Updates 2021-12-14

Welcome back, Folks!

Today is Patch Tuesday for December, 2021. This month has been relatively mild, especially for the typical user. Businesses are facing some serious Christmas disasters including massive botnets targeting WordPress, Log4j, payment platforms, and state-run “passport” systems. Nevertheless, the grind continues.

This Month in Technology

ActMobile Networks (VPN), Alberta HealthAstoria Company LLC, thousands of AT&T Edgewater Networks devicesAtrafBay Village High SchoolBeaverhead County High SchoolBioPlus Specialty Pharmacy Services, LLCBitmartBrazilian Ministry of HealthBroward Public SchoolsBrussels Bru-VaxBureau VeritasCentral Depository Services LtdCalifornia Pizza KitchenCostcoCox CommunicationsDeKalb County School DistrictDelta-Montrose Electric AssociationDNA Diagnostics CenterEpiscopal Retirement ServicesEscambia County School DistrictEskenazi HealthEvanston Township High SchoolFlorida Heart AssociatesFrench-Public School BoardFrontier SoftwareGoDaddy Inc (and 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple, and tsoHost), GravatarHeadwaters Health Care CentreHealth Service ExecutiveHellman Worldwide LogisticsHikvision surveillance systemsHisar health departmentHPE, dozens of HP printer modelsHuntington HospitalIDC GamesIKEAIndonesian police, various Iranian gas stationsJohnson Memorial HealthKisters AGKMSPicoKronosLakeside SchoolLINE PayLewis and Clark Community CollegeMaryland Department of HealthManhasset School DistrictMicrosoft Exchange ServersMedsurant HealthMNG CargoNewfoundland and Labrador Health-Care SystemNordic Choice HotelsNorth Oklahoma County Mental Health CenterNortheastern UniversityNowiny Commune OfficeOld Pulaski Middle SchoolOne Community HealthOregon Anesthesiology Group, P.C.Pakistan’s National Database Biometric DataPanasonicPellissippi State Community CollegePlanned Parenthood Los Angeles, millions of PlayStation 5 devicesQNAP NAS devicesRedDoorzRideau Valley Health CentreRiverhead Central School DistrictRobinhoodS&R Membership ShoppingSanDisk SecureAccessSea Mar Community Health CentersShelley School DistrictSimon Eye Management, millions of Sky RoutersSonicWall SMA 100 VPNsSouth Australian GovernmentSouthern Ohio Medical CenterSPAR StoresSpotswood Public SchoolsStor-a-file LimitedStripchatSupernus Pharmaceuticals, Inc., Swire Pacific OffshoreTATATP-Link routersTrue Health New MexicoTulane University Medical CenterUlss 6 EuganeaUS defense contractorsU.S. State DepartmentUtah Imaging AssociatesVirginia’s Division of Legislative Automated SystemsVestasVolvoWaikato DHBYemeksepetiZa: Standard Bank, and Zoho ServiceDesk have reportedly been hacked this month.

A Tesla server outage prevented owners worldwide from unlocking their cars.

Another 5 hour outage at AWS caused problems for thousands of websites that depend upon the “reliability” of cloud services. Netflix, Ring, Amazon Prime Video, Amazon deliveries, and Roku were just a few affected sites and services.

Google Photos suffered from a bug for 10 days that damaged all downloads over 128 MB. They alerted their customers to the problem about a month after fixing the bug.

Instead of focusing on providing a more secure product, Apple is suing the NSO Group for developing malware that exploits vulnerabilities in Apple products.

Google, Apple and Samsung payment services exposed to provide unlimited access to digital wallets without authentication.

Grafana – used in thousands of applications for the gorgeous displays it can provide – has patched multiple critical security vulnerabilities. Expect vendors to play catch-up as they release updates that update their Grafana libraries.

Like Grafana, Log4j is another widely used engine across thousands of applications – mostly in corporate and enterprise applications. It’s been exploited in 40% of corporate networks globally, so far. It’s not just corporate risk – even Minecraft is vulnerable.

A massive series of attacks targeting managed WordPress websites has compromised at least 1.8 million sites so far. Merely patching the sites and removing unused and out-dated plugins and themes would have eliminated the risk here.

Now for the good news:

Alexa.com is finally being shut down after 25 years of misrepresenting the web.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is smaller than it has been in months. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, and MSRT (~1.5 GB). This includes updates for Windows Server 2008. This includes security updates. A reboot is required.

Apple released updates for macOS Monterey 12.1, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, tvOS 15.2, watchOS 8.3, and watchOS 8.1.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.2 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 15.2 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 15.2 is a security update. Use System, Software Update to install the most current version.

watchOS 8.3 and 8.1.1 are security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 96.0.4664.77 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Citizen Driver 2021.3 adds support for over 430 hardware printer models and resolves several minor bugs. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/citizen/download/

CognitiveTPG Driver 2021.3 adds support for over 430 hardware printer models and resolves several minor bugs. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/cognitivetpg/download/

Logitech Options 9.40.86 adds support for new hardware and resolves several bugs. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025297893

Logitech SetPoint 6.70.55 adds support for new hardware and resolves several bugs. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025141274

Xerox Smart Start 1.6.28.0 adds support for newer drivers. This is not a security update.
https://www.support.xerox.com/en-us/content/143617

Zebra Driver 2021.3 adds support for over 430 hardware printer models and resolves several minor bugs. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/zebra/download/

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.32.115 is a security update.
https://brave.com/

Google Chrome 96.0.4664.110 is a security update.
https://www.google.com/chrome/

Microsoft Edge 96.0.1054.53 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 95.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.4.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.10.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.0.2497.28 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.4.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.4 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk for macOS 6.3.3 improves M1 compatibility. This is not a security update.
https://anydesk.com/en/downloads

curl 7.80.0 resolves over 100 bugs. This should be treated as a security update.
https://curl.haxx.se/windows/

Dropbox 136.4.4345 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.57.0 updates libraries and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.15 resolves several bugs and improves user interface and compatibility. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 54.0 improves compatibility and resolves several bugs. This is not a security update.
https://drive.google.com/start

Npcap 1.60 resolves over a dozen bugs and improves stability. This is not a security update.
https://nmap.org/npcap/

Syncthing 1.18.5 resolves several bugs. This is not a security update.
https://syncthing.net/

Telegram 3.3.0 adds media distribution controls, bot improvements and channel controls. This is not a security update.
https://telegram.org/

WinSCP 5.19.5 resolves several bugs and adds Google Cloud S3 API support. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.8.7.2058 adds many new features and resolves a dozen bugs, mostly with compatibility. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.19 improves compatibility with VRoid Studio and adds Leap Motion. This is not a security update.
https://en.3tene.com/

Plex Desktop 1.39.1.2763 resolves code signing. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.9.0.2741 adds audio stream selection, resolves several bugs, and improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.25.2.5319 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2.3.7.606 improves reliability and performance, and resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Nintendo Switch 13.2.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 21.02-04.50.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2021.11.19 resolves several bugs, improves reliability and stability. This is a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 3.1.2 improves stability. This is not a security update.
https://www.audacityteam.org/download/

Blender 3.0 is a major new version with dozens of new features, improvements in modeling, shadows, geometry and more. This is not a security update.
https://www.blender.org/download/

LibreOffice Fresh 7.2.4 is a security update.
https://www.libreoffice.org/

LibreOffice Still 7.1.8 is a security update.
https://www.libreoffice.org/

Notepad++ 8.1.9.3 resolves several bugs and improves diagnostics to troubleshoot a persistent crash bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.4 resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.2.359.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Adobe Premiere Rush 2.0 is a security update.
https://helpx.adobe.com/security/products/premiere_rush/apsb21-101.html

Adobe Experience Manager 6.5.11 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb21-103.html

Adobe Connect 11.4 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-112.html

Adobe Photoshop 22.5.4 and 23.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-113.html

Adobe Prelude 22.1.1 is a security update.
https://helpx.adobe.com/security/products/prelude/apsb21-114.html

Adobe After Effects 22.1.1 and 18.4.3 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html

Adobe Dimension 3.4.4 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb21-116.html

Adobe Premiere Pro 15.4.3 and 22.1.1 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html

Adobe Media Encoder 15.4.3 and 22.1.1 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb21-118.html

Adobe Lightroom 5.1 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb21-119.html

Adobe Audition 14.4.3 and 22.1.1 are security updates.
https://helpx.adobe.com/security/products/audition/apsb21-121.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.25 adds backups, external storage support, updates applications and resolves several bugs. This is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

BelArc Advisor 11.1 doesn’t provide a changelog so should be treated as a security update.
https://www.belarc.com/products_belarc_advisor

Chainsaw 1.1.4 improves logging, error handling, and removes progress bar for reliability. This is not a security update.
https://github.com/countercept/chainsaw

Hashcat 6.2.5 improves improves hardware compatibility, performance, and resolves several bugs. This is a security update.
https://hashcat.net/hashcat/#downloadlatest

RogueKiller 15.1.4 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.39.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.10.0 adds support for managing collections. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Wireless Network Watcher 2.26 updates internal MAC address database and improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2022.0.0 adds several new features including a universal file format, cross-platform markup, and cloud storage, improves performance, and resolves several bugs.
https://download.techsmith.com/snagit/releases/snagit.msi

VideoCacheView 3.08 adds compatibility with newer browser builds. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

PDF Creator 4.4.1 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9.2 improves compatibility and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

7-Zip 21.06 adds memory controls, dictionary size improvements, hash validation support, and resolves several bugs. This is not a security update.
https://www.7-zip.org/

Agent Ransack 2022.3277 adds OCR, new themes, improves indexing, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitcoin 22.0 removes defunct protocols, updates privacy and resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

Carbonite 6.4.0 improves compatibility. This is not a security update.
https://account.carbonite.com/

Cygwin 3.3.3 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 9.44 adds dark theme support, high-DPI improvements, and several bug fixes. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.7.1 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Fido 1.27 adds support for Windows 10 v21H2. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3277 adds OCR, new themes, improves indexing, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.34.1 resolves several bugs. This is not a security update.
https://git-scm.com/

GoodSync 11.9.7 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.0.9 improves reliability and adds exact match support. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

Homedale 2.01 improves MAC Address vendor detection and IE DFS dump. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 3.44 improves accuracy. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.3.2.8519 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PointerStick 5.61 improves high-DPI support and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.51.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ReactOS 0.4.13.32 resolves over a hundred bugs, and improves stability, compatibility and reliability. This is a security update.
https://reactos.org/

SearchMyFiles 3.15 improves summary mode, zero-value filters, and search improvements. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Synergy 1.14.2 resolves over a dozen bugs, improves reliability, adds M1 support, and adds automatic restart on settings change. This is not a security update.
https://symless.com/synergy/

TraceRouteOK 2.66 adds dark theme support, high-DPI improvements, and several bug fixes. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

USB Oblivion 1.17.0.0 resolves a key name bug and improves performance. This is not a security update.
http://www.cherubicsoft.com/en/projects/usboblivion

WakeMeOnLan 1.90 adds global and bulk WOL support and updates MAC addresses databases. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WhyNotWin11 2.4.3.1 improves stability, hardware detection, and compatibility improvements. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinScan2PDF 7.51 resolves several minor bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.07 improves MTP/PTP compatibility, reliability, and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomText 2021 2021.2111.4.400 improves compatibility. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2022 2022.2110.70.400 improves compatibility. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Docker Desktop 4.3.1 is a security update.
https://www.docker.com/products/docker-desktop

Node.js v14 14.18.2 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js v16 16.13.1 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js v17 17.2.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Redemption 6.1.0.6054 adds MarkSaved and OverridePSTDisableGrow, and IMAP4 controls, and resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

SQLite 3.37.0 improves STRICT, CHECK constraints, and CLI improvements. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.63 adds several features and improves compatibility. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.30 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.16 improves compatibility and resolves a couple bugs. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.3.0 updates libraries and dependencies, improves compatibility, and resolves a couple bugs. This is not a security update.
https://drupal.org/download

HumHub 1.10.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

MailArchiva 8.4.1 is a security update.
https://mailarchiva.com/

Nextcloud Server 23.0.0 is a major update adding massing performance improvements, improved external integrations, Backup and more. This is not a security update.
https://nextcloud.com/

ownCloud Client 2.9.2.6206 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

phpList 3.6.6 is a security update.
https://www.phplist.org/

Piwigo 12.1.0 resolves several bugs. This is not a security update.
https://piwigo.org/

ScreenConnect 21.14.5791.8004 improves reliability and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.8.2 is a security update.
https://wordpress.org/

Autoptimize 2.9.3 improves multisite support and resolves several bugs. This is not a security update.

bbPress 2.6.9 resolves several bugs. This is not a security update.

Contact Form 7 5.5.3 improves Constant Contact integration, filters and form properties. This is not a security update.

Slider Revolution 6.5.11 resolves several bugs. This is not a security update.

Social Post Feed 4.1 updates libraries and resolves several bugs. This version will need to reconnect to any Facebook feeds you use. This is not a security update.

Theme My Login 7.1.4 resolves several bugs. This is not a security update.

W3 Total Cache 2.2.1 resolves several bugs. This is not a security update.

WP Mail SMTP 3.2.1 improves compatibility. This is not a security update.

WordPress Zero Spam 5.2.8 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-11-09

Welcome back, Folks!

Today is Patch Tuesday for November, 2021.

This month we’ve got the new macOS (Monterey) which is bricking Macs, Windows 11 (don’t do it!), and a new build of Windows 10 (v21H2) is slated for release within the next few days. If you’re running a version of Windows 10 prior to v20H2 (v2009/19042) then you’ll want to install either Windows 10 v21H1 or prepare to install v21H2 on release, as the older versions will no longer be supported in only a month.

This Month in Technology

Acer (a couple times), American Osteopathic AssociationAnthem, Inc., Apple iCloudArgentina’s National Registry of PersonsBillQuick, Blue Cross of California, Bryan HealthbZxCalifornia Physicians’ Services (Blue Shield of California), Canadian province of Newfoundland and Labrador Health SystemsCentara Hotels & ResortsClinical Pathology Diagnostics, LLCCoinMarketCapColleton County School District (SC), Community Medical CentersCyberserveDeep 6 AIDiscord CDN (still), Discourse, Doctors Health Group, Inc., Domaining.comElectronic Warfare (US defense contractor), EU Digital Covid certificate system “Green Pass”Exterity IPTVFamily of WoodstockFerrara Candy CoFullerton HealthGigabyteGitLab serversGraffHariexpressHumana IncInstagram and TikTokKasperskyLas Vegas Cancer CenterLavaca Medical CenterMachon MorMaxim Healthcare GroupMediaMarkt, many more Microsoft Exchange servers, Missouri Delta Medical CenterMLBNational Iranian Oil Products Distribution CompanyNationwide Laboratory ServicesNorth American Dental Management, a bunch of NPM librariesNRAOlympusOpenSea NFTPainters District Council No. 30 Health and Welfare FundPhilips Tasy EMRPlaybookPractice MaxPremier Patient HealthcareProfessional Dental AlliancePutnam County Memorial HospitalQRS, Inc., Quest Diagnostics ReproSourceQuickfoxRobinhoodRussia’s Federal Information SystemScoolioSCUF Gaming InternationalSeneca Family of AgenciesSinclair TVSocietà Italiana degli Autori ed EditoriSurecare Specialty PharmacySyracuse ASC, LLCTescoThingiverseThrockmorton County Memorial Hospitaltribal casinosTwitchTwitterUK Councils (dude!), UK Labour PartyUNC HospitalsUniversity of Colorado BoulderUMass Memorial HealthUniversity of SunderlandThe Urology Center of ColoradoUS Immigration and Customs Enforcement’s Homeland Security InvestigationsUS Water and Wastewater SystemsNational Health Service of UkraineVenmo used to syphon bank accounts, VisibleVisual Tool DVRsViverant PT, LLCWashington Central Unified Union School District (VT), and, of course, more Zoho ManageEngine servers than you can shake a stick at, have been hacked this month.

Google Chromebook enrollmentMicrosoft 365KT, and Voipfone have suffered outages this month. Microsoft overlooked expired certificates again, and Microsoft is force-installing crapware again, as well.

Pwn2Own this year demonstrated over 60 hacks across dozens of devices. Default password patterns (like your phone number) are sadly and unsurprisingly insecure. Facebook will (supposedly) delete 1 billion faceprintsYahoo pulled out of China and YouTube is pushing malware. Mozilla has finally removed two malicious add-ons that have been weakening security for half a million users. macOS Monterey is bricking MacsCanon is being sued for disabling their printers. And McAfee is being purchased by an “investor consortium.”

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is very large. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, Windows 7, Windows Server 2008 R2, Server 2012, and MSRT (~2.3 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.8.1, iOS 15.1, iPadOS 14.8.1, iPadOS 15.1, Safari 15.1, macOS Big Sur 11.6.1, macOS Monterey 12.0.1, Security Update 2021-007 Catalina, tvOS 15.1, and watchOS 8.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.8.1 and 15.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 14.8.1 and 15.1 are security updates. Use Settings, General, Software Update to install the most current update.

tvOS 15.1.1 is a security update. Use System, Software Update to install the most current version.

watchOS 8.1 is security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 94.0.4606.114 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 35-1.2 is a major update, adding several new configuration and control features, and updates libraries. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 has been released, but it has only been out a few weeks so should be considered beta software. Give it at least a couple months before you install it on your devices.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.6 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.31.88 is a security update.
https://brave.com/

Google Chrome 95.0.4638.69 is a security update.
https://www.google.com/chrome/

Iridium 2021.10.95 is a security update.
https://iridiumbrowser.de/

Microsoft Edge 95.0.1020.44 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 94.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.3.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 4.3.2439.65 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.3.0 is a security update.
https://www.thunderbird.net/en-US/

OutlookAttachView 3.44 resolves a profile selection bug. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 6.3.5 resolves a couple bugs. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 134.4.4115 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.56.2 resolves several bugs and improves compatibility. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.1.0 is a security update.
https://filezilla-project.org/

Google Drive 52.0 improves compatibility, no longer respects custom cache location mapping, forcefully overwrites the destination of any link named “Google Drive,” and improves performance. This is not a security update.
https://drive.google.com/start

Rclone 1.57.0 resolves dozens of bugs and improves reliability, compatibility and stability for several platforms and protocols. This is not a secuirty update.
https://rclone.org/

Skype 8.77.0.97 adds background blurring, user pinning, Meet Now improvements, and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.18.4 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 7.1 adds certificate generation, Block Page App, Drop Requests App, Query Logs App, Advanced Blocking App, improves logging, and resolves several other bugs. This is a security update.
https://technitium.com/dns/

Telegram 3.2.3 resolves a couple bugs. This is not a security update.
https://telegram.org/
This month Telegram also added advertising support – a harsh reminder that the platform is run by a Russian company.

WinSCP 5.19.4 resolves a couple bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.8.3.1581 adds administrative controls, improvements in Meeting, webinar, chat, and resolves several bugs. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.18 improves tracking and expression matching reliability. This is not a security update.
https://en.3tene.com/

iTunes 12.12.2 doesn’t provide a changelog so should be considered a security update.
https://www.apple.com/itunes/download/

Plex Home Theater 1.7.0.2676 improves update check and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.24.5.5173 improves database structure, search matching, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Nintendo Switch 13.1.0 adds support for the new expansion pack. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS5 21.02-04.03.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2021.10.14 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 3.1.0 improves usability, adds clip handle bars, smart clips, and reworks the looping feature. This is not a security update.
https://www.audacityteam.org/download/

LibreOffice Still 7.1.7 resolves 27 bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.2.2 resolves almost 70 bugs. This is not a security update. Be aware that the “Fresh” line is beta software and should be avoided in favor of the “Still” line.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.6 resolves several bugs. This is a security update.
https://nextcloud.com/

Notepad++ 8.1.9 resolves several stability bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.2 improves performance of Tools and plugins, and resolves a reliability bug. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.2.358.0 resolves several bugs. This is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

RoboHelp Server RHS2020.0.2 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb21-87.html

Adobe InCopy 17.0 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-110.html

Adobe Creative Cloud 5.6 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.html

Adobe After Effects 18.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb21-79.html

Adobe Audition 14.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/audition/apsb21-92.html

Adobe Bridge 11.1.2 and 12.0 are security update.
https://helpx.adobe.com/security/products/bridge/apsb21-94.html

Adobe Character Animator 4.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/character_animator/apsb21-95.html

Adobe Prelude 22.0 is a security update.
https://helpx.adobe.com/security/products/prelude/apsb21-96.html

Adobe Lightroom Classic 10.4 and 11.0 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb21-97.html

Adobe Illustrator 25.4.2 and 26.0 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb21-98.html

Adobe Media Encoder 15.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb21-99.html

Adobe Premiere Pro 15.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb21-100.html

Adobe Animate 22.0 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-105.html

Adobe Premiere Elements 19.0 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb21-106.html

Adobe InDesign 17.0 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb21-107.html

Adobe XMP Toolkit SDK 2021.08 is a security update.
https://helpx.adobe.com/security/products/xmpcore/apsb21-108.html

Adobe Photoshop 22.5.2 and 23.0 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-109.html

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 15.1.3 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 4.24 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

TinyWall 3.2.3 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.38.6 resolves compatibility with Twitch. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

YARA 4.1.3 should be treated as a security update.
https://github.com/countercept/chainsaw

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.34.1 replaces update engine and resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.16.5 improves stability and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9.1 adds support for macOS Monterey, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.9.828 resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

AccessEnum 1.33 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/accessenum

Autoruns 14.06 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

BatteryInfoView 1.25 updates tray tooltip to display information on multiple batteries. This is not a security update.
https://www.nirsoft.net/utils/battery_information_view.html

Bitwarden 1.28.3 resolves several bugs. This is not a security update.
https://bitwarden.com/

CacheSet 1.01 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/cacheset

Contig 1.81 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/contig

ControlMyMonitor 1.30 improves error handling. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

CPU-Z 1.98 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.3.1 resolves a compatibility bug. This is not a security update.
https://cygwin.com/

DesktopOK 9.31 adds option to customize DPI values. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Desktops 2.01 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/desktops

Disk2vhd 2.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/disk2vhd

DiskMon 2.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/diskmon

dnGrep 2.9.428.0 resolves cancel bug, .gitignore filtering, theme improvements, and PDF association. This is not a security update.
https://dngrep.github.io/

EFSDump 1.03 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/efsdump

Everything Toolbar 0.7.3 adds option to enable or disable thumbnails and hotkey handling. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Git SCM 2.33.1 improves compatibility and resolves several bugs. This is not a security update.
https://git-scm.com/

GoodSync 11.9.3 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

Homedale 2.00 adds new column for Station Count. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.45 adds support for new hardware and disk read/write speeds. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

Java 8u311 is a security update.
https://www.java.com/en/download/manual.jsp

LessMSI 1.10.0 adds support for MSP files, MSI Stream names and resolves a cache bug. This is not a security update.
https://lessmsi.activescott.com/

LoadOrder 1.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/loadorder

NTLite 2.3.1.8454 adds new components, settings, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.5.0 adds SMART health checks and improves update behavior. This is not a security update.
https://www.diskpart.com/

PointerStick 5.55 updates languages. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.49.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcessMonitor 3.86 updates icons. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

PsShutdown 2.53 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psshutdown

RegJump 1.11 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/regjump

RoboForm 9.2.1 improves compatibility, import, sync performance, and resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 3.17 resolves several bugs and updates libraries. This should be treated as a security update.
https://rufus.ie/en_US/

ShareEnum 1.61 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/shareenum

ShellRunas 1.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/shellrunas

SimpleWMIView 1.46 adds error handling and improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Sysmon 13.30 resolves several bugs, improves stability, and adds user fields for events. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.16 updates icons. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

WinObj 3.13 updates icons. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

Windows 11 RCT 1.3.1 improves detection of CPU features and updates languages. This is not a security update.
https://bytejams.com/

WinScan2PDF 7.44 improves hardware compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.04 adds support for mobile devices and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomText 2021.2111.2.400 resolves compatibility bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2022.2110.47.400 resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.4 improves user interface, input handling, adds large file support, frame delta smoothing, and dozens of other features. This is not a security update.
https://godotengine.org/

MySQL ConnectorNet 8.0.27 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 16.13.0 updates libraries, resolves several bugs and is promoted to LTS. This is not a security update.
https://nodejs.org/en/

Node.js 17.0.1 is a new major version adding OpenSSL 3.0 support, updates libraries,
https://nodejs.org/en/

Visual Studio Code 1.62 resolves over 4000 issues and adds vscode.dev beta. This should be treated as a security update.
https://code.visualstudio.com/

WinMerge 2.16.16 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.12.3 resolves a gamepad bunding bug. This is not a security update.
https://ppsspp.org/downloads.html

VirtualBox 6.1.28 resolves almost two dozen bugs. This should be treated as a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.17.1 resolves several bugs and improves the GUI. This is not a security update.
https://dadamailproject.com/

Docker Desktop 4.2.0 adds pause/resume, windows management, updates libraries, and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.8 resolves several bugs. This is not a security update.
https://drupal.org/download

HumHub 1.9.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

MailArchiva 8.3.14 resolves several bugs. This is not a security update.
https://mailarchiva.com/

OpenPetra 2021.10 resolves several bugs and improves automation. This is not a security update.
https://www.openpetra.org/

ownCloud Client 2.9.1.5500 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 12.0.0 improves sorting, performance, maintenance, and adds bulk actions and logging. This is not a security update.
https://piwigo.org/

Contact Form 7 5.5.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Social Post Feed 4.0.3 resolves several bugs and improves compatibility. This should be treated as a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Email Log 2.4.8 is a security update.
https://wordpress.org/extend/plugins/email-log/

Visual Composer 40.0 resolves several bugs. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.9 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 5.9.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Zero Spam 5.1.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/zero-spam/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-09-14

Welcome back, Folks!

This is for Patch Tuesday for September, 2021.

I’m running late with the newsletter this month. I needed to focus on our clients since there was simply so much to do. In the typical month we usually see 85-90 updated applications (some several times). This month there have been over 160. An increase in application release frequency is typical when other major software releases are impending, and the next month will bring Windows 11, iOS 15, a new build of Windows 10, a new version of Microsoft Office, iPhone 13, and Windows Server 2022.

This Month in Technology

AccentureApple devices, and Apple iCloudAT&T (more than once), various airline and IAB staffBangkok AirwaysBanksyBeaumont HealthBlackbaud (more information about a previous hack), Boston Public LibraryBrooklyn Technical High SchoolCampbell Conroy & O’Neil, P.C., Chase Bank, thousands of Coinbase accountsComcast/Xfinity remotes29% increase in attacks targeting the education sector, Cream FinanceDallas Police DepartmentDallas School DistrictDesert Wells Family MedicineDuPage Medical GroupEpikEskyFunFordForHousing and Liberty, over 80,000 Fortinet FortiGate VPN devices, Fortinet FortiWebFortress Home Security, the French Visa ProgramGuntrader (including data of over 100,000 UK gunowners), Howard UniversityHP Omen HubIndiana Department of Health (Contact Tracing System), ImavexEvin (Iranian Prison), JenkinsJohn Deere, JP Morgan Chase, over 1,200 K-12 schoolsKaseya UnitrendsLithuanian Ministry of Foreign AffairsMarketron60,000 domains with MarkMonitorMcDonald’sMemorial Health SystemMicrosoft Power Apps (38 million records!), MikroTik routersMyRepublicNEW Cooperative, a NY Credit UnionOlympusParallels DesktopPeterborough, New HampshireRazer mouse driver (and pretty much all other drivers), Republican Governors AssociationRevere HealthSAC WirelessSonic, various NAS drivesPayPal is sharing user data and transactions with the ADL, pNetworkRazorPayvarious routers from over a dozen vendors, various Russian phonesSouth Africa’s Department of JusticeSpotify data leak, Syracuse UniversityT-MobileTexas GOPTokio Marine, the United NationsUPS, the US Census, the US State Department, hundreds of US financial systems, almost half of all US hospitals, dozens of US government websites, the US Terrorist Screening CenterValveWalgreens, the WordPress Gutenberg Template Library Plugin, and Zoho ManageEngine have been hacked this month.

I separated the Microsoft-specific hacks this month mostly to shame them. The month they claim that “the cloud” is more secure they should absolutely have their noses rubbed in it. Microsoft suffered from yet another nasty, epic, world-wide Exchange attack, but defended their own hosted product by claiming “Microsoft’s Office 365 wasn’t swept up in the breach because it runs in the cloud, which offers more protection,” even though only hours later a critical vulnerability in Microsoft’s Azure Cosmos DB service was confirmed — one of the largest cloud hacks of all time, affecting thousands of service providers. The vulnerability existed for months, so there’s simply no way to know if your accounts were compromised or if permanent access to any victim’s Microsoft Azure services occurred months prior, and Microsoft patched it only two weeks before making the claim above that “the cloud…offers more protection.” As if hammering the point home, yet another series of vulnerabilities in Microsoft’s Azure cloud services were discovered this week which expose millions more endpoints, with thousands already infected. Microsoft’s 365 Cloud PCIIS, Microsoft Teams event data, WSL, and MSHTML used by Microsoft Office have all been hacked this month. Microsoft’s PrintNightmare still isn’t over. In fact, the “fix” breaks printing and printer installation on at least 5% of computers. To top it all off, with all of these incidents they are removing features and they still feel their software is worth a 20% price increase based on the improved security and reliability of their products. Sigh.

The Ragnarok ransomware gang has released a master decryption key. So has REvil (accidentally).

The US Senate is working to make encryption meaningless. Facebook is, too. And Facebook just got slapped by the German Supreme Court for violating free speech rights in Germany. Hypocrisy is their codeword. Facebook actually hid their transparency report. That kinda says it all, doesn’t it? If not, then Apple “considering” removing Facebook for their ties to human trafficking should at least raise an eyebrow. Really, the question should be, why didn’t they? Google geofence warrants are up 1,167%.

Anyone can post a job for any company on LinkedIn. A new fake Captcha tricks the user into keeping malware. ProtonMail, once a beacon of hope for privacy advocates, has shared IP addresses and device information of a user in violation of their own privacy assertions.

Dogfooding is usually a good thing. Not always.

On hardware – GPU-level malware is a thing. Hacking strict hardware security through a silly design flaw. ASUS has made a few serious mistakes with their $2,000 GeForce RTX graphics cards. If you ever wondered why you shouldn’t borrow someone’s charging cable or wall wart, wonder no more. Samsung has acknowledged that they can disable any Samsung TV using a “feature” (read: backdoor) installed on all their televisions. Do you think they limited this “feature” to their TVs?

Apple is still pushing their Jedi Mind Tricks. They want you to use your phone as your ID, but a recent iOS update even broke the “phone” part of iPhones. Why would anyone trust their identity to their phones?

The Epic v Apple case finally has a ruling. One of the two most significant issues, that Apple forbade any payments not through the App Store, was (rightly) ruled illegal. All other counts were dismissed. It’s being appealed, of course. This could cost Apple a huge chunk of a $20+ billion pie. There are some great reads from discovery. South Korea has passed a new law with similar implicationsEpic v Google is really shaping up.

Be careful how you treat your employees – they might turn out to be the “evil insider” for a ransomware gang.

If you’re a government employee and the scope of your abuse was just to use your boss’s computer then you’re really thinking small potatoes.

Oh, and don’t photograph the moon. You might get sued by UMG.

All technology carries risk, but Wi-Fi is probably the most significant risk to your privacy.

Microsoft broke OneDrive for Business, has some major issues with Outlook 365 right now, and VoIP.ms has been extorted by a DDoS attack.

Apple has dropped it’s lawsuit against Corellium over virtual iPhones, lost their Optis trial, and settled with small developers who publish on the App Store, but it still in bed with Big Brother. The US is pushing a bill right now to prevent App Stores from being the sole source of apps and content for their platforms and the EU is pushing for a minimum of seven years of hardware support.

There is no Section 230 in Australia…and it shows. Until social media companies are slapped by the Supreme Court, they will continue to get away with acting on behalf of government while claiming to be independent.

Since nobody is working “full time” anyway, they’re planning to force employers to cut their hours even more.

A federal court has ruled that the HHS can not force doctors to perform transgender surgeries or abortions. If you were concerned about the damage someone might do to your wedding cake, why would you want them holding a scalpel between your legs?

When the MSM has to resort to blatant lies to support their position and the people eat it up you have to acknowledge that they’re the enemy of honesty. The only real pandemic is a curious series of deaths only affecting those leaders opposed to mandates and ignoring the blatantly obvious data. This isn’t the first time. Sadly, absolute fraud passes for science today. There really are proven treatments available.

The science behind face masks demonstrates that this has never been an honest conversation. Instead, politicized (and ineffective) tests and treatments are more lethal
than the disease. Those required to do so are failing or simply refusing to report injuries (does this mean they lose protection under NVICP?) and the events that are reported still resemble a certain climate change “hockey stick.” They’re maliciously and negligently ignoring the dataactual health and safety concernscommitting fraud, and cherry-picking sources so they can make tiktok videos. They’re intentionally falsifying data to coerce and terrorize the publicGeorge Orwell would be proud. The spews media, and by extension, their loyal vidiots, aren’t interested in the truth. They mindlessly supportJab Crow,” racism, rape, tyranny, dehumanizing people, and sweep the scandals under the rug with their massive propaganda machine.

If they were honest and their goals were actually in line with reality, then isolation and replication would be required *before* the creation of a cure, but they’re still pushing tests that can’t distinguish Coronavirus from Influenza. The “vaccines” intentionally, permanently alter your DNA. Claims of effectiveness have repeatedly been disproven, as have their false claims of FDA licenseapproval.” So they push illegal mandates that aren’t intended to protect your health, even going so far as to ban students from online classesPoliticians ignoring mathematics isn’t really anything new. Especially when there’s animportantagendaIt’s time for a human rights commission for war crimes over this bio weapon. After all, more servicemembers have died from the vaccines than the disease.

The anti-privacy passports are not designed to prove you’re immune. They’re not designed to prove you’re not a carrier.

Whether there’s sufficient evidence to determine the cause of any deaths over the last 18 months, one thing is sure: Science no longer has any validity.

At least some regions are waking up to the insanity of a group of super-governmental multi-national corporations with total immunity from any and all liability. Or elseIt’s time to opt out.

The FBI admits no one (else!) orchestrated the Jan 6 protest. Nevertheless, it was, according to “experts,” the darkest day in American history. (And they don’t mean the subsequent human rights violations.) Odd that the same agenda is unfolding through Big Pharma.

A real President doesn’t abandon their people, or commit war crimes when they’re embarrassed, the Speaker shouldn’t be silencing the names of those who died on their watch, and the FCC, the FDA, OSHA, and other government agencies should actually study what they approve. Companies that only answer to consumers do.

Only after the last year of humans treating other humans as trash, and validating it by dumbing down the rest, could a flight attendant say, matter-of-factly, that “we don’t follow federal law” and expect her victim to just roll over and comply.

It makes perfect sense, then, that the Constitution and Declaration of Independence would be labeled “harmful content” by the National Archives. Not to be outdone, the UK – once the standard to measure an open press – will now punish reporters who “embarrass” the government with up to 14 years in prison.

Now for the good news:

Inexpensive batteries are on the horizon and Starlink satellites are being fitted with lasers.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~2.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15 and 14.8, iPadOS 15 and 14.8, tvOS 15, macOS Big Sur 11.6, watchOS 8 and 7.6.2, Safari 15, Safari 14.1.2, Xcode 13, iTunes 12.12 for Windows and Security Update 2021-005 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15 and 14.8 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15 and 14.8 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 8 and 7.6.2 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 15 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 93.0.4577.63 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Citizen Driver 2021.1 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.seagullscientific.com/support/downloads/drivers/citizen/download/

Display Driver Uninstaller 18.0.4.3 improves removal. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

HP Laserjet Stub 13.3.3 doesn’t provide a changelog so should be treated as a security update.
https://123.hp.com/us/en/devices/LASERJET

Nvidia 472.12 adds support for Windows 11, CUDA 11.4, and resolves several bugs. This is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.29.81 adds more advertising, improves IPFS support, resolves several crashes and other bugs. This is not a security update.
https://brave.com/

Google Chrome 94.0.4606.54 is a security update.
https://www.google.com/chrome/

Microsoft Edge 93.0.961.52 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 92.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.14.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 4.2.2406.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.9.2 resolves several bugs. This is not a security update.
https://getmailspring.com/

Thunderbird 91.1.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.75.0.140 resolves several bugs. This is not a security update.
https://www.skype.com/

Telegram 3.1.0 resolves several bugs. This is not a security update.
https://telegram.org/

Trillian 6.5.0.17 updates libraries and resolves upload bug. This is not a security update.
https://www.trillian.im/

AnyDesk 6.3.3 improves connection reliability. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 6.3.2 adds a URL handler and adds a warning for permissions. This is not a security update.
https://anydesk.com/en/downloads

aria2 1.36.0 updates libraries and resolves several bugs. This is not a security update.
https://aria2.github.io/

BrowsingHistoryView 2.50 improves menu sorting behavior. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 7.79.0 is a security update.
https://curl.haxx.se/windows/

DNSDataView 1.61 resolves an international compatibility bug. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 130.4.4978 doesn’t provide a changelog, so should be treated as a security update.
https://www.dropbox.com/

FileZilla Server 1.0.1 (wow! I honestly thought they’d never release a major version) adds ACME Let’s Encrypt support, logging improvements, library updates and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.14 adds OpenSSL 3.0 support, resolves several bugs, adds ability to manage filter settings, and improves cross-platform compatibility. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 51.0 improves reliability and stability. This is not a security update.
https://drive.google.com/start

Npcap 1.55 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 4.4.4 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.56.1 improves reliability and resolves several bugs. This is not a security update.
https://rclone.org/

Technitium DNS Server 6.4.1 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Zoom 5.7.8.1247 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

darktable 3.6.1 improves hardware support and resolves over a dozen bugs. This is not a security update.
https://www.darktable.org/install/

Flickr Downloadr 3.4.3.1 updates libraries. This is not a security update.
https://flickrdownloadr.com/downloads/

iTunes 12.12.0.6 is a security update. Use Apple Software Update to install the most current version.
https://www.apple.com/itunes/download/

MediaMonkey 5.0.3 resolves a duplication bug. This is not a security update.
https://www.mediamonkey.com/windows#download

Plex Home Theater 1.5.1.2629 updates libraries, improves hardware support, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.24.3.5033 adds support for new hardware, updates libraries, resolves stability and reliability bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Steam 2021.09.20 resolves dozens of bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Nintendo Switch 13.0.0 adds Bluetooth Audio, the ability to install Dock updates, and preserve the Internet connection in sleep mode. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS5 21.02-04.00.00 adds M.2 SSD expansion support, 3D audio, and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 3.0.4 resolves a stability bug. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.4 resolves dozens of bugs. This is not a security update.
https://www.blender.org/download/

Gimp 2.10.28 is a major update ported to GEGL, adds multithreading, GPU-side processing, hi-DPI support, and improved user interface, selection tools and more. This is not a security update.
https://www.gimp.org/

IcoFX 3.6.1 resolves a startup bug. This is not a security update.
https://icofx.ro/

Krita 4.4.8 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.2.1 resolves over 400 bugs. This is a security update. The “Fresh” line is beta software, and should be avoided in favor of the “Still” version for most users.
https://www.libreoffice.org/

LibreOffice Still 7.1.6 resolves 44 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.4 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.4 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Adobe XMP Toolkit SDK 2021.08 is a security update.
https://helpx.adobe.com/security/products/xmpcore/apsb21-85.html

Adobe Photoshop 21.2.12 and 22.5.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-84.html

Adobe Experience Manager 6.5.10.0 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb21-82.html

Adobe Genuine Service 7.4 is a security update.
https://helpx.adobe.com/security/products/integrity_service/apsb21-81.html

Adobe Digital Editions 4.5.11.187658 is a security update.
https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html

Adobe Premiere Elements 20210809.daily.2242976 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb21-78.html

Adobe Photoshop Elements 20210811.m.158081 is a security update.
https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html

AdobeCreative Cloud Desktop Application 5.5 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html

Adobe ColdFusion 2018.12 and 2021.2 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb21-75.html

Adobe Framemaker 2019.8 and 2020.3 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb21-74.html

Adobe InDesign 16.4 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb21-73.html

Adobe SVG-Native-Viewer 20210914 is a security update.
https://helpx.adobe.com/security/products/svg-native-viewer/apsb21-72.html

Adobe InCopy 16.4 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-71.html

Adobe Premiere Pro 15.4.1 is a security update.
https://helpx.adobe.com/security/products/premiere_pro/apsb21-67.html

Adobe Acrobat and Reader 2021.007.20091, 2020.004.30015, and 2017.011.30202 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-55.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.22 resolves several stability bugs with Tor. This is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

BelArc Advisor 11.1 adds support for new software and operating systems. This is not a security update.
https://www.belarc.com/products_belarc_advisor

Hashcat 6.2.4 improves performance, adds hash modes, and resolves several bugs. This is not a security update.
http://hashcat.net/hashcat/#downloadlatest

KeePass 2.49 improves accessibility, reliability, and resolves several bugs. This is not a security update.
https://keepass.info/

OnionShare 2.3.3 adds dark mode, updates libraries, and resolves several bugs. This is not a security update.
https://onionshare.org/

OpenSSL 1.1.1l and 3.0.0 are security updates.
https://curl.se/windows/
https://slproweb.com/products/Win32OpenSSL.html

RogueKiller 15.1.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.38.0 adds Node.js support and resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

WebBrowserPassView 2.11 adds a new export/import option, Firefox CSV. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD 3.70.55 adds Facecam support and resolves several bugs. This is not a security update.
https://www.elgato.com/en/game-capture-software

SnagIt 2021.4.4 resolves several bugs. This is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.1 resolves several bugs. This is not a security update.
https://handbrake.fr/

PDF Creator 4.4 resolves several bugs, adds CS Script action, page numbers, and a couple more actions. This is not a security update.
https://www.pdfforge.org/pdfcreator

Education updates

One or more of these are likely to be of interest to most people.

Zotero 5.0.96.3 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8.7 resolves dozens of bugs and compatibility issues. This is not a security update.
https://1password.com/downloads/mac/

Autoruns 14.01 resolves a bug with VirusTotal and adds a dark theme. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Beyond Compare 4.4.0.25886 adds support for TLS 1.3, improves SFTP and resolves several bugs. This should be treated as a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 1.28.2 resolves several bugs. This is not a security update.
https://bitwarden.com/

CPU-Z Installer 1.97 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 9.21 improves support for Windows 11 and resolves bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 2.9.378.0 adds several new features and resolves several bugs. This is a security update.
https://dngrep.github.io/

Drive Snapshot 1.49 adds support for new operating systems and improves encryption. This should be treated as a security update.
http://www.drivesnapshot.de/en/

Etcher 1.5.122 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything Toolbar 0.7.2 resolves a display bug. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.24 adds UEFI Shell downloads and command line support. This is not a security update.
https://github.com/pbatard/Fido/releases

GoodSync 11.8.2 resolves several bugs. This is not a security update.
https://www.goodsync.com/

LessMSI 1.8.2 resolves a CAB parsing bug. This is not a security update.
https://lessmsi.activescott.com/

NTLite 2.3.0.8330 adds support for Windows 11 and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.0.1 adds several new tables and queries, updates libraries and resolves several bugs. This is not a security update.
https://osquery.io/downloads

PowerToys 0.45.0 improves stability and resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.84 adds dark theme. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Process Explorer 16.43 resolves a memory leak and other bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

Synergy 1.14.1 resolves several bugs, improves reliability and adds new operating system support. This is not a security update.
https://symless.com/synergy/

Sysmon 13.24 improves stability and event handling. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.14 adds dark theme. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.21.8 resolves a license warning bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WhyNotWin11 2.4.1 improves compatibility detection. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WifiChannelMonitor 1.70 adds 802.11ac monitoring mode. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.71 improves internationalization. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Windows 11 RCT 1.1.0 improves compatibility detection. This is not a security update.
https://bytejams.com/

WinScan2PDF 7.31 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.03 is a massive update. This version adds zoom, improved search controls and organization, Explorer interaction and improved cosmetic controls. This is not a security update.
https://wiztreefree.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.33.10 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Godot 3.3.3 resolves dozens of bugs. This is not a security update.
https://godotengine.org/

Node.js v12 12.22.6 is a security update.
https://nodejs.org/en/

Node.js v14 14.17.6 is a security update.
https://nodejs.org/en/

Node.js v16 16.9.1 updates libraries, resolves several bugs, and improves error handling. This is a security update.
https://nodejs.org/en/

Unreal Engine 4.27 resolves several bugs. This is not a security update.
https://unrealengine.com/en-US/

Visual Studio Code 1.60 adds debug watch values, improves cosmetics, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

OpenCart 3.0.3.8 resolves an RTL bug. This is not a security update.
https://www.opencart.com/

Coppermine Gallery 1.6.13 is a security update.
https://coppermine-gallery.net/

Dada Mail 11.15.1 updates libraries and resolves several bugs. This is a security update.
https://dadamailproject.com/

Docker Desktop 4.0.1 introduces the new licensing scheme, updates libraries, and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.1.13 is a security update (the second in a week).
https://drupal.org/download

Drupal 9.2.5 resolves dozens of bugs. This is not a security update.
https://drupal.org/download

MailArchiva 8.2.4 resolves several bugs. This is not a security update.
https://mailarchiva.com/

MailEnable 10.36 resolves several bugs, including a certificate assignment bug. This is not a security update.
https://www.mailenable.com/

Nextcloud Server 22.1.1 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

ownCloud Client 2.9.0.5150 resolves several bugs and improves stability. This is not a security update.
https://owncloud.com/desktop-app/

ScreenConnect 21.12.4575.7914 adds several controls for compatibility and reporting, improves stability, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

YOURLS 1.8.2 resolves several bugs. This is a security update.
https://yourls.org/

WordPress 5.8.1 is a security update.
https://wordpress.org/

Akismet 4.1.12 resolves a couple bugs. This is not a security update.

Autoptimize 2.9.2 improves compatibility and resolves several bugs. This is not a security update.

BuddyPress 9.1.1 is a security update.

Duplicator 1.4.3 resolves several bugs. This is not a security update.

Postie 1.9.57 improves attachment handling. This is not a security update.

Show IDs 1.1.8 adds support for the latest WordPress. This is not a security update.

Slider Revolution 6.5.8 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Social Post Feed 4.0 is a major update adding several new features. This is not a security update.

Sucuri Security 1.8.28 removes a warning. This is not a security update.

Visual Composer 38.1 resolves a couple bugs. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.8 resolves several bugs. This is not a security update.

WooCommerce 5.7.0 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-06-08

Welcome back, Folks!

Today is Patch Tuesday for June, 2021. There have been another couple dozen major security incidents, as well as some significant revelations impacting health, security and privacy. The latest Windows 10 release, v21H1, is out and it doesn’t change that much. Google has finally stopped their weekly security update cadence, though other vendors (including Microsoft Edge and Brave) have continued.

This Month in Technology

ABC affiliatesApple AirTagsAXA, Biden’s Venmo accountBrenntagCNA FinancialColonial Pipeline (again), DigitalOcean, European biomolecular research instituteFirst Horizon Bank, U.S. Agency for Global MediaGuard.meHerff Jones, Ireland’s Department of Health (HSE), JBSMonday.com, Microsoft PatchGuardNY MTAOGUsersOne Treasure IslandRapid7Scripps Health and Whistler have been hacked.

A Qualcomm hardware vulnerability affects almost 40% of all mobile phones. Additionally, a dozen security vulnerabilities (called FragAttacks) have been discovered that apply to all Wi-Fi devices. (I’ll bet you miss that cable now, don’t you?)

Google released a “trial” feature to many Chrome users that effectively broke Chrome on their devices. Disabling the trial allowed Chrome to operate again. This is a perfect example of why you should never be forced into being in a beta program. iOS 14.6 is chewing through batteries. Microsoft released an update that broke compatibility with their own Office 365 services – Teams, Outlook and OneDrive. Google’s Nest thermostats are giving people the cold shoulder. Spectre is back again.

The antivirus that can’t protect you from crypto mining malware will now mine crypto on your device so they can use you to generate even more revenue for them. Better hope Norton 360 doesn’t get your home raided.

Amazon, the UK government, BBC, Bloomberg, CNN, The Guardian, NYT, and and many other major sites were taken offline today in a huge outage.

When your paranoid friend says the security app you’re using might be a government trojan, believe them.

Google & Apple are still making it impossible for users to keep their location privateTor is being used to spy on “secure” user traffic. Again. A new privacy-compromising mechanism via cross-browser tracking installed apps can effectively identify your device. The TikTok App is collecting biometric data. The UK Test & Trace app does far worse.

GitHub has disabled FLoC. This is a good thing. Despite federal law, Chinese surveillance equipment is gaining US government customers. Taproot isn’t the privacy panacea it is perceived to be. On the topic of Snowden, he’s been vindicated (again).

Apple shares iCloud keys with CCP, Apple’s Find My can be used to leak secrets, has a “few” issues with notification reliability, and their techs regularly violate their users’ privacy. Due to so many arbitration cases Amazon is now allowing you to sue them…just in time, as they are now sharing your Wi-Fi with passersbyDell lied about their Alienware laptop upgradeability. There’s a reason why so many people treat Microsoft Edge as malicious.

The Epic vs Apple lawsuit testimony is over, but Apple’s AppStore is still allowing malicious and fraudulent apps, while they pat themselves on the back for not taking even more money from their users.

Dr. Fauci lied about sponsoring gain of function research for biological warfare. He dismissed what he knew to be true, the lab-leak theory, and the effectiveness of hydroxychloroquine. He perjured himself. The MSM helped.

Biden shut down the last Wuhan lab investigation. What are the chances there will be a real investigation? Intelligence agencies claim otherwise and you know they have never lied. As is typical of the political elite, instead of broadcasting this everywhere, they’re targeting those that exposed it with death threats.

Governments and the MSM are concealing any true risk/benefit analysis, the miscarriages, Freudian slips, and VAERS spikes behind missing data, bad science, vastly overcounted cases, and propaganda. They’ve been caught red-handed manipulating the data.

The truth is the COVID death numbers are still dropping while post-vaccination infectionand death – are not rare. 5-10% suffer from severe adverse reactions in the hundreds of thousands. The CDC’s new rules acknowledge what many have known all along, vindicating those who opposed masks and vaccines and the vaccines are far from safe or effective.

The worst part is that there are still unsubstantiated and illegal mandates (that are supported by the low-information crowdforever), and insane dogma that violates all reason. Such as yellow stars for the unvaxxed, forbidding the unvaccinated from  church, employmentUniversity (sometimes even the vaccinated) and even West Point. The Red Cross won’t even accept blood from the vaccinated.

The UK government knows what’s coming, and most will be called “unrelated illnesses.” When life insurance companies see this as a non-event and politicians ignore their own agencies to fine the science it’s hard to take it seriously. There have been decades of vaccine research, and we know they’re designing vaccines that spread themselves – isn’t that the premise of most zombie films? mRNA rewrites the genetic code and enhances the illness. This is what it is designed to do. By the way, did you know that during mRNA trials all the mammals kept dying? They proceeded with the emergency use authorization anyway. The only immunity provided by vaccines is to the manufacturer. A second Nuremburg Tribunal is on the horizon.

The Supreme Court says the Computer Fraud and Abuse Act (CFAA) is overbroad. Amazon is being sued over Antitrust law. The Ohio AG is trying to declare Google a public utility.

The government has repeatedly operated in concert with Big Tech to silence dissent, science, and discussion, in effect, laundering their censorship through third-parties. Governors and others are now going on the offense.

Now for the good news:

Dr. Shiva Ayyadurai is doing more to take down Big Tech than anyone else – by himself. Please help.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.6 and iPadOS 14.6, macOS Big Sur 11.4, Security Update Mojave 2021-004, Security Update Catalina 2021-003, Safari 14.1.1, watchOS 7.5, tvOS 14.6, and Boot Camp 6.1.14. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.6 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 14.6 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.5 is a security update. Use your updated iPhone to install the most current version through the Watch app.

tvOS 14.6 is a security update. Use Settings, General, Updates to install the most current version.

Google Chrome OS 91.0.4472.81 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Logitech Options for macOS 8.54.147 adds support for newer hardware. This is not a security update.
https://www.logitech.com/en-us/product/options

Nvidia 466.63 adds support for newer hardware, libraries and components, and resolves stability and performance bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Engine 3.22.0 now defaults to having Moments off, and resolves a crash bog. This is not a security update.
https://steelseries.com/engine

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.25.70 is a security update.
https://brave.com/

Google Chrome 91.0.4472.77 is a security update.
https://www.google.com/chrome/

Microsoft Edge 91.0.864.41 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 89.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.11.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 6.3.1 resolves several bugs and adds an adaptive resolution option. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk for macOS 6.2.0 resolves stability and display issues, adds tab, cursor follow, and window focus controls. This is not a security update.
https://anydesk.com/en/downloads

curl 7.77.0 is a security update.
https://curl.haxx.se/windows/

Dropbox 123.4.4832 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.54.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

Minds 4.13.0 improves performance and resolves several bugs. This is not a security update.
https://www.minds.com/mobile

Prosody 0.11.9 is a security update.
https://prosody.im/download/start

Technitium DNS Server 6.3 resolves several bugs and adds more than a half dozen new features, including failover and recursion ACLs. This is not a security update.
https://technitium.com/dns/

WGet 1.21.1-1 updates libraries. This is a security update.
https://eternallybored.org/misc/wget/

Zoom 5.6.7.1016 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.15 resolves several bugs. This is not a security update.
https://en.3tene.com/

Picard 2.6.3 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Media Server 1.23.2.4656 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Steam 2021.06.07 resolves several bugs and improves cosmetics. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PlayStation PS3 4.88 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 3.0.2 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

LibreOffice Still 7.0.6 is the final release for the 7.0 branch. This version resolves 50 reliability, stability, and compatibility bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.2.2 resolves several bugs and updates libraries. This should be treated as a security update.
https://nextcloud.com/

Adobe Connect 11.2.2 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-36.html

Adobe Acrobat and Reader 2021.005.20148, 2020.004.30005 and 2017.011.30197 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-37.html

Adobe Photoshop 21.2.9 and 22.4.2 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-38.html

Adobe Experience Manager 6.5.9.0 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb21-39.html

Adobe Creative Cloud Desktop Application 2.5 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html

Adobe RoboHelp Server 2020.0.1 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb21-44.html

Adobe Photoshop Elements 5.3 is a security update.
https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html

Adobe Premiere Elements 5.3 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb21-47.html

Adobe After Effects 18.2.1 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb21-49.html

Adobe Animate 21.0.7 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-50.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.19 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

NSudo 8.2 removes ARM32 support, updates libraries, and resolves several bugs. This is not a security update.
https://github.com/M2Team/NSudo/releases/latest

OnionShare 2.3.2 resolves several bugs and updates libraries. This is a security update.
https://onionshare.org/

VT-CLI 0.9.7 doesn’t provide a changelog so should be treated as a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.31 provides cosmetic improvements, improves the updater and imgur compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.4.1 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8.5 adds archive support, sharing indicators, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.7.807 resolves several bugs, adds Windows Hello support, and adds archive support. This is not a security update.
https://1password.com/downloads/windows/

Bitcoin 0.21.1 improves performance and resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 1.26.5 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 5.81.8895 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Dell Command Update 4.2 improves download and logging. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 8.88 improves compatibility and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Everything 1.4.1.1009 improves NTFS detection. This is not a security update.
https://www.voidtools.com/

Fido 1.19 adds support for Windows 10 21H1 and eliminate requirement for Internet Explorer. This is not a security update.
https://github.com/pbatard/Fido/releases

GoodSync 11.7.3 resolves several bugs and improves stability. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 3.21 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NetworkTrafficView 2.40 adds several protocol controls and filters. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

NTLite 2.1.1.7917 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.2.1 improves selection interface, resolves several bugs with third-party apps and integrated elevation when required. This is not a security update.
https://www.diskpart.com/

PointerStick 5.15 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Process Monitor 3.82 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Process Explorer 16.42 switches default search behavior from find to filter and reports CET, and resolves several bugs. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

PsExec 2.34 changes stderr output behavior. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec

RoboForm 9.1.4 resolves several bugs. This is not a security update.
https://www.roboform.com/

Samsung Data Migration 4.0 does not provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

Sigcheck 2.81 resolves a signature validation bug. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sigcheck

SimpleWMIView 1.45 improves sorting controls. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Sysmon 13.21 adds new filter conditions and resolves a crash bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TaskSchedulerView 1.68 resolves a pagination bug and improves sorting controls. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TCPView 4.12 adds new filter conditions and resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TraceRouteOK 2.52 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WifiInfoView 2.70 improves sorting options. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinGet 1.0.11451 is the first release version of WinGet. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinObj 3.10 extends search to include symbolic link targets.
https://docs.microsoft.com/en-us/sysinternals/downloads/winobj

WinScan2PDF 7.11 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 4.2.1.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio

DB Browser for SQLite 3.12.2 updates the certificate for DBHub.io. This is not a security update.
https://sqlitebrowser.org/

Godot 3.3.2 resolves dozens of bugs. This is not a security update.
https://godotengine.org/

Inno Setup 6.2.0 updates graphics and cosmetics, adds dark mode, improves logging, and adds several new scripting options and flags. This is not a security update.
https://www.jrsoftware.org/isdl.php

Node.js 16.3.0 upgrades libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.35.5 resolves several bugs and improves reliability and performance. This is a security update.
https://www.sqlite.org/download.html

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.8.1 resolves several bugs. This is a security update.
https://www.adminer.org/en/

Dada Mail 11.14.0 resolves several bugs. This is not a security update.
http://dadamailproject.com/

Drupal 9.1.10 resolves over a dozen bugs. This is not a security update.
https://drupal.org/download

Joomla 3.9.27 is a security update.
https://www.joomla.org/

Nextcloud Server 21.0.2 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

phpList 3.6.3 is a security update.
https://www.phplist.org/

Piwigo 11.5.0 is a security update.
https://piwigo.org/

ScreenConnect 21.8.3558.7823 adds deep-linking support, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.7.2 is a security update.
https://wordpress.org/

BuddyPress 8.0.0 improves the registration experience, xProfile fields, simplifies administration, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Duplicator 1.4.1 resolves several bugs. This is a security update.
https://wordpress.org/plugins/duplicator/#developers

Visual Composer 36.0 resolves dozens of bugs and improves consistency. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.3 is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 5.4.0 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

Show IDs 1.1.7 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-10-28

Welcome back, Folks!

It’s not Patch Tuesday, but updates from Microsoft, Apple, Google, Mozilla, and many others have triggered an out-of-cycle update.

This Month in Technology

Hackney Council has been hacked, Dickey’s BBQ has been hacked, Carnival Corp was hacked, a Finland psychotherapy center was hacked and the stolen data is being used to blackmail patientsSonicWall VPN Portal can be easily hacked, there’s yet another Bluetooth vulnerability (in all but the latest Linux kernel), dozens of government networks have been targeted (and some hacked) by a “Russian hacker group” (though it’s hard to believe that the Russians are behind anything anymore), and President Trump’s campaign website was hacked. Any password you can remember is a bad password. Even if you’re the President. Or a multinational security company.

Some nutjobs are still supporting the lockdowns, even though the half-baked science encouraging lockdowns and masks have been proven false again and again, but that won’t stop authoritarians from treating people as terrorists.

Facebook is permabanning users for buying $300 VR hardware Facebook sells. Really. That’s okay, it’s time for VR to abandon Facebook anyway.

An overzealous Apple security feature (XProtect) has blocked access to HP printers, Amazon Music and more. They’re humorously contradicting themselves about security. On the one hand, they advise users to never plug any device into a non-Apple power adapter, and on the other hand they say they’re saving the planet by not including power adapters anymore.

Epic Games founder and chief executive Tim Sweeney observes:
“What’s most disturbing about Apple’s position is that they seem to truly believe they “own” all commerce involving phones they make, characterizing direct payment as theft, smuggling, and even shoplifting. It’s a crazy, misguided view.”

Yes, in June T-Mobile broke the entire US cell network. No, they won’t be punished.

Twitter and Facebook are actively censoring actual news based on false claims of hacking and sensitive information…but even if it were true, they didn’t seem to mind when the target of the hacking was of a different political persuasion. Twitter acknowledges that Joe Biden is a child sex predator. It should go without saying that social networks will never treat everyone the same. The FCC and President Trump have repeatedly asserted that they will be “clarifying” Section 230. Wouldn’t it be better if they just enforced it?

Not to be outdone by mere social media, the RIAA has demonstrated that it has too much power. Google has demonstrated that they can control what the world knows and believes, which has painted them into a corner for a federal antitrust case.

Orca Security has a great write-up about Palo Alto Networks defective (and illegal) pursuit of security-by-obscurity.

Now for the good news:

Energy scavenging may soon be a reality, hopefully it won’t be used to send us back to the 18th century like in the TV series Revolution. Isn’t it time that we pedaled for power?

Let’s Get Busy

Microsoft released the newest build of Windows 10 v2009, which isn’t that different from v2004. It’s another minor “major” update that streamlines several features and improves overall performance.
https://www.microsoft.com/en-us/software-download/windows10

Apple released updates for iOS, iPadOS, watchOS, iTunes, and Apple Music 3.4.0 for Android. These are security updates.

iOS 14.1 is a security update. Use Settings, General, Software Update to install the most current version.

iPadOS 14.1 is a security update. Use Settings, General, Software Update to install the most current version.

watchOS 7.0.3 is a security update. Use your updated iPhone to install the most current version through the Watch app.
https://support.apple.com/en-us/HT204641

Google Chrome OS 86.0.4240.112 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 33-1.2 adds PARSEC support, improves interoperability and development environment, updated libraries and resolves several bugs. This is not a security update.
https://getfedora.org/en/workstation/download/

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.3.4 improves removal capabilities. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

MS Mouse and Keyboard Center 13.0 adds support for new hardware. This is not a security update.
https://www.microsoft.com/accessories/en-us/downloads/mouse-keyboard-center

Logitech Options 8.34.82 (and 8.34.91 for macOS) resolves several bugs, adds support for new hardware and plugins, and implements the new permissions options for macOS Mojave compatibility. This is not a security update.
https://www.logitech.com/en-us/product/options

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.16.68 is a security update.
https://brave.com/

Google Chrome 86.0.4240.111 is a security update.

Microsoft Edge 86.0.622.56 is a security update.

Firefox 82.0.2 is a security update.

Firefox ESR 78.4.0 is a security update.

Vivaldi 3.4.2066.86 is a security update.
https://vivaldi.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.45 adds an option to display QR codes for selected URLs. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 7.73.0 resolves over a hundred bugs and adds several new switches, improving help and error handling. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 108.4.453 does not provide a detailed changelog, so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.51.0 resolves several bugs. This is not a security update.
https://filezilla-project.org/

TrueNAS 12.0 is the merger of FreeNAS and TrueNAS to build a much more powerful whole. This major update improves quality, reliability and performance, adds and improves support for new file systems and dataset encryption, improves diagnostics, 2FA, API support, quotas and much more. This is not a security update.
https://www.truenas.com/download-truenas-core

Technitium DNS Server 5.4 resolves several bugs, adds QNAME randomization and PTR zone creation. This is not a security update.
https://technitium.com/dns/

WinSCP 5.17.8 is a security update.
https://winscp.net/eng/index.php

Zoom 5.4.58636.1027 resolves several bugs. This is a security update.
https://zoom.us/

Java 8u271 is a security update.
https://www.java.com/en/download/manual.jsp

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.10.10 is a security update. Use Apple Software Update to get the most current version.

3tene 2.0.7 adds 32-bit screen capture, adjusts transition time, and resolves several bugs. This is not a security update.
https://en.3tene.com/

Picard 2.5.1 resolves dozens of bugs, improves reliability, and adds improved privacy controls. This is not a security update.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.10.23 is a security update.

PlayStation PS4 8.00 is a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

LibreOffice 6.4.7 resolves over 70 bugs, including stability and reliability issues. This is not a security update.
https://www.libreoffice.org/

Paint.net 4.2.14 improves performance, adds AV1 support, and resolves several bugs. This is not a security update.
https://www.getpaint.net/

Adobe Creative Cloud Desktop Application 5.3 and 2.2 are security updates.
https://helpx.adobe.com/download-install/kb/creative-cloud-desktop-app-download.html

Adobe InDesign 16.0 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb20-66.html

Adobe Media Encoder 14.5 is a security update.
https://helpx.adobe.com/security/products/media-encoder/apsb20-65.html

Adobe Premiere Pro 14.5 is a security update.
https://www.adobe.com/in/creativecloud/catalog/desktop.html

Adobe Photoshop 21.2.3 and 22.0 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb20-63.html

Adobe After Effects 17.1.3 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb20-62.html

Adobe Animate 21.0 is a security update.
https://helpx.adobe.com/security/products/animate/apsb20-61.html

Adobe Dreamweaver 21.0 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb20-55.html

Adobe Illustrator 25.0 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb20-53.html

Marketo 1.4357 is a security update.
https://helpx.adobe.com/security/products/marketo/apsb20-60.html

Magento 2.4.1 and 2.3.6 are security updates.
https://helpx.adobe.com/security/products/magento/apsb20-59.html

Security Software Updates

One or more of these is likely to be of interest to most people.

BelArc Advisor 9.7 doesn’t provide a changelog so should be treated as a security update.
https://www.belarc.com/products_belarc_advisor

RouterPassView 1.90 adds a new display mode including backup files. This is not a security update.
https://www.nirsoft.net/utils/router_password_recovery.html

uBlock Origin 1.30.6 resolves several bugs and adds a click-to-load widget. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

RogueKiller 14.7.4 improves reliability. This is not a security update.
https://www.adlice.com/download/roguekiller/

HTTP Toolkit 1.0.2 updates libraries. This is not a security update.
https://httptoolkit.tech/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2021.0.0 is a major update adding several features, updating Templates, Themes, Simplify, Magnify, and the Editor. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.0.3 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

CCleaner 5.73.8130 improves license management. This is not a security update.
https://www.ccleaner.com/

TeamViewer 15.11.6 improves RSA key length, allows flashlight while zooming, and resolves a copy/paste notification bug. This is not a security update.
https://www.teamviewer.com/en/download/windows/

Fido 1.17 adds support for the latest Windows 10 build, v2010. This is not a security update.
https://github.com/pbatard/Fido/releases

GoodSync 11.4.1 improves Google Photos FS access, event handling, GsRunner, CCRunner, updates certificate roots, and resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

NTLite 2.0.0.7705 updates components and compatibility, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PointerStick 4.71 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Rufus 3.12 adds support for the latest Windows 10 build, v2010, SHA-512 digests, improved Windows To Go support, and resolves several bugs. This is not a security update.
https://rufus.ie/en_IE.html

TaskSchedulerView 1.57 adds options to copy contents of clicked cell. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

WinScan2PDF 6.13 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

VMMap 3.30 identifies .NET Core 3.0 managed heaps. This is not a security update.
https://live.sysinternals.com/

RAMMap 1.60 adds customizable map colors and a new empty system working sets. This is not a security update.
https://live.sysinternals.com/

Sysmon 12.01 is a security update.
https://live.sysinternals.com/

Developer Updates

These are unlikely to be of interest to most people.

MySQL ConnectorNet 8.0.22 resolves several bugs. This is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 14.15.0 resolves several bugs and is now officially in Long Term Support (LTS) status. This is not a security update.
https://nodejs.org/en/

Node.js 15.0.1 is a major update adding several new features and removing others, updating libraries and resolves bugs. This is not a security update.
https://nodejs.org/en/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.16-140961 resolves several bugs. This should be treated as a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.12.2 resolves a minor bug. This is not a security update.
http://dadamailproject.com/

phpMyAdmin 4.9.7 and 5.0.4 resolve 2FA bug and PHP compatibility, and resolve several other bugs. This is not a security update.
https://www.phpmyadmin.net/

ScreenConnect 20.11.1385.7587 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Nextcloud Server 20.0.1 resolves over 60 bugs and improves performance, reliability and privacy. This is not a security update.
https://nextcloud.com/

Akismet 4.1.7 improves integration. This is not a security update.

Contact Form 7 5.3 resolves several bugs. This is not a security update.

myStickymenu 2.4.7 resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.19 improves compatibility and resolves several bugs. This is not a security update.

Redirection 4.9.1 resolves logging and database upgrade bugs. This is not a security update.

Social Post Feed 2.17.1 resolves several bugs. This is not a security update.

WooCommerce 4.6.1 resolves several bugs. This is not a security update.

WP Mail SMTP 2.5.1 adds password encryption, improves Gmail compatibility, and resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/