Updates 2021-01-12

Welcome back, Folks!

Today is Patch Tuesday for January, 2021.

This Month in Technology

By now you’re probably very aware with the SolarWinds “hack” since it was 24/7 news only a month ago, though mostly conjecture. We now know they were hacked over a year before a third-party (FireEye) pointed it out to them, and the malware remained on their servers weeks after it was identified.

What we’ve learned of it over the last month is a rich reminder of do’s and don’ts:

  • Don’t trust multi-factor authentication – it’s not nearly as effective at preventing logins as you’ve been lead to believe.
  • Don’t take over devices you can’t exploit quickly – don’t expose yourself wideband for 0.2%.
  • Do use a strong, unique password for everything – never something as absurd as “solarwinds123“.
  • Do modify your firewall to eliminate automatic whitelists for government IP addresses.
  • Do regular checkups – you never know what you’re going to find.

Don’t worry, though, they’ve hired a political hack to CYA!

Austin City, the City of CorneliaCity of EllensburgIndependence City (Kansas), Chatham County (North Carolina), Huntsville City Schools (Alabama), Jefferson County (Kentucky), Subway, Intel’s Habana LabsMicrosoftFireEye, the United NationsMaryland’s GBMC HealthCare, the US Dept of JusticeNissanLivecoinSpotifyIndiGo, various Israeli companies, the US Judiciary case file system, and many gaming companies have all been hacked.

Security issues or backdoors were found in Zyxel firewalls, Typo3Android BluetoothGlassdoorNintendo 3DSMicrosoft 365Google Titan security keys, Signal App cryptography, Starbucks mobile, and terabytes of secrets and databases have been dumped online.

Point-of-sale hardware has a “service mode” with a default password, malware is fingerprinting and mapping networks using the MAC address, Smart Doorbells are still a bad idea, Gionee has been infecting their own budget smartphones for kickbacks, and Google is still the easiest way to hack Google.

Ticketmaster hacked their competition 7 years ago and is only now paying a fine for it, Twitter is being fined almost half a million Euros for its breach handling, and Sabre Corp has now settled with 27 states over data breach.

WhatsApp won’t let you use it if you don’t want it to have your data tied to the rest of Facebook. The bigger you are, the bigger the target is on your back.

The “secure communication” tool Telegram tells everyone your precise location if you enable location support. One of my favorite browser extensions, The Great Suspender, changed hands in 2020 and the new publisher has recently been caught using it to distribute malware under the guise of analytics. Shopify, BigCommerce and other large sales platforms are being targeted with a card skimmer.

Mozilla (creator of Firefox and Thunderbird) wants the entire Internet to be used to censor certain publishers (that’s a bad thing), which is sad since they recently dropped support for PWAs (that’s a good thing).

Speaking of censorship and cancel culture, a potential new federal banking rule could put an end to the social/financial terrorism employed by cancel culture devotees. However, Big Tech censorship is at an all-time high in the wake of “riots” that were tame for the last year.

Corellium is protected by Fair Use and Tim Cook is going to have to testify more than a mere 4 hours about how his elimination of competition and closed ecosystem aren’t “really” a monopoly.

Ledger WalletT-Mobile (yet again), Amazon partner JuspayUbiquitiNintendo21 ButtonsSangoma TechnologiesDental Care AllianceKoei Tecmo, and Apex Laboratory all suffered data leaks/breaches.

Zoom, however, willingly shared their US user data with China.

Facebook’s recent Instagram hack exposed a massive click farm.

Google has had several service outages in the last month, as has Apple and even #Slack.

WinZip is vulnerable to a MitM attack (dude, no SSL, really?!).

Google broke SMS on many Android devices, your RAM can be used to exfil data from your device, Apple iPhone assembly plant Wistron in India has been suspended after a riot causes $60 million in damages. That may be a good thing, though, since the Apple MagSafe chargers can deactivate pacemakers.

macOS Preview is damaging PDFs (again).

Apple has removed the ability to download combo updates for Big Sur. This is going to cause serious security problems for the vast majority of the world that doesn’t have Bay Area bandwidth available to them.

In a good move, Apple has upset Facebooks advertising ecosystem by preventing certain data collection and use on their latest platforms, even Google is trying to figure out how to get around the new privacy requirements.

Why don’t I trust government? It’s hard to pick just one reason, but this month has many examples. Government employees tasked with preserving election data call for its mass deletion, or “accidentally” delete the security log files, while ignoring hundreds of pages of evidence and “moving the goalposts.”

The FBI has been hiding Seth Rich’s laptop while claiming they didn’t have it, public schools are purchasing hacking tools to get the data off student’s phones, mass data collection never ends, agencies fine you for helping during a crisis or being in a car without permission, while they hack journalist’s phones and run pedophile rings out of large white government buildings in DC. Nevertheless, you should trust the math and not look behind the curtain. Or else.

By the way, streaming content that you don’t have rights to is now a felony thanks to a nearly 6,000 page bill passed without anyone reading itHypocrisy is their bread and butter. Which is why they have such religiously held beliefs that violate all common sense.

Now for the good news:

It is now possible to integrate Everything into the Windows taskbar!

Starlink is approved for use in the UK, opening the door to true worldwide broadband.

Let’s Get Busy

Now back to our regularly scheduled program.

Adobe Flash Player is finally dead! There will be no more security updates released for Flash, and it’s probably the application single-most responsible for infections world-wide over the last 20 years, so it should be removed immediately. Use the utility below to remove it.
Win: https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-windows.html
Mac: https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-mac-os.html

Patch Tuesday this month is pretty big. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, and MSRT (~ 1.6 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, Safari 14.0.2, macOS Server 5.11, macOS X Combo Update 10.15.7, Brother Printer Drivers 4.1.1 and HP Printer Drivers 5.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.3 and iOS 12.5.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 14.3 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.2 and watchOS 6.3 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 14.3 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 87.0.4280.142 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.0) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v2009) is huge (about 18% larger than v2004, which was 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Crucial Storage Executive 6.09 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.3.5 improves removal of various artifacts. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

nVidia 461.09 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.18.78 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 87.0.4280.141 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 87.0.664.75 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 84.0.2 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/

Firefox ESR 78.6.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/

Iridium 2020.11 is a security update (but still not patched to the current Chromium security updates). Use Menu, Help, About to install the most current version.
https://iridiumbrowser.de/

Vivaldi 3.5.2115.87 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.6.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Facebook Messenger 20201207 is a security update, but is still a month behind the current chromium security level. You should remove Facebook Messenger if you have it installed.
https://www.messenger.com/download

Trillian 6.4.0.2 resolves several bugs. This is not a security update.
https://www.trillian.im/

curl 7.74.0 is a security update.
https://curl.haxx.se/windows/

Dropbox 112.4.321 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.52.0.5 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.5 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Minds 4.7.0 improves data use and channel header, restyles posts, and resolves several bugs. This is not a security update.
https://www.minds.com/mobile

Npcap 1.10 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Technitium DNS Server 5.6 adds dynamic configuration application, adds cleanup options, block list refresh intervals, forced refresh, and resolves many other bugs. This is not a security update.
https://technitium.com/dns/

Zoom 5.4.59931.0110 adds ability to block insecure participants, force authentication, silence notifications when sharing, and management improvements. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Adobe FrameMaker 2020.0.1 doesn’t provide a changelog so should be treated as a security update.
https://supportdownloads.adobe.com/detail.jsp?ftpID=7061

Adobe Bridge 11.0.1 is a security update.
https://helpx.adobe.com/security/products/bridge/apsb21-07.html

Adobe Captivate 2019 11.5.1.499 hotfix 1 is a security update.
https://helpx.adobe.com/security/products/captivate/apsb21-06.html

Adobe InCopy 16.0 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-05.html

Adobe Campaign Classic Gold Standard 11, 20.3.3.9234, 20.2.4.9187, 20.1.4.9126, 19.2.4.9082, and 19.1.8.9039 are security updates.
https://helpx.adobe.com/security/products/campaign/apsb21-04.html

Adobe Animate 21.0.2 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-03.html

Adobe Illustrator 25.1 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb21-02.html

Adobe Photoshop 22.1.1 is a security update.
https://helpx.adobe.com/security/products/photoshop/apsb21-01.html

darktable 3.4.0 resolves over 100 issues and adds several new features. This is not a security update.
https://www.darktable.org/install/

Flickr Downloadr 3.3.3.2 resolves a couple bugs. This is not a security update.
https://flickrdownloadr.com/downloads/

Picard 2.5.6 resolves several bugs.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.12.21 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PlayStation PS3 4.87 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

PlayStation PS4 8.03 adds option to disable Game Chat Audio. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PlayStation PS5 20.02-02.30.00 resolves PS4 transfer bugs, text input and Wi-Fi stability issues, and improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Interactive Calendar 2.2 adds color schemes, resolves search issues, improves stability & performance, and fixes several bugs. This is not a security update.
https://www.csoftlab.com/calendar

LibreOffice 7.0.4 resolves over a hundred bugs and is now the new general release. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.1.1 resolves dozens of bugs and improves compatibility. This is not a security update.
https://nextcloud.com/

Notepad++ 7.9.2 resolves over three dozen issues including performance and stability. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.14 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

Gpg4win 3.1.15 improves AD support and resolves a random security key selection bug. This is a security update.
https://www.gpg4win.org/download.html

KeePass 2.47 resolves several bugs, improves search and options. This is not a security update.
https://keepass.info/

NSudo 8.0.1 updates libraries and adds translations. This is not a security update.
https://github.com/M2Team/NSudo/releases/latest

RogueKiller 14.8.3 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.32.4 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Wireless Network Watcher 2.23 updates internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2021.1.0 improves transparency handling, scaling improvements, and resolves several bugs. This is not a security update.
https://12pd.com/click?snagit

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.1.5 adds new models and profiles, improved Enlarger AI handling. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 4.7 adds an option to import and export templates, improved reliability, scanning, and read handling, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.15.4 improves compatibility, implements seamless join of TrueHD streams, and resolves bugs. This is not a security update.
https://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

BulkFileChanger 1.72 adds “Photo – Date Taken” option. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

CCleaner 5.75.8238 adds import for “Cookies to Keep” option, and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

ControlMyMonitor 1.27 adds switches for turning on, off, and toggling on/off state. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Dell Command Update 4.0 adds support for DCH drivers, adds a filter for Security updates, and improves user interface. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 8.38 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dupeGuru 4.1.0 now uses tabs instead of windows, adds cosmetic fixes and options, and resolves several bugs. This is not a security update.
https://dupeguru.voltaicideas.net/

Etcher 1.5.113 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything 1.4.1.1003 resolves issues with the exit switch, improves shortcuts and autofocus. This is not a security update.
https://www.voidtools.com/

GoodSync 11.5.4 resolves several bugs. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 2.71 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 1.8.0 improves usability. This is not a security update.
https://lessmsi.activescott.com/

MS ISO Downloader 8.46 adds new builds for Office 2019 for Mac, more Dell models and ISO Tools hash improvements. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 2.0.0.7756 resolves several bugs and improves controls. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.1 resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 5.01 improves rendering. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Process Monitor 3.61 adds monitoring for various registry APIs and resolves a query output bug. This is not a security update.
https://live.sysinternals.com/

PsExec 2.21 is a security update.
https://live.sysinternals.com/

Sysmon 13.00 adds image tampering events and resolves several bugs. This is not a security update.
https://live.sysinternals.com/

TaskSchedulerView 1.65 adds columns for Task File Created/Modified. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.13.6 is released – but their changelog is on their community site (forum) which is currently down and redirecting to a third-party site. The new build may be a security update, but I recommend disabling TeamViewer completely for the near future just to be safe.
https://www.teamviewer.com/en/download/windows/

TraceRouteOK 2.31 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WakeMeOnLan 1.87 updates the internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WifiChannelMonitor 1.66 adds option to copy clicked cell and updates MAC addresses file. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.67 adds window resizing and pagination to the properties window, and adds wildcard filter support. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 6.41 improves duplex support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WirelessKeyView 2.21 improves display and adds QR Code view (F2). This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

Developer Updates

These are unlikely to be of interest to most people.

Node.js 12.20.1 is a security update.
https://nodejs.org/en/

Node.js 14.15.4 is a security update.
https://nodejs.org/en/

Node.js 15.5.1 is a security update.
https://nodejs.org/en/

Redemption 5.26.0.5872 adds ability to remember SMTP passwords, and resolves several bugs. This is not a security update.
http://www.dimastr.com/redemption/

Visual Studio Code 1.52.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Docker Desktop 3.0.4 resolves a stability bug. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.1.2 updates libraries and resolves several bugs. This is not a security update.
https://drupal.org/download

Joomla 3.9.24 is a security update.
https://www.joomla.org/

Nextcloud Server 20.0.4 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

OpenPetra 2020.12 removes support for SQLite, improves Find, Type Ahead, and resolves several bugs. This is not a security update.
https://www.openpetra.org/

phpList 3.6.0 adds blacklisting hook, and counter limits. This is not a security update.
https://www.phplist.org/

phpMyAdmin 5.0.4 resolves several bugs. This is not a security update.
https://www.phpmyadmin.net/

ConnectWise Control 21.1.2009.7678 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.6 improves layout flexibility, adds new block patterns, captions, new default theme, and improved auto-update capabilities. This is not a security update.
https://wordpress.org/

Akismet 4.1.8 resolves a couple bugs. This is not a security update.

Autoptimize 2.8.1 resolves several bugs. This is not a security update.

BuddyPress 7.1.0 resolves two bugs. This is not a security update.

Contact Form 7 5.3.2 is a security update.

Social Post Feed 2.18.1 resolves several bugs. This is not a security update.

Interactive World Map 3.1.9 improves compatibility. This is not a security update.

myStickymenu 2.4.9 resolves a couple bugs. This is not a security update.

W3 Total Cache 2.0.1 resolves several bugs. This is not a security update.

Widgets on Pages 1.5.0 is a security update.

WooCommerce 4.9.0 resolves dozens of bugs. This is not a security update.

Show IDs 1.1.6 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2020-12-08

Welcome back, Folks!

Today is Patch Tuesday for December, 2020. It’s a big one and huge updates are available for over a hundred applications. A new OpenSSL released today means that there will be even more updates released in the near future, so this is only the first of at least two update series’ to top off December.

This Month in Technology

Apple (and others) are trying to make slavery legal, Apple’s cloud services choked this month as a result of their new on-demand certification and telemetry collection nightmare, Big Sur even bricks some MacBook Pro models, but they’re admitting that they intentionally throttled their older hardware, and Apple had a major security issue that allowed total control of their iPhones over Wi-Fi. While Apple has fixed that bug, their hardware is vulnerable to new forensic tools used by foreign (and likely US) governments to clone all the data from your device. This is “Epic.” Apple is cutting their App Store fees to 15% for small developers.

K12 Inc, Foxconn electronics, the City of Long BeachTransLink (Vancouver public transit), EmbraerKopterShirbitRandstad NVAdvantechBowie and Miller Counties (TX), and Baltimore County Public Schools have all been hit with ransomware. If you leave your backup drives connected (tethered or networked) then there’s growing evidence that the backups will be targeted by ransomware before your active data. And some ransomware gangs are cold-calling if you try to restore from backups.

Millions of IoT devices are vulnerable to a newly discovered vulnerability, thousands of PickPoint lockersLSU Health New OrleansAspenPointe, and PlutoTV have been hacked. Dell was hacked years ago which resulted in their data being abused for scam calls to Dell customers. Class action happening now.

Walmart routers and many TCL TVs have backdoorsGionee implanted malware in 21 million phones, and battery backups are used to infect mobile devices. Google Services are still being used to distribute malware, Google ads are being used to steal MetaMask. A year after the US Army’s Stryker armored vehicles were hacked the Army is finally building security defenses, and in other US military news, the military violates your privacy through third-party apps.

Social media icons are being used to inject web skimmers that are now using WebSockets to exfiltrate data using secure CloudFlare services.

If you trust your choice of password simply because a poorly designed study says that it would take thousands or millions of years to brute force a password then you should take a look at how a single quantum computer process the equivalent of 2.6 billion (with a “b”) years of computation in only 4 minutes, but using the latest quantum hardware isn’t even necessary for the vast majority of passwords since humans are so predictable.

In a random collection of news: MBAM is disabling Windows Printers. HMRC (the UKs equivalent of the IRS) has been abused to send phishing and malware messages (I warned them about this months ago). There is no end to PayPal’s hypocrisy, nor their censorship. GitHub reversed it’s decision about YouTube-dl. Twitch has failed basic EnglishComcast is capping data in 12-ish more states next year, but giving service away for free to many others. The running joke about how social censorship would be similar to your phone company preventing you from talking about certain subjects has proven to be more prescient than humorous. Cannibalism is coming to a grocery store near you. A few years ago I found that a number of IT and HVAC services in the SF bay area had their Google listings hijacked and reassigned as Korean Restaurants. It was only the beginning.

The “sciencebehind masks has never been scientific, but that won’t stop petty tyrants from mandating their use even while actively eating or drinking, or censoring dissenting voicesFalse positive tests are still leading the charge, but lockdown-related homicides are still exceeding “COVID” deaths. Censors will always target studies that demonstrate overreaching government intervention.

California is pushing out the Orwellian exposure tracking and notifications across the state.

Now for the good news:

When this election is finally resolved it’s unlikely to get to this point again any time in the near future.

As a perfect example of what 2020 has brought us – the South African lottery drew 5, 6, 7, 8, 9 and 10, which is insane enough, but the real story is that 20 people had actually selected those numbers.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, and Servicing Stack (~ 1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iCloud for Windows 11.5, and iOS 14.2.1. Expect an update to iTunes, too, in the next few days. These are security updates.

iOS 14.2.1 is a security update. Use Settings, General, Software Update to install the most current version.

Adobe Flash Player 32.0.0.465 is a security update. Since Flash is going the way of the dodo along with the Year from Hell, this could very well be the last time you may have to install a Flash update. You’re still better off removing it yourself instead of updating. 🙂
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google Chrome OS 87.0.4280.88 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.0) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v2009) is huge (about 18% larger than v2004, which was 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

BullZip PDF Printer 12.0.0.2872 adds several new features, including improved email support, compatibility, and concurrent printing. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Crucial Storage Executive 6.09 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Logitech Options 8.36.86 allows changing function keys, customizing mouse buttons, and adds on-screen battery notifications. This is not a security update.
https://www.logitech.com/en-us/product/options

Logitech Options for macOS 8.36.76 adds Big Sur support, allows changing function keys, customizing mouse buttons, gesture controls, and adds on-screen battery notifications. This is not a security update.
https://www.logitech.com/en-us/product/options

nVidia 457.51 adds support for new hardware, updates SLI profiles, and resolves several bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.17.75 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 87.0.4280.88 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 87.0.664.57 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 83.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.5.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.5.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 3.5.2115.73 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.5.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 111.4.472 doesn’t provide a changelog so should be treated as a security update. This version is not reliable on Windows 8.
https://www.dropbox.com/

FreeFileSync 11.4 resolves several bugs, and improves compatibility. This is not a security update.
https://www.freefilesync.org/download.php

iCloud for Windows 11.5 is a security update.
https://apple.com/icloud

Technitium DNS Server 5.5 adds support for SRV records and resolves several bugs. This is not a security update.
https://technitium.com/dns/

WinSCP 5.17.9 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.4.59296.1207 adds meeting reminders, warnings for meetings that are only partially encrypted, and resolves several bugs. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.8 updates libraries, improves sync and face tracking, adds ability to call shortcuts, and resolves several bugs. This is not a security update.
https://en.3tene.com/

iTunes 12.11 doesn’t provide a changelog so should be treated as a security update.
https://www.apple.com/itunes/download/

Picard 2.5.2 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.12.07 is a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PlayStation PS4 8.01 improves reliability. This is not a security update. Note that Sony changed the URLs without adding redirects, so the new location to download updates has changed:
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Blender 2.91.0 adds several new features and controls. This is not a security update.
https://www.blender.org/download/

Adobe Acrobat (version yet to be announced) is a security update. Use Help, Check for updates to get the most current version…when it’s released.

Adobe Reader (version yet to be announced) is a security update. Use Help, Check for updates to get the most current version…when it’s released.

Adobe Lightroom 10.1 is a security update.
https://creativecloud.adobe.com/apps/all/desktop

Adobe Experience Manager 6.5.7.0 and 6.4.8.3 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb20-72.html

Adobe Prelude 9.0.2 is a security update.
https://creativecloud.adobe.com/apps/all/desktop

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 3.1.14 updates libraries and resolves several bugs. This is not a security update.
https://www.gpg4win.org/download.html

Nmap 7.90 adds 1,200 new fingerprints, resolves over 70 bugs, and provides several new features. It also removes silent install. 🙁 This is a security update.
https://nmap.org/download.html

Npcap 1.00 is the first stable release of Npcap. This is not a security update.
https://nmap.org/npcap/

RogueKiller 14.8.0 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.31.2 resolves reliability in Chromium. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Tails 4.13 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

OpenSSL 1.1.1i is a security update. Releases of OpenSSL always trigger updates for every other platform that uses networking in any way, so expect a series of updates for every other web platform you use in the near future.
https://www.openssl.org/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2021.0.2 resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.0.9 adds support for new encodings, resolves several bugs, and improves stability. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.7 adds Privacy integration, unlock with Apple Watch, MDM integration, improved password generator, and resolves over 100 bugs. This is a security update.
https://1password.com/downloads/mac/

Agent Ransack 2019.2951 improves performance at idle and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 1.23.1 resolves bugs with SSO and improves GDPR compliance. This should be treated as a security update.
https://bitwarden.com/

DesktopOK 8.08 resolves several bugs and updates language support. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.5.112 updates libraries, and resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything 1.4.1.1000 resolves a bug with silent installation, wide-character comparison, name munging and other bugs. This is not a security update.
https://www.voidtools.com/

FileLocator Pro 8.5.2951 improves performance when idle and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

GoodSync 11.4.9 resolves dozens of bugs. This is not a security update.
https://12pd.com/click?goodsync

Homedale 1.90 adds support to load access points from CSV and improves frequency usage chart. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.43 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

MS ISO Downloader 8.44 adds support for new media (including Win10 20H2v2) and resolves several bugs. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 2.0.0.7726 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.0 adds shred files support. This is not a security update.
https://www.diskpart.com/

PointerStick 4.88 updates language support. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Rufus 3.13 adds support for a 20H2v2, adds support to cheat certain disk images, improves error handling, and resolves several bugs. This is not a security update.
https://rufus.ie/en_IE.html

Sysmon 12.03 fixes reporting and a possible crash condition for certain rules. This should be treated as a security update.
https://live.sysinternals.com/

SDelete 2.04 provides a new switch to avoid file/directory ambiguity. This should be treated as a security update.
https://live.sysinternals.com/

WinObj 2.23 resolves several bugs. This is not a security update.
https://live.sysinternals.com/

TaskSchedulerView 1.60 adds support for exporting tasks to JSON, and updates HTML export to HTML5. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.12.4 resolves several bugs, improves performance, and adds support for more web cameras. This is not a security update.
https://www.teamviewer.com/en/download/windows/

WinScan2PDF 6.33 improves detection and operation with some hardware, updates language support, and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

DB Browser for SQLite 3.12.1 resolves several bugs. This is a security update.
https://sqlitebrowser.org/

Inno Setup 6.1.2 adds Print support and resolves several bugs. This is not a security update.
https://www.jrsoftware.org/isdl.php

Node.js 12.20.0 updates libraries and resolves several bugs. This is a security update.
https://nodejs.org/en/

Node.js 14.15.1 is a security update.
https://nodejs.org/en/

Node.js 15.3.0 updates libraries and resolves several bugs. This is a security update.
https://nodejs.org/en/

SQLite 3.34.0 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.7.8 adds support for PHP 8 and disallows connecting to privileged ports. This is not a security update.
https://www.adminer.org/en/

Drupal 9.0.10 is a security update.
https://drupal.org/download

Drupal 9.1.0 resolves several bugs. This is not a security update.
https://drupal.org/download

HumHub 1.7.1 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 3.9.23 is a security update.
https://www.joomla.org/

Nextcloud Server 20.0.2 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

phpList 3.5.8 adds new functionality to AJAX form and updates libraries. This is not a security update.
https://www.phplist.org/

ScreenConnect 20.12.1734.7640 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.6 updates libraries, adds several new features and blocks, a new theme, and more. This is not a security update.
https://wordpress.org/download/

BuddyPress 6.4.0 is a security update.

Contact Form 7 5.3.1 now passes last_contacted based on submission timestamp. This is not a security update.

Multisite Enhancements 1.5.4 fixes favicon. This is not a security update.

Theme My Login 7.1.2 improves stability and resolves several bugs. This is not a security update.

WooCommerce 4.8.0 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-10-13

Welcome back, Folks!

Today is Patch Tuesday for October 2020.

This Month in Technology

For those in our local community, the biggest news is that AT&T has abandoned DSL in rural America, reducing Internet access options even further for our friends and neighbors.

The US Treasury has announced that it is now illegal to pay your federal taxes.

The Universal Health Services was hacked (all 400+ locations!) and infected with ransomware, so was Software AG, the U.S. Department of Veterans Affairs (VA) was hacked again, the Department of Homeland Security (DHS) was hacked, the Las Vegas school system was hacked – and since they didn’t pay the ransom student details were leaked, Docsketch was hacked, and the United Nations (UN) International Maritime Organization was hacked. Razer made a boo-boo, and even coffee makers are now being used for ransomware distribution. Grindr was hacked, Microsoft’s Windows XP source code was leaked, almost any current iPhone can be listened into from 20 feet away using only an AM radio, and access to your RMM (Remote Monitoring and Management) is being sold to attackers. Evidence exists that your anti-virus is helping the bad guys, and BitDefender is still weak security.

Facebook has been hacked (for years), Facebook for Android has been hacked again, Office 365 & Outlook have been down repeatedly over the last month, Fitbit malware – distributed by Fitbit – can be used to take over your internal network and exfiltrate your data to the web, Bluetooth is still the weakest wireless link, your Comcast XR11 TV remote can be used to listen in to your conversations, BitLocker encryption is vulnerable to a sleep-mode bypass (aka, yet another reason not to use sleep mode), HP Device Manager flaw is a big deal, but not as big a deal as Windows Error Reporting being used to infect your PC.

Apple’s initial iOS 14 release killed batteries on many iPhones, (so did the recent ChromeOS update), Apple’s latest security fix (10.15.7) can kill performance on your Mac, but only if you use Mac software (rolls eyes). Hint: disable and re-enable Find My Mac to fix it. And that’s nothing compared to their T2 security chip vulnerability.

“The” secure reimplementation of BIOS, UEFI, was designed to make security at boot a thing of beauty and prevent third-parties from being able to hijack the boot process. Unfortunately, it simply provided a false sense of security.

2FA via SMS is also a much lower fruit than many realize, but not nearly as bad as SSO.

Many others have joined in the case against Apple & Google’s rent-seeking, who charge significantly more for their “services” than even the federal government, but portray themselves as victims. Insane rules and hypocritical requirements force developers to charge for free services or force users out of their application in order to even be allowed into the Apple ecosystem. What can we really expect from a SF bay area “green” company that lies about their recycling program? Hopefully the courts will use Apple’s own words against them, in that Apple claims that their AppStore is a place to “reliably” download “safeapps.

Former Facebook data scientist exposes her complicity with atrocities and abuse by governments and MNCs.

The Supreme Court heard arguments on the Oracle v Google IP fight suffered the same problem that most legal battles over technology do: poor arguments. Google’s defense failed to explain the distinctive nature of APIs as guides rather than code. Sure, they provide access to the functionality of the code, but are not, in and of themselves, code. The entire argument could be easily equated to vehicles. One does not need to know nor expose the specific design of a Ferrari 911 to know that the vehicle should stop at a stop sign nor yield at a yield sign. The vehicle itself (code – reasonably subject to IP) can operate on any road as long as the traffic signs (APIs) are in place. The signage is consistent across most of the world, even where languages differ greatly. So should the APIs be universally available.

In the current world of tech censorship and cancel culture, nobody can really argue against the necessity for Section 230 to be revised. However, most calls for revision would create an even more abhorrent system where public discourse can not be held without risk of liability to completely unrelated parties.

If you take government money, you are subject to the same rules as government, so says RFK, Jr.

In the new “get woke, go broke” era, it should come as no surprise that when you pander to racists and terrorists, you will be investigated.

Research shows that the lockdowns were not only anti-science, but caused far more harm than the virus itself. On the subject of fraud, are we still supposed to believe that the government’skill a fly with a nukeresponse to COVID is really all the result of bats in an Asian wet market or that masks actually do anything at all?

One would think fraud would be front page news, but the MSM is much more likely to ignore than acknowledge it. To paraphrase Stalin, “A single case of fraud is a tragedy; a million cases are just a statistic.”

The moment I read that Nintendo’s lawyers said Joy-Con Drift “wasn’t a real problem” I knew they would be sued.

Now for the good news – since I’m making up for last month, I’ll give you three:

Adobe Flash will finally be dead in only 79 days.

Free, limitless power from graphene could literally change everything.

A “vaccine” of sorts has been developed to protect against some forms of ransomware.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Flash, and MSRT (~ 1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.0.1 and iPadOS 14.0.1, tvOS 14.0.2, Safari 14.0, watchOS 7.0.2, macOS Catalina 10.15.7, macOS Mojave 10.14.6, macOS High Sierra 10.13.6, iCloud for Windows 7.21, iCloud for Windows 11.4, iTunes for Windows 12.10.9, and Xcode 12.0. These are security updates.

iOS 14.0.1 is a security update. Use Settings, General, Software Update to install the most current version. This version also adds the Orwellian contact tracing feature at the system level. While “disabled” by default, you may validate that it is disabled in Settings, Privacy, Health, COVID-19 Exposure Logging, and turn off Exposure Logging.

iPadOS 14.0.1 is a security update. Use Settings, General, Software Update to install the most current version.

tvOS 14.0.2 is a security update. Use Settings, General, Updates to install the most current version.

watchOS 7.0.2 is a security update. Use your updated iPhone to install the most current version through the Watch app.

Adobe Flash Player 32.0.0.445 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google has released security updates for Android 9 and 10 which will gradually be published by individual vendors and available to you in the coming weeks. This version also adds the Orwellian contact tracing feature. Disabling Location and Bluetooth will disable the current version of contact tracing.

Google Chrome OS 85.0.4183.133 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (2004) is a huge (about 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.3.3 improves removal of DCH CP on older builds of Windows. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 8.30.310 resolves several bugs adds profiles for Zoom and MS Teams. This is not a security update.
https://www.logitech.com/en-us/product/options

Logitech Options (macOS) 8.30.293 resolves several bugs adds profiles for Zoom and MS Teams. This is not a security update.
https://www.logitech.com/en-us/product/options

nVidia 456.71 adds support for new hardware and improves support for COD beta and other games. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Crucial Storage Executive 6.06 doesn’t provide a changelog so should be treated as a a security update.
https://www.crucial.com/support/storage-executive

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.15.72 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 86.0.4240.80 is a security update. Use Menu, Help, About to install the most current version.

Microsoft Edge 86.0.622.38 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 81.0.2 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 78.3.1 is a security update. Use Menu, Help, About to install the most current version.

SeaMonkey 2.53.4 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 3.3.2022.47 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.3.2 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 107.4.443 resolves bugs and adds more. This is not a security update.
https://www.dropbox.com/

Zoom 5.3.53291.1011 changes automatic update behavior, and improves poll and link behaviors. This is not a security update.
https://zoom.us/

Prosody 0.11.7 is a security update.
https://prosody.im/download/start

FreeFileSync 11.2 resolves several bugs, improves layout and key bindings. This is not a security update.
https://www.freefilesync.org/download.php

Nmap 7.91 adds support for new profiles and fingerprints, and resolves several bugs. This is a security update.
https://nmap.org/

Npcap 1.00 resolves two minor bugs. This is not a security update.
https://nmap.org/npcap/

Technitium DNS Server 5.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.6 improves sensitivity calculations, light focal management, and resolves several bugs. This is not a security update.
https://en.3tene.com/

iTunes for Windows 12.10.9 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.10.07 resolves several bugs. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.9 adds several new features and fixes over a dozen bugs. This is not a security update.
https://notepad-plus-plus.org/

Adobe Reader DC 20.012.20048 resolves several bugs. This is not a security update.

Artweaver 7.0.7 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.52.0 updates libraries and resolves several bugs. This is not a security update.
https://atom.io/

Blender 2.90.1 resolves several bugs. This is not a security update.
https://www.blender.org/download/

Lightworks NLE 2020.1.1 resolves several bugs. This is not a security update.
https://www.lwks.com/

Microsoft Office for Mac 2016/2019 is a security update.

Krita 4.4.0 improves fill layers, multigrid, screentone, brushes, API improvements and more. This is a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.0.2 resolves over a hundred bugs. This is a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.0.2 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

OpenSSL 1.1.1h resolves several bugs and improves compatibility. This is not a security update.
https://www.openssl.org/source/

KeePass 2.46 adds several features including TLS 1.3 and mass edit capabilities, as well as resolving bugs, and other improvements. This is not a security update.
https://keepass.info/

RogueKiller 14.7.3 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.0.8 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.30.4 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.27.3 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2020.1.5 resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.0.1 is a major update with several improvements. This version improves the GUI and adds several new output profiles. This is not a security update.
https://www.dvdfab.cn/download.htm

AVStoDVD 2.8.9 resolves several bugs, improves performance and updates libraries. This should be treated as a security update.
https://sites.google.com/site/avstodvdmain/

MakeMKV 1.15.3 resolves several bugs, introduces TOR/VPN support, adds support for new stream types. This is not a security update.
https://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.6.785 resolves a bug. This is not a security update.
https://1password.com/downloads/windows/

Beyond Compare 4.3.7.25118 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 1.22.2 resolves bugs. This should be treated as a security update.
https://bitwarden.com/

CCleaner 5.72.7994 resolves several bugs and improves compatibility. This is not a security update.
https://www.ccleaner.com/

CPU-Z 1.94 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 7.95 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.72 resolves an output bug. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Etcher 1.5.109 is a security update.
https://www.balena.io/etcher/

Everything 1.4.1.992 is a security update.
https://www.voidtools.com/

GoodSync 11.3.8 resolves several bugs. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 2.51 resolves bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 1.7.0 improves messaging. This is not a security update.
https://lessmsi.activescott.com/

MS ISO Downloader 8.40 adds support for new Dell models and images, new Win10 builds and adds hash reporting to images. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 2.0.0.7656 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 8.10 improves display and startup. This is not a security update.
https://www.diskpart.com/

PSAppDeploy 3.8.3 adds several new features and resolves bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 8.9.4 resolves several bugs, including the QuickBooks compatibility issue that prevented display of registers and Chrome that caused freezes.
https://12pd.com/click?rf

Process Monitor 3.60 adds support for multiple filter item selection and decoding for new file system control operations and error status codes. While not a security updates, this improves the analytical data collection, thus increasing security awareness.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Procdump 10.0 adds support for dump cancellation and CoreCLR processes. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procdump

Sysmon 12.0 resolves several bugs and adds support for capturing clipboard operations. While not a security updates, this improves the analytical data collection, thus increasing security awareness.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

SysInternals released new builds of many of their applications, as well as ARM versions. While the changes on many of the updates are poorly documented and SysInternals apps are generally more secure than apps distributed elsewhere, you should assume that any updates have security ramifications. If they’re not security updates, they may improve the context or analytical data that is exposed, thus increasing the security awareness of the tools.
https://live.sysinternals.com/

TeamViewer 15.10.5 resolves a licensing bug. This is not a security update.
https://www.teamviewer.com/en/download/windows/

USBDeview 3.01 adds an option to copy the contents of the active cell. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

USB Oblivion 1.14.0.0 addes support for new modules. This is not a security update.
http://www.cherubicsoft.com/en/projects/usboblivion

WifiChannelMonitor 1.65 adds support for detection of new protocols. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.65 adds support for detection of new protocols. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WirelessKeyView 2.20 adds support for displaying WiFi QR Codes. This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

WinGet 0.2.2521 updates libraries and adds new verbs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 6.06 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 4.1.0.19 integrates database and emulation, improves diagnostics, and resolves several bugs. This is not a security update.
https://developer.android.com/studio

Godot 3.2.3 resolves over a hundred bugs and improves stability. This is not a security update.
https://godotengine.org/

Node.js 14.13.1 resolves several bugs. This is a security update.
https://nodejs.org/en/

Node.js 12.19.0 updates libraries, and resolves dozens of bugs. This is a security update.
https://nodejs.org/en/

Visual Studio Code 1.50 improves accessibility features, pinned tabs, adds ARM support, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

TortoiseGit 2.11.0 updates libraries and resolves several bugs. This is not a security update.
https://tortoisegit.org/

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.12.0 adds image embedding and resizing, improved scheduling capabilities, library updates and bug fixes. This is not a security update.
http://dadamailproject.com/

Drupal 9.0.7 resolves dozens of bugs. This is a security update.
https://drupal.org/download

Docker Desktop 2.4.0.0 updates libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Nextcloud Server 20.0.0 updates libraries, adds a new dashboard, Talk bridging support, and several other new features and improvements. This is not a security update.
https://nextcloud.com/

HumHub 1.6.4 is a security update.
https://www.humhub.com/en/download

Joomla 3.9.22 resolves several bugs. This is not a security update.
https://www.joomla.org/

OpenPetra 2020.09 resolves several bugs. This is not a security update.
https://www.openpetra.org/

phpMyAdmin 4.9.6 and 5.0.3 are security updates.
https://www.phpmyadmin.net/

Autoptimize 2.7.8 is a security update.

BuddyPress 6.3.0 resolves bugs. This is not a security update.

Email Log 2.4.3 adds a new filter and enhances nonce. This is not a security update.

Social Post Feed 2.17 adds support for new embed types. This is not a security update.

WooCommerce 4.5.2 resolves a couple bugs. This is not a security update.

WP Mail SMTP 2.4.0 updates libraries, improves compatibility, and resolves several bugs. This is not a security update.

W3 Total Cache 0.15.1 resolves several bugs. This is not a security update.

WordPress Zero Spam 4.10.2 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-09-08

Welcome back, Folks!

Today is Patch Tuesday for September 2020.

This Month in Technology

I enjoy the soapbox I’ve taken here in my newsletters over the years, but unfortunately we were struck by a PG&E “Public Safety Power Shutoff” event so lost more than a day this week for Patch Tuesday and haven’t had the time (or Internet access!) to be able to collect this information for this newsletter. 🙁

Now for the good news:

Adobe Flash will be dead in only 113 days.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Internet Explorer, Office, Servicing Stack, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released an update for Pro Video Formats 2.1.2. Use Apple Software Update to install these updates. A reboot is required.

Adobe Flash Player 32.0.0.414 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google Chrome OS 85.0.4183.84 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (2004) is a huge (about 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.2.9 improves removal process, and adds support for new hardware. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

nVidia 452.06 adds support for newer hardware and improves performances in some games. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.13.82 adds several new privacy controls and display options. This is a security update.
https://brave.com/

Google Chrome 85.0.4183.102 is a security update.

Microsoft Edge 85.0.564.44 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 80.0.1 resolves several bugs. This is not a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 68.12.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 3.3.2022.39 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.2.0 resolves several bugs and improves OpenPGP integration. This should be treated as a security update.
https://www.thunderbird.net/en-US/

OutlookAttachView 3.42 adds cell context copy option. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

curl 7.72.0 resolves one hundred bugs, adds zstd decoding, improves failure handling and adds effective method. This is a security update.
https://curl.haxx.se/windows/

Dropbox 104.4.175 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.50.0 updates Storj integration. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.freefilesync.org/download.php

Npcap 0.9997 is a security update.
https://nmap.org/npcap/

Prosody 0.11.6 resolves several bugs, and improves reliability and security.
https://prosody.im/download/start

Technitium DNS Server 5.2 resolves several bugs and adds certbot support. This is not a security update.
https://technitium.com/dns/

Zoom 5.2.45120.0906 disables webinar attendance by telephone. They plan to re-enable this feature “in the coming weeks.” This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Picard 2.4.4 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

3tene 2.0.3 resolves several bugs and adds z-axis tracking to Pro. This is not a security update.
https://en.3tene.com/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.09.03 resolves several bugs. This is not a security update.

PlayStation PS4 7.55 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 20.012.20043 resolves compatibility issues with some programs. This is a security update.

Adobe DNG Converter 12.4 adds support for new hardware.
Win: https://supportdownloads.adobe.com/detail.jsp?ftpID=6975
Mac: https://supportdownloads.adobe.com/detail.jsp?ftpID=6973

Adobe Experience Manager 6.5.6.0 and 6.4.8.2 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb20-56.html

Adobe Framemaker 2019.0.7 is a security update.
https://helpx.adobe.com/security/products/framemaker/apsb20-54.html

Adobe InDesign 15.1.2 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb20-52.html

Atom 1.51.0 improves performance resolves several bugs. This is not a security update.
https://atom.io/

Blender 2.90 adds many new features and controls. This is a major update.
https://www.blender.org/download/

LibreOffice 6.4.6 resolves 70 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.0.1 resolves over 70 bugs. This is a security update. Remember that this is a beta version of LibreOffice, so should be avoided by most users.
https://www.libreoffice.org/

Nextcloud Desktop 3.0.1 resolves several bugs and adds several new features. This is not a security update.
https://nextcloud.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 3.1.13 resolves several bugs and improves compatibility. This is a security update.
https://www.gpg4win.org/download.html

RogueKiller 14.7.2 adds several new features and updates libraries. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.29.2 resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.27 adds several new features and resolves more than a dozen bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.1.0.5 resolves a couple bugs and adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Education updates

One or more of these are likely to be of interest to most people.

e-Sword 12.2 improves search and display. This is not a security update.
https://www.e-sword.net/

Utility Updates

These are unlikely to be of interest to most people.

Agent Ransack 2019.2947 adds installer flags for language, ui, and registration, resolves a performance bug with exporting searches that don’t parse content. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

DesktopOK 7.81 adds 64-bit improvements. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.71 adds option to copy contents of the clicked cell. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

DriverView 1.50 resolves a 64-bit compatibility problem. This is not a security update.
https://www.nirsoft.net/utils/driverview.html

Etcher 1.5.107 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 8.5.2947 adds installer flags for language, UI, and registration, resolves a performance bug with exporting searches that don’t parse content. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 2.0.1 adds support for new device detection, Wi-Fi heatmap, security details and resolves a bug in Bonjour discovery. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 11.3.3 resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

Homedale 1.89 improves columns in GUI, and now uses UTF8 for logs. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.42 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 2.32 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.0.0.7640 improves component controls and settings, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 8.9 improves GUI, and resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 4.66 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.21.1 improves stability, adds several features, and resolves bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 8.9.2 resolves several bugs, including a reliability bug in manual saves. This is not a security update.
https://12pd.com/click?rf

TeamViewer 15.9.4 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en/download/windows/

TraceRouteOK 2.22 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Ultimate Boot CD 5.3.9 updates libraries. This is not a security update.
http://www.ultimatebootcd.com/download.html

WinGet 0.1.42241 adds autocomplete. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 6.01 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.35 improves logging and export capabilities, and adds max last-modified date for newest file in the folder tree. This should be treated as a security update.
https://wiztreefree.com/

Developer Updates

These are unlikely to be of interest to most people.

Node.js 14.10.0 resolves dozens of bugs, updates libraries, and improves stability. This is not a security update.
https://nodejs.org/en/

SQLite 3.33.0 resolves several bugs, adds support for arbitrary-precision decimal arithmetic, UPDATE FROM, increases maximum database size, and improves integrity checks.
https://www.sqlite.org/download.html

StrawberryPerl 5.32.0.1 is a major update adding new features, bug fixes, libraries and compatibility. This is not a security update.
http://strawberryperl.com/

Visual Studio Code 1.48.2 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.8 resolves several bugs, improves stability and reliability. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.14-140239 resolves several bugs and adds support for Linux kernel 5.8. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.09 resolves several bugs. This is not a security update.
https://coppermine-gallery.net/

Dada Mail 11.11.2 is a security update.
https://dadamailproject.com/

Drupal 9.0.5 resolves a cosmetic bug and changes component registry to avoid flagging for non-existent security vulnerability. This is not a security update.
https://drupal.org/download

HumHub 1.6.3 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 3.9.21 is a security update.
https://www.joomla.org/

Nextcloud Server 19.0.2 resolves dozens of bugs and updates libraries. This is not a security update.
https://nextcloud.com/

phpList 3.5.6 adds reply-to support, forwarding improvements, and resolves several bugs. This is not a security update.
https://www.phplist.org/

ScreenConnect 20.10.957.7556 resolves several bugs and adds new user controls. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.5.1 resolves dozens of bugs. This is not a security update.

Autoptimize 2.7.7 is a security update.

Contact Form 7 5.2.2 resolves several bugs. This is not a security update.

Social Post Feed 2.16.1 resolves several bugs. This is not a security update.

Interactive World Map 3.1.8 improves compatibility and resolves several bugs. This is not a security update.

myStickymenu 2.4.4 resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.18 resolves several bugs and improves compatibility. This is a security update.

W3 Total Cache 0.14.4 resolves several bugs and improves compatibility. This is not a security update.

WooCommerce 4.5.1 resolves several bugs and improves compatibility. This is not a security update.

WP Mail SMTP 2.3.1 improves compatibility and resolves several bugs. This is not a security update.

Show IDs 1.1.5 improves compatibility. This is not a security update.

WPtouch 4.3.38 resolves several bugs. This is not a security update.

WordPress Zero Spam 4.10.1 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2015-04-14

Hi, Folks!

It’s Patch Tuesday! Relatively light load today. The typical computer should see roughly 150mb in updates, though Mac and iOS devices can expect roughly 1.3gb in updates. Let’s get started.

Microsoft released 12 updates to address issues in Windows, Internet Explorer, .NET, Microsoft Office, and MSRT (~88mb). This includes security updates. A reboot is required.
http://update.microsoft.com/

Apple released updates for OS X, iOS, iTunes, Safari, Xcode, Apple TV, and Pro Video Formats. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

OS X 10.10.3 Security Update 2015-004 corrects 79 security issues in 27 components. Some of the vulnerabilities have been known since 2013, and exploitation is already underway. Be aware that no prior version of OS X will ever be patched for some of the vulnerabilities, so like it or not, it’s time to switch to Yosemite!

iOS 8.3 corrects over 50 security issues in 26 different components from Backup to Safari. This update is known to cause problems with Touch ID in the App Store, but the inconvenience is worth the security improvements.

Adobe AIR 17.0.0.144 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Adobe Flash Player 17.0.0.169 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

PS4 2.50 adds application suspend feature, backup and restore support, accessibility improvements and Dailymotion integration. This is not a security update.
http://us.playstation.com/support/systemupdates/ps4/pc_update/index.htm

BullZip PDF Printer 10.11.0.2338 improves various macro and compatibility settings. This is not a security update.
http://www.bullzip.com/products/pdf/info.php#download

Display Driver Uninstaller 14.3.0.0 improves compatibility, adds NVIDIA SHIELD support, and corrects a bug with the built-in updater. This is not a security update.
http://www.wagnardmobile.com/DDU/

Samsung Kies3 201504 does not provide a changelog, so should be treated as a security update.
http://www.samsung.com/us/kies/

Samsung SideSync 3.2.6.1130 does not provide a changelog, so should be treated as a security update.
http://www.samsung.com/us/sidesync

Toshiba Service Station 2.2.14 is a security update.
https://12pd.com/click?toshibaservicestation

Browser Updates

One or more of these are likely to be of interest to everyone.

Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 are security updates. Use Apple Software Update to get the most current version.

Google Chrome 42.0.2311.90 is a security update. Use Menu, About to install the most current version.

Firefox 37.0.1 is a security update. Use Help, About to install the most current version.

SeaMonkey 2.33.1 is a security update. Use Help, About to install the most current version.

HTTrack 3.48.21 is a security update.
http://www.httrack.com/page/2/en/index.html

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 31.6.0 is a security update. Use Help, About to install the most current version.

OutlookAttachView 2.77 improves status preservation. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Java 8u45 is a security update. If you do not have Java, DO NOT install it!
http://www.java.com/en/download/manual.jsp

Skype 7.3.0.101 does not provide a changelog, so should be treated as a security update.
https://12pd.com/click?skype

WinSCP 5.7.2 is a security update.
http://winscp.net/eng/index.php

Dropbox 3.4.3 adds the ability to open a local file from the Dropbox.com website. This is not a security update.
https://12pd.com/click?dropbox

Evernote 5.8.5.7193 improves the GUI, fixes several bugs. This is not a security update.
http://www.evernote.com/

uTorrent 3.4.3 Build 39944 improves performance, reduces traffic. This is not a security update.
http://www.utorrent.com/downloads

FileZilla 3.10.3 fixes two minor bugs. This is not a security update.
http://filezilla-project.org/

BrowsingHistoryView 1.68 adds Firefox Portable support. This is not a security update.
http://www.nirsoft.net/utils/browsing_history_view.html

IPInfoOffline 1.40 adds support for the GeoLite City database. This is not a security update.
http://www.nirsoft.net/utils/ip_country_info_offline.html

Media Updates

These are unlikely to be of interest to most people.

Plex Media Server 0.9.11.16.958 provides a number of performance, stability and reliability improvements. This is not a security update.
https://plex.tv/downloads/1/archive

iTunes 12.1.2 adds several refinements to the Get Info window and improves overall stability. Use Apple Software Update to get the most current version.

Remote Control Collection Server 3.1.1.12 adds custom keys support, improves performance and fixes multi-monitor support. This is not a security update.
http://remote-control-collection.com/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 9.5.12.2862 is a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat Reader DC (what would have been Adobe Reader 12) is released. This is a major version upgrade with security and stability improvements, however I recommend you wait until next month to install it due to the history of bonehead release problems with initial major upgrades for Adobe products.
http://get.adobe.com/reader

Artweaver 5.0.6 improves tool selection, fixes a couple stability bugs. This is not a security update.
http://www.artweaver.de/

Audacity 2.1.0 fixes several bugs and improves compatibility. This is not a security update.
http://audacity.sourceforge.net/download/windows

Blender 2.74 adds several new features, including Cycle Rendering, improvements to the UI, Game Engine, Animation, Modeling, Particles and more. This is not a security update.
http://www.blender.org/download/

Kindle for PC 1.11.2 Build 40666 does not provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

OpenSSL versions 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf are security updates.

MalwareBytes’ Anti-Malware 2.1.4 is a security update.
http://www.malwarebytes.org/products/malwarebytes_free

Avast! Home Edition 10.2.2215 corrects several stability and reliability bugs. This is not a security update.
http://www.avast.com/free-antivirus-download

KeePass 1.29 is a security update.
http://keepass.sourceforge.net/

MSRT 5.23 is a security update.
http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

RogueKiller 10.5.10 now uses SSL for all communication and improves activation. This is a security update.
http://www.adlice.com/softwares/roguekiller/

EMET 5.2 fixes several issues with EMET. This should be treated as a security update.
http://www.microsoft.com/emet

Capture Updates

These are unlikely to be of interest to most people.

Greenshot 1.2.5.19 corrects several bugs. This is not a security update.
http://sourceforge.net/projects/greenshot/

VideoCacheView 2.82 improves support for Pepper/Flash wrapped files. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

SnagIt 12.3.2 provides bug fixes. This is not a security update.
http://download.techsmith.com/snagit/enu/snagit.exe

XSplit Gamecaster 2.2.1502.1741 fixes stability bugs. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.9.2 adds support for newer media, improves quality for media with mastering errors and provides several bug fixes. This is not a security update.
http://www.makemkv.com/download/

AVStoDVD 2.8.1 updates libraries, fixes several bugs, improves reliability. This is not a security update.
https://sites.google.com/site/avstodvdmain/

DVDFab 9.1.9.6 adds support for newer media. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 7.9.13 adds support for newer browsers, toolbar improvements. This is not a security update.
https://12pd.com/click?rf

GoodSync 9.9.18 improves compatibility with several services, and corrects several bugs. This is not a security update.
https://12pd.com/click?goodsync

Synergy 1.6.3 fixes several bugs, including focus fixes and binary signing. This should be treated as a security update.
http://synergy-project.org/download/

Aomei Partition Assistant 5.6.3 updates translations. This is not a security update.
http://www.disk-partition.com/

TeamViewer 10.0.40798 fixes several bugs. This is not a security update.
http://www.teamviewer.com/en/download/windows.aspx

Easy2Boot 1.64 fixes a bug with XP install. This is not a security update.
http://www.easy2boot.com/download/

FileLocator Pro 7.5.2085 fixes several bugs. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

FolderChangesView 1.70 adds “copy filenames” option. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html

MyEventViewer 2.13 fixes several bugs. This is not a security update.
http://www.nirsoft.net/utils/my_event_viewer.html

TcpLogView 1.15 adds the ability to write to a log file. This is not a security update.
http://www.nirsoft.net/utils/tcp_log_view.html

WakeMeOnLan 1.70 adds option to send WOL to specific predefined segments. This is not a security update.
http://www.nirsoft.net/utils/wake_on_lan.html

WifiInfoView 1.79 now displays an error when a Wifi adapter is not found. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

CCleaner 5.04.5151 provides several cleaning improvements. This is not a security update.
https://12pd.com/click?ccleaner

Recuva 1.52.1086 adds Ext4 support, improves scanning of various formats and bug fixes. This is not a security update.
https://12pd.com/click?recuva

RapidEE 8.0 build 927 updates French translation. This is not a security update.
http://www.rapidee.com/en/download

Seagate DiscWizard 16005840 does not provide a changelog, so should be treated as a security update.
http://www.seagate.com/support/downloads/item/discwizard-master-dl/

GPU-Z 0.8.2 updates supported hardware, adds Windows 10 support, and various bug fixes. This is not a security update.
http://www.techpowerup.com/downloads/SysInfo/GPU-Z/

SpeedFan 4.51 adds support for newer hardware. This is not a security update.
http://www.almico.com/sfdownload.php

SSD Life 2.5.82 adds support for newer hardware. This is not a security update.
http://ssd-life.com/eng/download-ssdlife.html

SystemRescueCD 4.5.2 updates kernel, various components. This is a security update.
http://www.sysresccd.org/

WSUS Offline 9.6 provides a number of bug fixes and improvements, including Windows 10 support. This is a security update.
http://download.wsusoffline.net/

DiskMaker X 3.0.4 fixes a stability bug and adds translations. This is not a security update.
http://diskmakerx.com/

Developer Updates

These are unlikely to be of interest to most people.

TortoiseSVN 1.8.11 corrects several bugs. This is not a security update.
http://tortoisesvn.net/downloads.html

MySQL 5.6.24 provides dozens of bug fixes. This is a security update.
http://www.mysql.com/downloads/installer/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 4.3.26-98988 fixes several bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 4.4.2 is a security update.
http://www.phpmyadmin.net/home_page/news.php

Dada Mail 8.0.0 is a major rewrite with massive performance improvements. This is not a security update.
http://dadamailproject.com/

ownCloud Client 1.8.0 adds HiDPI support, performance optimizations, selective sync, and hundreds of fixes. This should be treated as a security update.
https://owncloud.org/install/

Drupal 7.36 fixes several bugs and stability issues. This is not a security update.
http://drupal.org/download

Joomla 3.4.1 improves stability and versatility, and fixes over 150 bugs. This is not a security update.
http://www.joomla.org/

Helicon Ape 3.1.0.151 is a cosmetic update. This is not a security update.
http://www.helicontech.com/ape/download.html

bbPress 2.5.6 improves notifications and email subscriptions. This is not a security update.

BuddyPress 2.2.2.1 is a security update.

Contact Form 7 4.1.1 is a security update.

Easy Bootstrap Shortcode 4.3.8 updates libraries. This is not a security update.

Postie 1.6.17 adds email login sync. This is not a security update.

Quick Cache 150129.3 is the final release of Quick Cache, code has been migrated to ZenCache. This is not a security update.

Theme My Login 6.3.11 fixes several bugs. This is not a security update.

WooCommerce 2.3.7 fixes several bugs. This is not a security update.

WPtouch 3.7.5.3 fixes several bugs. This is not a security update.

ScreenConnect 5.2.8724.5567 fixes several bugs with Linux hosts, improves unattended setup, code signing and audio sync. This is not a security update.
http://www.screenconnect.com/Download

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/