Welcome back, Folks!
Today is Patch Tuesday for June, 2021. There have been another couple dozen major security incidents, as well as some significant revelations impacting health, security and privacy. The latest Windows 10 release, v21H1, is out and it doesn’t change that much. Google has finally stopped their weekly security update cadence, though other vendors (including Microsoft Edge and Brave) have continued.
This Month in Technology
ABC affiliates, Apple AirTags, AXA, Biden’s Venmo account, Brenntag, CNA Financial, Colonial Pipeline (again), DigitalOcean, European biomolecular research institute, First Horizon Bank, U.S. Agency for Global Media, Guard.me, Herff Jones, Ireland’s Department of Health (HSE), JBS, Monday.com, Microsoft PatchGuard, NY MTA, OGUsers, One Treasure Island, Rapid7, Scripps Health and Whistler have been hacked.
A Qualcomm hardware vulnerability affects almost 40% of all mobile phones. Additionally, a dozen security vulnerabilities (called FragAttacks) have been discovered that apply to all Wi-Fi devices. (I’ll bet you miss that cable now, don’t you?)
Google released a “trial” feature to many Chrome users that effectively broke Chrome on their devices. Disabling the trial allowed Chrome to operate again. This is a perfect example of why you should never be forced into being in a beta program. iOS 14.6 is chewing through batteries. Microsoft released an update that broke compatibility with their own Office 365 services – Teams, Outlook and OneDrive. Google’s Nest thermostats are giving people the cold shoulder. Spectre is back again.
The antivirus that can’t protect you from crypto mining malware will now mine crypto on your device so they can use you to generate even more revenue for them. Better hope Norton 360 doesn’t get your home raided.
Amazon, the UK government, BBC, Bloomberg, CNN, The Guardian, NYT, and and many other major sites were taken offline today in a huge outage.
When your paranoid friend says the security app you’re using might be a government trojan, believe them.
Google & Apple are still making it impossible for users to keep their location private. Tor is being used to spy on “secure” user traffic. Again. A new privacy-compromising mechanism via cross-browser tracking installed apps can effectively identify your device. The TikTok App is collecting biometric data. The UK Test & Trace app does far worse.
GitHub has disabled FLoC. This is a good thing. Despite federal law, Chinese surveillance equipment is gaining US government customers. Taproot isn’t the privacy panacea it is perceived to be. On the topic of Snowden, he’s been vindicated (again).
Apple shares iCloud keys with CCP, Apple’s Find My can be used to leak secrets, has a “few” issues with notification reliability, and their techs regularly violate their users’ privacy. Due to so many arbitration cases Amazon is now allowing you to sue them…just in time, as they are now sharing your Wi-Fi with passersby. Dell lied about their Alienware laptop upgradeability. There’s a reason why so many people treat Microsoft Edge as malicious.
The Epic vs Apple lawsuit testimony is over, but Apple’s AppStore is still allowing malicious and fraudulent apps, while they pat themselves on the back for not taking even more money from their users.
Dr. Fauci lied about sponsoring gain of function research for biological warfare. He dismissed what he knew to be true, the lab-leak theory, and the effectiveness of hydroxychloroquine. He perjured himself. The MSM helped.
Biden shut down the last Wuhan lab investigation. What are the chances there will be a real investigation? Intelligence agencies claim otherwise and you know they have never lied. As is typical of the political elite, instead of broadcasting this everywhere, they’re targeting those that exposed it with death threats.
Governments and the MSM are concealing any true risk/benefit analysis, the miscarriages, Freudian slips, and VAERS spikes behind missing data, bad science, vastly overcounted cases, and propaganda. They’ve been caught red-handed manipulating the data.
The truth is the COVID death numbers are still dropping while post-vaccination infection – and death – are not rare. 5-10% suffer from severe adverse reactions in the hundreds of thousands. The CDC’s new rules acknowledge what many have known all along, vindicating those who opposed masks and vaccines and the vaccines are far from safe or effective.
The worst part is that there are still unsubstantiated and illegal mandates (that are supported by the low-information crowd…forever), and insane dogma that violates all reason. Such as yellow stars for the unvaxxed, forbidding the unvaccinated from church, employment, University (sometimes even the vaccinated) and even West Point. The Red Cross won’t even accept blood from the vaccinated.
The UK government knows what’s coming, and most will be called “unrelated illnesses.” When life insurance companies see this as a non-event and politicians ignore their own agencies to fine the science it’s hard to take it seriously. There have been decades of vaccine research, and we know they’re designing vaccines that spread themselves – isn’t that the premise of most zombie films? mRNA rewrites the genetic code and enhances the illness. This is what it is designed to do. By the way, did you know that during mRNA trials all the mammals kept dying? They proceeded with the emergency use authorization anyway. The only immunity provided by vaccines is to the manufacturer. A second Nuremburg Tribunal is on the horizon.
The Supreme Court says the Computer Fraud and Abuse Act (CFAA) is overbroad. Amazon is being sued over Antitrust law. The Ohio AG is trying to declare Google a public utility.
The government has repeatedly operated in concert with Big Tech to silence dissent, science, and discussion, in effect, laundering their censorship through third-parties. Governors and others are now going on the offense.
Now for the good news:
Dr. Shiva Ayyadurai is doing more to take down Big Tech than anyone else – by himself. Please help.
Let’s Get Busy
Now back to our regularly scheduled program.
Patch Tuesday this month is huge. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.
Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.
Apple released updates for iOS 14.6 and iPadOS 14.6, macOS Big Sur 11.4, Security Update Mojave 2021-004, Security Update Catalina 2021-003, Safari 14.1.1, watchOS 7.5, tvOS 14.6, and Boot Camp 6.1.14. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.
iOS 14.6 is a security update. Use Settings, General, Software Update to install the most current update.
iPadOS 14.6 is a security update. Use Settings, General, Software Update to install the most current update.
watchOS 7.5 is a security update. Use your updated iPhone to install the most current version through the Watch app.
tvOS 14.6 is a security update. Use Settings, General, Updates to install the most current version.
Google Chrome OS 91.0.4472.81 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Important Notes
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
Driver Updates
If you’re using this hardware – these updates are for you.
Logitech Options for macOS 8.54.147 adds support for newer hardware. This is not a security update.
https://www.logitech.com/en-us/product/options
Nvidia 466.63 adds support for newer hardware, libraries and components, and resolves stability and performance bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us
Engine 3.22.0 now defaults to having Moments off, and resolves a crash bog. This is not a security update.
https://steelseries.com/engine
Browser Updates
One or more of these are likely to be of interest to everyone.
Brave 1.25.70 is a security update.
https://brave.com/
Google Chrome 91.0.4472.77 is a security update.
https://www.google.com/chrome/
Microsoft Edge 91.0.864.41 is a security update.
https://www.microsoft.com/en-us/edge/business/download
Firefox 89.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 78.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Email Updates
One or more of these are likely to be of interest to everyone.
Thunderbird 78.11.0 is a security update.
https://www.thunderbird.net/en-US/
Internet Updates
One or more of these are likely to be of interest to everyone.
AnyDesk 6.3.1 resolves several bugs and adds an adaptive resolution option. This is not a security update.
https://anydesk.com/en/downloads
AnyDesk for macOS 6.2.0 resolves stability and display issues, adds tab, cursor follow, and window focus controls. This is not a security update.
https://anydesk.com/en/downloads
curl 7.77.0 is a security update.
https://curl.haxx.se/windows/
Dropbox 123.4.4832 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.dropbox.com/
FileZilla Client 3.54.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/
Minds 4.13.0 improves performance and resolves several bugs. This is not a security update.
https://www.minds.com/mobile
Prosody 0.11.9 is a security update.
https://prosody.im/download/start
Technitium DNS Server 6.3 resolves several bugs and adds more than a half dozen new features, including failover and recursion ACLs. This is not a security update.
https://technitium.com/dns/
WGet 1.21.1-1 updates libraries. This is a security update.
https://eternallybored.org/misc/wget/
Zoom 5.6.7.1016 is a security update.
https://zoom.us/
Media Updates
These are unlikely to be of interest to most people.
3tene 2.0.15 resolves several bugs. This is not a security update.
https://en.3tene.com/
Picard 2.6.3 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/
Plex Media Server 1.23.2.4656 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
Game Updates
These are unlikely to be of interest to most people.
Steam 2021.06.07 resolves several bugs and improves cosmetics. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0
PlayStation PS3 4.88 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/
Office Updates
One or more of these are likely to be of interest to most people.
Audacity 3.0.2 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/
LibreOffice Still 7.0.6 is the final release for the 7.0 branch. This version resolves 50 reliability, stability, and compatibility bugs. This is not a security update.
https://www.libreoffice.org/
Nextcloud Desktop 3.2.2 resolves several bugs and updates libraries. This should be treated as a security update.
https://nextcloud.com/
Adobe Connect 11.2.2 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-36.html
Adobe Acrobat and Reader 2021.005.20148, 2020.004.30005 and 2017.011.30197 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-37.html
Adobe Photoshop 21.2.9 and 22.4.2 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-38.html
Adobe Experience Manager 6.5.9.0 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb21-39.html
Adobe Creative Cloud Desktop Application 2.5 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html
Adobe RoboHelp Server 2020.0.1 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb21-44.html
Adobe Photoshop Elements 5.3 is a security update.
https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html
Adobe Premiere Elements 5.3 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb21-47.html
Adobe After Effects 18.2.1 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb21-49.html
Adobe Animate 21.0.7 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-50.html
Security Software Updates
One or more of these is likely to be of interest to most people.
Tails 4.19 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html
NSudo 8.2 removes ARM32 support, updates libraries, and resolves several bugs. This is not a security update.
https://github.com/M2Team/NSudo/releases/latest
OnionShare 2.3.2 resolves several bugs and updates libraries. This is a security update.
https://onionshare.org/
VT-CLI 0.9.7 doesn’t provide a changelog so should be treated as a security update.
https://github.com/VirusTotal/vt-cli/releases/latest
Capture Updates
These are unlikely to be of interest to most people.
ScreenToGif 2.31 provides cosmetic improvements, improves the updater and imgur compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest
SnagIt 2021.4.1 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe
Utility Updates
These are unlikely to be of interest to most people.
1Password for Mac 7.8.5 adds archive support, sharing indicators, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/
1Password for Windows 7.7.807 resolves several bugs, adds Windows Hello support, and adds archive support. This is not a security update.
https://1password.com/downloads/windows/
Bitcoin 0.21.1 improves performance and resolves several bugs. This is not a security update.
https://bitcoin.org/en/download
Bitwarden 1.26.5 resolves several bugs. This is not a security update.
https://bitwarden.com/
CCleaner 5.81.8895 resolves several bugs. This is not a security update.
https://www.ccleaner.com/
Dell Command Update 4.2 improves download and logging. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en
DesktopOK 8.88 improves compatibility and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
Everything 1.4.1.1009 improves NTFS detection. This is not a security update.
https://www.voidtools.com/
Fido 1.19 adds support for Windows 10 21H1 and eliminate requirement for Internet Explorer. This is not a security update.
https://github.com/pbatard/Fido/releases
GoodSync 11.7.3 resolves several bugs and improves stability. This is not a security update.
https://www.goodsync.com/
IsMyHdOK 3.21 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK
NetworkTrafficView 2.40 adds several protocol controls and filters. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html
NTLite 2.1.1.7917 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/
Aomei Partition Assistant 9.2.1 improves selection interface, resolves several bugs with third-party apps and integrated elevation when required. This is not a security update.
https://www.diskpart.com/
PointerStick 5.15 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick
Process Monitor 3.82 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
Process Explorer 16.42 switches default search behavior from find to filter and reports CET, and resolves several bugs. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
PsExec 2.34 changes stderr output behavior. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec
RoboForm 9.1.4 resolves several bugs. This is not a security update.
https://www.roboform.com/
Samsung Data Migration 4.0 does not provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/
Sigcheck 2.81 resolves a signature validation bug. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sigcheck
SimpleWMIView 1.45 improves sorting controls. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html
Sysmon 13.21 adds new filter conditions and resolves a crash bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
TaskSchedulerView 1.68 resolves a pagination bug and improves sorting controls. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html
TCPView 4.12 adds new filter conditions and resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview
TraceRouteOK 2.52 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK
WifiInfoView 2.70 improves sorting options. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html
WinGet 1.0.11451 is the first release version of WinGet. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest
WinObj 3.10 extends search to include symbolic link targets.
https://docs.microsoft.com/en-us/sysinternals/downloads/winobj
WinScan2PDF 7.11 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
Developer Updates
These are unlikely to be of interest to most people.
Android Studio 4.2.1.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio
DB Browser for SQLite 3.12.2 updates the certificate for DBHub.io. This is not a security update.
https://sqlitebrowser.org/
Godot 3.3.2 resolves dozens of bugs. This is not a security update.
https://godotengine.org/
Inno Setup 6.2.0 updates graphics and cosmetics, adds dark mode, improves logging, and adds several new scripting options and flags. This is not a security update.
https://www.jrsoftware.org/isdl.php
Node.js 16.3.0 upgrades libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/
SQLite 3.35.5 resolves several bugs and improves reliability and performance. This is a security update.
https://www.sqlite.org/download.html
Web Package Updates
These are likely to be of interest only to web developers.
Adminer 4.8.1 resolves several bugs. This is a security update.
https://www.adminer.org/en/
Dada Mail 11.14.0 resolves several bugs. This is not a security update.
http://dadamailproject.com/
Drupal 9.1.10 resolves over a dozen bugs. This is not a security update.
https://drupal.org/download
Joomla 3.9.27 is a security update.
https://www.joomla.org/
Nextcloud Server 21.0.2 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/
phpList 3.6.3 is a security update.
https://www.phplist.org/
Piwigo 11.5.0 is a security update.
https://piwigo.org/
ScreenConnect 21.8.3558.7823 adds deep-linking support, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download
WordPress 5.7.2 is a security update.
https://wordpress.org/
BuddyPress 8.0.0 improves the registration experience, xProfile fields, simplifies administration, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/
Duplicator 1.4.1 resolves several bugs. This is a security update.
https://wordpress.org/plugins/duplicator/#developers
Visual Composer 36.0 resolves dozens of bugs and improves consistency. This is not a security update.
https://visualcomposer.com/
W3 Total Cache 2.1.3 is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/
WooCommerce 5.4.0 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/
Show IDs 1.1.7 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/