. When is revolution justified?

Now for the good news:

This heat wave is finally subsiding.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is very large. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Before I begin I should point out that Microsoft released an out-of-band (OOB) security update last week. For the vast majority of users, the “fix” caused more damage than the risk of compromise. Printers, card readers, even disk drives, suffered problems after installing the update, and in some cases Windows was broken as a result. Instead of tying it to the previously (and well-tested) June patch cycle update, they released the OOB update based on the beta version of the July update. I spent most of this week dealing with the fallout from this very poorly tested patch. Grrr.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.2 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 12.5.4 and iMovie 10.2.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 12.5.4 is a security update. Use Settings, General, Software Update to install the most current update.

Google Chrome OS 91.0.4472.147 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 8.54.161 resolves several bugs. This is not a security update.
https://www.logitech.com/en-us/product/options

Nvidia 471.11 resolves several bugs. This is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.26.74 is a security update.
https://brave.com/

Google Chrome 91.0.4472.124 is a security update.
https://www.google.com/chrome/

Microsoft Edge 91.0.864.67 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 90.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.12.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Iridium 2021.06.91 is a security update.
https://iridiumbrowser.de/

SeaMonkey 2.53.8 is a security update.
https://www.seamonkey-project.org/

Vivaldi 4.0.2312.38 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.42 improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

Thunderbird 78.12.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Telegram 2.8.4 improves stability. This is not a security update.
https://telegram.org/

AnyDesk 6.3.2 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 125.4.3474 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.55.0 improves SFTP and ALPN support, and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.11 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Npcap 1.50 resolves several bugs and improves compatibility. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 4.4.3 resolves dozens of bugs and improves reliability. This should be treated as a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

WinSCP 5.19.1 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.7.1.543 resolves several bugs. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.16 adds snow, rain and fire effects, resolves several bugs. This is not a security update.
https://en.3tene.com/

darktable 3.6.0 adds several new features, resolves dozens of bugs and updates hardware support. This is not a security update.
https://www.darktable.org/install/

Flickr Downloadr 3.4.0.1 resolves several bugs and removes defunct platforms. This is not a security update.
https://flickrdownloadr.com/downloads/

Plex Media Server 1.23.4.4805 improves AAC encoding quality, hardware compatibility, play queueing specials and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.16 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS5 21.01-03.21.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2021.07.13 resolves dozens of bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Krita 4.4.5 resolves dozens of bugs. This should be treated as a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.1.4 resolves 80 bugs. This is a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.2.4 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.1 adds/improves dark mode, resolves performance and stability bugs. This is not a security update.
https://notepad-plus-plus.org/

Adobe Dimension 3.4.3 is a security update.
https://www.adobe.com/products/dimension.html

Adobe Illustrator 25.3 is a security update.
https://www.adobe.com/creativecloud/catalog/desktop.html

Adobe Framemaker 2019.8 and 2020.2 are security updates.
https://helpx.adobe.com/framemaker/kb/framemaker-downloads.html

Adobe Acrobat and Reader 2021.005.20058, 2020.004.30006, and 2017.011.30199 are security updates. Use Help, Check for Updates to install the most current version.

Adobe Bridge 11.1 is a security update.
https://www.adobe.com/in/products/bridge.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 3.1.16 updates libraries and resolves several bugs. This is a security update.
https://www.gpg4win.org/download.html

Hashcat 6.2.2 improves automation, adds new hash-modes and resolves several bugs. This is not a security update.
https://hashcat.net/hashcat/#downloadlatest

RogueKiller 15.0.8 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 4.20 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

uBlock Origin 1.36.2 is a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.32.1 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.4.2 resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

VideoCacheView 3.07 improves Firefox compatibility. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

IsoBuster 4.8 adds ReFS support, dmg, adf, and hdf file support, metadata parsing, Amiga partitions, block range addressing and search support. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.16.4 improves decoding, compatibility, and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8.6 resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.7.810
https://1password.com/downloads/windows/

8GadgetPack 34.0 resolves several bugs and improves compatibility. This is not a security update.
https://8gadgetpack.net/

AccessChk 6.14 adds support for NULL DACL reporting. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/accesschk

Aomei Partition Assistant 9.3 adds option to create portable version, resolves an app mover bug. This is not a security update.
https://www.diskpart.com/

Bitwarden 1.27.1 resolves several bugs. This is not a security update.
https://bitwarden.com/

Dell Command Update 4.2.1 doesn’t provide a changelog. This should be treated as a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 9.11 adds support for Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.75 adds support for sorting by menu. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Everything Toolbar 0.7.1 improves keyboard support, added options and integration, and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.20 adds Windows 7 ISO downloads. This is not a security update.
https://github.com/pbatard/Fido/releases

GoodSync 11.7.6 resolves several bugs. This is not a security update.
https://www.goodsync.com/

Homedale 1.97 resolves a bug. This is not a security update.
https://www.the-sz.com/products/homedale/

NetworkTrafficView 2.41 adds support for sorting by menu. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

NTLite 2.1.2.8074 adds Windows 11 support and updates components. This is not a security update.
https://www.ntlite.com/download/

osquery 4.9.0 updates libraries, adds log rotation, improves table options, startup and shutdown time, and resolves other bugs. This is not a security update.
https://osquery.io/downloads

PointerStick 5.33 adds support for Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.41.3 resolves stability issues. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.83 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

RoboForm 9.1.5 resolves several bugs. This is not a security update.
https://www.roboform.com/

Strings 2.54 improves handling of files containing long strings. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/strings

Sysmon 13.22 improves performance and resolves a sub-rule bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.13 fixes a bug with connection state filtering. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TraceRouteOK 2.55 updates signature and languages. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

USBDeview 3.02 improves high-DPI support and adds support for sorting by menu. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WinRAR 6.02 is a security update.
https://www.rarlab.com/

WinScan2PDF 7.22 adds Windows 11 support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.01 adds several new filter features, multiple simultaneous drive support, performance improvements, and adds cosmetic options. This is not a security update.
https://wiztreefree.com/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 4.2.2.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio

Node.js 16.4.2 is a security update.
https://nodejs.org/en/

Node.js 12.22.3 is a security update.
https://nodejs.org/en/

Node.js 14.17.3 is a security update.
https://nodejs.org/en/

SQLite 3.36.0 improves EXPLAIN, BOM skipping, and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.58 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.14.1 updates libraries, adds limits to Forward to a Friend, and resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 3.5.2 resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.1 resolves several bugs. This is not a security update.
https://drupal.org/download

MailEnable 10.35 is a security update.
https://www.mailenable.com/

Nextcloud Server 22.0.0 adds Circles support, integrates chat and tasks, approval workflows, PDF signing, and resolves over 600 bugs. This is not a security update.
https://nextcloud.com/

ScreenConnect 21.9.4007.7863 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Akismet 4.1.10 resolves several bugs and improve API requests. This is not a security update.

Conditional Widgets 3.1 announced their native incompatibility with WP 5.8+ and how to continue to use it. This is not a security update.

Duplicator 1.4.2 resolves several bugs and updates package diagnostics. This is not a security update.

myStickymenu 2.5.3 resolves several bugs. This is not a security update.

Visual Composer 37.0 resolves several bugs, improves compatibility, and adds user interface improvements. This is not a security update.

W3 Total Cache 2.1.5 is a security update.

WooCommerce 5.5.0 resolves dozens of bugs. This is not a security update.

WP Mail SMTP 2.9.0 adds scheduler, improved notifications, and resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/