Updates 2023-01-10

Happy New Year, Folks!

Today is Patch Tuesday for January, 2023.

This month brings over 200 application updates and over 100 major hacks. It’s the lightest month we’ve seen in a while, with only about 3 GB of updates for most users.

This Month in Technology

3Commas, Aetna ACE, Antwerp, Belgium, Argonne (ANL), Astro, Avem Health Partners, Azienda Ospedaliera di Alessandria hospital, Bay City Health & Rehabilitation Center, Benchmark, BetMGM, BitKeep crypto wallet users, BMW, Bosselman Energy, Inc. Employee Health Benefits Plan, Brookhaven (BNL), BTC.com, CA Department of Finance, Captify Health, Careportal, Chick-fil-A, CircleCI, Citrix ADC and Gateway, CoinTracker, Comcast Xfinity, Consulate Health Care, Copper Mountain Mining Corporation, Cott Systems, Deezer, Degroof Petercam, Digipolis, DoorDash, Empresas Públicas de Medellín, FBI’s InfraGard, Fitzgibbon Hospital, Five Guys, Flying Blue, Foundcare, Inc., FuboTV, Gemini crypto exchange, Ghost CMS, GitHub auth, Google Home smart speaker, Grupo Estrategas EMM, H-Hotels, Hawaiian Eye Center, Hospital for Sick Children (SickKids), Indian Railway Catering and Tourism Corp, Intrado, John F. Kennedy International Airport taxi dispatch system, JsonWebToken, Kubernetes clusters, L. Knife & Son, Inc. Employee Benefits Plan, Lake Charles Memorial Health System, LastPass (“most” data was encrypted), Lawrence Livermore National Laboratories (LLNL), Legacy Hospice, LEGO BrickLink, Live Oak Surgery Center, Louis A. Johnson Veterans’ Administration Medical Center, Mango Markets, Maternal & Family Health Services, Maybank, Medicare, MedStar Mobile Healthcare, Mercedes, 60,000+ Microsoft Exchange servers, Midwest Orthopaedic Consultants, S.C., Monarch, Netgear WiFi routers, New Vision Dental, Okta, Port of Lisbon Administration, Prairie Lakes Healthcare System, PyTorch, Quality Behavioral Health, Queensland University of Technology, Rackspace, SAIF Corp, Sargent & Lundy, SevenRooms, Shibuya Ward office in Tokyo, Slack, SlideTeam, Social Blade, Synology, Telas Palo Grande, The Elizabeth Hospice, The Guardian, The Malaysian Election Commission, Three Rivers Provider Network, Toyota, TPG Telecom Ltd, Twitter, Uber, UK Schools, UK’s Department for Environment, Food & Rural Affairs, Ukrainian Government (because they pirated Windows), Ukrainian Ministry of Defense, Universidad De La Salle, University of Havana, University of Miami, Verisma Systems, Inc., VSCode Marketplace, Wabtec Corporation, Windows Problem Reporting, YITH WooCommerce Gift Cards Premium, and Zoho ManageEngine have reportedly been hacked or compromised this month.

ChatGPT, the latest AI designed to make humanity obsolete, is already being used to develop malwareAdobe is using your content to train their AI. 

Microsoft still hasn’t gone all-in on Windows 11. Google Chrome (and all other Chromium-based browsers – Edge, Brave, Vivaldi and so on) will no longer support Windows 7, 8, 8.1, or Server 2012/2012 R2 in only a month. The latest build of iTunes is not compatible with the end-to-end encryption feature on iOS/iPadOS.

The only government caught bombing people not party to the Russo-Ukrainian war says cyberattacks should be considered war crimes. The FTC is planning to kill the US economy, while the FCC has decided to regulate space.

Now for the good news:

Almost every ‘conspiracy theory‘ that people had about twitter turned out to be true. The FBI has seized domains involved in DDoS attacks.

John Deere will finally allow farmers to repair their own equipment. This is a major movement in conjunction with the Right to Repair, and could save farmers millions on production expenses.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 3
GB in updates today. Let’s get started.

Windows 11 22H2 still isn’t ready for prime time, so hold off for at least another month.

Microsoft released updates to address 90 vulnerabilities in .NET Core, 3D Builder, Azure Service Fabric Container, Microsoft Bluetooth Driver, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Local Security Authority Server (lsasrv), Microsoft Message Queuing, Microsoft Office, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft WDAC OLE DB provider for SQL, Visual Studio Code, Windows ALPC, Windows Ancillary Function Driver for WinSock, Windows Authentication Methods, Windows Backup Engine, Windows Bind Filter Driver, Windows BitLocker, Windows Boot Manager, Windows Credential Manager, Windows Cryptographic Services, Windows DWM Core Library, Windows Error Reporting, Windows Event Tracing, Windows IKE Extension, Windows Installer, Windows Internet Key Exchange (IKE) Protocol, Windows iSCSI, Windows Kernel, Windows Layer 2 Tunneling Protocol, Windows LDAP – Lightweight Directory Access Protocol, Windows Local Security Authority (LSA), Windows Local Session Manager (LSM), Windows Malicious Software Removal Tool, Windows Management Instrumentation, Windows MSCryptDImportKey, Windows NTLM, Windows ODBC Driver, Windows Overlay Filter, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Remote Access Service L2TP Driver, Windows RPC API, Windows Secure Socket Tunneling Protocol (SSTP), Windows Smart Card, Windows Task Scheduler, Windows Virtual Registry Provider, Windows Workstation Service and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Google Chrome OS 108.0.5359.172 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Ventura (13.x) means that macOS Catalina (10.15) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

DS4Windows 3.2.3 resolves a bug with the Shift Modifier trigger. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Nvidia Driver 474.11 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Xerox Smart Start 1.7.71.0 doesn’t provide a changelog so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.46.153 is a security update.
https://brave.com/

Google Chrome 108.0.5359.124 is a security update.
https://www.google.com/chrome/

Microsoft Edge 108.0.1462.76 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 108.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Vivaldi 5.6.2867.50 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.8 resolves a couple bugs. This is not a security update.
https://getmailspring.com/

Spark 3.2.2.40861 improves stability and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.2.2.40859 improves stability and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.6.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.1.7 improves command-line controls and resolves dozens of bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 7.87.0 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 164.4.7914 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 172.0.0.28.215 is a security update.
https://www.messenger.com/download

FreeFileSync 11.29 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 69.0 is a security update.
https://drive.google.com/start

Npcap 1.72 resolves a couple bugs. This is not a security update.
https://nmap.org/npcap/

Prosody 0.12.2 is a security update.
https://prosody.im/download/start

Rclone 1.61.1 adds several new features and resolves many bugs. This is not a security update.
https://rclone.org/

Signal (Android) 6.6.3 doesn’t provide a public changelog so should be treated as a security update.
https://signal.org/android/apk/

Signal 6.1.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Skype 8.91.0.404 adds automatic audio translation. Really. This is not a security update.
https://www.skype.com/

Syncthing 1.23.0 resolves several bugs. This is not a security update.
https://syncthing.net/

Telegram 4.5.3 resolves a bug. This is not a security update.
https://telegram.org/

Zoom 5.13.4.11835 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4.6 resolves a couple bugs. This is not a security update.
https://www.bitwig.com/download/

darktable 4.2.0 resolves dozens of bugs. This is not a security update.
https://www.darktable.org/

iTunes 12.12.7.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.apple.com/itunes/download/

Kodi 19.5 doesn’t provide a changelog so should be treated as a security update.
https://kodi.tv/

Plex Desktop 1.60.1.3413 improves album art and Discover behavior, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.31.1.3412 improves album art and adds an option to dismiss Discover What to Watch. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Unreal Media Server 15.0 improves streaming capabilities. This is a security update.
http://www.umediaserver.net/umediaserver/download.html

Winamp 5.9.1.10029 updates libraries and resolves several bugs. This is a security update.
https://www.winamp.com/player/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2022.11.1.56 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.1.155 integrates direct access to the Asset Store and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Steam 2023.12.01 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 22.003.20310 is a security update.
https://get.adobe.com/reader

Adobe Acrobat 22.003.20310 and 20.005.30436 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb23-01.html

Adobe InDesign 18.1 and 17.4.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb23-07.html

Adobe InCopy 18.0 and 17.4 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb23-08.html

Adobe Dimension 3.4.7 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb23-10.html

Audacity 3.2.3 adds support for audio.com and resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 6.11.0 adds automatic editing of CSS and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Krita 5.1.5 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

Notepad++ 8.4.8 updates libraries and resolves over a dozen bugs. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

DNSQuerySniffer 1.90 adds Show High Resolution Duration option. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

Gpg4win 4.1.0 improves certificate handling and resolve several bugs. This is not a security update.
https://www.gpg4win.org/download.html

HTTP Toolkit 1.12.2 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

KeePass 2.53 adds keyboard controls and history and filter improvements. This is not a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.5.19 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 2.3.2 adds new languages. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.11 adds new languages. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.6.5 resolves several bugs and improves reliability. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 5.8 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.46.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 29.0.0 adds several new encoders and decoders, and resolves several bugs. This is not a security update.
https://obsproject.com/

SnagIt 23.0.2 improves Grab Text feature and resolves several bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.9.6 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.6.0 adds several transcoding options, updates libraries, and resolves several bugs. This is not a security update.
https://handbrake.fr/

StreamFab 6.1.0.2 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.19 adds automatic relinking of Mendeley citations, and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.9.12 improves reliability and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.9.12 improves reliability and resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

AOMEI Partition Assistant 9.13.1 resolves several bugs. This is not a security update.
https://www.diskpart.com/

Bitwarden 2022.12.0 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.07.10191 improves startup speed and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.4.3 resolves a couple bugs. This is not a security update.
https://cygwin.com/

Dell Command Update 4.7.1 doesn’t provide release notes for this build, so it should be treated as a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 10.61 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.2.242.0 adds a portable version, improves extension support, syntax highlighting, selection keys, and updates libraries. This is not a security update.
https://dngrep.github.io/

DMDE 4.0.2.804 resolves several bugs. This is not a security update.
https://dmde.com/

Etcher 1.13.2 resolves several bugs and updates dependencies. This is not a security update.
https://www.balena.io/etcher/

Fido 1.40 improves error handling. This is not a security update.
https://github.com/pbatard/Fido/releases

Go 1.19.5 resolves several bugs. This is not a security update.
https://go.dev/

GoodSync 12.1.4 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.0.12 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

Homedale 2.05 improves logging and SSID reporting. This is not a security update.
https://www.the-sz.com/products/homedale/

Memtest86+ 6.01 resolves a couple bugs. This is not a security update.
https://www.memtest.org/

NetworkInterfacesView 1.26 add Interface Index column. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

NTLite 2.3.9.9020 updates languages and components. This is not a security update.
https://www.ntlite.com/download/

osquery 5.7.0 provides several table updates, introduces security_profile_info, and resolves several bugs. This is not a security update.
https://osquery.io/downloads

PowerToys 0.66.0 improves installer and resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.4.1 imposes new licensing restrictions for free accounts. This is not a security update.
https://www.roboform.com/

ScreenConnect 22.10.10924.8404 adds several new security features and controls, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Superpaper 2.2.1 resolves several bugs. This is not a security update.
https://github.com/hhannine/superpaper/

TeamViewer 15.37.3 resolves a couple bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.2.1 resolves several bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

Ventoy 1.0.87 resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WinScan2PDF 8.41 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

ZoomText 2023 2023.2212.21.400 adds Freeze View and Early Adopter support. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

GitHub Desktop 3.1.3 resolves several bugs. This is not a security update.
https://desktop.github.com/

NASM 2.16.01 resolves several bugs. This is not a security update.
https://www.nasm.us/index.php

Node.js 19.4.0 resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 18.13.0 resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.40.1 resolves a couple bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.74.2 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.14.4 resolves dozens of bugs. This is not a security update.
https://ppsspp.org/downloads.html

VMware Workstation Player 17.0.0 improves TPM, adds support for newer operating systems, adds encryption, and updates OpenGL 4.3 and WDDM 1.2. This is a security update.
https://customerconnect.vmware.com/downloads/#all_products

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.21 corrects a couple bugs. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.5.1 resolves several bugs. This is not a security update.
https://drupal.org/download

HumHub 1.13.0 improves module integration, Spaces, adds Open Graph, diagnostics and several other features. This is not a security update.
https://www.humhub.com/en/download

ISPConfig 3.2.9 adds 2FA and support for latest Ubuntu, and resolves several bugs. This is not a security update.
https://www.ispconfig.org/ispconfig/download/

jQuery 3.6.3 resolves the CSS.supports selector bug. This is not a security update.
https://code.jquery.com/

Piwigo 13.4.0 resolves several bugs. This is not a security update.
https://piwigo.org/

SpamAssassin 4.0.0 is a major update adding full Unicode support, parsing for many more URL forms and TLDs, and resolves several bugs. This is not a security update.
https://spamassassin.apache.org/downloads.cgi

BuddyPress 11.0.0 improves performance, adds webp support, and resolves dozens of bugs. This is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.7.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Social Post Feed 4.1.6 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Postie 1.9.63 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/postie/

Raw HTML 1.6.4 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/raw-html/

Register IP – Multisite 1.9.1 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/register-ip-multisite/

WooCommerce 7.2.2 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.7.0 improves cleanup and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WP Update Server 2.0.1 improves compatibility. This is not a security update.
https://github.com/YahnisElsts/wp-update-server

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-11-08

Welcome back, Folks!

Today is Patch Tuesday for November, 2022.

This month brings a new major version of macOS (13/Ventura) and a new major version of Windows 10. That’s on top of the nearly 100 major hacks, and over 130 application updates this month. Well, not really this month, since there were many more published on Oct 18th in the last newsletter. There is an OpenSSL security update, so almost every network or internet capable application has a security update right now. There should be about 4.5 GB of updates for most users.

This Month in Technology

Abode Iota All-In-One Security Kit, Advanced, Advocate Aurora Health, Amazon, Argentinian Armed Forces Joint Chiefs of Staff, Ascension St. Vincent’s Coastal Cardiology, AstraZeneca, Atacama Large Millimeter Array (ALMA) Observatory, Aurubis, Australian Clinical Labs, various auto key fobs, Aveanna, Azure Cosmos DB, Bed, Bath & Beyond, Blue Cross and Blue Shield of Kansas, Bulgarian Government, Choice Health Insurance LLC, Cisco AnyConnect, CommonSpirit Health, Consorci Sanitari Integral, Defense Health Headquarters, Deribit, DESORDEN GROUP, Doomworld, DropBox, E-Pal, EnergyAustralia, Eventus WholeHealth, PLLC, Fontainebleau Development Health and Welfare Plan, Hackney Council, Heilbronn Stimme, HH/Killeen Health System, LLC, India metro, Indianapolis Housing Agency, Iranian Atomic Energy Organization, Jeppesen, Keystone Health in Pennsylvania, Legal Aid ACT, Lolzteam, Louisiana Department of Public Safety and Corrections, Mango Markets, Maple Leaf Foods, Massengale Eye Care, Massy Stores, MBDA, Medibank, Medlab Pathology, METRO, Microsoft, Mid-Westchester Anesthesia Services PC, Moola Market, MyDeal, Nelnet Servicing, New Mexico Regulation and Licensing Department, New York Post, Osaka Acute and General Medical Center, Pendragon Group, Phoenix Programs of Florida, Inc., Poland Parliament, Premier Physical Therapy and Sports Performance, LP, Presbyterian Healthcare Services, Primary Anesthesia Services, Pynenberg & Scheske DDS, SC, RecordTV, Regions Hospital, Resource Anesthesiology Associates of CA PC, Resource Anesthesiology Associates of CT PC, Resource Anesthesiology Associates Of KY PSC, Resource Anesthesiology Associates of NM Inc, Resource Anesthesiology Associates of VA LLC, Saddlebrook Anesthesia Services PC, See Tickets, Siemens PLCs, Sigmund Software, LLC, Slovakian Parliamant, Somnia Anesthesia, Somnia Pain Mgt of Kentucky, Somnia, Inc., Spain’s National Renewable Energy Center, St Luke’s Health – Texas, State Bar of Georgia, Tata Power, The Church of Jesus Christ of Latter-day Saints, Tift Regional Health System, Twilio, UK PM Liz Truss, UK’s Department for Education, Unimed Belem, hundreds of US news websites, Vastaamo, Verizon, Vinomofo, VMware Workspace One Access, Vodafone Italia, WakeMed Health and Hospitals, and Wenco Management, LLC Health and Welfare Benefit Plan have reportedly been hacked or compromised this month.

Microsoft’s Azure platform has been causing problems for their own WinGet package manager and SysInternals services. Instagram, Zscaler, and Wynncraft suffered widespread outages.

Now for the good news:

The more time you spend evaluating electric cars, the worse you will realize they are. Whether it’s electrical waste, environmental damage, increased pullution or just randomly bursting into flames, they’re clearly not ready for production. And now you know.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 4.5 GB in updates today. Let’s get started.

With the release of a new version of macOS (13/Ventura) all macOS 10.x versions are no longer supported. If you’re not running at least 11/Big Sur, upgrade now or take your device offline. Really.

Windows 10 22H2 (19045) is a major update for Windows 10. Well, it’s supposed to be – there’s really almost no changes other than the extension of the support window. Even though there’s not a lot new to it, don’t be a lemming: wait at least a couple months for them to work out the inevitable bugs.

Microsoft released updates to address 82 vulnerabilities in .NET Framework, AMD CPU Branch, Azure, Azure Real Time Operating System, Linux Kernel, Microsoft Dynamics, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Network Policy Server (NPS), Open Source Software, SysInternals, Visual Studio, Windows Advanced Local Procedure Call, Windows ALPC, Windows Bind Filter Driver, Windows BitLocker, Windows CNG Key Isolation Service, Windows Devices Human Interface, Windows Digital Media, Windows DWM Core Library, Windows Extensible File Allocation, Windows Group Policy Preference Client, Windows HTTP.sys, Windows Hyper-V, Windows Kerberos, Windows Mark of the Web (MOTW), Windows Netlogon, Windows Network Address Translation (NAT), Windows ODBC Driver, Windows Overlay Filter, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Resilient File System (ReFS), Windows Scripting, Windows Win32K
and MSRT (~3 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.7.1, iPadOS 15.7.1, iOS 16.1 and iPadOS 16, macOS Big Sur 11.7.1, macOS Monterey 12.6.1, macOS Ventura 13, Safari 16.1, tvOS 16.1, watchOS 9.1, and Xcode 14.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.1 and 15.7.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.1 and 15.7.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 16.1 is a security update. Use Settings, General, Software Update to install the most current update.

Google Chrome OS 107.0.5304.92 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Ventura (13.x) means that all macOS X (10.x) versions are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.10.3 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

BullZip PDF Printer 14.1.0.2951 improves compatibility. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Crucial Storage Executive 8.07 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.5.7 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.1.10 resolves several bugs and improves responsiveness. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Daemon Tools Lite 11.1.0 adds ARM support and resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Garmin Express 7.15.2 doesn’t provide a detailed changelog so should be considered a security update.
https://www.garmin.com/en-US/software/express/

MSI Afterburner 2022.10.05 doesn’t provide a changelog so should be treated as a security update.
https://www.msi.com/Landing/afterburner/graphics-cards

Samsung DeX 2.4.0.29 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.45.118 is a security update. Use Menu, Help, About to install the current version.
https://brave.com/

Google Chrome 107.0.5304.87 is a security update. Use Menu, Help, About to install the current version.
https://www.google.com/chrome/

Microsoft Edge 107.0.1418.35 is a security update. Use Menu, Help, About to install the current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 106.0.5 is a security update. Use Menu, Help, About to install the current version.
https://www.mozilla.org/en-US/firefox/new/

Vivaldi 5.5.2805.42 is a security update. Use Menu, Help, About to install the current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

ProtonMail (Android) 3.0.9 improves stability. This is not a security update.
https://proton.me/mail/download

Spark 3.1.0.38675 does not provide a changelog so should be treated as a security update.
https://sparkmailapp.com/

Spark (macOS) 3.1.0.38673 does not provide a changelog so should be treated as a security update.
https://sparkmailapp.com/

Thunderbird 102.4.2 is a security update. Use Menu, Help, About to install the current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.1.6 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 7.86.0 resolves almost 200 bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 160.4.4703 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 168.0.0.24.90 is a security update.
https://www.messenger.com/download

FileZilla Client 3.62.0 updates libraries. This is a security update.
https://filezilla-project.org/

Google Drive 66.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Google Earth 7.3.6 resolves several bugs and improves several features. This is not a security update.
https://earth.google.com/

Microsoft Teams 1.5.00.28361 adds transcription, e-signature integration, rich call history and music on hold. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 25.0.1 updates dependencies and resolves dozens of bugs. This is a security update.
https://nextcloud.com/

PuTTY 0.78 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Qbox 4.0.5.32 doesn’t provide a changelog so should be treated as a security update.
https://www.coraltreetech.com/qbox

Rclone 1.60.0 adds three new backends, several new features and resolves dozens of bugs. This is a security update.
https://rclone.org/

Signal 5.63.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://signal.org/download/windows/

Syncthing 1.22.1 resolves several bugs and improves reliability. This is not a security update.
https://syncthing.net/

Telegram 4.3.1 is a security update.
https://telegram.org/

Zoom 5.12.6.10137 adds a lot of new features and resolves over a dozen bugs. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.6 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 4.4.2 resolves several bugs. This is not a security update.
https://www.bitwig.com/download/

iTunes 12.12.5.8 adds support for newer iOS and iPad OS version. This is not a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.56.2.3345 doesn’t provide a changelog so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.28.3.3355 doesn’t provide a changelog so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.29.2.6364 resolves several bugs. This is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.3.1 resolves several bugs. This is not a security update.
https://www.epicgames.com/

Lego Studio 2.22.10.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Nintendo Switch 15.0.1 resolves several bugs. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

Steam 2022.10.18 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

SteamOS 3.3.2 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Illustrator 27.0 and 26.5.1 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-56.html

Adobe Reader DC 22.003.20263 improves stability. This is not a security update.
https://get.adobe.com/reader

Calibre 6.8.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

IcoFX 3.8.1 fixes jpg editor and removes shape editor. This is not a security update.
https://icofx.ro/

Krita 5.1.3 resolves dozens of bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

Kindle for PC 1.39.65323 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.3.7 resolves over two dozen bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.6.1 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4.7 resolves the “make my printer bleed” bug, as well as several other bugs. This is not a security update.
https://notepad-plus-plus.org/

Sage Timeslips 30.0.4.84 resolves several bugs. This is not a security update.
https://na.sage.com/Sage-Timeslips/Support

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.2.0 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

HTTP Toolkit 1.12.0 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

IISCrypto 3.3.17 adds TLS 1.3, new cipher suites, and updates templates. This is not a security update.
https://www.nartac.com/Products/IISCrypto/Download

MalwareBytes Anti-Malware 4.5.17 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL (SLP) 3.0.7 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

OpenSSL 1.1.1s is a security update.
https://www.openssl.org/source/

OpenSSL 3.0.7 is a security update.
https://www.openssl.org/source/

ProtonVPN 3.0.5 (macOS) is a security update.
https://protonvpn.com/download

ReactOS 0.4.14.31 resolves dozens of bugs. This is a security update.
https://reactos.org/

Tails 5.6 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.45.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Zorin OS 16.2 improves compatibility, updates libraries, upgrades LibreOffice, and resolves several bugs. This is a security update.
https://zorin.com/os/mirrors/

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 28.1.2 improves stability. This is not a security update.
https://obsproject.com/

SnagIt 23.0.1 resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

PDF Creator 5.0.1 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.0.0.1 resolves several bugs and improves stability. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

DVDFab 12.0.9.1 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.17 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.9.8 resolves several bugs and adds many new features. This is a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.9.8 resolves several bugs and adds many new features. This is a security update.
https://1password.com/downloads/windows/

AOMEI Partition Assistant 9.12.0 adds support for moving BitLocker partitions, and resolves several bugs. This is not a security update.
https://www.diskpart.com/

Beyond Compare 4.4.4.27058 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 2022.10.1 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.05.10110 improves stability and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

DesktopOK 10.44 improves tools. This is a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.8.15 updates libraries. This is a security update.
https://www.balena.io/etcher/

Fido 1.36 adds support for the latest build of Windows. This is not a security update.
https://github.com/pbatard/Fido/releases

Go 1.19.3 is a security update.
https://go.dev/

GoodSync 12.0.9 is a security update.
https://www.goodsync.com/

HWMonitor 1.47 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 3.77 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.2.5 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

Memtest86+ 6.00 is a new major version, with support for new hardware, and resolves many bugs. This is not a security update.
https://www.memtest.org/

NetworkInterfacesView 1.25 adds enable/disable option and registry key details. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

NetworkTrafficView 2.42 improves high-DPI mode. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

NTLite 2.3.8.8978 improves compatibility. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.64.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcessMonitor 3.92 adds an option to set the filter driver altitude from the command line. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Process Explorer 17.01 adds dark theme, multipane support, startup improvements and resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

RoboForm 9.3.7 adds the ability to install updates without killing all the browsers and resolves several bugs. Be aware that this causes many browser extensions to fail until they’re reinstalled. This is not a security update.
https://www.roboform.com/

ScreenConnect 22.9.10231 adds several new controls and security improvements. This is a security update.
https://www.connectwise.com/software/control/download

Sysmon 14.11 resolves a stability bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TeamViewer 15.35.7 doesn’t have a changelog so should be treated as a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.21 resolves several bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

Windows 10 Upgrade 22H2 is a system update. This installs the latest build of Windows 10.
https://www.microsoft.com/en-us/software-download/windows10

WinAudit 3.4.3 resolves DNS bug. This is not a security update.
http://www.parmavex.co.uk/winaudit.html

WizTree 4.11 adds a Today filter, now supports quoting in filters, and resolves a couple bugs. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.35.00 resolves several bugs and backports several features. This is not a security update.
https://www.autohotkey.com/download/

Docker Desktop 4.13.1 improves compatibility, upgrades libraries and resolves several bugs. This is a security update.
https://www.docker.com/products/docker-desktop

GitHub Desktop 3.1.2 updates embedded engine. This is not a security update.
https://desktop.github.com/

Node.js 14.21.1 is a security update.
https://nodejs.org/en/

Node.js 16.18.1 is a security update.
https://nodejs.org/en/

Node.js 18.12.1 is a security update.
https://nodejs.org/en/

Node.js 19.0.1 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.73 adds include/exclude folders to search, shortcuts to Command Center, merge editor improvements and several other fixes. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.2 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Joomla 4.2.5 is a security update.
https://www.joomla.org/

phpList 3.6.10 resolves several bugs. This is not a security update.
https://www.phplist.org/

Piwigo 13.1.0 resolves several bugs. This is a security update.
https://piwigo.org/

WordPress 6.1 adds a new default theme, new templates, improved design controls, menu editing, and resolves several bugs. This is not a security update.
https://wordpress.org/

Autoptimize 3.1.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 10.6.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.6.4 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Idea Publisher 1.0.6 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/idea-publisher/

NextScripts Social Networks Auto-Poster 4.4.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Redirection 5.3.5 resolves a language bug. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

W3 Total Cache 2.2.7 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 7.0.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 6.10.0 resolves over a dozen bugs. This is not a security update.
https://wpbakery.com/

WP Plugin Update Checker 5.0 switches from classes to namespaces, adds VCS controls, and resolves several bugs. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-10-11

Welcome back, Folks!

Today is Patch Tuesday for October, 2022. This month brings a new major version of Windows 11, and impending new version of Windows 10. That’s on top of the 120 major hacks, and another 150+ application updates this month. This is actually the lightest month we’ve had in a while, with less than 3 GB of updates for most users.

This Month in Technology

2K Games, a high-profile Hawaiian financial company, Airplane WiFi networks, Albanian State Police, American Airlines, Anesthesia Associates of El Paso PA, Anesthesia Associates of Maryland LLC, Anesthesia Services of San Joaquin PC, Argentina’s Ministry of Economy, Ask.FM, Bell Technical Solutions, Bhinneka, Binance, Bitbucket Server, Bonita Springs Retirement Village, Inc., Bronx Anesthesia Services PC, Centerstone of Tennessee, Inc., Centre Hospitalier Sud Francilien, Chase UK, Chilean Judiciary, Chilean Ministry of Defense, City of Tucson, Columbia River Mental Health Services, Comision Nacional de Acreditación in Chile, Comm100 Live Chat, CommonSpirit Health, Consorci Sanitari Integral, Costa Group, Country Doctor Community Clinic, CSI Laboratories (again!), The Coeur Group, Dialog, Digital Network System, DLS Motors, Easterseals-Goodwill Northern Rocky Mountain, Inc., Elbit Systems of America, Empress EMS, Extended MLTC, an F-35 Lightning II fighter aircraft components supplier, Fast Company, FishPig, FMC Services, LLC, FortiOS, FortiProxy, Fredericksburg Anesthesia Services LLC, Guatemala’s foreign ministry, Hampton Public Library, Hazleton Anesthesia Services PC, Independence, Intel, Jaime Câmara, Johnson Fitness and Wellness, Kaye-Smith Enterprises, Inc., Kiwi Farms, Landmark Management Services, Latam government, Lloyd’s of London, Lynbrook Anesthesia Services PC, Magellan Rx Management, Magento, Makler, Mexican Military, Microsoft Endpoint Configuration Manager, Microsoft Exchange, hundreds of Microsoft SQL servers, Monroe Ear Nose and Throat Associates, PC, National Institute for Drug and Food Surveillance, Neurology Center of Nevada, New York Racing Association, Northern California Fertility Medical Center, Okta Auth0, Optus, Oracle Cloud, Orange Southwest Supervisory District, Palm Springs Anesthesia Services PC, Peru’s Instituto De Desarrollo Profesional, Physician’s Business Office, Inc., Providence WA Anesthesia Services PC, Puigcerda Hospital, Quintal, redONE Network Sdn Bhd, REDTONE Digital BHD Network, Reelfoot Family Walk-In Clinic, Reid and Riege, P.C., Reidville Fire Department, Resource Anesthesiology Associates of CA A Medical Corporation, Resource Anesthesiology Associates of IL PC, Resource Anesthesiology Associates PC, Revolut, Rockstar Games, Seattle Children’s Hospital, Seesaw, Shangri-La Group, Smith, Gambrell & Russell, LLP, South Redford School District, Starbucks, State Bar of Georgia, State of Colorado, Swachhata, TAP Air Portugal, Telstra, Tessie Cleveland Community Services Corp, The Icon Group, Toyota, Transit Finance, Trend Micro Apex One, Trillium Health Inc., U.S. Dept of Defense, Uber (more), Universidad Internacional Del Ecuador, Upstate Anesthesia Services PC, UW Medicine, Wakanim, WhatsApp, Wintermute, Zimbra, and Zoho ManageEngine have reportedly been hacked or compromised this month.

MEC has shared with us why Microsoft Exchange has proven to be such a large target. 350+ million email accounts spread across over 300,000 physical servers, where (demonstrably) security lapses are commonplace. Even with that, it has nothing to do with the recent spate of outlook crashes or certificate issues on MS products.

There’s more evidence demonstrating the risk of pirated software. Twitter neglected to log out devices after password resets. And Dell drivers are being used to hijack computers.

The newest version of Windows 11 was released less than 3 weeks ago. It has problems. Among the many issues with the latest release of Windows 11 include
file copy performance, Windows Hello failure, provisioning, Remote Desktop, printer issues, Intel audio, NVIDIA GeForce Experience, and NVIDIA gaming performance, and those are just the ones that have made the news so far. If you’re planning to upgrade to the latest build of Windows 11, wait another month or two.

Now for the good news:

It turns out the theoretial protection of tinfoil hats may have actually been a government conspiracy. Really. How is this good news? You don’t have to worry about making sure you have tinfoil available anymore! 🙂

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly
GB in updates today. Let’s get started.

Windows 11 22H2 (22621) is a major update for Windows 11, but it has been plagued with issues over the last couple weeks. Give it time before you willingly update.

Microsoft released updates to address 90 vulnerabilities in Active Directory Domain Services, Azure, Azure Arc, Client Server Run-time Subsystem, Microsoft Edge, Microsoft Graphics Component, Microsoft Office, Microsoft Office 365 2209 (15629.20156), Microsoft Office SharePoint, Microsoft Office Word, Microsoft WDAC OLE DB provider for SQL, NuGet Client, Remote Access Service Point-to-Point Tunneling Protocol, Role: Windows Hyper-V, Service Fabric, Visual Studio Code, Windows Active Directory Certificate Services, Windows ALPC, Windows CD-ROM Driver, Windows COM+ Event System Service, Windows Connected User Experiences and Telemetry, Windows CryptoAPI, Windows Defender, Windows DHCP Client, Windows Distributed File System, Windows DWM Core Library, Windows Event Logging Service, Windows Group Policy, Windows Group Policy Preference Client, Windows Internet Key Exchange Protocol, Windows Kernel, Windows Local Security Authority, Windows Local Security Authority Subsystem Service, Windows Local Session Manager, Windows NTFS, Windows NTLM, Windows ODBC Driver, Windows Perception Simulation Service, Windows Point-to-Point Tunneling Protocol, Windows Portable Device Enumerator Service, Windows Print Spooler Components, Windows Resilient File System, Windows Secure Channel, Windows Security Support Provider Interface, Windows Server Remotely Accessible Registry Keys, Windows Server Service, Windows Storage, Windows TCP/IP, Windows USB Serial Driver, Windows Web Account Manager, Windows Win32K, Windows WLAN Service, Windows Workstation Service, and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 16.0.3 and watchOS 9.0.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS iOS 16.0.3 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 9.0.2 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 105.0.5195.134 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.10.1 improves stability. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 8.03 does not provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.5.5 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.1.6 resolves dozens of issues. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Epson ET-4800 3.01 adds support for newer Remote Print Driver and Epson Photo+ Software. This is not a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4800/s/SPT_C11CJ65201

Garmin Express 7.14.0 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Intel Driver and Support Assistant 22.6.39 resolves several bugs and improves feedback. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Netgear Nighthawk R7960P 1.4.4.94 is a security update.
https://www.netgear.com/support/product/R7960P.aspx#download

Wacom Driver 6.4.0-8 adds support for newer hardware. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.44.108 is a security update.
https://brave.com/

Google Chrome 106.0.5249.103 is a security update.
https://www.google.com/chrome/

Microsoft Edge 106.0.1370.34 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 105.0.3 is a security update.
https://www.mozilla.org/en-US/firefox/new/

SeaMonkey 2.53.14 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.5.2805.35 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.45 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

OutlookAttachView 3.46 improves visual feedback. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 102.3.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.52 improves visual feedback. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Dropbox 158.4.4564 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 164.0.0.8.109 is a security update.
https://www.messenger.com/download

FileZilla Client 3.61.0 should be treated as a security update.
https://filezilla-project.org/

FreeFileSync 11.26 improves performance and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 64.0.4 resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.5.00.21668 adds support for Apple Silicon, group chat reply suggestions, and improves management features. This is not a security update.
https://teams.microsoft.com/downloads

Mumble 1.4.287 improves compatibility. This is not a security update.
https://www.mumble.info/

Nextcloud Server 24.0.6 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.59.2 improves stability. This is not a security update.
https://rclone.org/

Signal 5.62.0 resolves several bugs and improves contact property view. This is not a security update.
https://signal.org/download/windows/

Skype 8.88.0.401 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.22.0 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 9.1 adds certbot support, dashboard improvements, and several other features. This is not a security update.
https://technitium.com/dns/

Telegram 4.2.4 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 5.21.5 is a security update.
https://winscp.net/eng/index.php

Zoom 5.12.2.9281 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4 improves stability, adds new audio FX packages, and new “spectral devices.” This is not a security update.
https://www.bitwig.com/download/

darktable 4.0.1 resolves dozens of bugs. This is not a security update.
https://www.darktable.org/

MediaMonkey 5.1 resolves several bugs. This is not a security update.
https://www.mediamonkey.com/windows#download

Plex Desktop 1.55.0.3278 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.26.1.3276 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.29.0.6244 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.2.4 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.9.0.49 improves stability. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.22.9.3 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Nintendo Switch 15.0.0 improves stability, changes a menu, and adds ability to take screenshots in NSO. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS4 10.01 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PS5 22.02-06.00.01 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2022.10.06 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 21.0.12 and 22.0.8 are security updates.
https://helpx.adobe.com/security/products/animate/apsb22-54.html

Adobe Bridge 12.0.3 and 11.1.4 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb22-49.html

Adobe Experience Manager CS and 6.5.14.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html

Adobe Illustrator 26.5 and 25.4.8 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-55.html

Adobe InCopy 17.4 and 16.4.3 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb22-53.html

Adobe InDesign 17.4 and 16.4.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb22-50.html

Adobe Photoshop 22.5.9 and 23.5 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-52.html

Adobe Reader DC 22.003.20258 is a security update.
https://get.adobe.com/reader

Audacity 3.2.1 improves stability. This is not a security update.
https://www.audacityteam.org/download/

Blender 3.3.1 adds hair geometry, improves deforming tools, and several other features. This is not a security update.
https://www.blender.org/download/

Krita 5.1.1 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.4.1 resolves dozens of bugs. This is not a security update.
https://www.libreoffice.org/

Notepad++ 8.4.6 adds change history markers and tab context menu improvements. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 9.4.364.0 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Calibre 6.6.1 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Kindle for PC 1.39.65306 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.1.1 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

HTTP Toolkit 1.11.0 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

OnionShare 2.6 adds several new features. This is a security update.
https://onionshare.org/

OpenSSL 3.0.6 is a security update.
https://www.openssl.org/source/

OpenSSL 1.1.1r is a security update.
https://www.openssl.org/source/

OSFClone 1.4.1000 updates libraries and core OS. This is a security update.
https://www.osforensics.com/tools/create-disk-images.html

ProtonVPN 2.1.1 is a cosmetic update. This is not a security update.
https://protonvpn.com/download

ProtonVPN for macOS 3.0.3 is a cosmetic update. This is not a security update.
https://protonvpn.com/download

ReactOS 0.4.14.24 resolves dozens of bugs. This should be treated as a security update.
https://reactos.org/

uBlock Origin 1.44.4 resolves the broken :not() operator. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.10.3 adds directory scanning and improves compatibility. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 28.0.3 resolves several bugs. This is not a security update.
https://obsproject.com/

ScreenToGif 2.37.1 resolves several bugs to improves compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 22.1.2 resolves an activation bug. This is not a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.8.9 adds support for new encodings and improved hardware support. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.2 doesn’t provide a changelog. This is not a security update.
https://imazing.com/heic

PDF Creator 5.0 is a major update adding new features and organizational tools. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 5.0.5.6 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.15 adds split view improvements, adds math support, PDF improvements, and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

BgInfo 4.32 now reports Windows Insider builds. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/bginfo

Bitwarden 2022.9.1 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.04.10044 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Coreinfo 3.6 adds and option to measure inter-CPU latency. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/coreinfo

DesktopOK 10.34 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.7.9 adds update notification and resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything 1.4.1.1022 is a security update.
https://www.voidtools.com/

Everything CLI 1.1.0.26 adds -exit, -reindex, and -utf8bom options, and resolves a Unicode write bug. This is not a security update.
https://www.voidtools.com/

Fido 1.35 is the fourth compatibility release for Windows 11 22H2. This is not a security update.
https://github.com/pbatard/Fido/releases

Git SCM 2.38.0 resolves over a dozen bugs. This is not a security update.
https://git-scm.com/

Go 1.19.2 is a security update.
https://go.dev/

GoodSync 12.0.7 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.0.11 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

Kingston SSD Manager 1.5.2.4 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2.3.8.8945 improves compatibility. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1004 improves documentation and reports, and updates several features. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.63.0 resolves several bugs and updates dependencies. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 22.8.9612.8308 adds key rotation, improved session management, improved compatibility and resolves several bugs. This is a security update.
https://www.connectwise.com/software/control/download

Sysmon 14.1 adds monitoring for FileBlockShredding events. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TaskSchedulerView 1.72 improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.34.4 improves multi-tab display. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.19 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WinGet 1.3.2691 updates dependencies. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2021.3.1.16 improves wear OS compatibility. This is not a security update.
https://developer.android.com/studio

AutoIt 3.3.16.1 resolves several bugs. This is not a security update.
https://www.autoitscript.com/autoit3/docs/history.htm

GitHub Desktop 3.1.1 resolves several bugs. This is not a security update.
https://desktop.github.com/

MySQL Server 8.0.31 resolves dozens of bugs. This is not a security update.
https://dev.mysql.com/downloads/installer/

MySQL ConnectorNet 8.0.31 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 14.20.1 is a security update.
https://nodejs.org/en/

Node.js 16.17.1 is a security update.
https://nodejs.org/en/

Node.js 18.10.0 is a security update.
https://nodejs.org/en/

SQLite 3.39.4 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseSVN 1.14.5 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.72.1 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.0 is a major update adding full encryption support, cloud interop connectivity, new hardware virtualization features and resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.20 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.4.8 is a security update.
https://drupal.org/download

Joomla 4.2.3 resolves several bugs. This is not a security update.
https://www.joomla.org/

MailEnable 10.42 and 9.85 are security updates.
https://www.mailenable.com/

Piwigo 13.0.0 adds several new features and updates compatibility options. This is not a security update.
https://piwigo.org/

Akismet 5.0.1 resolves several bugs.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

myStickymenu 2.6.1 removes the contact form character limit. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.62 resolves a timezone bug. This is not a security update.
https://wordpress.org/extend/plugins/postie/

Redirection 5.3.4 resolves a “not” bug. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Simple Lightbox 2.9.2 should be treated as a security update.
https://wordpress.org/extend/plugins/simple-lightbox/

Slider Revolution 6.6.3 resolves a couple bugs. This is not a security update.
https://revolution.themepunch.com/

W3 Total Cache 2.2.6 resolves a Cloudfront compatibility bug. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WP Mail SMTP 3.6.1 resolves several bugs and improves debug controls. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WooCommerce 6.9.4 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Importer 0.8 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-09-13

Welcome back, Folks!

Today is Patch Tuesday for September, 2022. This month brings new major versions of iOS, tvOS, watchOS, and impending new versions of Windows 11 and Windows 10. That’s on top of the 120 major hacks, and over 150 application updates this month. Even with all that, it’s actually a pretty light month, with only about 3 GB of updates for most users.

This Month in Technology

Advanced (NHS MSP), Akamai, Akasa Air, Albanian government, Ally Bank, Amazon, Argentina’s Judiciary of Córdoba, Armed Forces General Staff agency of Portugal (EMGFA), Atlantic Dialysis Management Services, Atlassian Bitbucket Server, an “automotive supplier“, Avamere Health Services LLC, Baker & Taylor, Banorte, Block, BOGA Group, Bombardier Recreational Products (BRP), BrandNewTube, BSA Hospice of the Southwest, California Department of Corrections and Rehabilitation (CDCR), Celanese Medical Plan, Center Hospitalier Sud Francilien (CHSF), Cerebral Medical Group, P.A., Chester Upland School District, Chile Consumer Protection Agency, Chile’s government, Cisco (more), Common Ground Healthcare Cooperative, Conifer Revenue Cycle Solutions, CorrectHealth, CS.MONEY, Damart, DaVita Inc., DESFA, DigitalOcean, Dominican Republic’s Instituto Agrario Dominicano, DoorDash, EmergeOrtho, energy providers worldwide, Entrust, Eurocell, Family Medicine Centers, Farmville Internal Medicine, First Street Family Health, Forsyth County medical office, Franklin College, General Bytes, General Health System, Gestore dei Servizi Energetici SpA (GSE), Go-Ahead, Health Advantage, Henderson & Walton Women’s Center, P.C., Holdcroft Motor Group, HP Support Assistant, Hyundai, InterContinental Hotels Group PLC (IHG), IRS, Japan government, KeyBank, Kickstarter (?), LA USD (more), Lamoille Health Partners, LastPass, Lee County Emergency Medical Services, Liberty Counsel, MailChimp, Major Cineplex, Major Development PCL, Medical Mutual of Ohio, Methodist Craig Ranch Surgical Center, Methodist McKinney Hospital, Microsoft Teams, Montenegro government (and lied about it), Mossad, Nelnet Serving, Neopets, Nereus Finance, New Free DAO, NorthStar HealthCare Consulting LLC, Northwestern Medical Center, Novant Health, over 130 organizations via Okta, OMNI Healthcare, INC, OneTouchPoint, Onyx Technology LLC, Orange Cyberdefense, Overlake Medical Center & Clinics, Plex, Practice Resources LLC, Priti Patel Physician PC, Prowers  County Hospital District, PT Jasamarga Tollroad Operator, QNAP Photo Station, QuestionPro, Rug Pull Finder, Samsung, San Diego American Indian Health Center, San Francisco 49ers, Sando, Savannah College of Art and Design, Sephora, SFERRA, Sheppard Robson, Shipyaari, ShitExpress, Signal, SitePoint, South Staffordshire Water, Specialized Treatment Facility, Sri Lanka Department of Examinations, Starlink’s Dishy McFlatface, START.ru, Stratford University, TAP Air Portugal, Tesla cars, The North Face, TikTok, Trinity Health, Tulsa Tech, Twilio, Twitter, U-Haul, UK’s National Health Service, USAble Mutual Insurance Company, Valley Baptist Medical Center – Brownsville, Valley Baptist Medical Center – Harlingen, Warner Norcross & Judd, Xinai Electronics, and Zimbra Collaboration Suite have reportedly been hacked or compromised this month.

75% of retailers and 52% of supply chains report being hacked in 2021. Those numbers don’t reflect well on the security state of the nation. 🙁

Patreon fired their entire security department. What this means for you: if you’re still using Patreon, now is the best time to stop.  The Zoom installer can get you hacked. Facebook and Twitter will soon be shunning the CIA. (/sarc)

After updates last month, MS Office would crash if you floated your mouse over Outlook contacts. The version was pulled, but a new version wasn’t released until today. Microsoft released a virus definitions update that falsely identified every Electron app as malware on September 4th (the Labor Day holiday weekend). While it took only 13 hours before they released a fix, it was 13 hours too long for many who thought their browsers had been compromised. Edge 105 wouldn’t start if you had policies enabled relating to data reporting. Completely removing the policies was the only workaround. Tabs are coming to Windows Explorer in a “Moment.” I think they should probably call them Hot Flashes. Or Whims.

The only significant outages this month were Microsoft Azure and Microsoft 365.

End-of-life (EOL) means end-of-life. Don’t expect vendors to fix critical vulnerabilities in EOL hardware or software. Usually. This is a win for Apple. This isn’t. And this is just sad.

Google finished their purchase of Mandiant. Even Lloyd’s of London is taking a page out of the terrorism handbook. The IoT (Internet of Things) is far less secure than they claim. In an approach that could only be described as inevitable, the anti-cheat software used to prevent cheating in a video game is being abused to hack computers with it installed.

The concept of software “permissions” is fatally flawed. While this article only demonstrates how it effected the clipboard, it’s a timely reminder to keep your camera and mic physically disabled whenever possible.

When the Federal government has no respect for the law, is it any surprise that law enforcement are tracking you without warrants. Duh.

Now for the good news:

While there’s not a lot of good news in tech, we can at least have some fun with it. Check out these barcode ponies.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is about average this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates to address 64 vulnerabilities in .NET and Visual Studio, .NET Framework, Azure Arc, Cache Speculation, HTTP.sys, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Network Device Enrollment Service (NDES), SPNEGO Extended Negotiation, Visual Studio Code, Windows Common Log File System Driver, Windows Credential Roaming Service, Windows Defender, Windows Distributed File System (DFS), Windows DPAPI (Data Protection Application Programming Interface), Windows Enterprise App Management, Windows Event Tracing, Windows Group Policy, Windows IKE Extension, Windows Kerberos, Windows Kernel, Windows LDAP – Lightweight Directory Access Protocol, Windows ODBC Driver, Windows OLE, Windows Photo Import API, Windows Print Spooler Components, Windows Remote Access Connection Manager, Windows Remote Procedure Call, Windows TCP/IP, Windows Transport Security Layer (TLS), and MSRT (~3 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 12.5.6 and 16.0, iPadOS 15.6.1, macOS Big Sur 11.7, macOS Monterey 12.5.1 and 12.6, Safari 15.6.1 and 16.0. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 12.5.6 and 16.0 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.6.1 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 16.0 is a security update. Use System, Software Update to install the most current version.

watchOS 9.0 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 105.0.5195.112 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The new versions of Windows 10 and Windows 11 are expected within the next month. This release is the first in Microsoft’s new “Moments” behavior. We knew this would eventually happen last year when they threw in the towel on their 6-month OS release cadence and switch to a 1-year cadence, then last month announced that they would instead release a new major build every 3 years but release smaller feature updates (called “Moments”) whenever they wanted to. I think they missed their chance to call them “Whims”. If their recent cadence changes demonstrate anything, it’s that it’s all on a Windows Whim anyway. 🙂

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.8.2 resolves several bugs and improves compatibility. This is not a security update.
https://www.amd.com/en/support

BullZip PDF Printer 14.0.0.2944 removes features. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Dymo Connect for Desktop 1.3.2.18 improves compatibility, but still not supported on Windows 11. This is not a security update.
https://www.dymo.com/label-makers-printers/labelwriter-label-printers/dymo-labelwriter-450-duo-thermal-label-printer/SAP_1752267.html

Intel Driver and Support Assistant 22.5.34 improves stability and resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.43.89 is a security update.
https://brave.com/

Google Chrome 105.0.5195.102 is a security update.
https://www.google.com/chrome/

Microsoft Edge 105.0.1343.33 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 104.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 102.2.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 5.4.2753.47 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.5 is a security update.
https://getmailspring.com/

Thunderbird 102.2.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.14 is a security update.
https://anydesk.com/en/downloads

curl 7.85.0 resolves over a hundred bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 156.4.4908 improves context menu behavior. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 159.0.0.23.221 is a security update.
https://www.messenger.com/download

FreeFileSync 11.25 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 63.0 is a security update.
https://drive.google.com/start

Mumble 1.4.274 resolves over a dozen bugs. This is not a security update.
https://www.mumble.info/

Nextcloud Server 24.0.5 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Nmap 7.93 is a security update.
https://nmap.org/

Npcap 1.71 is a security update.
https://nmap.org/npcap/

Omada Software Controller 5.5.6 improves reliability, compatibility, and resolves an access bug. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-GUI 0.8.11 resolves several bugs. This is not a security update.
https://pocketnet.app/

Signal 5.58.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://signal.org/download/windows/

Skype 8.87.0.406 resolves several bugs and adds quoting for all content types. This is not a security update.
https://www.skype.com/

Syncthing 1.21.0 resolves two bugs and adds several new features. This is not a security update.
https://syncthing.net/

Telegram 4.1.1 resolves several bugs. This is not a security update.
https://telegram.org/

Trillian 6.5.0.24 improves reliability, media and diagnostics. This is not a security update.
https://www.trillian.im/

WinSCP 5.21.3 resolves a couple bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.11.11.8425 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.4 resolves several bugs. This is not a security update.
https://en.3tene.com/

iTunes 12.12.5.1 is a security update.
https://www.apple.com/itunes/download/

Picard 2.8.3 resolves a crash bug. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.53.1.3225 improves watchlist, resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.25.1.3248 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.28.2.6151 resolves a stability bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.2.1 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.8.1.37 adds several new features, removes redundant and unused features, and resolves over 150 bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.22.8.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

PS4 10.0 adds zoom and magnify options in the browser, and improves Remote Play. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PS5 22.02-06.00.00 adds dozens of new features and bug fixes. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2022.08.18 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 21.0.12 and 22.0.8 are security updates.
https://helpx.adobe.com/security/products/animate/apsb22-54.html

Adobe Bridge 12.0.3 and 11.1.4 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb22-49.html

Adobe Experience Manager 6.5.14.0 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html

Adobe Illustrator 23.5 and 25.4.8 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-55.html

Adobe InCopy 17.4 and 16.4.3 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb22-53.html

Adobe InDesign 17.4 and 16.4.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb22-50.html

Adobe Photoshop 22.5.9 and 23.5 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-52.html

Adobe Reader DC 22.002.20212 is a security update.
https://get.adobe.com/reader

Calibre 6.4.0 adds several new management and organizational features, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Krita 5.1.0 resolves dozens of bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.4.1 adds over 500 bug fixes and features changes. This is a security update. Please remember that LibreOffice Fresh is beta software. Most users should use LibreOffice Still.
https://www.libreoffice.org/

LibreOffice 7.3.6 resolves over 50 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.6.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4.5 updates libraries and resolves a dozen bugs. This should be treated as a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.12 resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.4.363.0 resolves several stability and reliability bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Framework 4.8.1 adds native support for Arm64, forms, and tooltips improvements. This is not a security update.
https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481

Hashcat 6.2.6 adds a return code for self-test failure. This is not a security update.
http://hashcat.net/hashcat/#downloadlatest

Johnny 2.2 adds several new modes, file formats, export options and resolves several bugs. This is not a security update.
https://openwall.info/wiki/john/johnny

KeePass 2.52 adds several new features, improves GUI and automation, and resolves a couple bugs. This is not a security update.
https://keepass.info/

ProtonVPN 2.0.6 improves DNS resolution. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.2 now automatically logs you in when visiting the ProtonVPN website. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.6.1 updates core, adds clipboard protection, and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SanDisk PrivateAccess 6.3.10 doesn’t provide a changelog so should be treated as a security update.
https://kb.sandisk.com/app/answersweb/detailweb/a_id/21996

Tails 5.4 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.44.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.6.6 resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 28.0.1 adds dozens of new features, bug fixes, and performance improvements. This is not a security update.
https://obsproject.com/

ScreenToGif 2.37.1 resolves a couple bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.8.6 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 5.0.5.2 improves reliability and performance with some websites. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.13 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.9.4 resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.9.5 resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/windows/

AOMEI Partition Assistant 9.10.0 resolves several bugs and adds ability to delete large files. This is not a security update.
https://www.diskpart.com/

Agent Ransack 2022.3341 updates libraries and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

CCleaner 6.03.10002 increases the nag factor and resolves several crash bugs. This is not a security update.
https://www.ccleaner.com/

ControlMyMonitor 1.36 adds option to start as hidden. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Coreinfo 3.53 now handles NUMA nodes with more than 64 processors. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/coreinfo

CPU-Z Installer 2.02 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.3.6 resolves a dozen bugs. This is not a security update.
https://cygwin.com/

DesktopOK 10.16 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.0.154.0 resolves several bugs. This is not a security update.
https://dngrep.github.io/

Drive Snapshot 1.50 adds SFTP support and support for newer operating systems. This is not a security update.
http://www.drivesnapshot.de/en/

Everything 1.4.1.1020 is a security update.
https://www.voidtools.com/

Fido 1.31 improves compatibility. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3341 updates libraries and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.37.3 resolves several bugs. This is not a security update.
https://git-scm.com/

GoodSync 12.0.2 resolves dozens of bugs and improves compatibility. This is a security update.
https://www.goodsync.com/

NTLite 2.3.8.8890 improves compatibility. This is not a security update.
https://www.ntlite.com/download/

osquery 5.5.1 adds and updates several new tables, and resolves several bugs. This is not a security update.
https://osquery.io/downloads

PointerStick 5.95 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.62.0 adds Screen Ruler, Quick Accent, Text Extractor (OCR), and resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 22.7.8783.8255 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SearchMyFiles 3.22 resolves a couple bugs. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

SimpleWMIView 1.52 adds option to show milliseconds. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Ookla Speedtest CLI 1.2.0
https://www.speedtest.net/apps/cli

Sysmon 14.0 adds a new event type, FileBlockExecutable, that prevents processes from creating executable files in specified locations, and includes several performance improvements and bug fixes. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TcpLogView 1.36 is a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

TeamViewer 15.33.7 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.13 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Unity 2022.1.16 updates libraries and resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

USBDeview 3.06 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WhyNotWin11 2.5.0.3 resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinScan2PDF 8.22 adds reverse scan order. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.10 resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

ADB 33.0.3 resolves several bugs. This is a security update.
https://developer.android.com/studio/releases/platform-tools

AutoHotkey 1.1.34.04 resolves several bugs. This is a security update.
https://www.autohotkey.com/download/

Docker Desktop 4.12.0 upgrades libraries and fixes dozens of bugs. This is a security update.
https://www.docker.com/products/docker-desktop

Get-IMAPAccessToken 2022.9.1 improves consistency and updates documentation. This is not a security update.
https://github.com/DanijelkMSFT/ThisandThat/blob/main/Get-IMAPAccessToken.ps1

Go 1.19.1 is a security update.
https://go.dev/

GitHub Desktop 3.0.8 resolves several bugs. This is not a security update.
https://desktop.github.com/

Node.js 18.9.0 updates libraries and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/

Node.js 16.17.0 updates libraries and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/

SQLite 3.39.3 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.71.1 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.13.2 resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

VirtualBox 6.1.38 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.19.0 resolves several bugs, adds new features, and updates libraries. This is a security update.
https://dadamailproject.com/

HumHub 1.12.1 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 4.2.2 is a security update.
https://www.joomla.org/

jQuery 3.6.1 resolves several bugs. This is not a security update.
https://code.jquery.com/

MailEnable 10.41 updates utilities, and resolves over a dozen bugs. This is not a security update.
https://www.mailenable.com/

OpenCart 4.0.1.1 resolves several bugs. This should be treated as a security update.
https://www.opencart.com/

ownCloud Client 2.11.1.8438 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

WordPress 6.0.2 is a security update.
https://wordpress.org/

Autoptimize 3.1.1.1 resolves a stability bug. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 10.4.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.6.3 adds new validation features. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.0 resolves several bugs and adds new options within the installer. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

myStickymenu 2.6 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Redirection 5.3.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Simple Lightbox 2.9.1 adds support for new media formats, improves compatibility, and resolves a validation bug. This is not a security update.
https://wordpress.org/extend/plugins/simple-lightbox/

Slider Revolution 6.5.31 resolves a minor bug. This is not a security update.
https://revolution.themepunch.com/

Sucuri Security 1.8.35 resolves a referer bug. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WooCommerce 6.8.2 resolves dozens of bugs, improves reliability, compatibility and adds several new tests and flows. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.5.2 resolves a self-diagnostic bug. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WPtouch 4.3.44 is a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

 

Updates 2022-05-10

Welcome back, Folks!

Today is Patch Tuesday for May, 2022. There’s a lot of news this month, and sunlight is proving to be the best disinfectant. It’s a big one.

This Month in Technology

AA Traveller, Adaptive Health Integrations, AGCO, Aimware, Amazon Web Services, American Dental Association, Android, Apple, ARcare, Aruba and Avaya network switches, Austin Peay State University, Avvo, Bank of Israel, Beanstalk, Bob’s Red Mill Natural Foods, Central Florida Cardiology Group, Cisco Umbrella Virtual Appliances, Coca-Cola, Costa Rica government, County of Los Angeles Department of Mental Health, Dedalus Biology, Deus, Devil-Torrents, Discord, District 518 in Minnesota, Docker servers, DVR devices, EGAIS, F5 BIG-IP, Facebook, Fairfield County Implants and Periodontics, LLC, Fei protocol, Ferrari, Funky Pigeon, GHT Coeur Grand Est. Hospitals and Health Care group, Good Samaritan in West Palm Beach, Google, HealthActions, P.A., Healthplex, Inc, Heroku, Hetzner Online GmbH, IKEA Canada, Illinois Gastroenterology Group, PLLC, Illuminate Education, Kellogg Community College, Kenosha Community Health Center, King County Public Hospital District No. 2, La Casa de Salud, Lakeview Loan Servicing, Lincoln College, Linux, Lutheran Services Carolinas, Mental Health Center of Greater Manchester, MetroHealth System, Microsoft Azure, Microsoft Exchange servers, Nauru Police Force, New Creation Counseling Center, Newman Regional Health, Nordex, Nordic Hotels & Resorts, NPM, Oklahoma City Indian Clinic, Onleihe, OpenSea, Optima Dermatology Holdings, LLC, PayHere, QIWI, QNAP, RainLoop, Rarible NFT, Romania, Ronin Network, RuTube, Scott County, IowaSelect Benefits Group, LLC dba Dental Select, Sixt, Smile Brands, Snapchat, Southern Ohio Medical Center, Spanish football federation, St. Mary’s Medical Center in West Palm Beach, State Bar of Georgia, SUMMIT EYE ASSOCIATES P.C., Sunwing Airlines, Synology, T-Mobile, The Energy Cooperative Group Benefits Plan, The Mental Health Center of Greater Manchester, Twitter, U.S. DoD, UK Ministry of Defense, UK NHS, Ukrainian government, Urgent Team Holdings, US Department of Homeland Security (DHS) (with permission), US Health and Human Services, VMware Workspace ONE Access, Wayne Family Practice Associates, PC, WellDyneRx, LLC, Windows Event Logs, and WSO2 have reportedly been hacked or compromised this month.

Atlassian, Google Docs, WhatsApp, and Xbox have suffered from widespread outages.

A software bug in Harris County Jail has caused problems with hundreds of cases, preventing access to arrest and hearing information, resulting in major issues for law enforcement and the DA.

Google has added a feature to fight doxxing by removing supplied personal information from search results. This would, of course, not be so ridiculous if they hadn’t recently shared victim information with scammers so they could be scammed or abused all over again.

Science is still a joke. So is the news. And yes, the vaccines are shedding. Yet, governments are still penalizing those who refuse to participate in the experiments. VAERS is being purged in violation of federal law. Search warrants are passé. Did you know that the USPS is a spying agency?  Facebook’s Meta is a bunch of hypocrites.

The US federal government has announced a new Disinformation Governance Board under the Department of Homeland Security to combat “disinformation,” staffed by the same people that have promulgated lies and deceit for years, complicit in the very deception they claim to want to prevent. It’s different when they do it, though.

There is a very dark side of electric vehicles, including child slavery, and they still produce CO2 directly, too.

Various open source projects, node-ipc, which wiped the drives of Russian users, and event-source-polyfill “protest” by changing their behavior based on the user, or who they perceive the user to be. Projects like this destroy the trust of all of their users, even if they agree with their agenda. You never know what signal they’ll choose to use against you in the future. Others, including Avast, Coinbase, even CAs (certificate authorities), Dell, DuckDuckGo, GitHub, hacked WordPress sites, Google Play, Google News, Mozilla Firefox, and many others, are projecting their own politics on the world. Disagree and be censored.

iOS and iPadOS updates, security updates, are now being delayed by up to four weeks after release for those who have automatic updates enabled. Just how defective does your release quality testing have to be to postpone security updates for a month?

There’s yet another speculative execution vulnerability in pretty much every CPU. UPS (uninterruptible power supplies/battery backups) demonstrate the significance of a default password vulnerability. The Smart Meters that were promised to never be used to collect personal information are now being used with AI to profile individuals and households.

In an effort to make everyone want to abandon Windows, Microsoft is now pushing ads within the new File Explorer on Windows 11.

Cloud service providers can disappear on a whim. The recent disappearance of the entire Insteon service from under the feet of those that, in some cases, paid thousands of dollars for hardware to work with this home automation provider, demonstrates the insanity of reliance on external services.

Nigeria has blocked 73 million mobile phones (more than half of the Internet-connected population!) for failing to sign up for their digital identity/social credit ecosystem. Most people in Nigeria, like the vast majority of people in nations across the planet, only have access to the Internet through their mobile phones, so this digital identity implementation is intentionally cutting many users in that tiny nation from the Internet.

There is growing evidence that the entire national food supply is at risk, as well as dozens of food processing facilities (much more than in previous years). In response, California is paying farmers not to grow food.

Now for the good news:

When you think about how similar search results have become, this video will blow your mind: Where did the rest of the Internet go? Consider Swisscows for better variety, privacy and breadth of search.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is quite large this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates to address 77 vulnerabilities in .NET and Visual Studio, .NET Framework, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Local Security Authority Server, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Windows ALPC, Remote Desktop Client, Servicing Stack Update, Servicing Stack Updates, Tablet Windows User Interface, Visual Studio, Visual Studio Code, Windows Active Directory, Windows Address Book, Windows Authentication Methods, Windows BitLocker, Windows Cluster Shared Volume (CSV), Windows Failover Cluster Automation Server, Windows Fax Service, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows LDAP – Lightweight Directory Access Protocol, Windows Media, Windows Network File System, Windows NTFS, Windows Point-to-Point Tunneling Protocol, Windows PowerShell, Windows Print Spooler Components, Windows Push Notifications, Windows Remote Access Connection Manager, Windows Remote Desktop, Windows Remote Procedure Call Runtime, Windows Server Service, Windows Storage Spaces Controller, Windows WLAN Auto Config Service, and MSRT (~2 GB). This includes security updates. A reboot is required.

Google Chrome OS 101.0.4951.59 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 36-1.5 is a major update, including library and dependency updates. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.5.0 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

HP M281cdw Firmware 20220414 is a security update.
https://support.hp.com/us-en/drivers/selfservice/hp-color-laserjet-pro-m280-m281-multifunction-printer-series/14142489/model/16748237

Logitech Unify 2.52.33 is a security update.
https://support.logitech.com/en_us/software/unifying

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.38.111 is a security update. Use Menu, Help, About to get the most current version.
https://brave.com/

Google Chrome 101.0.4951.54 is a security update. Use Menu, Help, About to get the most current version.
https://www.google.com/chrome/

Microsoft Edge 101.0.1210.39 is a security update. Use Menu, Help, About to get the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 100.0 is a security update. Use Menu, Help, About to get the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.9.0 is a security update. Use Menu, Help, About to get the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.12 is a security update. Use Menu, Help, About to get the most current version.
https://www.seamonkey-project.org/

Vivaldi 5.2.2623.41 is a security update. Use Menu, Help, About to get the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.3 resolves several bugs. This is not a security update.
https://getmailspring.com/

NK2Edit 3.44 adds column sorting from menus. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

Thunderbird 91.9.0 is a security update. Use Menu, Help, About to get the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.8 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 6.5.1 resolves several bugs and adds option to remove all stored session profiles. This is not a security update.
https://anydesk.com/en/downloads

curl 7.83.0 adds several new features and resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 147.4.4800 adds backup settings and sync configuration, right-click menu capabilities, and taskbar icon changes. This is not a security update.
https://www.dropbox.com/

FileZilla Server 1.4.1 resolves several bugs and improves upgrade converter. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.20 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 57.0 improves notifications and resolves several bugs. This is not a security update.
https://drive.google.com/start

Omada Software Controller 5.3.1 adds over 20 new features and a dozen fixes. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Java 8u333 is a security update. This is the second update in two weeks, and one of the rare out-of-cycle updates from Oracle. If you have Java installed, update as soon as possible.
https://www.java.com/en/download/manual.jsp

Nextcloud Server 23.0.4 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.58.1 resolves several bugs. This is not a security update.
https://rclone.org/

Syncthing 1.20.1 resolves a stability bug. This is not a security update.
https://syncthing.net/

Signal 5.42.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Technitium DNS Server 8.1 resolves several bugs and improves reliability. This is not a security update.
https://technitium.com/dns/

Telegram 3.7.3 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.10.4.5035 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Plex Desktop 1.44.0.2981 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.15.1.2976 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.26.0.5715 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.17.4 should be treated as a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

Battle.net Client 2.9.0.13279 resolves several bugs. This is not a security update.
https://us.battle.net/en/app/

Epic Games 14.0.7 resolves several bugs. This is not a security update.
https://www.epicgames.com/

Nintendo Switch 14.1.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS3 4.89 reduces on-device features (such as account creation and management) to improve device security.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

PlayStation PS5 22.01-05.02.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.12 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Krita 5.0.6 resolves two crash bugs, and follows shortly after the 5.0.5 release which resolves dozens of outstanding bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.3.3 resolves nearly 100 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.5.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4 updates the Scintilla library. Be aware that some plugins may not work after this update until they’re made compatible with the new release. This is not a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.12 resolves several bugs. This is not a security update. I recommend using LibreOffice instead of OpenOffice. It’s much better maintained and does not rely on an external 32-bit Java dependency.
http://www.openoffice.org/download/

PDF-XChange Editor 9.3.361.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Calibre 5.42.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Kindle for PC 1.36.65107 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Adobe Reader DC 22.001.20117 is a security update. Use Help, Check for Updates to get the most current version.
https://get.adobe.com/reader

Adobe Reader DC (Mac) 22.001.20112 is a security update. Use Help, Check for Updates to get the most current version.
https://get.adobe.com/reader

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 5.0 is a major update with updates to several libraries, newer hardware support, and resolving several bugs. This is a security update.
https://tails.boum.org/install/dvd/index.en.html

Gpg4win 4.0.2 resolves dozens of bugs and updates libraries. This is a security update.
https://www.gpg4win.org/download.html

KeePass 2.51.1 resolves dozens of bugs. This is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.5.8 improves performance and resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.15 resolves several bugs. This is not a security update.
https://www.malwarebytes.com/mac/

OpenSSL 3.0.3 is a security update.
https://curl.se/windows/

RogueKiller 15.5.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.41.0 adds dark mode, and resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.10.2 improves collection management. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

YARA 4.2.1 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.37 updates libraries, resolves several bugs, and adds AV1 export. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 22.0.2 is a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.7.1 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.7 adds new features and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

Bitwarden 1.33.0 resolves several bugs. This is not a security update.
https://bitwarden.com/

CPU-Z Installer 2.01 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 9.85 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.7.9 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Git SCM 2.36.1 resolves several bugs. This is not a security update.
https://git-scm.com/

GoodSync 11.10.9 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWMonitor 1.46 adds support for new hardware and new sensors. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NTLite 2.3.4.8675 cleans up leftovers from previous updates. This is not a security update.
https://www.ntlite.com/download/

OpenToonz 1.6.0 adds several new features, bug fixes and performance improvements. This is not a security update.
https://github.com/opentoonz/opentoonz/

osquery 5.2.3 is a security update.
https://osquery.io/downloads

AOMEI Partition Assistant 9.7.0 adds speed test, and app mover improvements. This is not a security update.
https://www.diskpart.com/

PointerStick 5.77 adds support for dark mode, improves DPI scaling, and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.58.0 resolves a dozen bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.2.7 resolves compatibility issues. This is not a security update.
https://www.roboform.com/

ScreenConnect 22.4.7745.8154 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SmartMonTools 7.3 resolves several bugs, adds support for new hardware, and several new diagnostic and testing options. This is not a security update.
https://smartmontools.org/

Speccy 1.32.774 improves hardware support. This is not a security update.
https://www.piriform.com/speccy

Synergy 1.14.3 improves compatibility. This is not a security update.
https://symless.com/synergy/

TeamViewer 15.29.4 resolves a file transfer bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.0 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WhyNotWin11 2.4.3.2 resolves several bugs and improves detection and command-line support. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinScan2PDF 7.77 improves TWAIN support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

ZoomText 2022.2204.21.400 resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.34.01 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

AutoIt 3.3.16.0 resolves dozens of bugs and adds several new features. This is not a security update.
https://www.autoitscript.com/autoit3/docs/history.htm

Docker Desktop 4.8.1 adds several new features, updates libraries, and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

GitHub Desktop 3.0.0 updates notification capabilities, and resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.2.1 is a security update.
https://www.jrsoftware.org/isdl.php

MySQL Server 8.0.29 is a security update.
https://dev.mysql.com/downloads/installer/

MySQL ConnectorNet 8.0.29 is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 14.19.2 is a security update.
https://nodejs.org/en/

Node.js 16.15.0 adds fetch API and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 18.1.0 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.38.5 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.67.1 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.34 resolves dozens of bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.19 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.2.17 resolves several bugs. This is not a security update.
https://drupal.org/download

Drupal 9.3.12 is a security update.
https://drupal.org/download

HumHub 1.11.1 is a security update.
https://www.humhub.com/en/download

Joomla 4.1.3 resolves several bugs. This is not a security update.
https://www.joomla.org/

SMF 2.1.2 is a security update.
https://www.simplemachines.org/

YOURLS 1.9 is a security update.
https://yourls.org/

Akismet 4.2.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.0.4 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

Slider Revolution 6.5.20 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Social Post Feed 4.1.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Duplicator 1.4.5 improves several features, This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Interactive World Map 3.1.9.2 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/interactive-world-map/

Postie 1.9.60 improves translatable strings. This is not a security update.
https://wordpress.org/extend/plugins/postie/

WooCommerce 6.4.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.4.0 improves compatibility, integration, and resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/