Welcome back, Folks!
Today is Patch Tuesday for June, 2022. It’s the biggest update series in well over a year.
This Month in Technology
AA Traveller, Acuity International’s Comprehensive Health Services, Adecco, Aesto Health, Aimware, Alameda Health System, Allaire Healthcare Group, Allwell Behavioral Health Services, Amart Furniture, Aon PLC, Apple iPhones (even when off), Apple M1 CPUs, Apple Watches, Arnprior Regional Health, Associated Ophthalmologists of Kansas City, P.C., Atlassian Confluence Server and Data Center, AU Health, Bangladesh government, Bank of Zambia, Behavioral Health Partners of Metrowest, LLC, BJC Health System, BlackBerry Fans, Bored Ape Yacht Club, Bryan County Ambulance Authority, Burman & Zuckerbrod Ophthalmology Associates, P.C., Capital One, Capsule, Carinthia, Austria, Central Florida Inpatient Medicine, Chicago Public Schools, CHRISTUS Health, Cisco IOS, Comstar LLC, Costa Rican Social Security Fund, Cypress Healthcare, LLC, Dis-Chem, DivX SubTitles, East Tennessee Children’s Hospital, Fanpass, Finkelstein Eye Associates, Fishman Vision, Football World Cup 2022 qualifier between Wales and Ukraine, Foxconn, Fred Hutchinson Cancer Center, General Motors, Genetics & IVF Institute, GitHub, GitLab, Greenland’s healthcare services, Healthcare Assistance Plan for Employees of Seventh-day Adventist Organization of the North American Division, Heidell, Pittoni, Murphy & Bach, LLP, Heroku, Homestead Hospice & Palliative Care, HP BIOS, 70 Indian government websites, John Knox Village of Florida, Kaiser Foundation Health Plan of Washington, Kaiser Permanente, Kiddos’ Clubhouse, Mandiant, McCoy Vision Center, McKenzie Health System, Memorial Community Health, Inc., MGM Resorts, Microsoft Teams, Mindpath Care Centers, North Carolina, PLLC, Mississippi Sports Medicine and Orthopaedic Center, Moyes Eye Center, PC, Nikkei, NLB Corporation, North Alabama Bone & Joint Clinic, P.C., North Lakes Pain Consultants, Northern Rockies Orthopaedics, Novartis, NuLife Med, LLC, Numrich Gun Parts, OE Enterprises, Inc, OGUsers, Oklahoma City Indian Clinic, Omnicell, Orangeburg Eye Center, Oswego County Opportunities, Inc, Otherside Metaverse, Palermo, Italy, Paragon Cheats, Parker-Hannifin Corporation, Partnership HealthPlan of California, PayHere, Pegasus Airlines, Platinum Hospitalists LLP, Preen.Me, QNAP NAS, Quantum Imaging & Therapeutic Associates, Quincy, Illinois, Rainier Arms, ReadNovel, RiverKids Pediatric Home Health, Russian Ministry of Construction, Housing and Utilities, Sberbank, Scarborough Health Network, Schneck Medical Center, Screencastify, Shaker Heights City School District in Ohio, Shields Health Care Group, Shoreline Eye Group, SirHurt, SonicWall Secure Mobile Access (SMA) 1000 Series, South Australia’s Treasury, SpiceJet, Stevens & Lee, Summit Healthcare Association, Sylvester Eye Care, Telegraph, Tesla Model 3, Tesla Model Y, Texas Department of Insurance, Texas Department of Transportation, The Multiple Sclerosis Center of Atlanta, Travis-CI, Trend Micro, U.S. Drug Enforcement Administration (DEA), University of Chicago Medical Center, Val Verde Regional Medical Center, Versus Market, Viasat, Virginia Mason Medical Center, Wagner Heights Nursing and Rehabilitation Center, Washington University School of Medicine, Wendy’s, and Windows 11 have reportedly been hacked or compromised this month.
Netgear broke the Orbi firmware. I’ve been warning about the privacy risks of Wi-Fi for years. It’s finally going mainstream. A pirated version of CCleaner is yet again being used to hijack user accounts.
Apple allowed 1.6 million malicious apps onto the Apple AppStore, then later removed them.
The next time someone uses the argument that “how is a web-based business supposed to stay alive without ads” to decry your use of an ad blocker, send them this link about how third-party trackers (like the ones used in Google and DuckDuckGo) are collecting everything you type.
Now for the good news:
Intuit has finally acknowledged they’re being used to send phishing messages. They’re not going to put an end to it, but they finally have admitted that it’s a widespread source of phishing emails.
Oh, and the UK has declared that “defensive attacks” are legal.
Let’s Get Busy
Now back to our regularly scheduled program.
Patch Tuesday is huge this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.
Microsoft released updates to address 62
vulnerabilities in .NET Framework, AV1 Video Extension, Azure OMI, Azure RTOS, Azure Service Fabric Container, HEVC Video Extensions, Microsoft Endpoint Configuration Manager, Microsoft File Server, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Photos App, Microsoft SharePoint Server, Microsoft SQL Server, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Microsoft Windows Support Diagnostic Tool (MSDT), Remote Volume Shadow Copy Service (RVSS), Visual Studio, Windows App Store, Windows Autopilot, Windows Container Isolation FS Filter Driver, Windows Container Manager Service, Windows DCOM Server, Windows Defender, Windows Encrypting File System (EFS), Windows File History Service, Windows Hyper-V, Windows Installer, Windows iSCSI, Windows Kerberos, Windows Kernel, Windows LDAP, Windows Media, Windows Media Center, Windows Network Address Translation, Windows Network File System, Windows PowerShell, Windows SMB, Windows WinSock, and MSRT (~2.5 GB). This includes security updates. A reboot is required.
Apple released updates for iOS 15.5, iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.7, Security Update 2022-004 Catalina, watchOS 8.6, tvOS 15.5.1, Safari 15.5, Xcode 13.4, and iTunes 12.12.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.
iOS 15.5 is a security update. Use Settings, General, Software Update to install the most current update.
iPadOS 15.5 is a security update. Use Settings, General, Software Update to install the most current update.
tvOS 15.5.1 is a security update. Use System, Software Update to install the most current version.
watchOS 8.6 are security updatess. Use the Watch app on your iPhone to install the most current version.
Google Chrome OS 101.0.4951.72 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.
Important Notes
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
Driver Updates
If you’re using this hardware – these updates are for you.
Garmin Express 7.13.1 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/
Nvidia Driver 473.62 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us
Browser Updates
One or more of these are likely to be of interest to everyone.
Brave 1.39.111 is a security update.
https://brave.com/
Google Chrome 102.0.5005.115 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/
Microsoft Edge 102.0.1245.41 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download
Firefox 101.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 91.10.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/
Iridium 2022.04.100 is a security update. Use Menu, Help, About to install the most current version.
https://iridiumbrowser.de/
Vivaldi 5.3.2679.55 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/
Email Updates
One or more of these are likely to be of interest to everyone.
Thunderbird 91.10.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/
Internet Updates
One or more of these are likely to be of interest to everyone.
AnyDesk 7.0.10 resolves an error reporting bug. This is not a security update.
https://anydesk.com/en/downloads
curl 7.83.1 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/
DNSDataView 1.65 adds a new command-line parameter. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html
Dropbox 150.4.5000 resolves several bugs. This is not a security update. (btw, thank you Dropbox for finally releasing a changelog!)
https://www.dropbox.com/
FileZilla Client 3.60.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/
FreeFileSync 11.21 adds volume GUID support, case conflicts, and resolves several bugs. This is a security update.
https://www.freefilesync.org/download.php
Google Drive 59.0 adds support for client-side encryption, system-level search shortcuts, and resolves several bugs. This is not a security update.
https://drive.google.com/start
Nextcloud Server 24.0.1 resolves several bugs. This is not a security update.
https://nextcloud.com/
Prosody 0.12.1 adds CORS controls and resolves several bugs. This is not a security update.
https://prosody.im/download/start
PuTTY 0.77 is a major update adding several new features, networking and security features, and resolves many bugs. This should be treated as a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Signal 5.45.1 improves language leveling and data sync. This is not a security update.
https://signal.org/download/windows/
Skype 8.83.0.408 resolves several bugs. This is not a security update.
https://www.skype.com/
Syncthing 1.20.2 resolves several bugs. This is not a security update.
https://syncthing.net/
Technitium DNS Server 8.1.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/
Trillian 6.5.0.20 resolves several bugs. This is not a security update.
https://www.trillian.im/
Trillian Mac 6.5.0.14 resolves dozens of bugs. This is not a security update.
https://www.trillian.im/
TrueNAS Core 13.0 resolves dozens of bugs. This is a security update.
https://www.truenas.com/download-truenas-core/
Wget2 2.0.1 is a security update.
https://gitlab.com/gnuwget/wget2/-/releases
Zoom 5.10.7.6120 adds Zoom Whiteboard sharing and resolves several bugs. This is not a security update.
https://zoom.us/
Media Updates
These are unlikely to be of interest to most people.
iTunes 12.12.4.1 is a security update.
https://www.apple.com/itunes/download/
Picard 2.8.1 updates libraries and resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/
Plex Desktop 1.46.1.3056 improves compatibility and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Home Theater 1.18.0.3023 improves compatibility and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Media Server 1.27.0.5897 resolves several bugs and improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
Game Updates
These are unlikely to be of interest to most people.
Epic Games 14.0.12 resolves several bugs. This is not a security update.
https://www.epicgames.com/
GameMaker Studio 2022.5.1.16 updates runtime. This is not a security update.
https://www.yoyogames.com/en/gamemaker
Nintendo Switch 14.1.2 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
PlayStation PS5 22.01-05.10.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
Steam 2022.05.31 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0
Office Updates
One or more of these are likely to be of interest to most people.
Calibre 5.43.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/
Inkscape 1.2 adds pages, markers and dashes, more gradient controls, performance improvements and resolves several bugs. This is not a security update.
https://inkscape.org/release/
LibreOffice Fresh 7.3.4 resolves over 80 bugs. This is not a security update. Remember that the Fresh line is beta software and should be avoided by most users.
https://www.libreoffice.org/
LibreOffice 7.2.7 resolves almost 50 bugs. This is not a security update.
https://www.libreoffice.org/
Nextcloud Desktop 3.5.1 resolves 20 bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.4.2 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/
Paint.net 4.3.11 improves dark theme and updates plugins. This is not a security update.
https://www.getpaint.net/
PDF Candy Desktop 2.93 doesn’t provide a changelog so should be treated as a security update.
https://pdfcandy.com/
Adobe Animate 21.0.11 and 22.0.6 are security updates.
https://helpx.adobe.com/security/products/animate/apsb22-24.html
Adobe Bridge 12.0.2 is a security update.
https://helpx.adobe.com/security/products/bridge/apsb22-25.html
Adobe Illustrator 26.3.1 and 25.4.6 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html
Adobe InCopy 17.3 and 16.4.2 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb22-29.html
Adobe InDesign 17.3 and 16.4.2 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb22-30.html
RoboHelp Server 11.3 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb22-31.html
Security Software Updates
One or more of these is likely to be of interest to most people.
RogueKiller 15.5.3 is a security update.
https://www.adlice.com/download/roguekiller/
Tails 5.1 is a security update.
https://tails.boum.org/install/dvd/index.en.html
uBlock Origin 1.43.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
Converter Updates
These are unlikely to be of interest to most people.
DVDFab 12.0.7.4 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm
Education updates
One or more of these are likely to be of interest to most people.
Zotero 6.0.8 resolves several bugs. This is not a security update.
https://www.zotero.org/
Utility Updates
These are unlikely to be of interest to most people.
1Password for Mac 7.9.5 is a security update.
https://1password.com/downloads/mac/
AccessChk 6.15 resolves a crash bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/accesschk
Agent Ransack 2022.3326 resolves several bugs and dds support for new policies and file types. This is not a security update.
https://www.mythicsoft.com/agentransack/download/
AOMEI Partition Assistant 9.8.0 improves compatibility. This is not a security update.
https://www.diskpart.com/
Bitwarden 2022.5.1 resolves several bugs and improves integration and compatibility. This is not a security update.
https://bitwarden.com/
Cygwin 3.3.5 resolves several bugs. This is not a security update.
https://cygwin.com/
DesktopOK 9.91 adds system-wide dark theme controls. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 3.0.64.0 resolves several bugs, improves performance and reliability. This is not a security update.
https://dngrep.github.io/
Everything 1.4.1.1017 updates localizations and resolves a search history bug. This is not a security update.
https://www.voidtools.com/
Fido 1.29 adds UEFI Shell 2.2 support. This is not a security update.
https://github.com/pbatard/Fido/releases
FileLocator Pro 2022.3326 resolves several bugs and dds support for new policies and file types. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download
Go 1.18.3 is a security update.
https://go.dev/
GoodSync 11.11.2 is a security update.
https://www.goodsync.com/
NTLite 2.3.6.8785 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/
OSFMount 3.1.1001 improves command-line verbosity and error reporting. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html
osquery 5.3.0 resolves several bugs. This is not a security update.
https://osquery.io/downloads
PowerToys 0.59.0 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
RAMMap 1.61 improves compatibility. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/rammap
ScreenConnect 22.5.7881.8171 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download
SmartMonTools 7.3 resolves several bugs and improves compatibility. This is not a security update.
https://smartmontools.org/
Sysmon 13.34 resolves several bugs. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
TaskSchedulerView 1.71 adds a new switch to control column display and export. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html
TeamViewer 15.30.3 improves user interface and resolves a send-to bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/
TraceRouteOK 3.01 improves internal networking. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK
Unity 2022.1.4 improves performance and resolves several bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive
USBDeview 3.05 adds WCID column. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html
WinScan2PDF 7.81 improves multi-monitor support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
Developer Updates
These are unlikely to be of interest to most people.
AutoHotkey 1.1.34.03 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/
Android Studio 2021.2.1.15 resolves several bugs. This is not a security update.
https://developer.android.com/studio
GitHub Desktop 3.0.2 resolves several bugs. This is not a security update.
https://desktop.github.com/
Node.js 14.19.3 updates OpenSSL. This is not a security update.
https://nodejs.org/en/
Node.js 16.15.1 updates OpenSSL. This is not a security update.
https://nodejs.org/en/
Node.js 17.9.1 is a security update.
https://nodejs.org/en/
Node.js 18.3.0 is a security update.
https://nodejs.org/en/
Visual Studio Code 1.68.0 resolves several bugs. This is not a security update.
https://code.visualstudio.com/
Web Package Updates
These are likely to be of interest only to web developers.
Drupal 9.2.21 is a security update.
https://drupal.org/download
Drupal 9.3.15 resolves several bugs. This is not a security update.
https://drupal.org/download
HumHub 1.11.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download
Joomla 4.1.4 resolves several bugs. This is not a security update.
https://www.joomla.org/
OpenCart 4.0.0.0 is major update adding many new features and libraries. This is not a security update.
https://www.opencart.com/
phpList 3.6.8 resolves several bugs. This is not a security update.
https://www.phplist.org/
phpMyAdmin 5.2.0 updates libraries and resolves several bugs. This is not a security update.
https://www.phpmyadmin.net/
YOURLS 1.9.1 updates libraries and resolves several bugs. This is not a security update.
https://yourls.org/
WordPress 6.0 is a major update adding several new features, including block locking, performance, accessibility and new design tools. This is not a security update.
https://wordpress.org/
Akismet 4.2.4 only updates documentation. This is not a security update.
https://wordpress.org/extend/plugins/akismet/
BuddyPress 10.3.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/
Contact Form 7 5.5.6.1 resolves Constant Contact API changes and improves compatibility. This should be treated as a security update.
https://wordpress.org/extend/plugins/contact-form-7/
Social Post Feed 4.1.4 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/
Duplicator 1.4.6 resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers
myStickymenu 2.5.9 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/
Slider Revolution 6.5.24 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/
Sucuri Security 1.8.31 resolves a path bug. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/
Theme My Login 7.1.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/
WooCommerce 6.5.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/