Updates 2018-01-09

Happy New Year, Folks!

The new year brings a lot of FUD regarding the CPU security issues Meltdown and Spectre. Yes, every CPU from the last 20 years is affected. Yes, it’s a security issue that allows evil apps to access memory they shouldn’t be allowed to. Yes, the fix is going to effectively slow down devices in order to secure them. But NO, it’s not really any more severe than any other hardware or software vulnerability. It still requires the evil app to get onto your computer, which means you either have to install it or fail to patch and secure your operating system and other applications, enabling the attacker to put evil apps on there. In other words, you’re at no significantly greater risk today than you were last week. As always, patching your operating system and applications, removing unwanted and unused applications, back up your data often, and “behaving” online remain the rule of the day.

That said, the updates today address some of these CPU issues. Unfortunately, there are higher-than-normal failure rates for this patch since it was rushed out. This means you should be more wary than usual about failures following Patch Tuesday this week. If you haven’t backed up your data recently or created a system restore point: NOW is the time to run backupsbefore you install updates this week. Back to our regularly scheduled program…

It’s Patch Tuesday and it’s a pretty big one. The new year has begun, and there are lots of updates for almost everything.

The typical computer should see roughly 1.5gb in updates today. Let’s get started.

Microsoft released updates to Windows, Internet Explorer, Office, .NET and MSRT (~1gb). This includes security updates. A reboot is required.

Apple released updates for macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6, iOS 11.2.2, Safari 11.0.2 (again! v. 11604.4.7.1.6 and 12604.4.7.1.6), Pro Video Formats 2.0.6, and tvOS 11.2.1. This includes security updates. Use Apple Software Update to install the most current versions. A reboot is required.

Apple released security updates for AirPort Base Station 7.7.9 (wireless ac models) and 7.6.9 (wireless n models).

iOS 11.2.2 is a security update for all iPhone 5s, iPad Air, iPod touch 6th generation and newer hardware. Previous generations of hardware are no longer supported. Use Settings, General, Software Update to install the most current version. A reboot is required.

Google Chrome OS 63.0.3239.86 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 28.0.0.137 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

I’ve had a lot of calls recently from people whose computers seem unusually slow since late October. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients at The Farmory, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Crucial Storage Executive 3.5 doesn’t provide a changelog, so should be treated as a security update.
https://www.crucial.com/usa/en/support-storage-executive

Display Driver Uninstaller 17.0.8.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver Update 3.1.1 improves detection and reporting. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 63.0.3239.132 is a security update. Use Menu, Help, About to install the most current version.

Firefox 57.0.4 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 52.5.2 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

DiscordApp 21.12.2017 adds animated emojis, improves screensharing quality and adds PayPal support. This is not a security update.
https://discordapp.com/download

WinSCP 5.11.3 is a security update.
https://winscp.net/eng/index.php

Evernote 6.8.7.6387 resolves several bugs. This is not a security update.
https://www.evernote.com/

uTorrent 3.5.1 Build 44332 is a security update.
https://www.utorrent.com/downloads

FileZilla 3.30.0 improves logging for update failures. Since updates often include security updates, this should be treated as a security update.
https://filezilla-project.org/

MaxMind GeoIP Data 201801 is a data refresh. This is not a security update.
https://dev.maxmind.com/geoip/

BrowsingHistoryView 2.15 adds support for Pale Moon browser. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Media Updates

These are unlikely to be of interest to most people.

VLC 2.2.8 resolves several bugs. This is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS4 5.03 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.5.4 resolves several bugs. This is not a security update.
https://12pd.com/click?npp

OpenOffice 4.1.5 resolves several bugs. This is not a security update.
https://www.openoffice.org/download/

Paint.net 4.0.20 adds a dark theme, improves high-DPI support, and resolves many bugs. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

Norton Power Eraser 20171218 is a security update.
https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN_EndUserProfile_en_us

Avast! Home Edition 17.9.2322 resolves several bugs. This is a security update.
https://www.avast.com/free-antivirus-download

KeePass 1.35 resolves several bugs and updates libraries. This is a security update.
http://keepass.sourceforge.net/

DNSQuerySniffer 1.70 adds TEXT and improves data preservation. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

RogueKiller 12.11.32 improves compatibility and adds detections. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 3.2.1711.2916 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

XSplit Gamecaster 3.1.1708.2943 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

CDex 1.97 updates libraries and resolves several bugs. This is not a security update.
http://cdex.mu/?q=download

DVDFab 10.0.7.7 adds support for additional encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 4.1 adds XML and DFXML exports, MFS, DC42, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.5.0.5855 resolves several bugs. Ths is not a security update.
https://www.ntlite.com/download/

1Password for Windows 6.8.492 is a huge update with dozens of fixes, improvements, new features, and more. This is a security update.
https://1password.com/downloads/

GoodSync 10.7.2 resolves several bugs, improves service compabitility and performance, and now provides local-device encryption (non-portable) for authentication storage.
https://12pd.com/click?goodsync

RoboForm 8.4.6 improves reliability and Edge support, and resolves several bugs. This is not a security update.
https://12pd.com/click?rf

BFGMiner 5.5.0 updates libraries and resolves a dozen bugs. This is a security update.
https://github.com/luke-jr/bfgminer/

DesktopOK 4.93 adds autosave support. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

HWMonitor 1.34 adds support for newer hardware and Windows 10 1709. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

DevManView 1.50 adds quick-filter support. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

NetworkTrafficView 2.12 improves detection of Microsoft services. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

USBDeview 2.73 adds port name detection. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WifiChannelMonitor 1.50 resolves a live detection bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

OSForensics 5.2.1004 improves reporting, resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 2.99 improves reliability. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

WinScan2PDF 3.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.1 resolves several detection issues. This is not a security update.
http://download.wsusoffline.net/

Autoruns 13.81 resolves several bugs. This should be treated as a security update.
https://sysinternals.com/

BgInfo 4.24 resolves several bugs. This is not a security update.
https://sysinternals.com/

Handle 4.11 now exports data to %TEMP% on 64-bit machines. This is not a security update.
https://sysinternals.com/

Sysmon 7.01 resolves reliability bugs. This is not a security update.
https://sysinternals.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 14.1.0 is a security update.
https://www.vmware.com/products/player/

VirtualBox 5.2.4-119785 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 8.4.4 corrects dozens of bugs. This is not a security update.
https://drupal.org/download

MailEnable Enterprise 10.11 resolves several bugs. This is not a security update.
https://www.mailenable.com/

phpMyAdmin 4.7.7 is a security update.
https://www.phpmyadmin.net/home_page/news.php

ScreenConnect 6.4.15787.6556 adds several new features. This is not a security update.
https://www.screenconnect.com/Download

Akismet 4.0.2 resolves a couple bugs. This is not a security update.

Autoptimize 2.3.2 improves resolves a couple bugs and adds cache-busting. This is not a security update.

Multisite Plugin Manager 3.1.6 adds WP CLI compatibility. This is not a security update.

Register IP – Multisite 1.8.0 adds column sortability and proxy support. This is not a security update.

Theme My Login 6.4.10 resolves a couple bugs and improves security handling. This is not a security update.

WooCommerce 3.2.6 resolves over a dozen bugs. This is not a security update.

WP Mail SMTP 1.2.2 resolves several bugs. This is not a security update.

WPtouch 4.3.23 improves custom footer logic and corrects a typo. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2016-10-11

Hi, Folks!

It’s Patch Tuesday.

The typical computer should see roughly 1.5gb in updates today. It’s another big one. Let’s get started.

Microsoft released updates to Windows, Edge, Internet Explorer, .NET, Silverlight, Office, and MSRT (~1.2gb). This includes security updates. A reboot is required.

This month marks the beginning of a new Microsoft update policy of packaging updates in group rollups instead of individually for different applications, even for older supported operating systems like Windows 7 and 8.1. As of this month Microsoft will release all Windows-tied security patches in the same file each month, with a separate non-security update package and other minor updates for feature and compatibility fixes. What this means for you is that Windows will now impose security updates once they’ve passed limited testing, and will deal with the aftermath of inevitable failures after Patch Tuesday with additional rollups. Don’t get me wrong, the security updates are essential to good computing, but without the ability to selectively exclude known-bad updates after internal testing is performed, this is going to create a situation where most enterprise environments delay updates even longer. The only safe resolution for this is to have full backups and be prepared to perform a reset or system restore should, well, the inevitable disaster occur.

Apple released updates for macOS/OS X, Safari, iCloud for Windows, Windows Migration Assistant, and printer drivers. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 10.0.2 is the second security update to the new version of iOS 10 that was released last month. Use Settings, General, Software Update to install the most current version. It should be okay to install on your iOS device now, but be prepared for 10.0.3 anytime.

Google Chrome OS 53.0.2785.154 is a security update. Use Menu, Help, About to install the most current version.

Adobe Flash Player 23.0.0.185 is a security update. Flash is being actively replaced with HTML5 on most sites and services, however, so unless you’re 110% positive you need it for critical functions, you should remove it instead. And, within those browsers that have it embedded (Chrome, Edge, Internet Explorer 11+) disable it. It’s just not worth the risk.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.2.1 fixes reliability problems. This is not a security update.
http://www.wagnardmobile.com/DDU/

DS4Windows 1.4.52 adds support to new hardware, and fixes reliability problems. This is not a security update.
http://ds4windows.com/

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 53.0.2785.143 is a security update. Use Menu, Help, About to install the most current version.

Firefox 49.0.1 is a security update. Menu, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Adobe Shockwave 12.2.5.195 did not provide a changelog, so should be treated as a security update. Chances are very good you don’t need it anyway, though, so remove it if at all possible.
https://12pd.com/click?shockwave

Silverlight 5.1.50709 is a security update.
http://www.microsoft.com/getsilverlight/Get-Started/Install/Default.aspx

Skype 7.28.0.101 is no longer Windows 7-friendly, and doesn’t play well with older versions. There’s no indication that this release is a security update, so stick with 7.15 to 7.27.
https://12pd.com/click?skype

Mumble 1.2.17 is a security update.
https://github.com/mumble-voip/mumble/releases

BIND 9.10.4-P3, 9.11.0rc3, 9.9.9-P3, and 9.9.9-S5 are security updates.

curl 7.50.3 is a security update.

WinSCP 5.9.2 fixes several bugs. This is not a security update.
http://winscp.net/eng/index.php

Evernote 6.3.3.3502 fixes many bugs and improves Google Drive support. This is not a security update.
http://www.evernote.com/

Nmap 7.30 updates OS fingerprints, adds several new scripts, updates libraries and adds support for several additional protocols. This is not a security update.
http://nmap.org/

FileZilla 3.22.1 fixes a crash bug. This is not a security update.
http://filezilla-project.org/

MaxMind GeoIP Data 201610 is a data refresh.
http://dev.maxmind.com/geoip/geolite

BrowsingHistoryView 1.90 adds support for Vivaldi and profile management. This is not a security update.
http://www.nirsoft.net/utils/browsing_history_view.html

NK2Edit 3.26 adds ability to import from message store. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

IMAPSize is now dead. The source has been released for 0.3.7, but the author is discontinuing what little support existed over the last 7 years.
http://www.broobles.com/imapsize/news.php

Media Updates

These are unlikely to be of interest to most people.

Unreal Streaming Media Player 7.1 integrates HTML5 video element support and UMS-HTTPS into the engine, eliminating the need for the IIS extension.
http://www.umediaserver.net/umediaserver/download.html

Unreal Media Server 12.0 integrates HTML5 video element support and UMS-HTTPS into the engine, eliminating the need for the IIS extension.
http://www.umediaserver.net/umediaserver/download.html

Game Updates

These are unlikely to be of interest to most people.

Battle.net Client 20161011 doesn’t provide a changelog, so should be treated as a security update.
http://us.battle.net/en/app/

EA Origin 10.1.1.35466 fixes several bugs. This is not a security update.
https://www.origin.com/en-us/download

Lego Digital Designer 4.3.10 removes the ability to order your models. This is not a security update.
http://ldd.lego.com/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat 11.0.18 Pro is a security update. Use Help, Check for Updates to install the most current version.

Adobe Acrobat DC 2015.020.20039 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Reader 11.0.18 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Creative Cloud Desktop 3.8.0.310 is a security update. Since the security vulnerability is within the update feature, it’s not safe to use that to update it. Download the new build here:
https://www.adobe.com/creativecloud/desktop-app.html

Adobe FrameMaker 2015.0.5 is a security update.
Win: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6088

Adobe DNG Converter 9.7 adds support for new hardware. This is not a security update.
Win: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6087
Mac: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6086

Artweaver 5.1.4 fixes several bugs. This is not a security update.
http://www.artweaver.de/

LibreOffice 5.2.2 fixes several bugs and improves stability. This is not a security update.
http://www.libreoffice.org/

Notepad++ 7 adds 64-bit support, updates libraries, improve HDPI support and monitoring, many new commands and more. This is a security update.
https://12pd.com/click?npp

OpenPetra 2016.07.0.0 improves security and improves Finance and Partner System. This is a security update.
http://www.openpetra.org/

Kindle for PC 1.17.1 Build 44183 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

CertData 10 Oct 2016 is a security update. If you roll your own certificates, it’s time to update.
https://mxr.mozilla.org/mozilla-central/source/security/nss/lib/ckfw/builtins/certdata.txt

OpenSSL 1.1.0b is a security update.

Wireshark 2.2.1 is a security update.
http://www.wireshark.org/

Wireless Network Watcher 2.02 updates the internal MAC addresses database. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 12.7.1 improves scanning, telemetry and detections. This is not a security update.
http://www.adlice.com/softwares/roguekiller/

Stinger 12.1.0.2137 improves detections. This is a security update.
https://12pd.com/click?stinger

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 2.8.1607.1944 fixes several bugs. This is not a security update.
http://www.xsplit.com/get/

XSplit Gamecaster 2.8.1607.2031 fixes several bugs. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 9.3.1.6 adds support for new encodings, adds new conversion profiles, and fixes several bugs. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.2.0.4433 adds several new components and a wizard to refresh for new builds. This is not a security update.
https://www.ntlite.com/download/

SpaceSniffer 1.3.0.2 fixes an export data bug. This is not a security update.
http://www.uderzo.it/main_products/space_sniffer/

7-Zip 16.04 fixes several bugs. This is a security update.
http://www.7-zip.org/

8GadgetPack 21.0 adds Windows 10 Anniversary Update compatibility, fixes several bugs. This is not a security update.
http://8gadgetpack.net/

GoodSync2Go 10.1.4 fixes several bugs, including license issues, browse and event notification. This is not a security update.
https://12pd.com/click?goodsync

dupeGuru 4.0.2 fixes crash bug in macOS Sierra. This is not a security update.
http://www.hardcoded.net/dupeguru/

IEDigest 1.9.2 adds new policies from Windows 10 Anniversary Update, new warnings and registry keys. This is not a security update.
http://www.regente.de/IEDigest/?page_id=9

ImageUSB 1.3.1002 doesn’t provide a changelog, so should be treated as a security update.
http://www.osforensics.com/tools/write-usb-images.html

Ketarin 1.8.7 adds ifempty and runpowershell variable parsing, compatibility with PowerShell 4.0 and 5.0, and adds segmented downloading. This is not a security update.
http://ketarin.org/

Agent Ransack 2016.864 fixes bugs in context menu and registration. This is not a security update.
http://mythicsoft.com/agentransack/download

FileLocator Pro 8.1.2677 adds support for HDPI, improved PST/OST support, and reliability fixes. This is a security update.
http://www.mythicsoft.com/filelocatorpro/download

CurrPorts 2.25 adds the ability to hide loopback connections. This is not a security update.
http://www.nirsoft.net/utils/cports.html

Password Security Scanner 1.40 adds support for Yandex and Vivaldi browsers. This is not a security update.
http://www.nirsoft.net/utils/password_security_scanner.html

WakeMeOnLan 1.78 adds connection name to the network adapters list. This is not a security update.
http://www.nirsoft.net/utils/wake_on_lan.html

WifiInfoView 2.08 adds the connection name to the network adapters list. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

Synergy 1.8.3 fixes several bugs, adds macOS support and clipboard options, improves reliability and removes automatic elevation. This is a security update.
http://symless.com/download/

SystemRescueCD 4.8.3 updates libraries and tools. This is a security update.
http://www.sysresccd.org/

TeamViewer 11.0.66695 improves reliability, fixes several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WSUS Offline 10.8 fixes several bugs and improves reliability. This is a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

GitHub Desktop 3.3.1 is a security update.
https://desktop.github.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 12.5.0 adds support for Windows 10 Anniversary Update, and many bug fixes. This is a security update.
http://www.vmware.com/products/player/

PPSSPP 1.3 fixes many bugs, improves reliability and updates libraries. This is a security update.
http://ppsspp.org/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.5.44 is a security update.
http://coppermine-gallery.net/

ownCloud Client 2.2.4 fixes several bugs. This is not a security update.
https://owncloud.org/install/

Drupal 8.2.1 fixes several bugs, updates libraries, adds many improvements. This is a security update.
http://drupal.org/download

HumHub 1.1.1 fixes several bugs, improves reliability, and other enhancements. This is a security update.
https://www.humhub.org/en/download

MailEnable 9.50 adds PowerShell API, multifactor authentication, bulk operations for archive, move and delete, and fixes for several bugs. This is not a security update.
http://www.mailenable.com/

SMF 2.0.12 is a security update.
http://download.simplemachines.org/

Contact Form 7 4.5.1 fixes several bugs. This should be treated as a security update.

Multisite Enhancements 1.3.6 improves compatibility with the current release of WordPress.

NextScripts Social Networks Auto-Poster 3.7.3 adds MailChimp and Weibo, reset improvements, Twitter improvements and bug fixes. This is a security update.

Sucuri Security 1.8.3 fixed several bugs. This is not a security update.

W3 Total Cache 0.9.5.1 is a security update.

WP Edit 4.0 adds integration API and nonce support. This is a security update.

WPtouch 4.3.3 fixes several bugs. This is not a security update.
That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2014-10-14

Hi, Folks!

It’s BASH Tuesday! October is here. September was awful. There were 3.5 update cycles in September and a large number of vulnerabilities released for a wide array of software and hardware. The most significant of these was Shellshock, a vulnerability discovered in late September which directly impacts almost every Linux-powered device and operating system for over 20 years. The scope of this particular vulnerability made Heartbleed look minor. However, as significant as it is, it doesn’t directly affect most consumers. The most significant issue for most consumers is going to be those devices they don’t think of as having an operating system: stuff like security cameras, automatic lights and even cars. Many of these run a form of Linux that if networking is enabled opens them up to the potential for exploitation. When in doubt call the vendor. Or me. 😉

Today brings a relatively light load of updates. The typical computer will require less than 300mb in updates today.

I always remind everyone to do their backups, but this month it’s really important. Yesterday HP disclosed that they “accidentally” allowed one of their certificates to be used to “sign” malware, enabling the malware to bypass various security precautions on many computers. They plan to revoke this certificate and re-key their software next month, but this will invalidate the recovery partition on many HP and Compaq computers. If something happens to an affected computer that requires reinstalling the operating system, it could be prevented unless media (which you have to make yourself) is used. Back your content up now, and if you haven’t done so yet, create your “recovery media” as soon as possible.

And now back to our regularly scheduled program.

Microsoft released updates for Windows, Internet Explorer, MS Office, Developer tools, and .Net. This includes security updates (80-185mb). A reboot is required.
http://update.microsoft.com/

Apple released updates for iOS, printer drivers and BASH. This includes security updates. Use Apple Software Update to install these updates. A reboot is required. Apple plans to release OS X Yosemite (10.10) this Friday. Yosemite will support all hardware supported by Mavericks, so if you are running Mavericks, you can update to Yosemite for free through Apple Software Update this weekend.

iOS 8.0.2 is the first mostly-stable release of iOS. You can install it now. Use iTunes or Settings, General, About to install this update. Back it up first!

Adobe Flash Player 15.0.0.189 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Adobe AIR 15.0.0.293 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Samsung SideSync 3.0.3.663 does not provide a detailed changelog, so should be treated as a security update.
http://www.samsung.com/us/sidesync

Display Driver Uninstaller 13.4.1.0 improves cleanup. This is not a security update.
http://www.wagnardmobile.com/DDU/downloads.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 38.0.2125.101 is a security update. Use Menu, About to get the most current version.

Firefox 33.0 is a security update. Use Help, About to get the most current version.

SeaMonkey 2.29.1 is a security update. Use Help, About to get the most current version.

K-Meleon 74 is a security update. Use Help, About to get the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 31.2.0 is a security update. Use Menu, About to get the most current version.

NK2Edit 3.00 adds the ability to control autocomplete list limit. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 6.21.0.104 reduces interface clutter. This is not a security update.
https://12pd.com/click?skype

DynDNS Updater 5.2.0 is a security update.
http://dyn.com/apps/updater/

BrowsingHistoryView 1.55 adds configuration import and export options. This is not a security update.
http://www.nirsoft.net/utils/browsing_history_view.html

IPNetInfo 1.56 improves sorting for IP. This is not a security update.
http://www.nirsoft.net/utils/ipnetinfo.html

Connectify Hotspot 9.2.1 improves the look and feel, performance, and stability. This is not a security update.
http://www.connectify.me/

Dropbox 2.10.41 is a cosmetic update. This is not a security update.
https://12pd.com/click?dropbox

ARChon 1.2 improves cross-platform reliability. This is not a security update.
https://github.com/vladikoff/chromeos-apk/blob/master/archon.md

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codec Package 7 Codecs Advanced 4.7.8 updates included codecs, improves hardware and subtitle support. To install the update, you must uninstall and reinstall the application.
http://shark007.net/win7codecs.html

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.5.4.5118 is a security update.
https://12pd.com/click?cdbxp

MPC HC 1.7.7 updates included libraries and corrects dozens of bugs. This should be treated as a security update.
https://12pd.com/click?mpchc

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 2.0.6 corrects a number of bugs. This is not a security update.
http://audacity.sourceforge.net/download/windows

Blender 2.72 adds several new features, improves performance and fixes dozens of bugs. This is a security update.
http://www.blender.org/download/

Lightworks NLE 12.0 adds dozens of new features, improved controls and rendering, and nearly a hundred bug fixes. This is not a security update.
http://www.lwks.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes’ Anti-Malware 2.0.3 fixes dozens of bugs including performance and stability. This should be treated as a security update.
https://12pd.com/click?mbam

KeePass 1.28 provides several bug fixes and a new quality indicator. This is not a security update.
http://keepass.sourceforge.net/

OpenSSL 1.0.2 is a security update.
https://www.openssl.org/

DNSQuerySniffer 1.28 adds secondary sorting support. This is not a security update.
http://www.nirsoft.net/utils/dns_query_sniffer.html

SmartSniff 2.11 adds always-on-top and secondary sorting support. This is not a security update.
http://www.nirsoft.net/utils/smsniff.html

Wireless Network Watcher 1.73 updates the MAC address database. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

Junkware Removal Tool 6.3.3 does not provide a changelog, so should be treated as a security update.
http://thisisudax.org/

RogueKiller 10.0.1 is a security update.
http://www.adlice.com/softwares/roguekiller/

SuperAntiSpyware 6.0.1158 is a security update.
http://www.superantispyware.com/download.html

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 2.76 improves Chrome support. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 7.9.10 improves reliability and corrects several bugs. This is not a security update.
https://12pd.com/click?rf

GoodSync 9.9.9.7 improves sync with several services, corrects several bugs. This is not a security update.
https://12pd.com/click?goodsync

BFGMiner 4.9.0 updates included libraries, provides dozens of bugfixes and improves stability. This should be treated as a security update.
https://github.com/luke-jr/bfgminer/

Bitcoin 0.9.3 fixes minor bugs and adds translations. This is not a security update.
http://bitcoin.org/en/download

UpdateChecker 1.040 fixes several minor bugs. This is not a security update.
http://www.filehippo.com/download_update_checker/

FileLocator Pro 7.5.2067 provides several bug fixes, adds msg file export for PST files, adds bulk copy, improved UTF-8 detection, ‘search within’, and summary information. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

SearchMyFiles 2.51 adds ‘size on disk’ column. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

USBDeview 2.37 adds the ability to decode device serial numbers. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

CCleaner 4.18.4844 provides several bug fixes, improves application support and 64-bit support. This is not a security update.
https://12pd.com/click?ccleaner

CPU-Z Installer 1.71 adds newer hardware support. This is not a security update.
http://www.cpuid.com/softwares/cpu-z.html

LicenseCrawler 1.43.732 improves Adobe support and network support, updates engine and provides several bug fixes. This is not a security update.
http://www.klinzmann.name/licensecrawler_download.htm

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 4.3.18-96516 fixes several bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Many VMware devices are subject to the Shellshock vulnerability disclosed late September. Check your specific hardware against the list below for updates:
http://www.vmware.com/security/advisories/VMSA-2014-0010.html

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 4.0.10.4, 4.1.14.5 and 4.2.9.1 are security fixes. phpMyAdmin 4.2.10 provides several additional bug fixes.
http://www.phpmyadmin.net/home_page/news.php

ColdFusion 11u2, 10u14, and 9.0.2u7 are security updates.

MailEnable 8.55 corrects several bugs and improves webmail. This is not a security update.
http://www.mailenable.com/

Coppermine Gallery 1.5.32 is a security update.
http://coppermine-gallery.net/

Joomla 3.3.6 is a security update.
http://www.joomla.org/

SMF 2.0.9 is a security update.
http://download.simplemachines.org/
That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

SSD Swap File Optimization With a Second Drive

Kingston SSDUnlike conventional drives, solid-state drives (SSD) have limited read/write capabilities. You experience significant performance gains using an SSD, but the long-term stability is dependent on the number of read/write actions. Windows uses a swap file to store objects from memory to improve performance when switching applications. Windows swaps between applications so frequently that the use of your SSD for the Windows swap file could significantly reduce its life. If you have a lot of RAM (at least 6gb under Win7 and 8gb under Win8) you can do without a swap file, but your best option is to use a second conventional drive for backups, irregularly accessed file and your swap file.

The steps below are for Windows 7 and assume you’ve already installed and configured the second (conventional) drive within your computer and it appears as a new drive. The specific drive letter is unimportant. The steps for Windows 8 are very similar.

  1. Right-click on My Computer and select Properties.swap-01
  2. Click ‘Advanced system settings’ in the left menu.swap-02
  3. Select the Advanced tab and then the Settings button under Performance.swap-03
  4. Click the Advanced tab then click the Change button.swap-04
  5. UNCHECK the ‘automatically manage’ option.
    1. Click the C: drive (or whichever drive is your SSD).
    2. Select the option ‘No paging file’.
    3. Click Set.

    swap-05

    1. Click your conventional drive.
    2. Click ‘System managed size’.
    3. Click Set.

    swap-06

  6. Click OK, then OK in the popup.swap-07
  7. Click OK in the Performance Option window.swap-08
  8. Click OK in the System Properties window.swap-09
  9. Click Restart Now in the restart dialog. Your applications will close and the computer will restart.swap-10
  10. When it reboots return to the Virtual Memory page (steps 1 through 4 above) to verify that the new settings have taken effect.

 

Alternative swap size

An alternative to the System Managed swap file size is to use a Custom Size. You still shouldn’t put the swap file on an SSD, but this will improve performance and reduce lag when swapping between certain high-memory applications. The general rule is to allocate the size based on the following rules:

Initial Size: 1.5x your total RAM

Maximum Size: 2x your total RAM

Thus, if you have 8gb RAM, then the values would be 12288mb and 16384mb respectively.

 

Updates 2013-04-17

Hi, Folks!

This week we’ve got updates for Java (again!), Firefox, Apple, VLC, MBAM and a few others. Not a lot to do, but it still needs done.

Java 7u21 is a security update – this build corrects *42* security vulnerabilities. Are you really still using Java? If you do still have Java installed, update it here:
https://12pd.com/click?java
And please consider disabling it within your browser until you ‘need’ it:
https://12pd.com/click?disablejava

Microsoft broke it. Well, technically, ‘certain third party software’ (Kaspersky Anti-Virus) is incompatible with a recent security update for Windows. If you’re using KAV you’ll want to remove this update in order to ensure that your machine operates consistently. Open Uninstall a Program or Add/Remove Programs in the Control Panel, find the ‘Installed Updates’ link and remove “Security Update for Microsoft Windows (KB2823324)”. If your computer won’t boot at all or isn’t stable enough to get into the Windows Intaller, there are more extensive steps at the link below.
http://support.microsoft.com/kb/2839011

Apple released updates to iPhoto, Java, printer drivers, Safari, Aperture, and iCloud Control Panel. This includes security updates. A reboot is required. Use the Apple Software Updater to get the most current versions.

Looking for an upgrade?

Quite a few people are looking for a replacement computer right now.

The primary considerations you need to keep in mind are the usable life of the computer, software compatibility and post-purchase costs. Windows 8, while fully supported by Microsoft, is not the same Operating System as Windows 7. If you’re forced to use it, especially in a business environment, there’s a pretty good chance you’ll go insane. Windows 8 is designed as an entertainment platform – games, media and ‘effects’. If you’re doing these – go with it. If not, stick with Windows 7. Windows 7 will be supported until at least 2020.

The other initial considerations are really overall performance. The faster you have (with as many CPUs as possible) will ultimately be the cap on your total performance. Typically upgrading the CPU is either impossible or cost prohibitive for retail desktops, so the more powerful CPU you get from go is best.

RAM, on the other hand, can be upgraded pretty inexpensively for newer computers. A machine sold with 8GB can often be upgraded later to 32 or even 64GB. Finally, the last factor is video card. Most games and powerful applications today rely heavily on the video-card (NOT the CPU) to perform most operations.

Video cards can be upgraded later, but doing so usually requires a more powerful power supply so the price can fluctuate from ‘expensive’ to ‘very expensive’ depending on the computer’s initial capabilities.

As always, the more powerful and complete the system is during purchase, the more likely it’s going to either not require upgrades later on or only require inexpensive upgrades. Any computer from the list below should last 5+ years. Choose Windows 7 for business or ‘task’ use or if you are not a gamer. If you’re a gamer, you’ll want Windows 8 and a powerful video card.

Gateway DX4380-UR308 Desktop
https://12pd.com/amazon?B009B8EAWQ
$500 – Quad-Core 3.2ghz with 8GB RAM and Windows 8.

AAC-X4S Gaming Computer
https://12pd.com/amazon?B005J0SZOO
$600 – Quad-Core 3.6GHz with 8GB RAM and Windows 7.

Gateway DX4860-UR14P Desktop
https://12pd.com/amazon?B007W11590
$660 – Quad-Core 3.1GHz with 6GB RAM, Windows 7 and built-in wifi.

ASUS Essentio CM6870-US-2AA Desktop
https://12pd.com/amazon?B007XA7A3K
$800 – Quad-Core 3.1GHz with 12GB RAM, Windows 7 and built-in wifi.

CPU Solutions AM3+ FX-4100
https://12pd.com/amazon?B009H8RES2
$730 – Quad-Core 3.6GHz with 16GB RAM, Windows 8 and an nVidia GTX650 w/2GB. By far the best all-around computer for the price.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me anytime, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

WD SmartWare Software 2.0.0 adds Scheduled Backups, simplified updates and a pro version with additional features, including Dropbox and third-party hardware support. This is not a security update.
https://12pd.com/click?wdsmartware

Browser Updates

One or more of these are likely to be of interest to everyone.

Firefox 20.0.1 is a security update. Use Help, About to get the most current version.

SeaMonkey 2.17.1 is a security update. Use Help, About to get the most current version.

HTTrack 3.47.2 corrects several bugs, including stability and reliability. This should be treated as a security update.
https://12pd.com/click?httrack

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 2.46 corrects a flickering while scrolling bug. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

DownTester 1.29 adds autosizing column support, and fixes the flickering bug. This is not a security update.
http://www.nirsoft.net/utils/download_speed_tester.html

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codec Package 4.1.0 updates included codecs. To install the update, you must uninstall and reinstall the application. This is not a security update.
http://shark007.net/win7codecs.html

Win8 Codec Package 1.5.4 updates included codecs. To install the update, you must uninstall and reinstall the application. This is not a security update.
http://shark007.net/win8codecs.html

Win x64 Codec Support 4.0.9 updates included codecs. This update applies only to 64-bit computers, and requires either the Win7 Codec Package or the Windows Vista Codec package. This is not a security update.
http://shark007.net/x64components.html

Media Updates

These are unlikely to be of interest to most people.

VLC Media Player 2.0.6 adds Matroska v4 support, fixes issues with more than a dozen formats, improves interface on various platforms, improved performance on newer hardware. This is not a security update.
http://www.videolan.org/vlc/

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes’ Anti-Malware 1.75 adds compressed file support. This should be treated as a security update.
https://12pd.com/click?mbam

RouterPassView 1.47 adds support for DD-WRT. This is not a security update.
http://www.nirsoft.net/utils/router_password_recovery.html

Stinger 11.0.0.244 improves detection for current exploit kits. This is a security update.
http://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 4.2.12-84980 corrects a couple dozen bugs primarily with respect to Multi-screen support, Linux guests and pause reliability. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 6.3.1 corrects several reliability issues. This should be treated as a security update.
http://dadamailproject.com/download/

bbPress 2.3 adds search, improved Group Forums integration, theming, and adds more forum migration options. This is not a security update.

Email Log 1.0 adds support for Pro addons. This is not a security update.

YOURLS 1.6 is the first release after migrating to GitHub. This version adds a Translation API, custom API actions, support for URLs with common protocols, updated third-party libraries and improved sanitization and escaping. This should be treated as a security update.
http://yourls.org/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/