Updates 2020-02-11

Welcome back, Folks!

Today is Patch Tuesday for February 2020.

Microsoft blinked and released three updates to Windows 7 this month, however two of the issues that were resolved were actually caused by their EOL updates released last month. It’s no longer trustworthy, so do not let Windows 7 touch the Internet!

Windows 7 is officially end-of-life (EOL). If you’re still running it, shame on you, and if you are running a licensed version of Windows 7 or 8 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Don’t want to do it yourself? Call me!
https://saferpc.info/contact/

The Windows Update engine relies upon a file called “wsusscn2.cab” which is currently choking on download. While there are several Windows updates available today, it looks like the time just to check for updates will be over 2 hours for most devices today. Have patience or wait to start patching until later when they resolve this issue. There’s plenty of other stuff to patch anyway.

This Month in Technology

macOS finally fixes the Sudo bug (after 9 years), but this pales in comparison to the ease at which Mac users are infected through social engineering tactics. If you still think Mac’s are more secure than Windows, you need to see the numbers from MalwareBytes which show the typical Mac is targeted by nearly double the malware that Windows devices are. One special note here is that the users trusted the names of the websites that were involved, mostly a result of allowing domains to expire (a common concept within the broad scheme of domain hijacking).

While we’re on the subject of renewing domains, don’t forget your certificates! TLS/SSL certificates are often an enterprise’s weakest point of failure, especially when they’re not renewed on time. This will become even more important as TLS 1.0 and 1.1 are deprecated over the next couple months, which will prevent most older devices from being able to safely use the Internet at all. How important is certificate trust? Last months certificate hijacking bug allowed a researcher to replicate NSA and Github certificates in less than 24 hours which could be used immediately in MitM and DNS cache poisoning attacks with no effort from the attacker and as little as 10 lines of browser-based code.

Microsoft has decided to end it’s own ad platform within UWP apps, which will seriously hurt the entire UWP ecosystem and likely their users, by encouraging less security- and privacy-concerned third-party platforms to take their place.

This month we’ve seen data dumps from Twitter user details (shortly before a Twitter outage), Trello, Google, half a million servers, routers, and IoT devices, a major cannabis dispensary POS vendor, THSuite, WhatsApp had a major vulnerability (since patched), a Zoom vulnerability allowed hackers to eavesdrop on your calls, Mitsubishi was hacked via their enterprise security software, Trend Micro OfficeScan, and the United Nations was hacked through an unpatched server.

Is your privacy important? Apple bowed to the FBI to prevent fully-encrypted backups, ICE is using cellphone location data to track immigrants, but Avast has decided to stop selling it’s user data and they’re “sorry”, so at least there’s some good news.

Of course, any account can be hacked, even Facebook’s Twitter and Instagram accounts, and the NFL, and this month the City of Oshkosh (WI) and Duplin County (NC) join the “yet another government network hijacked” club.

It’s one thing to be incompetent when it comes to security, but Blizzard doesn’t even understand their users. This month they’re asserting total copyright ownership of any mods their users create and they released Warcraft: Reforged, which is the first game to ever be reviewed this poorly by the userbase. You might give Blizzard some credit for this – after all, they did build the engine that allowed the third-party “Dota” to flourish. LastPass, however, built their own system but accidentally removed their own extension from the Chrome Web Store!

In IoT news, more than 2/3rds of corporate and government entities were compromised with endpoint attacks in 2019, the weakest link might be the building itself or any of tens of millions of devices on a typical corporate or government network, though, as expected, many Huawei IoT devices have a backdoor. A serious public key exposure in Fortinet SIEM allows evildoers to kill your security appliance, and a critial zero-day in SolarWinds RMM allows attackers to hijack your network. Supply chain attacks targeting EOL Windows 7 devices remind us why we should avoid EOL hardware and software, and Phillips Hue lightbulbs are still proving that they weren’t well though-out security-wise. Thousand of WordPress-based websites have been hijacked to redirect visitors to evil sites, and there is always more to security than patching.

Let’s end my soapbox on a happy note: The best news this month might just be that Netflix finally offers an option to disable those #@$& autoplay previews. It’s about time.

Let’s Get Busy

Now back to our regularly scheduled program. The typical computer should see roughly 2.2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Internet Explorer, .NET, Flash, Servicing Stack, and MSRT (~1.2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra, iCloud for Windows 10.9.2, iCloud for Windows 7.17, iOS 13.3.1, iPadOS 13.3.1, iTunes for Windows 12.10.4, Safari 13.0.5, tvOS 13.3.1, and watchOS 6.1.2. These are security updates. Use Apple Software Update to install the most current versions.

iOS 13.3.1 and 12.4.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 13.3.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 6.1.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 13.3.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 79.0.3945.123 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 32.0.0.330 is a security update. Take comfort knowing that Flash will be EOL in only 10 months.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (1909) is a pretty small update so will install quickly. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.2.2 resolves several issues and improves removal procedure. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

BullZip PDF Printer 11.12.0.2816 improves compatibility with Chrome 80+. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Intel Driver and Support Assistant 20.1.5 improves user interface, performance, uninstall, and resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 442.19 adds framerate capping, performance improvements for certain games, VRSS controls, and support for newer hardware. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Garmin Express 6.20 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 80.0.3987.100 is a security update. This version is also the predecessor to the new samesite cookie handling behavior that will cause problems for various industries, including ad-services. Use Menu, Help, About to install the most current version.

Firefox 73.0 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 68.5.0 is a security update. Use Menu, Help, About to install the most current version.

Iridium 2019.11.78 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.10.1745.27 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 68.5.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

MaxMind GeoLite: Due to their interpretation of the CCPA (California Consumer Privacy Act), MaxMind has opted to no longer provide direct downloads of their IP information databases. An account and agreement to perform updates immediately upon publishing new releases and removal of all existing copies is now required. Due to this we will no longer be listing MaxMind on SaferPC. I suggest you integrate their automatic update service into your existing platform to ensure that you can comply with their new usage agreement.

Prosody 0.11.4 improves performance and resolves several bugs. This is not a security update.
https://prosody.im/download/start

BrowsingHistoryView 2.36 adds option to delete Chrome and Firefox history records. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

FreeNAS 11.3 is a major update offering improved performance, security controls, community plugin integration, improved granularity of alerts and more. This is not a security update.
https://www.freenas.org/download-freenas-release/

Npcap 0.9987 is a security update.
https://nmap.org/npcap/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.10.4 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.01.20 resolves several bugs and improves reliability of Remote Play. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 20.006.20034 is a security update. Use Help, Check for Updates to get the most current version.

Adobe DNG 12.2 adds support for new hardware. This is not a security update.
Mac: https://supportdownloads.adobe.com/detail.jsp?ftpID=6879
Win: https://supportdownloads.adobe.com/detail.jsp?ftpID=6881

Adobe Experience Manager 6.5.0-31870 and 6.4.0-31868 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb20-08.html

Adobe Digital Editions 4.5.11 is a security update.
https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html

Adobe Framemaker 2019.0.5 is a security update.
https://helpx.adobe.com/security/products/framemaker/apsb20-04.html

Adobe Illustrator CC 24.0.2 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb20-03.html

Artweaver 7.0.4 resolves several bugs and improves performance with impasto and PSD text layers. This is not a security update.
https://www.artweaver.de/

Atom 1.44.0 resolves several bugs. This is not a security update.
https://atom.io/

LibreOffice Still 6.3.4 is a major update adding a wide variety of new features and performance improvements. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 6.4.0 resolves almost 500 bugs, including security issues. The typical user should run LibreOffice Still (stable), not Fresh (beta).
https://www.libreoffice.org/

Lightworks NLE 14.5 adds dozens of new features, export options, media codecs, and over a hundred bugs. This should be treated as a security update.
https://www.lwks.com/

Notepad++ 7.8.4 adds JSON and Workspace improvements, and resolves a crash bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.2.9 resolves several bugs and improves performance. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

QubesOS 4.0.3 is a security update.
https://www.qubes-os.org/downloads/

elementaryOS 5.1.2 is a security update.
https://elementary.io/

RogueKiller 14.1.1 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.0 improves reliability, user interface, exception controls, and resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.20.2 resolves several bugs. This is not a security update.
https://www.fosshub.com/ScreenToGif.html

Converter Updates

These are unlikely to be of interest to most people.

MKVToolnix 43.0.0 resolves several bugs and improves user interface defaults options from command line. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

DVDFab 11.0.7.1 resolves several bugs and adds support for newer encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.6.6 improves compatibility and resolves several bugs. This is not a security update.
https://www.roboform.com/

Easy2Boot 1.B8A improves compatibility and user-interface. This is not a security update.
https://www.fosshub.com/Easy2Boot.html

1Password for Mac 7.4.2 improves compatibility and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

ControlMyMonitor 1.25 adds option to put icon in tray. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

DesktopOK 6.84 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.66 adds Class GUID column. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Etcher 1.5.76 updates libraries and resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything CLI 1.1.0.18 doesn’t provide a changelog, so should be treated as a security update.
https://www.voidtools.com/

FileLocator Pro 8.5.2944 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 8.8.2 improves user interaction and resolves several bugs. This is not a security update.
https://community.fing.com/

GoodSync 10.10.21 improves performance and reliability, resolves several bugs. This is not a security update.
https://www.goodsync.com/

MS ISO Downloader 8.31 adds support for new media. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

OSFMount 3.0.1005 adds command-line options to load physical or logical emulation only, and resolves a permissions bug. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

SetDefaultBrowser 1.4 adds support for Chromium-based Edge. This is not a security update.
https://kolbi.cz/blog/2017/11/10/setdefaultbrowser-set-the-default-browser-per-user-on-windows-10-and-server-2016-build-1607/

TaskSchedulerView 1.54 adds options to select/deselect all to column chooser. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

USBDeview 2.86 adds mode option for Regedit call, to support opening with or without elevation.
https://www.nirsoft.net/utils/usb_devices_view.html

WinScan2PDF 5.21 improves WIA compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.32 resolves several bugs, adds options to export file types to CSV, filterexclude, and command-line supporter activation. This is not a security update. On the note of Supporters – this software is amazing. Use it. And donate.
https://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.2 improves reliability, performance, stability and resolves almost 2,000 bugs. This should be treated as a security update.
https://godotengine.org/

Node.js 13.8.0 is a security update.
https://nodejs.org/en/

SQLite 3.31.1 adds generated columns, hard heap limits, improved pragma, dbstat aggregated mode support, open nofollow, and resolves an internal schema compatibility issue. This compatibility fix is temporary, so fix your applications if you currently rely on parsing the data structure via internal schema. This is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.42 resolves several bugs, improves user interface, additional preference controls, task management, and more. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.2-135663 resolves several bugs and improves compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.7.6 resolves several bugs. This is not a security update.
https://www.adminer.org/en/

Drupal 8.8.2 resolves dozens of bugs. This is not a security update.
https://drupal.org/download

HumHub 1.4.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 3.9.15 is a security update.
https://www.joomla.org/

Magento 2.3.4, 2.2.11, 1.14.4.4, 1.9.4.4 are security updates.
https://helpx.adobe.com/security/products/magento/apsb20-02.html

Nextcloud Hub 18.0.0 is a major update adding improved file, flow, photos, calendar, mail, and talk integration, and ONLYOFFICE support. This is not a security update.
https://nextcloud.com/

ScreenConnect 19.6.26659.7340 is a security update.
https://www.connectwise.com/software/control/download

SpamAssassin 3.4.4 is a security update.
http://spamassassin.apache.org/downloads.cgi

YOURLS 1.7.6 is a security update.
https://yourls.org/

bbPress 2.6.4 is a security update.

Interactive World Map 3.1.4 is a major update that resolves several issues. This is not a security update.

myStickymenu 2.3.4 resolves several bugs. This is not a security update.

Postie 1.9.41 resolves regex bug and now attempts to process only 1 email at a time. This is not a security update.

Sucuri Security 1.8.23 updates key updater and improves user interface. This is not a security update.

W3 Total Cache 0.13.1 resolves several bugs. This is not a security update.

WooCommerce 3.9.1 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2018-11-13

Hi, Folks!

It’s Patch Tuesday and it’s a big one. Every major vendor has released security updates and there’s many smaller vendor updates released today, as well.

But before we get to that I want to briefly talk about something else. You’ve surely heard the phrase “Internet of Things” or “IoT”. This describes the common and growing practice of everything touching the Internet all the time. Besides the computers you have in your office and living room, the phone in your pocket, and the tablets you have littered across random flat surfaces across your home, there are now cars, toasters, refrigerators, light bulbs, irrigation systems, air conditioners, instant pots, and a million other things that are now Internet-enabled for our convenience or simply for the novelty of it. Nearly all of these devices don’t talk to the Internet directly, but through a router or modem which connects each of the devices at a specific location to the Internet through your Internet Service Provider. While it’s possible to hijack your light bulbs, fridge, and coffee maker, the low-hanging fruit of most networks is and always will be the router. This oft-overlooked device is poorly maintained and directly accessible from the Internet making it easy prey for attackers. Currently there’s a botnet called BCMUPnP_Hunter that has hijacked over 100,000 routers and is using them (and your Internet connection) to send spam and phishing messages.

In each case it could have been avoided.

All hardware is supported and maintained by the vendor for a limited time ranging from a mere 6 months to a decade. However, having it be “supported” is one thing – actually installing the firmware and software updates that would have prevented this and similar infections or proactively replacing end-of-life (EOL) hardware is critical. This neglect is like starving to death at a buffet. The updates and EOL information is out there, but you need to know your network (or hire someone to) and maintain or replace each device that touches it.

Know your network!

Now back to our regularly scheduled program.

The typical computer should see roughly 4gb in updates today. Let’s get started.

The first major update to macOS Mojave was released this week, as well as the first major update to iOS 12. Windows 10 v1809 has been released again. This version was pulled for the last two months because of a show-stopper bug that resulted in deleting user files of people with a specific configuration. That issue is now resolved, but it highlights the importance of letting other people be the guinea pig for major updates like this. Updates are important. Don’t get me wrong. Stability is more important, though, and there’s no reason to put a stable, secure, and supported operating system at risk with what amounts to a beta release. Microsoft maintains several versions of Windows 10 and there’s no reason to rush to the latest build. Install their standard security updates, but wait on new releases.

Windows 10 v1809 is about 3gb when downloaded by the Windows Upgrader/Windows Update, so expect it to randomly install for any Windows 10 Home user over the next month, consuming 3gb of bandwidth to get it done. If you have a slow connection, it could end up trying to download 3gb per day per device, so you would be better off downloading the installer yourself and installing it to ensure that the upgrade completes. That said, you should, of course, postpone upgrading to 1809 for the next couple months and let the rest of the world be the beta testers.

In any case, sometimes we all need that reminder: run your backups *now*.

Microsoft released Windows 10 v1809 and updates to Windows, Flash, Edge, Internet Explorer, and MSRT (~3gb). This includes security updates. A reboot is required.

Apple released macOS Mojave 10.14.1, macOS Mojave 10.14.1 Supplemental for MacBook Air, Security Update 2018-002 for High Sierra, Security Update 2018-005 for Sierra, iOS 12.1, tvOS 12.1, watchOS 5.1.1, Safari 12.0.1, iCloud for Windows 7.8, and iTunes 12.9.1. This includes security update. Use Apple Software Update to install these updates. A reboot is required.

Adobe Flash Player 31.0.0.148 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google Chrome OS 70.0.3538.76 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 29-1.2 is a new major version offering modularity, GNOME 3.30, Vagrant images, and more. This is not a security update.
https://getfedora.org/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of Windows 10 (1809) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.0.3 improves removal and removes paexec to minimize false positives from AV software. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 70.0.3538.102 is a security update. Use Menu, Help, About to install the most current version.

Firefox 63.0.1 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 60.3.0 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.1.1337.47 improves quick commands, resolves several bugs, and updates chromium source to v70. This is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.5.2 improves compatibility, stability, performance, and updates libraries. This is a security update.
https://getmailspring.com/

Thunderbird 60.3.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.33.0.50 improves group moderation and adds send with enter key. This is not a security update.
https://12pd.com/click?skype

Evernote 6.16.4.8094 resolves several bugs and improves stability. This is not a security update.
https://www.evernote.com/

FileZilla 3.38.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 10.6 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

MaxMind GeoIP Data 201811 is a data refresh.
https://dev.maxmind.com/geoip/geolite

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.5.8.7041 adds the ability to filter drives to only those that are writeable. This is not a security update.
https://cdburnerxp.se/

FastStone Viewer 6.7 improves performance, resolves several bugs, and expands options. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

Flickr Downloadr 2.7.0.1 doesn’t provide a changelog so should be treated as a security update.
https://flickrdownloadr.com/downloads/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.30.15625 resolves several bugs. This is not a security update.

Steam 2018.11.08 resolves several bugs and improves stability. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 19.008.20081 is a security update. Use Help, Check for Updates to get the most current version.

Paint.net 4.1.4 improves performance and resolves several bugs. This is not a security update.
https://www.getpaint.net/

LibreOffice Still 6.0.7 resolves dozens of bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 6.1.3 resolves dozens of bugs. This is not a security update.
https://www.libreoffice.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 3.1.5 resolves many bugs. This is not a security update.
https://www.gpg4win.org/download.html

SuperAntiSpyware 8.0.1024 is a major update adding DND mode, repair and reset modes, and startup monitoring. This is not a security update.
https://www.superantispyware.com/download.html

RogueKiller 13.0.9 updates detection engine and signatures. This is a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2019.0.1 resolves several bugs and improves stability. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.0.0.3 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.14.1 improves stability, adds support for new encodings, and new options. This is not a security update.
https://12pd.com/click?makemkv

Utility Updates

These are unlikely to be of interest to most people.

Beyond Compare 4.2.8.23479 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitcoin 0.17.0.1 resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

Cygwin 2.11.2 is a security update.
https://cygwin.com/

DesktopOK 5.76 resolves a startup bug. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

GoodSync 10.9.16 resolves several bugs, improves user experience, and change default security options. This should be treated as a security update.
https://12pd.com/click?goodsync

ImageUSB 1.4.100 resolves several bugs, adds a new option to fill remaining space with an extended partition. This is not a security update.
https://www.osforensics.com/tools/write-usb-images.html

FileLocator Pro 8.5.2868 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

BulkFileChanger 1.52 adds an option to fill current time to file time command attributes. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

DevManView 1.55 adds delay controls. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

USBDeview 2.77 adds delay controls. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

OSForensics 6.1.1004 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

WinScan2PDF 4.56 resolves a driver bug. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

CPU-Z 1.87 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Developer Updates

These are unlikely to be of interest to most people.

Node.js 11.1.0 resolves dozens of bugs. This is a security update.
https://nodejs.org/en/

SQLite 3.25.3 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.7.1 doesn’t provide a detailed changelog, so should be treated as a security update.
https://ppsspp.org/downloads.html

VirtualBox 5.2.22-126460 resolves several bugs and improves compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Joomla 3.9.0 provides over 250 fixes and improves privacy controls.
https://www.joomla.org/

ModSecurity 3.0.3 resolves several bugs, adds new rules and controls. This is not a security update.
https://github.com/SpiderLabs/ModSecurity/releases

phpList 3.3.6 resolves several bugs and adds new features. This is not a security update.
https://www.phplist.com/download

TinyMCE 4.8.5 resolves several bugs. This is not a security update.
https://www.tinymce.com/download/

Drupal 8.6.2 is a security update.
https://drupal.org/download

Akismet 4.1 adds several new features. This is not a security update.

Contact Form 7 5.0.5 resolves several bugs. This is not a security update.

myStickymenu 2.0.6 resolves the 404 configuration bug. This is not a security update.

NextScripts Social Networks Auto-Poster 4.2.8 is a security update.

Redirection 3.6.2 improves compatibility. This is not a security update.

WooCommerce 3.5.1 resolves several bugs. This is not a security update.

WPtouch 4.3.33 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2018-10-09

Hi, Folks!

macOS 10.14 Mojave, iOS 12, and Win10 (1809) have all been released. Run your backups *now*.

Mojave will automatically install on nearly all Macs running today, even if it is not supported on that hardware. Be prepared for problems, especially on your older Macs.

As expected, the “battery life” fixes for iOS 12 actually broke charging for many devices. iOS 12.0.1 was released yesterday to resolve that and other security bugs.

Windows 10 v1809 is about 3gb when downloaded by the Windows Upgrader/Windows Update, so expect it to randomly install for any Windows 10 Home user over the next couple months, consuming 3gb of bandwidth to get it done. If you have a slow connection, it could end up trying to download 3gb per day per device, so you would be better off downloading the installer yourself and installing it to ensure that the upgrade completes. That said, you should, of course, postpone upgrading to 1809 for the next couple months and let the rest of the world be the beta testers.

Now back to our regularly scheduled program. Today is Patch Tuesday and it’s a big one. With Mojave, iOS, and Windows 10 v1809 having been released, many vendors are releasing compatibility updates to ensure their software will remain operable on the newer platforms. Expect the next month to have many other large updates as well.

The typical computer should see roughly 4gb in updates today. Let’s get started.

Microsoft released Windows 10 v1809 and updates to Windows, .NET, Internet Explorer, Edge, Flash, and MSRT (~3.5gb). This includes security updates. A reboot is required.

Apple released macOS Mojave 10.14, iOS 12.0.1, iCloud for Windows 7.7, iTunes 12.9 for Windows, Safari 12, watchOS 5, tvOS 12, and Xcode 10. This includes security update. Use Apple Software Update to install these updates. A reboot is required.

Adobe Flash Player 31.0.0.122 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Adobe AIR 31.0.0.96 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Google Chrome OS 69.0.3497.95 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

macOS 10.14 Mojave has been released so devices running El Capitan (10.11) or older will no longer be supported. Your options are to either upgrade to at least Sierra (10.12) or replace your device. Mojave will not run on all Macs, just as High Sierra and even Sierra made some devices unusable. If in doubt whether your device will be able to support an operating system upgrade, be sure to perform a full disk backup prior to upgrade. You should do this anyway, just to be safe.
https://support.apple.com/macos/mojave

iOS 12 was supposed to improve performance and battery life, and resulted in breaking charging for many devices. iOS 12.0.1 fixes that as well as other security issues. You might want to connect your iOS device to your Mac or PC and create a backup with iTunes before installing this upgrade.
https://support.apple.com/ios

Windows 10 v1809 is now available. This build adds several new features, such as dark mode, multiple application tab support, integrated SSH, and improved privacy controls. It’s a huge download and if you’re running a Home version you should install it a couple weeks after it’s released to ensure that you aren’t surprised (and prevented from using your computer) when it installs automatically. Again, backups are good.

The now-current release of Windows 10 (1809) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients at The Farmory, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

BullZip PDF Printer 11.8.0.2728 adds command-line switch to preserve original driver and adds a feature to remember recent save locations. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Seagull Scientific printer driver collection 2018.3 resolves two significant bugs. This is not a security update.
https://www.seagullscientific.com/drivers/windows-printer-drivers/

Display Driver Uninstaller 18.0.0.2 resolves several bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver Update 3.5.1 resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Logitech SetPoint 6.69.114 resolves several bugs. This is not a security update.
https://support.logitech.com/en_us/software/setpoint

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 0.24.0 is a security update. Use Help, Check for Updates to get the most current version.
https://brave.com/

Google Chrome 69.0.3497.100 is a security update. Use Menu, Help, About to get the most current version.

Firefox 62.0.3 is a security update. Use Menu, Help, About to get the most current version.

Firefox ESR 60.2.2 is a security update. Use Menu, Help, About to get the most current version.

Vivaldi 2.0.1309.37 is a security update. Use Menu, Help, About to get the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.15 now preserves size and position of the properties window. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 60.2.1 is a security update. Use Menu, Help, About to get the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.31.0.92 adds URL previews. You likely received a warning that previous versions (6.x and 7.x) of Skype would soon no longer be supported even if you’re already running the latest version. It’s time to upgrade to 8.x, like it or not.
https://12pd.com/click?skype

uTorrent 3.5.4.44632 resolves several bugs. This is not a security update.
https://www.utorrent.com/downloads

FileZilla 3.37.4 resolves several bugs. This is not a security update.
https://filezilla-project.org/

MaxMind GeoIP Data 201810 is a data refresh.
https://dev.maxmind.com/geoip/geolite

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.5.8.7035 adds filtering for writeable drives. This is not a security update.
https://cdburnerxp.se/

FastStone Viewer 6.6 improves performance and video player, adds mouse gestures, date range filtering, and expands the batch tool. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

iTunes 12.9 adds compatibility with iOS 12 and adds features to Apple Music. Use Apple Software Update to install the most current version. This is a security update.
https://www.apple.com/itunes/download/

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS4 6.00 is a major update adding new features and performance improvements. This is a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 19.008.20074 is the third security update for Adobe Acrobat and Reader released in the last month. Use Help, Check for Updates to get the most current version.

Audacity 2.3.0 resolves over 90 bugs, improves stability, and adds new features. This should be treated as a security update.
https://www.audacityteam.org/download/

Paint.net 4.1.1 resolves several bugs. This is not a security update.
https://www.getpaint.net/

IcoFX 3.2.1 resolves several bugs. This is not a security update.
https://icofx.ro/

LibreOffice Fresh 6.1.2 resolves 70 bugs. This is a security update.
https://www.libreoffice.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 12.13.4 adds detections. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

SuperAntiSpyware 6.0.1264 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 3.00 adds support for Simple Cache for HTTP Chrome format. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 10.2.1.6 adds support for new encodings, improves reliability and adds new output formats. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.5.4 is a security update.
https://12pd.com/click?rf

NTLite 1.7.0.6522 improves cleanup, component selection, and adds support for 1809. This is not a security update.
https://www.ntlite.com/download/

1Password for Mac 7.2.1 adds support for Mojave, dark mode, and resolves several bugs. This is not a security update.
https://1password.com/downloads/

1Password for Windows 7.2.581 resolves several bugs, improves performance and reliability. This is not a security update.
https://1password.com/downloads/

8GadgetPack 27.0 adds support for 1809, improves compatibility, and resolves several bugs. This is not a security update. After upgrading or installing 1809 you will need to run the configuration wizard again to reactivate 8GadgetPack.
https://8gadgetpack.net/

GoodSync 10.9.10 resolves several bugs and improves performance. This is not a security update.
https://12pd.com/click?goodsync

Bitcoin 0.17.0 adds new features, performance improvements, and resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

CintaNotes 3.12 resolves several bugs. This is not a security update.
http://cintanotes.com/download

DesktopOK 5.71 adds support for 1809, improves reliability, adds spacing and size controls, resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

IsMyHdOK 1.51 is a cosmetic change. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

DiskMaker X 8.0 adds support for building Mojave. This is not a security update.
https://diskmakerx.com/

HWMonitor 1.36 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

SimpleWMIView 1.33 now supports stdout with an empty string for filename. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

USBDeview 2.76 now supports stdout with an empty string for filename. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

OSForensics 6.1.1001 improves case manager, and adds many new features, bug fixes and improvements. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 3.36 adds support for custom graphics for the pointer stick. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Rufus 3.3 resolves several bugs. This is not a security update.
https://rufus.akeo.ie/

SystemRescueCD 5.3.1 is a security update.
http://www.sysresccd.org/

WSUS Offline 11.5 resolves several bugs. This is not a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

Redemption 5.18.0.5142 adds support for Outlook 2019, Windows 10 1809, and Outlook Centennial, and resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

SQLite 3.25.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 5.2.18-124319 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

TinyMCE 4.8.3 resolves several bugs. This is not a security update.
https://www.tinymce.com/download/

MailEnable 10.19 adds support for SNI, improvements to webmail, resolves several bugs. This is not a security update.
https://www.mailenable.com/

Nextcloud Server 14.0.1 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

ScreenConnect 6.7.19864.6828 resolves several bugs. This is not a security update.
https://www.screenconnect.com/Download

Joomla 3.8.13 is a security update.
https://www.joomla.org/

Antispam Bee 2.9.0 improves integration and resolves several bugs. This is not a security update.

Autoptimize 2.4.0 refactors the code, adds several cache-integration features, improves minification, and resolves several bugs. This is not a security update.

BuddyPress 3.2.0 resolves several bugs. This is not a security update.

Postie 1.9.25 resolves several bugs. This is not a security update.

Redirection 3.5 resolves several bugs. This is not a security update.

Theme My Login 7.0.11 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2018-09-11

Hi, Folks!

The next builds of macOS (Mojave), iOS (12), and Win10 (1809) are all due in the next month. There’s no better time to run your backups than now. Remember: with the short release cycle of software companies today, YOU are the beta tester, so be prepared – run backups.

Now back to our regularly scheduled program. Today is Patch Tuesday and it’s a big one.

The typical computer should see roughly 3.5gb in updates today. Let’s get started.

Microsoft released updates to Windows, .NET, Internet Explorer, Edge, Flash, and MSRT (~3gb). This includes security updates. A reboot is required.

Apple released macOS High Sierra 10.13.6 Supplemental Update 2 for MacBook Pro. This is a security update. Use Apple Software Update to install these updates. A reboot is required.

Adobe Flash Player 31.0.0.108 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

macOS Mojave will be released next month so devices running El Capitan (10.11) or older will no longer be supported. Your options are to either upgrade to at least Sierra (10.12) or replace your device. Mojave will not run on all Macs, just as High Sierra and even Sierra made some devices unusable. If in doubt whether your device will be able to support an operating system upgrade, be sure to perform a full disk backup prior to upgrade. You should do this anyway, just to be safe.

iOS 12 is supposed to improve performance and battery life (we all know how well that worked in the past). This version is due within the month, so be prepared for a large download for your Apple mobile device. You might want to connect it to your mac or PC and create a backup with iTunes, too.

Windows 10 1809 is due out in October. This build adds several new features, such as multiple application tab support, integrated SSH, and improved privacy controls. It’s a huge download and if you’re running a Home version you should install it a couple weeks after it’s released to ensure that you aren’t surprised (and prevented from using your computer) when it installs automatically. Again, backups are good.

The now-current release of Windows 10 (1803) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients at The Farmory, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.0.0 adds support for newer hardware and resolves stability problems. This should be treated as a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Gaming Software 9.02.61 adds support for newer hardware and resolves several bugs. This is not a security update.
https://support.logitech.com/en_us/software/lgs

Logitech Options 6.92.275 adds support for newer hardware and resolves several bugs. This is not a security update.
https://support.logitech.com/en_us/software/options

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 69.0.3497.92 is a security update. This build also significantly changes the interface. The tab bar is larger and squared and the address bar now conceals some information that would otherwise be important (such as ‘www’ and the protocol – http vs https), relying instead only on a cosmetic lock indicator. This build also adds a prefetching header to finally join other mature browsers in alerting servers whether requests are prospective or due to user action. Use Menu, Help, About to install the most current release.

Firefox 62.0 is a security update. This build also significantly changes the home page, adding large blocks for history, Pocket, and highlights. This version also improves CSS support and is one step closer to completely disabling weak Symantec certificates. Use Menu, Help, About to install the most current release.

Firefox ESR 60.2.0 is a security update. Use Menu, Help, About to install the most current release.

Brave 0.23.107 is a security update. Brave is the best Chrome alternative I’m currently aware of, but is still a few days behind in security patches. Brave patches for the current Chromium release within 48 hours to their dev channel, but it takes a couple more days for that to be promoted to the current release.
https://www.brave.com/

Vivaldi 1.15.1147.64 is a security update. Vivaldi is slow to patch security updates from the Chromium base, so you should still avoid using it as your primary browser or you open yourself up to targeted attacks for known vulnerabilities.
https://vivaldi.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.30.0.50 resolves several feature disappearances since the 8.x release. This is not a security update.
https://12pd.com/click?skype

Trillian 6.1.0.17 resolvs several bugs. This is not a security update.
https://www.trillian.im/

Trillian Mac 6.1.0.8 resolves bugs. This is not a security update.

WinSCP 5.13.4 is a security update. This build resolves several bugs and updates libraries.
https://winscp.net/eng/index.php

uTorrent 3.5.4 Build 44520 is a security update.
https://www.utorrent.com/downloads

FreeFileSync 10.4 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

FileZilla 3.36.0 resolves several crash bugs. This is not a security update.
https://filezilla-project.org/

MaxMind GeoIP Data 201809 is a data refresh.
https://dev.maxmind.com/geoip/geolite

Media Updates

These are unlikely to be of interest to most people.

VLC Media Player 3.0.4 resolves several bugs. This is not a security update.
https://www.videolan.org/vlc/

MusicBrainz Picard 2.0.4 resolves several bugs. This is not a security update.
https://musicbrainz.org/doc/MusicBrainz_Picard

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.25.7131 resolves several bugs. This is not a security update.
https://www.origin.com/en-us/download

PlayStation PS4 5.56 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Photoshop CC 19.1.6 and 18.1.6 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb18-28.html

Artweaver 6.0.9 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Paint.net 4.1 resolves several bugs and adds many new features. This is not a security update.
https://www.getpaint.net/

Kindle for PC 1.24.3.51068 doesn’t provide a changelog so should be treated as a security update.
https://12pd.com/click?kindle4pc

Krita 4.1.1 resolves several bugs and adds new features. This is not a security update.
https://krita.org/en/download/krita-desktop/

Security Software Updates

One or more of these is likely to be of interest to most people.

OpenSSL 1.1.1 is a security update.

OpenSSL 1.1.0i is a security update.

Avast! Home Edition 18.6.2349.0 removes VPN, adds TLS 1.3 scanning, and resolves several bugs. This is a security update.
https://www.avast.com/free-antivirus-download

KeePass 1.36 updates libraries, improves compatibility and ACL. This should be treated as a security update.
https://keepass.sourceforge.net/

Wireshark 2.6.3.0 is a security update.
https://www.wireshark.org/

Gpg4win 3.1.3 resolves several bugs. This Should be treated as a security update.
https://www.gpg4win.org/download.html

DNSQuerySniffer 1.72 resolves a crash bug. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

RouterPassView 1.75 adds support for several new encryption protocols. This is not a security update.
https://www.nirsoft.net/utils/router_password_recovery.html

SmartSniff 2.29 resolves a crash bug. This is not a security update.
https://www.nirsoft.net/utils/smsniff.html

PS Pending Reboot 0.9.0.6 resolves a reliability bug. This is not a security update.
https://github.com/bcwilhite/PendingReboot

RogueKiller 12.13.0 is a security update.
https://www.adlice.com/softwares/roguekiller/

Converter Updates

These are unlikely to be of interest to most people.

CDex 2.09 resolves several bugs. This is not a security update.
https://cdex.mu/?q=download

DVDFab 10.2.1.3 adds support for new encodings, resolves severa bugs, and improves stability. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.5.3 should be treated as a security update. This build resolves a major risk of data loss.
https://12pd.com/click?rf

GoodSync 10.9.8 resolves many bugs and introduces a new GSTP version that improves performance. This is a security update.
https://12pd.com/click?goodsync

NTLite 1.7.0.6500 adds several tweaks and resolves bugs. This is not a security update.
https://www.ntlite.com/download/

Cygwin 2.11.0 is a security update.
https://cygwin.com/

DesktopOK 5.56 resolves bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

NetworkTrafficView 2.16 resolves a stability bug. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

RegFileExport 1.10 resolves an encoding bug. This should be treated as a security update.
https://www.nirsoft.net/utils/registry_file_offline_export.html

WifiChannelMonitor 1.57 updates internal MAC database and resolves a positioning bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.40 adds option to filter by signal quality. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

SystemRescueCD 5.3.0 is a security update.
https://www.sysresccd.org/

TeamViewer 13.2.14327 resolves crash bugs. This is not a security update.
https://www.teamviewer.com/en/download/windows/

WinScan2PDF 4.41 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.26 adds color customization and improves high DPI support. This is not a security update.
https://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

Rufus 3.2 adds application signing, improves performance, and resolves several bugs. This should be treated as a security update.
https://rufus.akeo.ie/

Virtual Machine Updates

These are unlikely to be of interest to most people.

DOSBox 0.74-2 resolves several bugs. This is not a security update.
https://www.dosbox.com/

VMware Player 14.1.3 is a security update.
https://www.vmware.com/products/player/

Web Package Updates

These are likely to be of interest only to web developers.

DigiCertUtil 20180829 doesn’t provide a changelog, so should be treated as a security update.
https://www.digicert.com/util/

Joomla 3.8.12 is a security update.
https://www.joomla.org/

phpMyAdmin 4.8.3 is a security update.
https://www.phpmyadmin.net/home_page/news.php

phpList 3.3.4 resolves several bugs. This is not a security update.
https://www.phplist.com/download

Contact Form 7 5.0.4 resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.2.7 resolves several bugs. This is not a security update.

Redirection 3.4.1 resolves several bugs. This should be treated as a security update.

WooCommerce 3.4.5 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2018-01-09

Happy New Year, Folks!

The new year brings a lot of FUD regarding the CPU security issues Meltdown and Spectre. Yes, every CPU from the last 20 years is affected. Yes, it’s a security issue that allows evil apps to access memory they shouldn’t be allowed to. Yes, the fix is going to effectively slow down devices in order to secure them. But NO, it’s not really any more severe than any other hardware or software vulnerability. It still requires the evil app to get onto your computer, which means you either have to install it or fail to patch and secure your operating system and other applications, enabling the attacker to put evil apps on there. In other words, you’re at no significantly greater risk today than you were last week. As always, patching your operating system and applications, removing unwanted and unused applications, back up your data often, and “behaving” online remain the rule of the day.

That said, the updates today address some of these CPU issues. Unfortunately, there are higher-than-normal failure rates for this patch since it was rushed out. This means you should be more wary than usual about failures following Patch Tuesday this week. If you haven’t backed up your data recently or created a system restore point: NOW is the time to run backupsbefore you install updates this week. Back to our regularly scheduled program…

It’s Patch Tuesday and it’s a pretty big one. The new year has begun, and there are lots of updates for almost everything.

The typical computer should see roughly 1.5gb in updates today. Let’s get started.

Microsoft released updates to Windows, Internet Explorer, Office, .NET and MSRT (~1gb). This includes security updates. A reboot is required.

Apple released updates for macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6, iOS 11.2.2, Safari 11.0.2 (again! v. 11604.4.7.1.6 and 12604.4.7.1.6), Pro Video Formats 2.0.6, and tvOS 11.2.1. This includes security updates. Use Apple Software Update to install the most current versions. A reboot is required.

Apple released security updates for AirPort Base Station 7.7.9 (wireless ac models) and 7.6.9 (wireless n models).

iOS 11.2.2 is a security update for all iPhone 5s, iPad Air, iPod touch 6th generation and newer hardware. Previous generations of hardware are no longer supported. Use Settings, General, Software Update to install the most current version. A reboot is required.

Google Chrome OS 63.0.3239.86 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 28.0.0.137 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

I’ve had a lot of calls recently from people whose computers seem unusually slow since late October. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients at The Farmory, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Crucial Storage Executive 3.5 doesn’t provide a changelog, so should be treated as a security update.
https://www.crucial.com/usa/en/support-storage-executive

Display Driver Uninstaller 17.0.8.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver Update 3.1.1 improves detection and reporting. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 63.0.3239.132 is a security update. Use Menu, Help, About to install the most current version.

Firefox 57.0.4 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 52.5.2 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

DiscordApp 21.12.2017 adds animated emojis, improves screensharing quality and adds PayPal support. This is not a security update.
https://discordapp.com/download

WinSCP 5.11.3 is a security update.
https://winscp.net/eng/index.php

Evernote 6.8.7.6387 resolves several bugs. This is not a security update.
https://www.evernote.com/

uTorrent 3.5.1 Build 44332 is a security update.
https://www.utorrent.com/downloads

FileZilla 3.30.0 improves logging for update failures. Since updates often include security updates, this should be treated as a security update.
https://filezilla-project.org/

MaxMind GeoIP Data 201801 is a data refresh. This is not a security update.
https://dev.maxmind.com/geoip/

BrowsingHistoryView 2.15 adds support for Pale Moon browser. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Media Updates

These are unlikely to be of interest to most people.

VLC 2.2.8 resolves several bugs. This is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS4 5.03 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.5.4 resolves several bugs. This is not a security update.
https://12pd.com/click?npp

OpenOffice 4.1.5 resolves several bugs. This is not a security update.
https://www.openoffice.org/download/

Paint.net 4.0.20 adds a dark theme, improves high-DPI support, and resolves many bugs. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

Norton Power Eraser 20171218 is a security update.
https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN_EndUserProfile_en_us

Avast! Home Edition 17.9.2322 resolves several bugs. This is a security update.
https://www.avast.com/free-antivirus-download

KeePass 1.35 resolves several bugs and updates libraries. This is a security update.
http://keepass.sourceforge.net/

DNSQuerySniffer 1.70 adds TEXT and improves data preservation. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

RogueKiller 12.11.32 improves compatibility and adds detections. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 3.2.1711.2916 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

XSplit Gamecaster 3.1.1708.2943 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

CDex 1.97 updates libraries and resolves several bugs. This is not a security update.
http://cdex.mu/?q=download

DVDFab 10.0.7.7 adds support for additional encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 4.1 adds XML and DFXML exports, MFS, DC42, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.5.0.5855 resolves several bugs. Ths is not a security update.
https://www.ntlite.com/download/

1Password for Windows 6.8.492 is a huge update with dozens of fixes, improvements, new features, and more. This is a security update.
https://1password.com/downloads/

GoodSync 10.7.2 resolves several bugs, improves service compabitility and performance, and now provides local-device encryption (non-portable) for authentication storage.
https://12pd.com/click?goodsync

RoboForm 8.4.6 improves reliability and Edge support, and resolves several bugs. This is not a security update.
https://12pd.com/click?rf

BFGMiner 5.5.0 updates libraries and resolves a dozen bugs. This is a security update.
https://github.com/luke-jr/bfgminer/

DesktopOK 4.93 adds autosave support. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

HWMonitor 1.34 adds support for newer hardware and Windows 10 1709. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

DevManView 1.50 adds quick-filter support. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

NetworkTrafficView 2.12 improves detection of Microsoft services. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

USBDeview 2.73 adds port name detection. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WifiChannelMonitor 1.50 resolves a live detection bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

OSForensics 5.2.1004 improves reporting, resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 2.99 improves reliability. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

WinScan2PDF 3.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.1 resolves several detection issues. This is not a security update.
http://download.wsusoffline.net/

Autoruns 13.81 resolves several bugs. This should be treated as a security update.
https://sysinternals.com/

BgInfo 4.24 resolves several bugs. This is not a security update.
https://sysinternals.com/

Handle 4.11 now exports data to %TEMP% on 64-bit machines. This is not a security update.
https://sysinternals.com/

Sysmon 7.01 resolves reliability bugs. This is not a security update.
https://sysinternals.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 14.1.0 is a security update.
https://www.vmware.com/products/player/

VirtualBox 5.2.4-119785 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 8.4.4 corrects dozens of bugs. This is not a security update.
https://drupal.org/download

MailEnable Enterprise 10.11 resolves several bugs. This is not a security update.
https://www.mailenable.com/

phpMyAdmin 4.7.7 is a security update.
https://www.phpmyadmin.net/home_page/news.php

ScreenConnect 6.4.15787.6556 adds several new features. This is not a security update.
https://www.screenconnect.com/Download

Akismet 4.0.2 resolves a couple bugs. This is not a security update.

Autoptimize 2.3.2 improves resolves a couple bugs and adds cache-busting. This is not a security update.

Multisite Plugin Manager 3.1.6 adds WP CLI compatibility. This is not a security update.

Register IP – Multisite 1.8.0 adds column sortability and proxy support. This is not a security update.

Theme My Login 6.4.10 resolves a couple bugs and improves security handling. This is not a security update.

WooCommerce 3.2.6 resolves over a dozen bugs. This is not a security update.

WP Mail SMTP 1.2.2 resolves several bugs. This is not a security update.

WPtouch 4.3.23 improves custom footer logic and corrects a typo. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/