Updates 2020-02-20

Welcome back, Folks!

It’s not Patch Tuesday, but security updates from Google, Mozilla, Apple and Adobe have triggered an out-of-cycle update.

This Month Week in Technology

According to one of Tumblr’s engineers, Apple’s iOS is adware.

Even great computers are no match for the human brain in perceiving what the typical human consider obvious. Exploiting this fact, evildoers are extorting Google Adsense users by threatening to fraudulently click ads in violation of the Adsense terms unless they get paid off.

If your site is still running an older version of TLS or SSL it’s about to get spanked by the browsers and search engines. Upgrade your HTTPS security policies to use only the latest methods (even if older devices can no longer visit your site).

This month brings even more Bluetooth design and implementation vulnerabilities, and reassurance that keeping your mouth shut may eventually pay off, a relatively minor bug in Firefox allows CSS to be abused to (slowly) extract data from secure sites, and a change to the CCPA (California Consumer Privacy Act) now allows business to keep certain information you’ve requested to be removed so they can…prove…it was…removed…huh? LOL

Finally, a scientific study demonstrates that sound-bite socialization and catch-phrase culture have ruined our ability to have an educated conversation. The real question should be, is anyone surprised?

Let’s Get Busy

The typical computer should see approximately 600 MB of updates. Let’s get started.

watchOS 6.1.3 and 5.3.5 are security updates. Use your updated iPhone to install the most current version through the Watch app.
https://support.apple.com/en-us/HT204641

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Logitech Options 8.10.84 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.logitech.com/en-us/product/options

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 80.0.3987.116 is a security update. Use Menu, Help, About to install the current version.

Firefox 73.0.1 resolves several crash bugs. This is not a security update. Use Menu, Help, About to install the current version.

Vivaldi 2.11.1811.38 is a security update. Use Menu, Help, About to install the current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

FreeFileSync 10.20 adds email notification support, HTML logging, sync error detection, and more. This is not a security update.
https://www.freefilesync.org/download.php

IPNetInfo 1.95 adds improved command-line support. This is not a security update.
https://www.nirsoft.net/utils/ipnetinfo.html

WinSCP 5.17 resolves several bugs and adds new features. This is not a security update.
https://winscp.net/eng/index.php

Media Updates

These are unlikely to be of interest to most people.

MyPaint 2.0.0 is a major new update with new layer and compositing features, new brush controls, and dozens more. This is not a security update.
http://mypaint.org/downloads/

Picard 2.3 resolves dozens of bugs and improves reliability. This is not a security update.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.02.12 resolves several bugs. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

LibreOffice Still 6.3.5 resolves about 85, including stability and reliability fixes. This is not a security update.
https://www.libreoffice.org/

Paint.net 4.2.10 resolves several bugs, notably with those using MSI deployment (yay!). This is not a security update.
https://www.getpaint.net/

Adobe Media Encoder 14.0.2 is a security update.
https://helpx.adobe.com/security/products/media-encoder/apsb20-10.html

Adobe After Effects 17.0.3 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb20-09.html

Adobe FrameMaker 2019.0.5 resolves several bugs. This is not a security update.
64-bit: https://supportdownloads.adobe.com/detail.jsp?ftpID=6851
32-bit: https://supportdownloads.adobe.com/detail.jsp?ftpID=6849

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.20.3 resolves a compatibility bug. This is not a security update.
https://www.fosshub.com/ScreenToGif.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.0.7.4 adds support for new encodings and resolves a crash bug. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.6.7 resolves several bugs and improves compatibility. This is not a security update.
https://12pd.com/click?rf

Cygwin 3.1.4 resolves a couple bugs and improves compatibility with symlinks and junctions. This is not a security update.
https://cygwin.com/

Etcher 1.5.79 improves user experience. This is not a security update.
https://www.balena.io/etcher/

GoodSync 10.10.24 resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

PointerStick 3.81 resolves several bugs and improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Developer Updates

These are unlikely to be of interest to most people.

Node.js 13.9.0 resolves over 200 issues. This is not a security update.
https://nodejs.org/en/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.4-136177 resolves several bugs and improves EFI support. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Nextcloud Server 18.0.1 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

HumHub 1.4.1 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

myStickymenu 2.3.5 updates license rates and terms. This is not a security update.

Postie 1.9.43 begins the migration of shortcodes into the main module. This is not a security update.

Raw HTML 1.6.2 resolves a compatibility bug. This is not a security update.

Redirection 4.7 adds domain relocation with exceptions, site aliases, www/wwwithout controls, and content-type. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.12 improves Blogger and Facebook compatibility. This is not a security update.

Sucuri Security 1.8.24 resolves two bugs. This is not a security update.

WooCommerce 3.9.2 resolves several bugs. This is a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-02-11

Welcome back, Folks!

Today is Patch Tuesday for February 2020.

Microsoft blinked and released three updates to Windows 7 this month, however two of the issues that were resolved were actually caused by their EOL updates released last month. It’s no longer trustworthy, so do not let Windows 7 touch the Internet!

Windows 7 is officially end-of-life (EOL). If you’re still running it, shame on you, and if you are running a licensed version of Windows 7 or 8 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Don’t want to do it yourself? Call me!
https://saferpc.info/contact/

The Windows Update engine relies upon a file called “wsusscn2.cab” which is currently choking on download. While there are several Windows updates available today, it looks like the time just to check for updates will be over 2 hours for most devices today. Have patience or wait to start patching until later when they resolve this issue. There’s plenty of other stuff to patch anyway.

This Month in Technology

macOS finally fixes the Sudo bug (after 9 years), but this pales in comparison to the ease at which Mac users are infected through social engineering tactics. If you still think Mac’s are more secure than Windows, you need to see the numbers from MalwareBytes which show the typical Mac is targeted by nearly double the malware that Windows devices are. One special note here is that the users trusted the names of the websites that were involved, mostly a result of allowing domains to expire (a common concept within the broad scheme of domain hijacking).

While we’re on the subject of renewing domains, don’t forget your certificates! TLS/SSL certificates are often an enterprise’s weakest point of failure, especially when they’re not renewed on time. This will become even more important as TLS 1.0 and 1.1 are deprecated over the next couple months, which will prevent most older devices from being able to safely use the Internet at all. How important is certificate trust? Last months certificate hijacking bug allowed a researcher to replicate NSA and Github certificates in less than 24 hours which could be used immediately in MitM and DNS cache poisoning attacks with no effort from the attacker and as little as 10 lines of browser-based code.

Microsoft has decided to end it’s own ad platform within UWP apps, which will seriously hurt the entire UWP ecosystem and likely their users, by encouraging less security- and privacy-concerned third-party platforms to take their place.

This month we’ve seen data dumps from Twitter user details (shortly before a Twitter outage), Trello, Google, half a million servers, routers, and IoT devices, a major cannabis dispensary POS vendor, THSuite, WhatsApp had a major vulnerability (since patched), a Zoom vulnerability allowed hackers to eavesdrop on your calls, Mitsubishi was hacked via their enterprise security software, Trend Micro OfficeScan, and the United Nations was hacked through an unpatched server.

Is your privacy important? Apple bowed to the FBI to prevent fully-encrypted backups, ICE is using cellphone location data to track immigrants, but Avast has decided to stop selling it’s user data and they’re “sorry”, so at least there’s some good news.

Of course, any account can be hacked, even Facebook’s Twitter and Instagram accounts, and the NFL, and this month the City of Oshkosh (WI) and Duplin County (NC) join the “yet another government network hijacked” club.

It’s one thing to be incompetent when it comes to security, but Blizzard doesn’t even understand their users. This month they’re asserting total copyright ownership of any mods their users create and they released Warcraft: Reforged, which is the first game to ever be reviewed this poorly by the userbase. You might give Blizzard some credit for this – after all, they did build the engine that allowed the third-party “Dota” to flourish. LastPass, however, built their own system but accidentally removed their own extension from the Chrome Web Store!

In IoT news, more than 2/3rds of corporate and government entities were compromised with endpoint attacks in 2019, the weakest link might be the building itself or any of tens of millions of devices on a typical corporate or government network, though, as expected, many Huawei IoT devices have a backdoor. A serious public key exposure in Fortinet SIEM allows evildoers to kill your security appliance, and a critial zero-day in SolarWinds RMM allows attackers to hijack your network. Supply chain attacks targeting EOL Windows 7 devices remind us why we should avoid EOL hardware and software, and Phillips Hue lightbulbs are still proving that they weren’t well though-out security-wise. Thousand of WordPress-based websites have been hijacked to redirect visitors to evil sites, and there is always more to security than patching.

Let’s end my soapbox on a happy note: The best news this month might just be that Netflix finally offers an option to disable those #@$& autoplay previews. It’s about time.

Let’s Get Busy

Now back to our regularly scheduled program. The typical computer should see roughly 2.2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Internet Explorer, .NET, Flash, Servicing Stack, and MSRT (~1.2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra, iCloud for Windows 10.9.2, iCloud for Windows 7.17, iOS 13.3.1, iPadOS 13.3.1, iTunes for Windows 12.10.4, Safari 13.0.5, tvOS 13.3.1, and watchOS 6.1.2. These are security updates. Use Apple Software Update to install the most current versions.

iOS 13.3.1 and 12.4.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 13.3.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 6.1.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 13.3.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 79.0.3945.123 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 32.0.0.330 is a security update. Take comfort knowing that Flash will be EOL in only 10 months.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (1909) is a pretty small update so will install quickly. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.2.2 resolves several issues and improves removal procedure. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

BullZip PDF Printer 11.12.0.2816 improves compatibility with Chrome 80+. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Intel Driver and Support Assistant 20.1.5 improves user interface, performance, uninstall, and resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 442.19 adds framerate capping, performance improvements for certain games, VRSS controls, and support for newer hardware. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Garmin Express 6.20 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 80.0.3987.100 is a security update. This version is also the predecessor to the new samesite cookie handling behavior that will cause problems for various industries, including ad-services. Use Menu, Help, About to install the most current version.

Firefox 73.0 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 68.5.0 is a security update. Use Menu, Help, About to install the most current version.

Iridium 2019.11.78 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.10.1745.27 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 68.5.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

MaxMind GeoLite: Due to their interpretation of the CCPA (California Consumer Privacy Act), MaxMind has opted to no longer provide direct downloads of their IP information databases. An account and agreement to perform updates immediately upon publishing new releases and removal of all existing copies is now required. Due to this we will no longer be listing MaxMind on SaferPC. I suggest you integrate their automatic update service into your existing platform to ensure that you can comply with their new usage agreement.

Prosody 0.11.4 improves performance and resolves several bugs. This is not a security update.
https://prosody.im/download/start

BrowsingHistoryView 2.36 adds option to delete Chrome and Firefox history records. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

FreeNAS 11.3 is a major update offering improved performance, security controls, community plugin integration, improved granularity of alerts and more. This is not a security update.
https://www.freenas.org/download-freenas-release/

Npcap 0.9987 is a security update.
https://nmap.org/npcap/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.10.4 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.01.20 resolves several bugs and improves reliability of Remote Play. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 20.006.20034 is a security update. Use Help, Check for Updates to get the most current version.

Adobe DNG 12.2 adds support for new hardware. This is not a security update.
Mac: https://supportdownloads.adobe.com/detail.jsp?ftpID=6879
Win: https://supportdownloads.adobe.com/detail.jsp?ftpID=6881

Adobe Experience Manager 6.5.0-31870 and 6.4.0-31868 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb20-08.html

Adobe Digital Editions 4.5.11 is a security update.
https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html

Adobe Framemaker 2019.0.5 is a security update.
https://helpx.adobe.com/security/products/framemaker/apsb20-04.html

Adobe Illustrator CC 24.0.2 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb20-03.html

Artweaver 7.0.4 resolves several bugs and improves performance with impasto and PSD text layers. This is not a security update.
https://www.artweaver.de/

Atom 1.44.0 resolves several bugs. This is not a security update.
https://atom.io/

LibreOffice Still 6.3.4 is a major update adding a wide variety of new features and performance improvements. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 6.4.0 resolves almost 500 bugs, including security issues. The typical user should run LibreOffice Still (stable), not Fresh (beta).
https://www.libreoffice.org/

Lightworks NLE 14.5 adds dozens of new features, export options, media codecs, and over a hundred bugs. This should be treated as a security update.
https://www.lwks.com/

Notepad++ 7.8.4 adds JSON and Workspace improvements, and resolves a crash bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.2.9 resolves several bugs and improves performance. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

QubesOS 4.0.3 is a security update.
https://www.qubes-os.org/downloads/

elementaryOS 5.1.2 is a security update.
https://elementary.io/

RogueKiller 14.1.1 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.0 improves reliability, user interface, exception controls, and resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.20.2 resolves several bugs. This is not a security update.
https://www.fosshub.com/ScreenToGif.html

Converter Updates

These are unlikely to be of interest to most people.

MKVToolnix 43.0.0 resolves several bugs and improves user interface defaults options from command line. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

DVDFab 11.0.7.1 resolves several bugs and adds support for newer encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.6.6 improves compatibility and resolves several bugs. This is not a security update.
https://www.roboform.com/

Easy2Boot 1.B8A improves compatibility and user-interface. This is not a security update.
https://www.fosshub.com/Easy2Boot.html

1Password for Mac 7.4.2 improves compatibility and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

ControlMyMonitor 1.25 adds option to put icon in tray. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

DesktopOK 6.84 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.66 adds Class GUID column. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Etcher 1.5.76 updates libraries and resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything CLI 1.1.0.18 doesn’t provide a changelog, so should be treated as a security update.
https://www.voidtools.com/

FileLocator Pro 8.5.2944 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 8.8.2 improves user interaction and resolves several bugs. This is not a security update.
https://community.fing.com/

GoodSync 10.10.21 improves performance and reliability, resolves several bugs. This is not a security update.
https://www.goodsync.com/

MS ISO Downloader 8.31 adds support for new media. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

OSFMount 3.0.1005 adds command-line options to load physical or logical emulation only, and resolves a permissions bug. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

SetDefaultBrowser 1.4 adds support for Chromium-based Edge. This is not a security update.
https://kolbi.cz/blog/2017/11/10/setdefaultbrowser-set-the-default-browser-per-user-on-windows-10-and-server-2016-build-1607/

TaskSchedulerView 1.54 adds options to select/deselect all to column chooser. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

USBDeview 2.86 adds mode option for Regedit call, to support opening with or without elevation.
https://www.nirsoft.net/utils/usb_devices_view.html

WinScan2PDF 5.21 improves WIA compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.32 resolves several bugs, adds options to export file types to CSV, filterexclude, and command-line supporter activation. This is not a security update. On the note of Supporters – this software is amazing. Use it. And donate.
https://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.2 improves reliability, performance, stability and resolves almost 2,000 bugs. This should be treated as a security update.
https://godotengine.org/

Node.js 13.8.0 is a security update.
https://nodejs.org/en/

SQLite 3.31.1 adds generated columns, hard heap limits, improved pragma, dbstat aggregated mode support, open nofollow, and resolves an internal schema compatibility issue. This compatibility fix is temporary, so fix your applications if you currently rely on parsing the data structure via internal schema. This is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.42 resolves several bugs, improves user interface, additional preference controls, task management, and more. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.2-135663 resolves several bugs and improves compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.7.6 resolves several bugs. This is not a security update.
https://www.adminer.org/en/

Drupal 8.8.2 resolves dozens of bugs. This is not a security update.
https://drupal.org/download

HumHub 1.4.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 3.9.15 is a security update.
https://www.joomla.org/

Magento 2.3.4, 2.2.11, 1.14.4.4, 1.9.4.4 are security updates.
https://helpx.adobe.com/security/products/magento/apsb20-02.html

Nextcloud Hub 18.0.0 is a major update adding improved file, flow, photos, calendar, mail, and talk integration, and ONLYOFFICE support. This is not a security update.
https://nextcloud.com/

ScreenConnect 19.6.26659.7340 is a security update.
https://www.connectwise.com/software/control/download

SpamAssassin 3.4.4 is a security update.
http://spamassassin.apache.org/downloads.cgi

YOURLS 1.7.6 is a security update.
https://yourls.org/

bbPress 2.6.4 is a security update.

Interactive World Map 3.1.4 is a major update that resolves several issues. This is not a security update.

myStickymenu 2.3.4 resolves several bugs. This is not a security update.

Postie 1.9.41 resolves regex bug and now attempts to process only 1 email at a time. This is not a security update.

Sucuri Security 1.8.23 updates key updater and improves user interface. This is not a security update.

W3 Total Cache 0.13.1 resolves several bugs. This is not a security update.

WooCommerce 3.9.1 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2019-09-10

Hi, Folks!

Today is Patch Tuesday for September 2019 and it’s another big one.

The next build of Windows 10, version 1909, is scheduled to be released later this month. This version will be minor compared to other Windows 10 upgrades and should be nearly indistinguishable from 1903. Well, hopefully local search will work when Cortana Web Search is disabled, but indistinguishable otherwise.

Windows 7 will fall completely out of support in only 4 months. Don’t run out the clock. If you are running a licensed version of Windows 7 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Get it done before it’s too late. Don’t want to do it yourself? Call me!

Borderlands 3 will be released on Friday! If you haven’t pre-ordered yet, you can still get a hefty discount. It’ll available for preinstallation starting this evening.

This month we’ve had another series of security lessons.

The Jordan Peterson “deepfake” platform was just the tiniest recent example of how such technology would inevitably be abused. Even though it was removed, it was followed shortly by a custom deepfake that cost one company $243,000. Oops.

The most popular email server and web management platforms both had critical security issues allowing malicious third parties to take over the entire server.

Don’t trust your mobile. Apple iOS and Google Android vulnerabilities disclosed and abused this month can be used to take over your device. Patches are not yet available to resolve these recent exploits for either platform, though both have released patches for unrelelated security vulnerabilities. Google finally acknowledged a security issue in Google Calendar that has been exploited for at least 3 years and the Google Play Store has been publishing malicious apps.

Your “automated assistant” (Siri, Alexa, Cortana, and Hello Google) defaults to calling unrelated third parties since the numbers are pulled from search results, which are easily abused. Heck, the “vast majority” of new domain registrations and websites exist only for malicious purposes. Even if you don’t visit unknown websites, your information is exposed to others whenever you use automated assistants and sometimes even if you don’t intend to. The best solution is to use a privacy respecting browser, such as Vivaldi or Brave and disable any automation and voice controls.

You should always assume all hardware and software will eventually be hacked and maintain them religiously. From Ring to lightbulbs, it will happen. This month shows how entire platforms are being exploited remotely through their networking features.

When even Jack gets hacked you should assume that your information is out there somewhere. This is demonstrated with the latest in a too-frequent series of Facebook data leaks, this time including phone numbers for over 419 million users.

Finally, a friendly reminder that even if your data is “backed up” by a third party you should always back it up again yourself. Between unreliable third party services to the potential damage from ransomware and trojans, there’s no good reason not to pick up a cheap USB thumb drive and toss your important data on it, then toss it into your fireproof safe.

Now back to our regularly scheduled program. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, .NET, Edge, Internet Explorer, Flash, and MSRT (~1.1 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Mojave 10.14.6 Supplemental Update, iOS 12.4.1, tvOS 12.4.1, and watchOS 5.3.1. These are security updates. Use Apple Software Update to install the most current versions.

iOS 12.4.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 5.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 12.4.1 is a security update. Use System, Software Update to install the most current version.

Adobe Flash Player 32.0.0.255 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of Windows 10 (1903) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6 GB through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Intel Driver and Support Assistant 19.8.34 adds OEM links and improved hardware detection and installation. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 436.30 resolves several bugs. This is not s security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Display Driver Uninstaller 18.0.1.8 improves removal for Nvidia devices. This is not a security update. Be aware that DDU is now wallpapered in advertisements for crapware, so you should avoid it unless you know what you’re doing.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 77.0.3865.75 is a security update. Use Menu, Help, About to install the most current version.

Firefox 69.0 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 60.9.0 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.7.1628.33 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.26 resolves a bug when closed prematurely. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Trillian Mac 6.2.0.19 resolves several bugs. This is not a security update.
https://www.trillian.im/

FileZilla Client 3.44.2 resolves several bugs. This is not a security update.
https://filezilla-project.org/

MaxMind GeoIP 201909 is a data refresh.
https://dev.maxmind.com/geoip/

Npcap 0.9983 improves hardware detection, improves Loopback detection and support, and resolves several bugs. This is not a security update.
https://nmap.org/npcap/

ZeroNet 0.7.1 is a security update.
https://zeronet.io/

Media Updates

These are unlikely to be of interest to most people.

VLC Media Player 3.0.8 is a security update.
https://www.videolan.org/vlc/

FastStone Viewer 7.4 improves Clone and Heal, Pencil, Google Maps integration, and resolves several bugs. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

Game Updates

These are unlikely to be of interest to most people.

Steam 2019.08.26 is a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PlayStation PS3 4.85 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps3/

Office Updates

One or more of these are likely to be of interest to most people.

Atom 1.40.1 resolves a package integration update. This is not a security update.
https://atom.io/

Artweaver 7.0.1 resolves several bugs. This is not a security update.
http://www.artweaver.de/

Krita 4.2.6 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 6.3.1 is a security update.
https://www.libreoffice.org/

LibreOffice Still 6.2.7 is a security update.
https://www.libreoffice.org/

Adobe Reader DC Patch 19.012.20040 resolves a font-embedding bug. This is not a security update. Use Help, Check for updates to install the most current version.

Adobe Application Manager 2019.0 is a security update. AAM will be EOL very soon, so if you do not require it, you should remove it instead of updating to the latest version.
https://supportdownloads.adobe.com/detail.jsp?ftpID=4773

Adobe FrameMaker 2019.0.4 doesn’t provide a changelog so should be treated as a security update.
64-bit: https://supportdownloads.adobe.com/detail.jsp?ftpID=6739
32-bit: https://supportdownloads.adobe.com/detail.jsp?ftpID=6737

Security Software Updates

One or more of these is likely to be of interest to most people.

PureOS 9.0 is a major update to PureOS and signals that the Librem 5 release is likely just around the corner.
https://pureos.net/download/

Looking for a secure phone? Check out the Librem 5:
https://puri.sm/products/librem-5/

MSRT 5.76 updates detections. This is a security update.

RogueKiller 13.4.3 resolves several bugs and updates options. This is a security update.
https://www.adlice.com/softwares/roguekiller/

TinyWall 2.1.12 resolves a bug. This is not a security update.
http://tinywall.pados.hu/

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.14.5 resolves several bugs. This is not a security update.
https://12pd.com/click?makemkv

MKVToolnix 37.0.0 resolves several bugs. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

DVDFab 11.0.4.8 adds support for new encodings, improves Meta Info detection, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 4.2.1 resolves several bugs. This is not a security update.
https://ffmpeg.org/ffmpeg.html

Utility Updates

These are unlikely to be of interest to most people.

Windows 10 Upgrade v1903 updates the installation package for the Windows 10 v1903 build in preparation for v1909.
https://www.microsoft.com/en-us/software-download/windows10

ControlMyMonitor 1.20 improves refresh and default monitor behavior. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

CPU-Z Installer 1.90 adds support for newer hardware. This is not a security update.
http://www.cpuid.com/softwares/cpu-z.html

DesktopOK 6.56 improves portability, adds options for reporting and export analysis, window positions, and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 3.6.0 adds support for new filesystems, resolves several bugs. This is a security update.
https://dmde.com/

FolderChangesView 2.28 resolves a notification bug. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

GoodSync 10.10.7 removes support for Amazon Cloud Drive, resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

HWMonitor 1.41 adds support for newer hardware. This is not a security update.
http://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 1.84 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 1.8.0.7115 adds support for Windows 10 v1909, resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 7.0.1003 resolves several bugs. This is not a security update.
http://www.osforensics.com/download.html

PointerStick 3.68 improves multi-monitor operation. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Sysmon 10.4 adds nested rule support, improved conditions, and resolves several bugs. This is not a security update.
https://live.sysinternals.com/

Process Explorer 16.30 adds Shared Commit, and resolves several bugs. This is not a security update.
https://live.sysinternals.com/

Rufus 3.7 adds persistent partition support for Debian and Ubuntu flavored ISOs, reports SuperSpeed+ devices, resolves several bugs. This is not a security update.
https://rufus.ie/en_IE.html

SimpleWMIView 1.40 adds Case Sensitive option to Quick Filters. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Synergy 1.10.3 resolves several bugs and updates the VC++ dependency to 2019. If you’re having problems with the update, install the VC++ 2019 runtime, reboot, then reinstall.
https://members.symless.com/synergy/downloads/list/s1

TaskSchedulerView 1.52 adds Case Sensitive option to Quick Filters. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TraceRouteOK 1.51 updates language files and improves compatibility with Windows 10 v1909. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinScan2PDF 4.94 adds page selection and improved compatibility with Windows 10 v1909. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 3.5.0.21 integrates several automated improvements, performance optimizations, diagnostics, and resolves several bugs. This is not a security update.
https://developer.android.com/studio/index.html

Node.js 12.10.0 resolves many bugs, improves documentation, and updates dependencies. This is not a security update.
https://nodejs.org/en/

Visual Studio Code 1.38 improves search and replace, resolves several bugs, and adds new features. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.12-133076 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.7.3 improves performance and stability, resolves several bugs. This is not a security update.
https://www.adminer.org/en/

Drupal 8.7.7 resolves several bugs. This is not a security update.
https://drupal.org/download

Nextcloud Server 16.0.4 updates libraries and resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

ScreenConnect 19.3.25270.7185 resolves bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.2.3 is a security update.
https://wordpress.org/

myStickymenu 2.2.2 resolves a cosmetic bug. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.9 resolves several bugs, improves integration with Blogger, Reddit, Pinterest, and WordPress.com. This is not a security update.

Theme My Login 7.0.15 resolves update bug, adds two new filters. This is not a security update.

W3 Total Cache 0.10.0 resolves several bugs, adds support for new S3 regions, webp caching, and other improvements. This is not a security update.

WP Mail SMTP 1.6.2 improves reliability and resolves several bugs. This is not a security update.

Show IDs 1.1.3 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2017-07-11

Hi, Folks!

It’s Patch Tuesday. It’s pretty quiet this month: no major ransomware events and no major new infection vectors. I hate to say it, but it feels like it’s the calm before the storm.

The typical computer should see roughly 1gb in updates today. Let’s get started.

Microsoft released updates to Windows, Internet Explorer, .NET, Flash, POSReader, and MSRT (~900mb). This includes security updates. A reboot is required.

Apple released updates for various printer and scanner drivers, and Apple Remote Desktop Client. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Adobe AIR 26.0.0.127 is a security update.
Win: http://12pd.com/click?air
Mac: http://12pd.com/click?airmac

Adobe Flash Player 26.0.0.137 is a security update. Flash is being actively replaced with HTML5 on most sites and services, however, so unless you’re 110% positive you need it for critical functions, you should remove it instead. And, within those browsers that have it embedded (Chrome, Edge, Internet Explorer 11+) your best option is to disable it. It’s just not worth the risk.
Win: http://12pd.com/click?flash
Win: http://12pd.com/click?flashie
Mac: http://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
http://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.6.9 adds a timeout for service actions and improves GPU detection. This is not a security update.
http://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver Update 2.8.1 resolves bugs and improves detection. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 59.0.3071.115 is a security update. Use Menu, Help, About to get the most current version.

Google Chrome for Android 59.0.3071.125 is a security update. Use the Play store to install this update.

Firefox 54.0.1 resolves several bugs, improves stability, and improves cross-platform reliability. This is not a security update. Use Menu, Help, About to get the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.30 improves SMTP preference assignments, adds WaitAutoClose and EXToSMTP script commands. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

OutlookAttachView 3.02 allows resizing the properties window. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 52.2.0 is a security update. Use Menu, Help, About to get the most current version.
http://www.mozilla.org/en-US/thunderbird/

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 7.38.0.101 resolves several bugs. This is not a security update.

Line 7.6.0 adds in-chat message search. This is not a security update.
http://line.me/update

Trillian 6.0.0.60 resolves several bugs. This is not a security update.
https://www.trillian.im/

Silverlight 5.1.50907 is a security update.
http://www.microsoft.com/getsilverlight/Get-Started/Install/Default.aspx

WinSCP 5.9.6 is a security update.
http://winscp.net/eng/index.php

uTorrent 3.5.0 Build 43916 improves AV detections for Pro version, warn before executing files with masked extensions. This is a security update.
http://www.utorrent.com/downloads

FreeFileSync 9.2 resolves several bugs, improves reliability and security. This is a security update.
https://www.freefilesync.org/download.php

MaxMind GeoIP 201707 is a data refresh. This is not a security update.
http://dev.maxmind.com/geoip/geolite

IPNetInfo 1.76 now filters duplicate IPv6 addresses, improves tabbing. This is not a security update.
http://www.nirsoft.net/utils/ipnetinfo.html

Nmap 7.50 adds dozens of new fingerprints and scripts. Updates libraries. This is a security update.
http://nmap.org/

PuTTY 0.70 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.4.13.6637 adds speed throttling controls, FPS meter, interface improvements, improved networking, and resolves bugs. This is not a security update.
https://www.origin.com/en-us/download

Steam 2017.07.10 improves performance, reliability, and resolves many bugs. This is not a security update.
http://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PS4 4.71 improves system performance. This is not a security update.
http://us.playstation.com/support/systemupdates/ps4/pc_update/index.htm

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 6.0.4 resolves several bugs. This is not a security update.
http://www.artweaver.de/

LibreOffice 5.3.4 resolves well over a hundred bugs. This is a security update.
http://www.libreoffice.org/

Notepad++ 7.4.2 improves find and replace, SWIFT language support. This is not a security update.
http://12pd.com/click?npp

Adobe Reader DC 17.009.20058 is a security update.
http://get.adobe.com/reader

Adobe FrameMaker 2017.0.2 is a security update.
http://supportdownloads.adobe.com/detail.jsp?ftpID=6173

Adobe Connect 9.5.7 is a security update.
https://helpx.adobe.com/security/products/connect/apsb16-35.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Fedora 26-1.5 is a security update.
https://getfedora.org/en/workstation/download/

MSRT 5.50 is a security update.
http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

Tails 3.0.1 is a security update. Note that version 3.0 also removes 32-bit support.
https://tails.boum.org/install/index.en.html

Avast! Home Edition 17.5.2302 adds a new warning system, redesigned popups, and counter on tray icon. This is a security update.
http://www.avast.com/free-antivirus-download

Gpg4win 2.3.4 is a security update.
https://www.gpg4win.org/download.html

Hashcat 3.6.0 adds several new algorithms. This is not a security update.
http://hashcat.net/hashcat/#downloadlatest

DNSQuerySniffer 1.65 adds ‘Quick Filter’ feature. This is not a security update.
http://www.nirsoft.net/utils/dns_query_sniffer.html

RogueKiller 12.11.6 adds detections. This is not a security update.
http://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 3.0.1705.3117 resolves several bugs. This is not a security update.
http://www.xsplit.com/get/

XSplit Gamecaster 3.0.1705.3131 resolves dozens of bugs. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

CDex 1.87 improves stability and resolves several bugs. This is not a security update.
http://cdex.mu/?q=download

DVDFab 10.0.4.6 adds support for new encodings, several tools, and resolves bugs. This is not a security update.
http://www.dvdfab.cn/download.htm

IsoBuster 4.0 improves performances, major cosmetic changes, advanced search functionality, block analysis, history browsing, and more. This is not a security update.
https://www.isobuster.com/download.php

Utility Updates

These are unlikely to be of interest to most people.

GoodSync 10.5.2 resolves several bugs, improves action auditing, and defaults to use SNI for SSL traffic. This is a security update.
http://www.goodsync.com/

RoboForm 8.3.7 adds support for the new Firefox extension platform, resolves bugs and improves performance. This is not a security update.
http://12pd.com/click?rf

1Password for Windows 6.6.439 is a major update, adding duplicate detection, favorites, trash support, and native automatic-when-idle updates. This is not a security update.
https://1password.com/downloads/

Bitcoin 0.14.2 improves performance and resolves bugs. This is not a security update.
http://bitcoin.org/en/download

CCleaner 5.32.6129 improves cleaning. This is not a security update.
http://12pd.com/click?ccleaner

CintaNotes 3.8.1 improves attachment support and resolves several bugs. This is not a security update.
http://cintanotes.com/download

Cygwin 2.8.1 now allows unpriviliged symlink creation in Windows 10, adds two new APIs. This is not a security update.
http://cygwin.com/

DesktopOK 4.72 improves Windows 10 support. This is not a security update.
http://www.softwareok.com/?seite=Freeware/DesktopOK

Easy2Boot 1.93A adds offline CHOCO support, and works around a Windows Creator bug to assign a drive letter for USB drives that are not given them by Windows. This is not a security update.
http://www.easy2boot.com/download/

Kingston SSD Manager 1.1.0.0 does not provide a changelog, so should be treated as a security update.
http://www.kingston.com/us/support/technical/ssdmanager

NetworkTrafficView 2.10 adds logging on timer support. This is not a security update.
http://www.nirsoft.net/utils/network_traffic_view.html

RegFileExport 1.08 fixes a reliability bug. This is not a security update.
http://www.nirsoft.net/utils/registry_file_offline_export.html

WifiInfoView 2.26 improves filtering, adds select/deselect all, and resolves a CLI vs options bug. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

OSForensics 5.1.1001 resolves dozens of bugs. This is not a security update.
http://www.osforensics.com/download.html

Speccy 1.31.732 improves Windows compatibility, updated hardware detection, 32-bit compatibility and resolves bugs. This is not a security update.
http://12pd.com/click?speccy

PointerStick 2.82 improves reliability in Windows 10 Creators Update. This is not a security update.
http://www.softwareok.com/?seite=Freeware/PointerStick

TeamViewer 12.0.78716 improves reliability in Windows 10 Creators Update. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WinScan2PDF 3.51 improves Epson and Brother scanner support. This is not a security update.
http://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.0 removes Vista support, updates scripts and libraries, and improves update detection. This is not a security update.
http://download.wsusoffline.net/

WSUS Offline 9.2.2 (ESR) adds support for the post-EOL updates for XP, Vista, Windows Server 2003, and Windows 8, updates scripts and libraries, and improves update detection. This is not a security update.
http://download.wsusoffline.net/

Sysmon 6.03 fixes a bug that prevented imageload include filters from working in some configurations. This is not a security update.
https://sysinternals.com/

Developer Updates

These are unlikely to be of interest to most people.

TortoiseSVN 1.9.6 resolves several bugs. This is not a security update.
http://tortoisesvn.net/downloads.html

SQLite 3.18.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 12.5.7 is a security update.
http://www.vmware.com/products/player/

Web Package Updates

These are likely to be of interest only to web developers.

Piwigo 2.9.1 is a security update.
http://piwigo.org/

Drupal 8.3.5 resolves dozens of bugs. This is not a security update.
http://drupal.org/download

HumHub 1.2.1 resolves dozens of bugs. This is not a security update.
https://www.humhub.org/en/download

MailEnable 9.75 resolves seeral bugs. This is not a security update.
http://www.mailenable.com/

phpMyAdmin 4.7.2 resolves several bugs. This is not a security update.
http://www.phpmyadmin.net/home_page/news.php

ScreenConnect 6.3.13446.6374 resolves dozens of bugs, and improves performance and reliability. This is not a security update.
https://www.screenconnect.com/Download

Joomla 3.7.3 is a security update.
http://www.joomla.org/

Autoptimize 2.2.2 resolves several bugs. This is a security update.

BuddyPress 2.8.2 adds several new features. This is a security update.

myStickymenu 1.8.9 adds ability to disable on certain posts and pages. This is not a security update.

Postie 1.9.1 resolves several bugs. This is not a security update.

Redirection 2.6.4 resolves several bugs. This is not a security update.

Sucuri Security 1.8.7 improves performance and resolves several bugs. This should be treated as a security update.

Top Commentators Widget 1.5.3 fixes an icon bug. This is not a security update.

WooCommerce 3.1.0 resolves dozens of bugs, improves style and setup. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2016-10-11

Hi, Folks!

It’s Patch Tuesday.

The typical computer should see roughly 1.5gb in updates today. It’s another big one. Let’s get started.

Microsoft released updates to Windows, Edge, Internet Explorer, .NET, Silverlight, Office, and MSRT (~1.2gb). This includes security updates. A reboot is required.

This month marks the beginning of a new Microsoft update policy of packaging updates in group rollups instead of individually for different applications, even for older supported operating systems like Windows 7 and 8.1. As of this month Microsoft will release all Windows-tied security patches in the same file each month, with a separate non-security update package and other minor updates for feature and compatibility fixes. What this means for you is that Windows will now impose security updates once they’ve passed limited testing, and will deal with the aftermath of inevitable failures after Patch Tuesday with additional rollups. Don’t get me wrong, the security updates are essential to good computing, but without the ability to selectively exclude known-bad updates after internal testing is performed, this is going to create a situation where most enterprise environments delay updates even longer. The only safe resolution for this is to have full backups and be prepared to perform a reset or system restore should, well, the inevitable disaster occur.

Apple released updates for macOS/OS X, Safari, iCloud for Windows, Windows Migration Assistant, and printer drivers. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 10.0.2 is the second security update to the new version of iOS 10 that was released last month. Use Settings, General, Software Update to install the most current version. It should be okay to install on your iOS device now, but be prepared for 10.0.3 anytime.

Google Chrome OS 53.0.2785.154 is a security update. Use Menu, Help, About to install the most current version.

Adobe Flash Player 23.0.0.185 is a security update. Flash is being actively replaced with HTML5 on most sites and services, however, so unless you’re 110% positive you need it for critical functions, you should remove it instead. And, within those browsers that have it embedded (Chrome, Edge, Internet Explorer 11+) disable it. It’s just not worth the risk.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.2.1 fixes reliability problems. This is not a security update.
http://www.wagnardmobile.com/DDU/

DS4Windows 1.4.52 adds support to new hardware, and fixes reliability problems. This is not a security update.
http://ds4windows.com/

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 53.0.2785.143 is a security update. Use Menu, Help, About to install the most current version.

Firefox 49.0.1 is a security update. Menu, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Adobe Shockwave 12.2.5.195 did not provide a changelog, so should be treated as a security update. Chances are very good you don’t need it anyway, though, so remove it if at all possible.
https://12pd.com/click?shockwave

Silverlight 5.1.50709 is a security update.
http://www.microsoft.com/getsilverlight/Get-Started/Install/Default.aspx

Skype 7.28.0.101 is no longer Windows 7-friendly, and doesn’t play well with older versions. There’s no indication that this release is a security update, so stick with 7.15 to 7.27.
https://12pd.com/click?skype

Mumble 1.2.17 is a security update.
https://github.com/mumble-voip/mumble/releases

BIND 9.10.4-P3, 9.11.0rc3, 9.9.9-P3, and 9.9.9-S5 are security updates.

curl 7.50.3 is a security update.

WinSCP 5.9.2 fixes several bugs. This is not a security update.
http://winscp.net/eng/index.php

Evernote 6.3.3.3502 fixes many bugs and improves Google Drive support. This is not a security update.
http://www.evernote.com/

Nmap 7.30 updates OS fingerprints, adds several new scripts, updates libraries and adds support for several additional protocols. This is not a security update.
http://nmap.org/

FileZilla 3.22.1 fixes a crash bug. This is not a security update.
http://filezilla-project.org/

MaxMind GeoIP Data 201610 is a data refresh.
http://dev.maxmind.com/geoip/geolite

BrowsingHistoryView 1.90 adds support for Vivaldi and profile management. This is not a security update.
http://www.nirsoft.net/utils/browsing_history_view.html

NK2Edit 3.26 adds ability to import from message store. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

IMAPSize is now dead. The source has been released for 0.3.7, but the author is discontinuing what little support existed over the last 7 years.
http://www.broobles.com/imapsize/news.php

Media Updates

These are unlikely to be of interest to most people.

Unreal Streaming Media Player 7.1 integrates HTML5 video element support and UMS-HTTPS into the engine, eliminating the need for the IIS extension.
http://www.umediaserver.net/umediaserver/download.html

Unreal Media Server 12.0 integrates HTML5 video element support and UMS-HTTPS into the engine, eliminating the need for the IIS extension.
http://www.umediaserver.net/umediaserver/download.html

Game Updates

These are unlikely to be of interest to most people.

Battle.net Client 20161011 doesn’t provide a changelog, so should be treated as a security update.
http://us.battle.net/en/app/

EA Origin 10.1.1.35466 fixes several bugs. This is not a security update.
https://www.origin.com/en-us/download

Lego Digital Designer 4.3.10 removes the ability to order your models. This is not a security update.
http://ldd.lego.com/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat 11.0.18 Pro is a security update. Use Help, Check for Updates to install the most current version.

Adobe Acrobat DC 2015.020.20039 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Reader 11.0.18 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Creative Cloud Desktop 3.8.0.310 is a security update. Since the security vulnerability is within the update feature, it’s not safe to use that to update it. Download the new build here:
https://www.adobe.com/creativecloud/desktop-app.html

Adobe FrameMaker 2015.0.5 is a security update.
Win: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6088

Adobe DNG Converter 9.7 adds support for new hardware. This is not a security update.
Win: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6087
Mac: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6086

Artweaver 5.1.4 fixes several bugs. This is not a security update.
http://www.artweaver.de/

LibreOffice 5.2.2 fixes several bugs and improves stability. This is not a security update.
http://www.libreoffice.org/

Notepad++ 7 adds 64-bit support, updates libraries, improve HDPI support and monitoring, many new commands and more. This is a security update.
https://12pd.com/click?npp

OpenPetra 2016.07.0.0 improves security and improves Finance and Partner System. This is a security update.
http://www.openpetra.org/

Kindle for PC 1.17.1 Build 44183 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

CertData 10 Oct 2016 is a security update. If you roll your own certificates, it’s time to update.
https://mxr.mozilla.org/mozilla-central/source/security/nss/lib/ckfw/builtins/certdata.txt

OpenSSL 1.1.0b is a security update.

Wireshark 2.2.1 is a security update.
http://www.wireshark.org/

Wireless Network Watcher 2.02 updates the internal MAC addresses database. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 12.7.1 improves scanning, telemetry and detections. This is not a security update.
http://www.adlice.com/softwares/roguekiller/

Stinger 12.1.0.2137 improves detections. This is a security update.
https://12pd.com/click?stinger

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 2.8.1607.1944 fixes several bugs. This is not a security update.
http://www.xsplit.com/get/

XSplit Gamecaster 2.8.1607.2031 fixes several bugs. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 9.3.1.6 adds support for new encodings, adds new conversion profiles, and fixes several bugs. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.2.0.4433 adds several new components and a wizard to refresh for new builds. This is not a security update.
https://www.ntlite.com/download/

SpaceSniffer 1.3.0.2 fixes an export data bug. This is not a security update.
http://www.uderzo.it/main_products/space_sniffer/

7-Zip 16.04 fixes several bugs. This is a security update.
http://www.7-zip.org/

8GadgetPack 21.0 adds Windows 10 Anniversary Update compatibility, fixes several bugs. This is not a security update.
http://8gadgetpack.net/

GoodSync2Go 10.1.4 fixes several bugs, including license issues, browse and event notification. This is not a security update.
https://12pd.com/click?goodsync

dupeGuru 4.0.2 fixes crash bug in macOS Sierra. This is not a security update.
http://www.hardcoded.net/dupeguru/

IEDigest 1.9.2 adds new policies from Windows 10 Anniversary Update, new warnings and registry keys. This is not a security update.
http://www.regente.de/IEDigest/?page_id=9

ImageUSB 1.3.1002 doesn’t provide a changelog, so should be treated as a security update.
http://www.osforensics.com/tools/write-usb-images.html

Ketarin 1.8.7 adds ifempty and runpowershell variable parsing, compatibility with PowerShell 4.0 and 5.0, and adds segmented downloading. This is not a security update.
http://ketarin.org/

Agent Ransack 2016.864 fixes bugs in context menu and registration. This is not a security update.
http://mythicsoft.com/agentransack/download

FileLocator Pro 8.1.2677 adds support for HDPI, improved PST/OST support, and reliability fixes. This is a security update.
http://www.mythicsoft.com/filelocatorpro/download

CurrPorts 2.25 adds the ability to hide loopback connections. This is not a security update.
http://www.nirsoft.net/utils/cports.html

Password Security Scanner 1.40 adds support for Yandex and Vivaldi browsers. This is not a security update.
http://www.nirsoft.net/utils/password_security_scanner.html

WakeMeOnLan 1.78 adds connection name to the network adapters list. This is not a security update.
http://www.nirsoft.net/utils/wake_on_lan.html

WifiInfoView 2.08 adds the connection name to the network adapters list. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

Synergy 1.8.3 fixes several bugs, adds macOS support and clipboard options, improves reliability and removes automatic elevation. This is a security update.
http://symless.com/download/

SystemRescueCD 4.8.3 updates libraries and tools. This is a security update.
http://www.sysresccd.org/

TeamViewer 11.0.66695 improves reliability, fixes several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WSUS Offline 10.8 fixes several bugs and improves reliability. This is a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

GitHub Desktop 3.3.1 is a security update.
https://desktop.github.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 12.5.0 adds support for Windows 10 Anniversary Update, and many bug fixes. This is a security update.
http://www.vmware.com/products/player/

PPSSPP 1.3 fixes many bugs, improves reliability and updates libraries. This is a security update.
http://ppsspp.org/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.5.44 is a security update.
http://coppermine-gallery.net/

ownCloud Client 2.2.4 fixes several bugs. This is not a security update.
https://owncloud.org/install/

Drupal 8.2.1 fixes several bugs, updates libraries, adds many improvements. This is a security update.
http://drupal.org/download

HumHub 1.1.1 fixes several bugs, improves reliability, and other enhancements. This is a security update.
https://www.humhub.org/en/download

MailEnable 9.50 adds PowerShell API, multifactor authentication, bulk operations for archive, move and delete, and fixes for several bugs. This is not a security update.
http://www.mailenable.com/

SMF 2.0.12 is a security update.
http://download.simplemachines.org/

Contact Form 7 4.5.1 fixes several bugs. This should be treated as a security update.

Multisite Enhancements 1.3.6 improves compatibility with the current release of WordPress.

NextScripts Social Networks Auto-Poster 3.7.3 adds MailChimp and Weibo, reset improvements, Twitter improvements and bug fixes. This is a security update.

Sucuri Security 1.8.3 fixed several bugs. This is not a security update.

W3 Total Cache 0.9.5.1 is a security update.

WP Edit 4.0 adds integration API and nonce support. This is a security update.

WPtouch 4.3.3 fixes several bugs. This is not a security update.
That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/