Updates 2024-12-10

Merry Christmas, Folks!

Today is Patch Tuesday for December, 2024.

I recommend waiting one more month before upgrading to Windows 11 24H2 or macOS 15/Sequoia.

Windows 10 will be end-of-life in only 10 months. If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Windows 10 now has only 10 months of support left and by April it will be challenging to find a good and inexpensive replacement computer that will be supported for Windows 11. Christmas sales are on now. There’s not going to be any better time in the next year.

There were 730+ major hacks, and over 270 application updates this month. It’s a small month with about 2.0 GB of updates for most users.

This Month in Technology

.NET, 1547 Critical Systems Realty, 2014-2021 Mazda infotainment system, 3M, 4QuartersIT, 7-Zip, A & L Auto Recyclers, A&O IT Group, A-1 Mobile Lock & Key, ABC Group, Aberdeen, Acadia Pharmaceuticals Inc, ACao.org, Ace Laboratories Limited, Adams Homes, Adobe InDesign, ADT Freight Services Australia Pty Lt, Advanced Chemical Industries, Advantech’s EKI-6333AC series wireless access points, AdventHealth, AEAT, Aeris Energy, AHN, Ahold Delhaize, Airbnb, Albazaar, Albertsons, Alder Hey Children’s Hospital, All Construction Group WV, Allegheny Contract, Allegheny Millwork & Lumber, Alliance Industries, LLC, Alliance Sports Group, ALLTUB Group, Alna-Bioscience, Alpine Ear Nose & Throat, Amazon, American Addiction Centers, Inc, American Associated Pharmacies, AMGtime, Amherstburg Family Health, Anderson Miller LTD, Andrew Tate’s The Real World, Anex Baby, Anna Jacques Hospital, AnnieMac Home Mortgage, Apache ActiveMQ, Apache Tomcat, Aperion Care Marseilles, LLC, Apple iOS, Apple iPadOS, Apple macOS, Apple Pay, Apple Safari, Apple visionOS, Applied Materials, Arc Community Services Inc, Ardon Health, LLC, Array Networks SSL VPN, Arrowe Park Hospital, Artistic Family Dental, Artivion, Asaro Dental Aesthetics, Ascend Packaging Systems, ASM Global, Aspen Healthcare Services, AT&T, ATD-American, Athens County Bd of Dev Disabilities, Atlantic Orthopaedic Specialists, Atrium Health, Auchan, Automation Tool & Die, Avast Anti-Rootkit, Avico Spice, Axpr Valve Science, BackChecked, LLC, Barneek Safety Consultancies, BBS Financial Services, LLC, BBVA Bank, Beach Guide, Bedminster School, Bells Tax Service, Bendheim, Berexco LLC, Bergeron LLC, Berkshire Nursing & Rehab Center, LLC, BIC, Billaud Segeba, Bio-Clima Service Srl, Birdair, Bishop Ireton High School, BJ’s Wholesale Club, Black Creek Community Health Centre, Blue Yonder, BluMed Health, BMW Chile, Bob’s Discount Furniture, Boksha, Bologna Football Club 1909, Bolton Walk-In Clinic, Bonpoint, Borah, Goldstein, Altschuler, Nahins & Goidel, PC, Boston Chinatown Neighborhood Center, Brazilian databases, Bridge Valley Community & Technical College, Bristol-Myers Squibb, British Army, Brodsky Renehan Pearlstein & Bouquet, Brueck Golosow Kim & Associates, BT Group, Buddy Loan, Bulbrite Industries, Burkburnett Independent School District, Burmeister & Wain Scandinavian Contractor, Business Systems House FZ-LLC, Buyoplace, Cabot Financial, Calgary’s Fueling Brains Academy, Calibrated Healthcare, LLC, CalSTRS, Campinas City Government, Canada Post, Cardinal Health, Cardiology Associates of Mobile, Cargill, Carnegie Hill Imaging for Women, Carnegie Women’s Health, CarSwitch.com, Cate Equipment, CC Senior Services, CelPlan Technologies, Central Bank of Uganda, Central Group, Centrex, Chanas Assurances SA, Charles Schwab, ChatGPT, Chema Per, Chemonics, Cherry Hill School District, CHS Plumbing, Cian.ru, Cipla, Cisco, Citadel of Northbrook, Citrix’s Session Recording Manager, City National Bank, City of Coppell, CK Power Public Manufacturing, Claro, Clipper DEX, Closelly, Club Fit Software, CMC Construction Material, CNHW Landscape Design, Ltd, CO-VER Power Technology SpA, Colombian Government, Colonial Behavioral Health, Colwell Colour, Complete Control, Complete Recycling Services, Compra LTD Aruba, Concord Orthopaedics, Conlin’s Pharmacy, Connecticut GI, Consumers Builders Supply, Contrack Facilities Management, Coppell, TX, Corman Leigh, Costa Rica’s RECOPE, Cottles Asphalt Maintenance Inc, CP Construplan, CPanel, Crate & Barrel, Cundinamarca Colombia, CURVC Corp, Dairy Farmers of Canada, Darlington EMS, Dassault Systèmes eDrawings Viewer, Data Campos Sistemas, Datamaxx Applied Technologies, Datron World Communications, David’s Bridal, Dell India, Delmar International, Deloitte UK, Delta Air Lines, Delta Dental, DeltaPrime, DemandScience, Dennis Kirk, Destatis, Deutsche Industrie VideoSystem, Dewan Farooque Motors Limited, DFA NY, Diamond Brand Gear, DieTech North America, Dillons, DIRSAPOL, Django, DMF Lighting, DMM Bitcoin, DocuSign, Dohman, Akerlund & Eddy, Dolton Nursing & Rehab, LLC, Dome Construction Corporation, Dominican Republic, Don’s Mobile Glass, Dorner Law & Title Services, Down East Granite, Dragon Capital, Drupal, Dumont Printing, Eagle Bank, Eassy Life, East Central Missouri Behavioral Health Services, Inc, East Paris Internal Medicine Associates, Eastgate Auto, EazyDiner, ECBM, Ecobank Ghana, Edizionidottrinari.it, Edwardsburg Schools Foundation, El Dorado Stores and Supermarkets, El Dorado Union High School District, Electrica, Empower Settlement Services, Empowerers, Emserpa, ENGlobal, Enso Counseling Group, PLLC, EP:Schuller, Epic Games Launcher, Equentis Wealth, Equinox Inc, ESHA, Inc, Evening Post Publishing Inc, Everything Breaks, Express Employment Professionals, Familylinks Inc, Fancy Foods, Farmers Insurance, Feronow, FF Steel, Fidelity Investments, Financial Business and Consumer Solutions, Finastra, Find Great People1, Finsure, Firmenich, Fleet Equipment Center, FlipaClip, Followup CRM, Ford, Fortinet VPN servers, Fortinet’s FortiClient Windows VPN, Fred Meyer, Fuji Electric Monitouch V-SFT, Fujian Provincial Government, Fuju Electric Tellus Lite V-Simulator, FunkLocker, Fylde Coast Academy Trust, G Adventures Inc, G DATA Total Security, Gallos MetalSolutions Inc, Gastroenterology Associates of Fairfield, Gazprombank, GC Custom Metal Fabrication, GeoVision devices, Giggle Finance, Globe Telecom, GMG, GoCast, GoCloud Router, Godot game engine, Goethe University Frankfurt, GoFormz, Goldsmith & Hull, Goodwill North Central Texas, Google Pay, Gough Construction, Grand Forks Public Schools, Grandview School District, Great Plains Regional Medical Center, Great Star Tools USA, Gregory Poole, Gruber Tool & Die, Guard1, Gulf Energy Maritime, Gulf Petrochemical Services & Trading, H2OBX Waterpark, Hackus Mail Checker, Hadwins Volkswagen, Hager Group, Harel Insurance, HDFC Life Insurance, HealthFund Solutions, Henderson Stamping & Production, Highland Park ISD, Hillandale Farms, Hive Power Engineering, HM Environmental Services, Hoboken, NJ, Hogan Mfg, Holstrom, Block & Parke APLC, Horsa, Hosting.co.uk, Hotels.co.il, Houston Housing Authority, HP, HPE Insight, HSBC, Hugging Face Transformers, Hypertype, I-O Data routers, IAС, IFA Paris, IGT, iLearningEngines, Immobilière Essaouira, Indian Government Volunteer Database, IndicaOnline, Instinct Pet Food, Intel Computing Improvement Program, Intel Driver & Support Assistant, InterCon Construction, IPE Engwicht, IrfanView, Irr Supply Centers, Island Photo, Israel’s Ministry of National Security, IT Networks, ITO EN, Ivanhoe Club, Ivanti Avalanche, Ivanti Endpoint Manager, Ivanti Secure Access Client Pulse Secure, IVC Technologies, James H Maloy, Jefferson Dental Center, Inc, Jergens Piping, Jewel-Osco, JF Zengyoren, Jones & Mayer, Jones Lang LaSalle, JTEKT North America, Jupyter servers, K-State College of Veterinary Medicine, Karl Malone Toyota, Kash Patel’s Emails, Kashin App, KCI Aviation, Keable & Brown, Keesal, Young & Logan, Keizer’s Collision CSN & Automotive, Kela Health, Kellerhals Ferguson Kroblin PLLC, Kelowna Springs, Kenmore, Kennedy Funding, Kenwood DMX958XR, Kingswood Park, Kmart Australia, Kroger, KTBS Law LLP, Kulicke and Soffa Industries, LA Financial Federal Credit Union, LA LUCKY Brand, Laboratory Services Cooperative, Ladies.com, Lazz Hotel, LBCO Contracting LTD, LCPtracker, Inc, Lebak Regency, Leidos, LenelS2, Lenovo, LePoint.fr, LevelOne WBR-6012, Levicoff Law Firm, PC, Liberty Endo, Liberty First Credit Union, Lima Puluh Kota Regency, LINDOSTAR, LinkedIn, Linux nftables, LiquiTech, Live Aquaria, Liverpool Heart and Chest Hospital, LIXIL, LLama Factory, Lottie-Player, Lotus Concepts Management, LTI Trucking Services, Lubbock County Hospital District, Lucid Corp, Luka Rijeka, Luxion KeyShot, macOS, Madison Home, Magguilli Law Firm, Mantinga, Marine Stores Guide, Marketing Incentives, Massachusetts Department of Developmental Services, Maternal Fetal Medicine Associates, Matlock Security Services, MATRIX, Max Trans, Maxar Space Systems, Maxeon, Maxus Group, MC Technologies MC LR Router, McDonald’s, McKibbin, McLean Mortgage, McLeod Russel India, MDLand International, MediBoard, Medical Board of California, Medical Technology Industries, Inc, Members Trust Company, MetLife, Metroline, Mexican Government, Microlise, Microsoft 365 Admin Portal, Microsoft Office PowerPoint, Microsoft Power Pages, Microsoft SharePoint Server, Microsoft Windows, Mid-Ohio Psychological Services, Midland Tool, Miller & Smith, Minneapolis Parks, Minuteman Press, Misionero Vegetables, Mitel MiCollab, Mizuno USA, Mobigator Technology Group, Monster Electrical, Moodle, Morehead State University, Morrisons, Mullen Wylie, LLC, Nanosoft, NatAlliance Securities, Nationwide Legal, NCISM NEET, New Age Micro, Newpark Resources, Nicholsons Solicitors, Nokia, Norauto.fr, Northeast Spine and Sports Medicine, Northern Schools and Academy, NTrust, Numocity, NVIDIA UFM, Ocean Beauty Seafoods, Ocean Park Mechanical, OfficeZilla, Oklahoma Medical Center, Omnicom Group, OnePoint Patient Care, OpenWrt, Optical Cable Corporation, Option Care Health, Oracle Agile Product Lifecycle Management, Orange County Pathology Medical Group, Orshan, Spann & Fernandez-Mesa, Orthopedics Rhode Island, Otsego Public Schools, over 2,000 Palo Alto Networks firewalls, Overseas Shipholding Group, Inc, Oxford Auto Insurance, Pacific Pulmonary Medical Group, Pallet Logistics of America, Palm Facility Services, Pan Gulf Holding, Panda Security Dome, Panzer Solutions LLC, Pastor Real Estate, Patrick Sanders and Company, PC, Pavilion of Bridgeview, PC AfterHours, Pemberton Fabricators, Inc, Pensacola, Perfection Plus Services Inc, Performance Health & Fitness, Peruvian Army Military School, Philippines GCash, Physicians’ Primary Care of Southwest Florida, PIH Health, Pincu Barkan, Law Office and Notary, Pine Belt Cars, Pinnacle Claims Management, Pinnacle Plastic Products, Pioneer Urban Land & Infrastructure, PK Mulyo, Planned Parenthood of Montana, PoinCampus, PointClickCare, Polter Finance, Popular Life Insurance, Port of Rijeka, PostgreSQL, Precision Walls, Premier Packaging, Premier Tax Services, Privat Spitex, Programs Improving Public Safety, Progress Kemp LoadMaster, ProjectSend, QNAP, Quality Billing Service, Radiologic Medical Services, PC, Ralphs, RBN Insurance Services, Rclone, RDC, RDS Electric, Refinadora Costarricense de Petróleo, RemoteStaff.com.au, Rengo Packaging, REV Engineering, Rex Signature Services, LLC, RiverRestHome, RJM Marketing, Roblox, Rockford Gastroenterology Associates, Rocky Mountain Gastroenterology, Romanian Permanent Electoral Authority, Royal Liverpool University Hospital, Royce Corporation, RRCA Accounts Management, RSA Security SecureID, Rush University, S-Zdorovie, Safaricom, Safeway, SAG-AFTRA Health Plan, SailPoint IdentityIQ, Sainsbury’s, Saint Andrews Bureau, SalonBiz, San Francisco Ballet, Sanford Behavioral Health, Sango Family Dentistry, 240,000 satellite receivers, Schneider Electric, Schuck-Gruppe, SCM GROUP, Sea Level Inc, SEAT SA, SelectBlinds, Senior Dating, Sercomm, Shaw’s, Sheboygan, WI, Ship Services, Siemens Tecnomatix Plant Simulation, Signal Health Washington, Signzy, SILKNET COMPANY, Silver Springs, Silverback Exploration, SK Gas, SKS Bottle & Packaging, SL Data Services, SmartDimensions, Smith’s, Snelling Paper & Sanitation, Solana JavaScript SDK, South Africa’s CSIR, South West Family Medicine Associates, Southern Oregon Veterinary Specialty Center, Specialty Bolt And Screw, Spotify, Spring EQ LLC, Sri Lanka Meteorological Department, SRP Federal Credit Union, SSGMCE, SSV Blockchain Network, Stalcop Metal Forming LLC, Standard Bank, Standard Calibrations, Star Shuttle Inc, Starbucks, Start-Rite, State of Arizona, Stauberstahl, STIIIZY, Surgical Associates, Symantric IT, Sécurité Nationale Systems, T&M Equipment, T-Mobile, Tacoma Engineers, Tamil Nadu GovMail, Tampa State Bank, Targus, TBM Consulting Group, TEAM Software, Tech Electronics, TechGuard, Tennis Canada, Terra Energy, Terrace of Hialeah, Texanscan, Texas Tech, Thala, Thames Water, The 1 Co, The Arbors Operator, LLC, The Mitchell Partnership, The PHOENIX, The Recycler Core, The Tech Interactive, Think Simple, Thunderbird Country Club, TIAA, Tillamook Country Smoker, Tinxy App, Toshiba Global Commerce Solutions, Total Patient Care LLC, Totally Promotional, TourPay App, Town of Whitestown NY Highway Department, Trace3, TravelSale, Travis Pruitt & Associates, Trell.co, Tribelsky, TriHealth Physician Partners, Trimble SketchUp, Trinity Petroleum Management, LLC, Tripura Gramin Bank, True World Holdings LLC, TrueNAS, Trust Seeds, Tully’s Coffee Japan, Turf Paradise, TWRU CPAs & Financial Advisors, U.S. Bank, U.S. Department of Veterans Affairs, U.S. Library of Congress, UATF, UBS, Ubuntu Linux, UCC Retrievals, UK England and Wales prisons, Ultralytics YOLO11, UMC Health System, Unilever Brazil, United Bakery Equipment, United Seating and Mobility, UniversalPegasus International, Universidad Peruana de Ciencias Aplicadas, URBN, URL-Log-Pass, Uruguay’s Partido Nacional, USA Network, USA2ME, USAID, Valley Planing Mill, Value Dental Center, VBÜ, Veeam Backup Enterprise Manager, Ventana Micro Systems, Verizon, Vermilion Parish School System, Veterans Health Administration, VIA Health Partners, Village Pharmacy Group, ViralPitch, Visiting Physician Services of Michigan, Vista Point Mortgage, LLC, VMware vCenter Server, Vogue Homes, Volgograd State Medical University, Vox Printing, VozoHealth, VPS of MI PLLC, VRSEC, VTB Bank, vTech Solution, Walae Cristal, Walsworth Publishing Company, Washington State Court systems, Waters Truck and Tractor, Watsonville Community Hospital, Weld Racing, Wellfleet Group, LLC, West Bank Corp, Western Montana Mental Health Center, Westinghouse, WhatsUp Gold, Wheeler Associates, White Lake Township Hall, Wiley Metal Fabricating, WIN Empresas, Windows Server 2012, Wirral University Teaching Hospital, WolfBox E40, Word Check Sanctions, 500,000 WordPress sites,WordPress CleanTalk plugin, WordPress Really Simple Security/SSL plugin, WordPress WPLMS Learning Management System theme, WPM Pathology Laboratory, Wright Engineers, WTI, X-Cart Automotive, XnView, Xobin, Yakuza Helpline, Yazoo Valley Electric Power Association, York County, Yorozu Corporation, Zabbix, Zane Benefits, Zello, zero5, Zillertal Bier, Zimmerei Buder, Zimmerman & Frachtman PA Law Firm, and Zyloware have reported hacking or compromises this month.

itch.io (blame AI), PopeyeTools, Blue Yonder, Cloudflare, and Microsoft 365 have suffered from outages this month.

Last months updates broke Microsoft Exchange, TLS/SSL, Google Chrome, Windows Store apps, and Excel Add-ins, and force-installed Copilot.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is pretty small this month. The typical computer should see roughly 2.0 GB in updates today. Let’s get started.

Microsoft released 33 updates to address 73 vulnerabilities in GitHub, Microsoft Defender for Endpoint, Microsoft Edge, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office Publisher, Microsoft Office SharePoint, Microsoft Office Word, Remote Desktop Client, DNS Server, Windows Hyper-V, System Center Operations Manager, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows File Explorer, Windows IP Routing Management Snapin, Windows Kernel, Windows Kernel-Mode Drivers, Windows LDAP – Lightweight Directory Access Protocol, Windows Local Security Authority Subsystem Service (LSASS), Windows Message Queuing, Windows Mobile Broadband, Windows PrintWorkflowUserSvc, Windows Remote Desktop, Windows Remote Desktop Services, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Task Scheduler, Windows Virtualization-Based Security (VBS) Enclave, Windows Wireless Wide Area Network Service, WmsRepair Service, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iOS 17.7.2, iOS 18.1.1, iPadOS 17.7.2, iPadOS 18.1.1, macOS Sequoia 15.1.1, Safari 18.1.1, and visionOS 2.1.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.7.2 and 18.1.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7.2 and iPadOS 18.1.1 are security updates. Use Settings, General, Software Update to install the most current update.

visionOS 2.1.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS LTS 126.0.6478.258 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.12.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Intel Driver and Support Assistant 24.6.49.8 is a security update.
https://www.intel.com/p/en_US/support/detect

Samsung DeX 2.4.1.27 doesn’t provide a change log so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

TP-Link Archer A8 v2.26 230824 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/archer-a8/v2.26/#Firmware

Wacom Driver 6.4.8-2 is a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.73.97 is a security update.
https://brave.com/

Firefox 133.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.5.1 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 131.0.6778.108 is a security update.
https://www.google.com/chrome/

Vivaldi 7.0.3495.23 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.18.2.93439 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.18.2.93438 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.5.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.0.1 improves stability and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 211.4.6008 resolves several bugs. This is not a security update.
https://www.dropbox.com/

FileZilla Server 1.9.4 resolves a configuration bug and improves compatibility. This is not a security update.
https://filezilla-project.org/

FreeFileSync 13.9 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 100.0 improves performance on macOS and resolves several bugs. This is not a security update.
https://drive.google.com/start

MeshCentral 1.1.35 improves compatibility and resolves dozens of bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.30955 improves export and data recall. This is not a security update.
https://teams.microsoft.com/downloads

Mumble 1.5.735 resolves over a dozen bugs. This is not a security update.
https://www.mumble.info/

Pocketnet-Core 0.22.8 is a security update.
https://pocketnet.app/

Pocketnet-GUI 0.9.103 resolves several bugs. This is not a security update.
https://pocketnet.app/

PuTTY 0.82 resolves several bugs. This is not a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Rclone 1.68.2 is a security update.
https://rclone.org/

Signal 7.35.1 improves hardware compatibility and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.26.1 adds folders to improve organization. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.28.1 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 13.2.2 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 5.9.0 resolves several bugs including stability and display issues, and adds an affiliate program for bots.
https://telegram.org/

Telegram (Android) 11.4.2 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

WinSCP 6.3.6 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 6.2.11.50939 resolves several bugs. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.12 resolves a couple bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.7 resolves a crash bug. This is not a security update.
https://www.bitwig.com/download/

Grayjay 269 adds landscape support, network sync, and resolves dozens of bugs. Thsi is not a security update.
https://grayjay.app/index.html

KaraFun Player 3.3.6.72 improves upgrade and import behaviors, support for CDG and community media, and resolves several bugs. This is not a security update.
https://www.karafun.com/karaoke-windows/

Plex Desktop 1.105.1.257 does not provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.68.2.259 does not provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.2.9200 resolves several bugs. This is not a security update, but the next build is.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.50.10 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21.4 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PS5 2024.111 improves upgrade and migration. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.12.04 resolves dozens of bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Aronium 1.44.0.1 resolves several bugs and improves internationalization. This is not a security update.
https://aronium.com/

Adobe Acrobat 24.005.20320, 24.001.30225 and 20.005.30748 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-92.html

Adobe Acrobat Reader 24.005.20320 and 20.005.30748 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-92.html

Adobe After Effects 24.6.3 and 25.1 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb24-95.html

Adobe Animate 23.0.9 and 24.0.6 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-96.html

Adobe Bridge 14.1.4 and 15.0.1 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-103.html

Adobe Connect 11.4.9 and 12.7 are security updates.
https://helpx.adobe.com/security/products/connect/apsb24-99.html

Adobe Experience Manager 6.5.22 and 2024.11 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html

Adobe FrameMaker 2020.7 and 2022.5 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-106.html

Adobe Illustrator 28.7.3 and 29.1 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-94.html

Adobe InDesign 19.5.1 and 20.0 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-97.html

Adobe Media Encoder 24.6.4 and 25.1 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb24-93.html

Adobe PDFL SDK 21.0.0.7 is a security update.
https://helpx.adobe.com/security/products/pdfl-sdk1/apsb24-98.html

Adobe Photoshop 26.1 is a security update.
https://helpx.adobe.com/security/products/photoshop/apsb24-101.html

Adobe Premiere Pro 24.6.3 and 25.0 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb24-104.html

Adobe Substance 3D Modeler 1.15.0 is a security update.
https://helpx.adobe.com/security/products/substance3d-modeler/apsb24-102.html

Adobe Substance 3D Painter 10.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-105.html

Adobe Substance 3D Sampler 4.5.2 is a security update.
https://helpx.adobe.com/security/products/substance3d-sampler/apsb24-100.html

Blender 4.3 resolves hundreds of bugs and improves hardware performance and compatibility. This is not a security update.
https://www.blender.org/download/

Calibre 7.22.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

InDesign 19.5.1 and 20.0.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-91.html

Kindle for PC 2.6.70964 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 24.8.3 resolves over 80 bugs. This is not a security update.
https://www.libreoffice.org/

Manager 24.12.9.1973 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.15.0 resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.7.4 adds tab pinning and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.1.1 resolves dozens of bugs and updates libraries. This a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.4.4.392 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 R18_32.1 adds filtering by prepayments in customer report. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 R14_60 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

ChromeOS 130.0.6723.126 is a security update.
https://chromereleases.googleblog.com/search/label/Stable%20updates+ChromeOS

elementary OS 8.0 is a major update adding session management containers, improved permission controls, Flatpack support out of the box, and expanded hardware support. This is not a security update.
https://elementary.io/

iOS 18.1.1 is a security update.
https://support.apple.com/kb/HT204204

iPadOS 18.1.1 is a security update.
https://support.apple.com/kb/HT204204

macOS 15.1.1 is a security update.
https://support.apple.com/kb/HT201541

Tails 6.10 is a security update.
https://tails.net/install/download/index.en.html

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Runtime 9.0.0 is a major update. This is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

FSS 2024.11.26 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

Gpg4win 4.4.0 resolves dozens of bugs. This should be treated as a security update.
https://www.gpg4win.org/download.html

MalwareBytes Anti-Malware 5.2.3.156 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 3.4.3 updates libraries and resolves several bugs. This should be treated as a security update.
https://github.com/ProtonVPN/win-app/releases/latest

SanDisk PrivateAccess 6.4.12.0 doesn’t provide a change log so should be treated as a security update.
https://support-en.wd.com/app/answers/detailweb/a_id/48025

Stinger 13.0.0.234 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1270 adds support for several new browsers and resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.61.2 resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 31.0.0 is a major update. This version adds several integrations, updates libraries and resolves over a dozen bugs. This is not a security update.
https://obsproject.com/

SnagIt 24.3.0 adds rounded corners, improves PDF export support, and resolves a couple bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.9.0 improves hardware support and new encoding capabilities. This is not a security update.
https://handbrake.fr/

IsoBuster 5.5 adds support for new formats, new extension behavior, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

StreamFab 6.2.0.8 adds support for several new sources and resolves compatibility issues with a dozen others. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.8 improves stabilization, upscaling and performance. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.11 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.54 resolves a dozen bugs. This is not a security update.
https://1password.com/downloads/windows/

7-Zip 24.09 increases default dictionary sizes and resolves several bugs. This is not a security update.
https://www.7-zip.org/

Agent Ransack 2022.3499 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

BatteryInfoView 1.26 adds option to sort log on each update and a 64-bit version. This is not a security update.
https://www.nirsoft.net/utils/battery_information_view.html

Beyond Compare 5.0.4.30422 resolves several bugs and improves skew and other controls. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2024.11.2 doesn’t provide a detailed change log for this versions so should be treated as a security update.
https://bitwarden.com/

CCleaner 6.30.11385 improves cleaning of cloud services and some browsers and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

DesktopOK 11.47 is a cosmetic change. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.113.0 updates libraries and resolves several bugs. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-11-11 adds support for OAuth 2.0 Device Authorization Grant and improves compatibility. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Fido 1.64 adds support for UEFI Shell 24H2 and a PlatformArch switch. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3499 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FoneTool 2.9.3 resolves a couple bugs. This is not a security update.
https://www.fonetool.com/download.html

GoodSync 12.7.9 improves OAuth2 support and resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.7 resolves a couple bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

GSmartControl 2.0.1 resolves a crash bug. This is not a security update.
https://gsmartcontrol.shaduri.dev/

Homedale 2.14 changes cosmetics. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 4.14 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

HWiNFO 8.16 improves hardware detection and support for newer hardware. This is not a security update.
https://www.hwinfo.com/download/

Memtest86+ 7.20 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.memtest.org/

NTLite 2024.12.10210 resolves a couple bugs. This is not a security update.
https://www.ntlite.com/download/

PropertySystemView 1.21 adds an always on top option. This is not a security update.
https://www.nirsoft.net/utils/windows_property_system_view.html

PSAppDeploy 4.0.3 resolves dozens of bugs. This is not a security update.
https://psappdeploytoolkit.com/

SearchMyFiles 3.31 resolves a crash bug. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TeamViewer 15.60.3 improves display, device and user filtering, and resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WinGet 1.9.25200 adds Sixel support, self-elevation, and resolves a compatibility bug. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 9.13 adds alternate page rotation support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.23 resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

XnConvert 1.102.0 adds filelist support. This is a security update.
https://www.xnview.com/en/xnconvert/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.2.1.12 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.4.219 improves layer support, project templates, and resolves over a dozen bugs. This is not a security update.
https://gdevelop.io/download

Go 1.23.4 resolves several bugs. This is not a security update.
https://go.dev/

Microsoft Visual C++ 2022 Redistributable 14.42.34433.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Node.js 18.20.5 updates libraries and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.18.1 updates libraries and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 22.12.0 updates root certificates and libraries, and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 23.4.0 updates root certificates and libraries, and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.1 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.47.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseSVN 1.14.9 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.19 is a security update.
https://invisioncommunity.com/

Joomla 5.2.2 is a security update.
https://www.joomla.org/

Piwigo 15.1.0 is a security update.
https://piwigo.org/

WP Update Server 2.0.2 adds a self-identifying version number. This is not a security update.
https://github.com/YahnisElsts/wp-update-server

WordPress 6.7.1 adds a new primary theme, the ability to add blocks and custom fields, improved style controls, and resolves over a dozen bugs. This is not a security update.
https://wordpress.org/

Antispam Bee 2.11.7 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

BuddyPress 14.3.3 resolves several bugs. Thsi is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 6.0.1 is a major update, adding several new features and bug fixes. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.11.2 adds database collation to table creation. This should be treated as a security update.
https://wordpress.org/plugins/duplicator/

Redirection 5.5.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Widgets on Pages 1.9.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/widgets-on-pages/

WPBakery 8.0.1 is a major update. This version improves compatibility, adds a dozen features and controls, and resolves several bugs. This is not a security update.
https://wpbakery.com/

WP Cerber Security 9.6.4 adds 2FA improvements, detailed cookie information, and regex exceptions. This is not a security update.
https://wpcerber.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-09-10

Welcome back, Folks!

Today is Patch Tuesday for September, 2024.

We’re one month closer to the next build of Windows 11 and the next release of macOS, both due in mere weeks. A new major version of Office (aka Microsoft 365) is due at the same time, as well.

When the new build of Windows 11 is released all versions of Windows 11 prior to 23H2 will no longer be supported. Upgrade to 23H2 now if you have not done so yet, then do not upgrade to 24H2 when it is released. Let everyone else be the guinea pigs.

When the new build of macOS is released all versions of macOS prior to 13/Ventura will no longer be supported. If you can’t upgrade your Mac to Ventura you need to switch it to Linux or replace it.

Windows 10 now has only 13 months of support left. If your computer can not be upgraded to Windows 11 either start planning for a switch to Linux or replacing your computer.

There were 310+ major hacks, and over 200 application updates this month.
It’s a relatively small month, with only about 2.0 GB of updates for most users.

This Month in Technology

ABC Parts International, Acadian Ambulance, Adina Design, Advanced Medical Management, LLC, Aioi Nissay Dowa Insurance, Air International Thermal Systems, Akeela, Alabama Cardiology Group, Alcampo, Allergy Medical Group of the North Area, Inc, Ambulnz Holdings, AMD, American Clinical Solutions, an “industrial company” in Somerset County, NJ, an Israeli IT company, Android, Angus Council, Apache OFBiz (Open For Business), Apache Tomcat, Applause, Arden Claims Service, Argentine Air Force, Armour Coatings, Around the Clock Companies, Artifact Uprising LLC, Asus RT-N15U, Australian Cancer Research Foundation, Autel Maxicharger, AutoCanada, Avis, AVTECH CCTV cameras, 15,000 AWS Load Balancers, Azure Health Bot, Baird Mandalas Brockstedt LLC, Baker Places, Inc, Banham Poultry, Bank Rakyat, Baptist Health Medical Center Drew County, Bar2, Barrie, Behavioral Health Alliance of Rural Pennsylvania, Beng Kuang Marine, Benson Kearley IFG, Biggin Hill’s Charles Darwin School, bitcoin hardware wallets (Dark Skippy), Blain Jacobson DMD, CAGS, Blooms Today, Boutiqaat, BPOTech, Bromley GP, BVI Electricity Corporation, Caja Los Andes, CannonDesign, Canvey Island Infant School, Carehands, Carespring Healthcare, Catholic Charities CYO of The Archdiocese of San Francisco, CBIZ Benefits & Insurance Services, Cellular Plus, Centers for Medicare & Medicaid Services, Chevrolet, Chris Leong, CinemaTech, Cisco Identity Services Engine, Cisco Smart Licensing Utility, City of Columbus, OH, City of Flint, MI, City of St. Helena, CA, Clabots, Communication Federal Credit Union, Compex Legal Services Inc, Confidant Health, Connex health portal, Consilium Staffing, Consulting Radiologists LTD, Covenant Care California, LLC, Crain Group, Dahua cameras, Data Bilgi Islem, Davidoff Hutcher & Citron LLP, DBA ATC Home Care, Deutsche Flugsicherung (DFS), Dibcase, Dick’s Sporting Goods, DimeCuba, Dingding Talk, Disney Cruise lines, Disneyland, Domino’s Pizza Singapore, Durex India, Ecovacs, EnglishCentral, Enroll Confidently, Inc, Eric Rossi CPA LLC, Erie Meats, EV infrastructure, Exotel, Explore Talent, External Secrets Operator, Facial Pain Center, Farmers’ Rice Cooperative, Fish Nelson & Holden, FlightAware, Florida Department of Health, Fortra FileCatalyst Workflow, Fota Wildlife Park, Free Russia Foundation, Futurity First Insurance Group, GDB International, GeoServer Project, GitHub Enterprise Server, GiveWP WordPress Plugin, Google Chrome, Gramercy Surgery Center, Granville Recreation District, Greater Manchester Council, Grid Subject Matter Experts, Halliburton, Highline Public Schools, Hospital Sisters Health System, HP Security Manager, HPE HP-UX, IBM webMethods Integration Server, ICWI, Imetame, Imperial Sprinkler, LLC, Infosys McCamish Systems LLC, Institut National des Langues Luxembourg, iPhone, Isuzu Motors International Operations (Thailand), Ivanti Virtual Traffic Manager, Jangho Group, JAS Forwarding, Jenkins, Jewish Home Lifecare, Katz Nannis + Solomon, PC, Keene School District, Kentucky Corrections Department, Keycloak, Keystone Pacific Property Management, Kingdom Trust, King’s Choice, KlockMetal, Kootenai Health, Lake Washington Institute of Technology, Lakeland’s Watson Clinic, LAPOR, Laybuy, LDLC, Leal.co, LiteSpeed Cache WordPress Plugin, Lookiero, Los Angeles County Department of Mental Health, Market Moveis, McDonald’s Instagram, Medical Center Barbour, MedicaMall, Metro Pacific Tollways Corporation, Microchip Technology, Micron Crucial MX500, Microsoft Copilot Studio, Microsoft Entra ID, Microsoft OneNote, Microsoft Outlook, Microsoft Teams, Microsoft Word, Mid-Columbia Center for Living, Mifare Smart Cards, Mill Creek Lumber, Mitsubishi Chemical Group, Mitsui Sumitomo Insurance, Mohawk Valley Cardiology PC, Monobank, Musely AI, Muzu.co, MyFreightWorld, National Oceanic and Atmospheric Administration (NOAA), National Public Data, National Research Council of Italy, NHS Grampian, Okanogan Behavioral HealthCare, Oldham Council, Omicron Granite & Tile, Oregon Zoo, Orion, Packaging Corporation of America, Parker Development Company, ParkTree Community Health Center, Park’N Fly, Patelco Credit Union, PBC Companies, Pi Camera, Planned Parenthood of Montana, Plastix Marketing, Pocahontas Medical Clinic, Policy Administration Solutions, Port of Seattle, PostgreSQL, Prasarana Malaysia, Precom, Progress Software LoadMaster, ProPark Mobility, Public Agency Retirement Services (PARS), Quilvest Capital Partners, Radar/Dispossessor, Radiological Society of North America, RapidCMS, RCG, Regent Caravans, Relevvo, Retail Data, Rhithm Wellness App, Riverside Resort & Casino, Roberto Verino Difusion, Roblox Developers, Rochester Honkers, Rödl Management, SAP, Schlatter Industries, Scott Pharma Solutions, Sea-Tac Airport, Seirus Innovation, SenangPay Malaysia, Service Access & Management, ServiceBridge, Siam Cement Group, Sibanye-Stillwater, siParadigm, Slack, Slim CD, Software Engineering Associates, Solana, SolarWinds Web Help Desk, Sompo Japan Insurance, SonicWall SonicOS, South Carolina State University, South Orange County Community College District, Southwest Family Medicine Associates, Spanish Athletics Federation, Specialty Networks, Sport 2000, Sri Lankan Farmers Community, St. Clair County, IL, Stein Fibers, Stoxkart, Stripe CLI, Strive Medical, Strong Current Enterprises, Supreme Court of Philippines, SWISSCZ, Swissphone DiCal-RED, Tabb Inc, Tamil Nadu Labour Department Data, Taxellent Accounting Services Inc, Tewkesbury Council, Texas Centers for Infectious Disease Associates, Texas Dow Employees Credit Union, The Bakersfield Californian, The SMS Group, ThinkPHP, Thompson Davis & Co, TIAA, Toaping, Tokio Marine & Nichido Fire Insurance, Toronto District School Board, Town of Plymouth, CT, Toyota, toyyibPay, Traccar GPS System, Tracki, Traderie, Transport for London, TRENDnet TEW, Trionfo Solutions, Turkish government, Turning Point of Central California, Inc, UConn Health, UK National Crime Agency, UK Political Party Donation Platforms, Ukrainian government, Unicoin, United Services Automobile Association (USAA), United Urology Group, United Way of Connecticut, Inc, Universal Pure, University of Toronto, US Federal Bureau of Investigation (FBI), US Lottery Corporation, US Marshals Service, US Merchants Financial Group, Inc, US Transportation Security Administration (TSA), Valisana, Veeam services, VeriSource Services, Inc, Verkada, Versa Director, VMware ESXi, VMware VCenter Server, VOP CZ, Wayne Wright, LLP, WazirX, Welcome Health, WellLife Network, Western Electrical Contractors Association, WhatsApp, WinRAR, WPS Office, XPERT Business Solutions GmbH, Young Consulting, YubiKey 5, Zee Media, and Zyxel have reported hacking or compromises this month.

HalliburtonTransport for London, and McLaren Health have suffered from outages this month.

Last months updates broke BitLockerdual-boot (Windows + Linux), Outlook, Word, and Windows.

The National Public Data breach (leak, to be more accurate) has had an interesting turn of events, where they are now claiming that they’ve removed the entire database from their platform (it’s still available everywhere else). Opting out via their platform is dismissed and they offer no resolution. Not that one could be had.

A novel side-channel attack dubbed “RAMBO” (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device’s RAM to send data from air-gapped computers.

Microsoft has finally removed the defective and half-baked WinRE update causing daily and sometimes hourly errors because it couldn’t install on many devices.

Twitch force-enabled VTubers’ cameras without their consent.

Now for the good news:

The US appeals court had ruled geofence warrants are unconstitutional.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is pretty small this month. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released 41 updates to address 79 vulnerabilities in Azure CycleCloud, Azure Network Watcher, Azure Stack, Azure Web Apps, Dynamics Business Central, Microsoft AutoUpdate, Microsoft Dynamics 365, Microsoft Graphics Component, Microsoft Management Console, Microsoft Office Excel, Microsoft Office Publisher, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Outlook for iOS, Microsoft Streaming Service, Power Automate, SQL Server, Windows Admin Center, Windows AllJoyn API, Windows Authentication Methods, Windows DHCP Server, Windows Hyper-V, Windows Installer, Windows Kerberos, Windows Kernel-Mode Drivers, Windows Libarchive, Windows Mark of the Web (MOTW), Windows MSHTML Platform, Windows Network Address Translation (NAT), Windows Network Virtualization, Windows PowerShell, Windows Remote Access Connection Manager, Windows Remote Desktop Licensing Service, Windows Security Zone Mapping, Windows Setup and Deployment, Windows Standards-Based Storage Management Service, Windows Storage, Windows TCP/IP, Windows Update, Windows Win32K – GRFX, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.

Apple released updates for tvOS 17.6.1 and watchOS 10.6.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

watchOS 10.6.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.6.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 126.0.6478.252, 127.0.6533.132 and 128.0.6613.133 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.8.1 adds support for several games, including Concord, for what that’s worth and resolves several bugs.. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 10.07 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive

UniFi Network Server 8.4.59 adds support for Passpoint/Hotspot 2.0, Packet Capture, AP Analyzer, Pro AV and advanced IGMP snppting. This is not a security update.
https://www.ui.com/download/releases/network-server

Wacom Driver 6.4.7-3 resolves several bugs. This is a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.69.162 is a security update.
https://brave.com/

Firefox 130.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Google Chrome 128.0.6613.84 is a security update.
https://www.google.com/chrome/

Microsoft Edge 128.0.2739.67 is a security update.
https://www.microsoft.com/en-us/edge/business/download

SeaMonkey 2.53.19 is a security update.
https://www.seamonkey-project.org/

Vivaldi 6.9.3447.41 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

ProtonMail (Android) 4.0.19.1 resolves several bugs. This is not a security update.
https://proton.me/mail/download

Spark 3.17.6 is a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.6 is a security update.
https://sparkmailapp.com/

Thunderbird 128.2.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.14 adds ability for custom clients to disable tray options. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 206.4.6506 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.4.0.14.211 is a security update.
https://www.messenger.com/download

FileZilla Server 1.9.1 is a security update.
https://filezilla-project.org/

Google Drive 96.0 now alerts users to stalls and resolves several bugs. This is not a security update.
https://drive.google.com/start

MeshCentral 1.1.29 resolves dozens of bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.21751 adds reaction support to Town Hall feature. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.6 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.68.0 adds several new backends, improves S3 support, and resolves dozens of bugs. This is not a security update.
https://rclone.org/

Signal 7.23.0 improves performance. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.15.4 doesn’t provide a detailed change log so should be treated as a security update.
https://signal.org/android/apk/

Syncthing 1.27.12 is a security update.
https://syncthing.net/

Telegram 5.5.3 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 11.0.0 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

Trillian 6.5.0.45 resolves several bugs.
https://www.trillian.im/

WinSCP 6.3.5 is a security update.
https://winscp.net/eng/index.php

Zoom 6.1.11.45504 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.9 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.3 improves hardware support and resolves a key binding error. This is not a security update.
https://www.bitwig.com/download/

Grayjay 262 adds recommendations, improved comment system, and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

Kodi 21.1 is a security update.
https://kodi.tv/

Plex Desktop 1.100.1.221 resolves a season poster display bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.66.1.215 updates the web TV client. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.5.8921 is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.23.01 doesn’t provide a detailed change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2024.829 adds URL sharing, improves performance and hardware support. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat 24.003.20112, 24.001.30187 and 20.005.30680 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-70.html

Adobe Acrobat Reader 24.003.20112 and 20.005.30680 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-70.html

Adobe After Effects 24.6 and 23.6.9 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb24-55.html

Adobe Audition 24.6 and 23.6.9 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-54.html

Adobe ColdFusion 2023.10 and 2021.16 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html

Adobe Illustrator 28.7.1 and 27.9.6 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-66.html

Adobe Media Encoder 24.6 and 23.6.9 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html

Adobe Photoshop 24.7.5 and 25.12 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-72.html

Adobe Premiere Pro 24.6 and 23.6.9 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb24-58.html

Audacity 3.6.3 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 4.2.1 doesn’t provide a detailed change log so should be treated as a security update.
https://www.blender.org/download/

Calibre 7.17.0 adds paper-edition page number support, editing, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Formatta Filler 8.19.04 doesn’t provide a change log so should be treated as a security update.
https://www.phreesia.com/filler-ifiller/

Kdenlive 24.08.0 improves user interface for easing modes, effect groups, transform, and curve, as well as several bug fixes. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.5.70951 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 24.2.6 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.8.0 resolves over 400 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/

Manager 24.9.9.1845 adds a business template gallery and support for Financial Data Exchange (FDX). This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.3 resolves almost 100 bugs. This is not a security update.
https://nextcloud.com/

PDF-XChange Editor 10.4.0.388 resolves dozens of bugs. This is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_22 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_25 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Scribus 1.6.2 resolves several bugs. This should be treated as a security update.
https://www.scribus.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.10.0 resolves several bugs and adds Key/Value container support.
https://github.com/countercept/chainsaw

FSS 2024.8.15 doesn’t provide a detailed change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

MalwareBytes Anti-Malware 5.1.10.127 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.3.2 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.4.0 resolves several bugs and improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.18.2 resolves several bugs. This is not a secuirty update.
https://www.adlice.com/download/roguekiller/

SecurityCheck 2024.8.24 doesn’t provide a detailed change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/securitycheck/dl/123/

Stinger 13.0.0.190 adds support for new detections. Thsi is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.7 is a security update.
https://tails.net/install/download/index.en.html

VT-CLI 1.0.1 adds support for Chocolatey, updates actions and resolves several bugs. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

YARA 4.5.2 is a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.2.3 resolves several bugs. This is a security update.
https://obsproject.com/

ScreenToGif 2.41.1 updates translatons and resolves a couple bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 24.2.2 adds support for HDR image capture and exporting to Camtasia, and resolves a PDF export bug. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.6 adds support for new encodings and resolves compatibility issues with some hardware. This is not a security update.
https://www.dvdfab.cn/download.htm

PDF Creator 5.3.0 adds OneDrive integration, improved sharing support, and updated libraries. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.9.7 resolves dozens of bugs and adds a couple new sources. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.3 adds GPU support, ability to remove the scene background, and resolves a few bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.3 adds rich text markup in titles, improves compatibility, and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.10.44 adds filtering support, visual and accessibility improvements, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.10.45 adds filtering support, visual and accessibility improvements, improves compatibility, and resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

AOMEI Partition Assistant 10.4.2 improves reliability and stability, and resolves several bugs. This is not a security update.
https://www.diskpart.com/

balenaEtcher 1.19.22 replaces Flowzone inputs. This is not a security update.
https://etcher.balena.io/

Beyond Compare 5.0.2.30045 resolves over a dozen bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2024.8.2 adds support for autofill cards and identities using keyboard shortcuts, biometrics on Linux, and password-protected exports
https://bitwarden.com/

CalyxOS Device Flasher 1.0.10 doesn’t provide a detailed change log so should be treated as a security update.
https://calyxos.org/install/

CCleaner 6.27.11214 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.5.4 resolves several bugs. This is a security update.
https://cygwin.com/

Dell Command Update 5.4.0 improves reliability and stability. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 11.35 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.59.0 adds several new display options, improved performance and translations, and updates libraries. This is a security update.
https://dngrep.github.io/

Everything Toolbar 1.4.1 resovles a sort order bug. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3880.66.5 resolves adds Windows 10 Taskbar Style support (with extra steps) and Windows 11 24H2 compatibility. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FolderChangesView 2.37 is a cosmetic update. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

GoodSync 12.7.5 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.10 adds support for newer hardware. This is not a security update.
https://www.hwinfo.com/download/

InstalledAppView 1.09 adds dark mode support. This is not a security update.
https://www.nirsoft.net/utils/installed_app_view.html

Kingston SSD Manager 1.5.4.6 doesn’t provide a detailed change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

Mac Migration Assistant 3.0.1.0 doesn’t provide a detailed change log so should be treated as a security update.
https://support.apple.com/en-us/HT204087

NConvert 7.192 doesn’t provide a detailed change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NTLite 2024.8.10045 adds support to disable MSA and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1010 resolves over a dozen bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.13.1 resolves a bug. This is not a security update.
https://osquery.io/downloads

PowerToys 0.84.1 resolves several bugs and improves behavior of many apps. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.10.2 resolves a dozen bugs. This is not a security update.
https://psappdeploytoolkit.com/

ripgrep 14.1.1 resolves a couple bugs. Thsi is not a security update.
https://github.com/BurntSushi/ripgrep/releases/latest

ScreenConnect 24.2.10.8991 resolves several bugs. This is a security update.
https://screenconnect.connectwise.com/download

SearchMyFiles 3.30 adds support to search by owner. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TeamViewer 15.57.5 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WifiInfoView 2.94 adds dark mode support. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 8.93 improves hardware support and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.1.2.12 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GameMaker Studio 2024.8.1.171 adds dozens of features. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.4.211 improves stability and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.5 adds support for custom editors and shells and resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.1 is a security update.
https://go.dev/

Godot 4.3 updates libraries, adds thousands of improvements, and resolves hundreds of bugs. This is not a security update.
https://godotengine.org/

Godot 3.6 updates libraries and resolves dozens of bugs. This is not a security update.
https://godotengine.org/

MySQL Server 8.0.39 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/installer/

Node.js 20.17.0 resolves dozens of bugs and updates libraries. This is not a security update.
https://nodejs.org/en/

Node.js 22.8.0 resolves dozens of bugs and updates libraries. This is not a security update.
https://nodejs.org/en/

Python 3.12.6 is a security update.
https://www.python.org/downloads/windows/

Unreal Engine 5.4 improves layered control rigs, adds new gizmos, constraints improvements, cosmetic improvements, and resolves several bugs. This is not a security update.
https://unrealengine.com/en-US/

Visual Studio Code 1.93 improves IntelliSense, column resizing, source control, Copilot integration and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.16.2 resolves dozens of bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.1.4 is a bug fix release shortly after a security update.
https://www.joomla.org/

MailEnable 10.49 resolves over a dozen bugs. This is a security update.
https://www.mailenable.com/

WordPress 6.6.2 resolves over a dozen bugs. This is not a security update.
https://wordpress.org/

BuddyPress 14.1.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Conditional Widgets 3.2 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/conditional-widgets/

My Sticky Bar 2.7.7 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Sucuri Security 1.9.4 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

Theme My Login 7.1.9 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/

WPBakery 7.9 resolves over a dozen bugs and improves compatibility. This is not a security update.
https://wpbakery.com/

WP Cerber Security 9.6.3 adds ability to scan for and resolve third-party plugin issues, and resolves several bugs. This is not a security update.
https://wpcerber.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-06-11

Welcome back, Folks!

Today is Patch Tuesday for June, 2024.

There were 460+ major hacks, and over 270 application updates this month.
It’s an average month, with about 2.5 GB of updates for most users.

This Month in Technology

4LEAF, Inc, A123Systems, Abbott, AbbVie Inc, ABN Amro, ABS-CBN Broadcasting, Absolute Telecom, AC Financial, AC Propulsion, Inc, Acadia Pharmaceuticals Inc, Access Sports Medicine & Orthopaedics, Accounting Professionals LLC Price Breazeale Chastang, ADCOM911, Adobe Acrobat Reader, Advance Auto Parts, Advance Press, Adventist Health Tulare, Affiliated Dermatologists, Agrani Bank, AirAsia Group, Akdenizchemson, Al-Rajhi Bank, Allied Mechanical Services Inc, Allied Telesis, ALN Medical Management, ALO diamonds, Aloft, Alpha Capital Group, Amazon, AmerisourceBergen Specialty Group, Amgen Inc, Amsterdam Schools, Anchorage Daily News, Anderson Mikos Architects, Android, Archi Hives, Architecture Lejeune Giovanelli, Ardenbrook, ARRL, Ascension Healthcare Network, Association of California School Administrators, Asst Rhodense, Astagiudiziaria, Aston Villa, Astra Daihatsu Motor, Atlas Oil, Atlassian Confluence, Audubon Nature Institute, Ausgrid, Aussizz Group, Avelina, Ayoub Associates CPA Firm, B&G Foods, Banco de Crédito del Perú, Barclays, Bausch Health Companies Inc, Bayer Corporation, BBC Pension Scheme, Berge Bulk, Billericay School, Birmingham Children’s Trust, BlockTower Capital, Bluewater Health, BNB Chain, BreachForums, BreingAir, Brett Slater Solicitors, Brick Court Chambers, Bring Me the Horizon’s website, Bristol Myers Squibb, British Columbia Government, Brockton Area Multi-Services, Brovedani Group, Bruno generators, Bulgarian Ports Infrastructure Company, Café Soluble, California Highway Patrol, California Northstate University, Call 4 Health, Inc, Catch News, CDU, Cencora (11 big pharma companies), Center Line schools, Central Contra Costa Transit Authority, CentroMed, Centurion University, Check Point VPN, Chicago Fire Football Club, Christie’s, Cinterion Modems, Cisco Webex, City of Clarksville, City of Helsinki, City of St. Cloud, Clevo, CoinGecko, College Ahuntsic, Columbus Regional Healthcare System, Comwave Networks, Continuing Healthcare Solutions, Cooler Master, Coplosa, Corr Corr, Corse GSM, Cortina Watch, Costa Edutainment SpA, Cox WiFi routers, Crandall ISD, Credit Central, Crescent Point Energy, Cressex Community School, Crooker, Crossroads Equipment Lease & Finance, LLC, Cryptonary, Cushman Contracting Corporation, Cylance, D-Link EXO AX4800 routers, Daniel E. Fitzgerald, CPA, Decathlon, Delano Adult School, Dendreon Pharmaceuticals LLC, DFINITY, DG3 North America, Inc, DGT traffic authority, Digital Pix & Composites, Discovery Insure, Disney, Dkhoon Emirates, DMM, Dohman, Akerlund & Eddy, Dollmar, Doral, Florida, Dota2, DreamWall, Drive Sally, LLC, Driver Group, DRMS, Dubai government, Dynasafe, E-T-A, Easterseals Central Illinois, Eden Project Ltd, Egyptian Universities, Eigen crypto, Electronic Arts, Elk Grove Unified School District, Elmhurst Group, Elutia, EmailGPT, Embellir, Endo Pharmaceuticals Inc, Ernest Health Facilities, ES Pack Euro, Especialistas Contacto Directo, EU Parliament, Everbridge, Ewing Marion Kauffman School, Excel Security Corp, Experis Technology Group, Facebook, Family Guardian, Faultless Brands, FEI Systems, Fic Expertise, Financial Business and Consumer Solutions (FBCS), Fincasrevuelta, First American, FIRST Heritage Co-operative Credit Union, First Nations Health Authority, First Priority Restoration, Firstmac, Fiskars, Fluent Bit, Form I-9 Compliance, Formosa Plastics, Foxit PDF Reader, FPL Food, France Solar, Frontier Communications, Frotcom International, Fulcrum, Gala Games, Gantan Beauty Industry, Gapbuster Worldwide Pty Ltd, GE HealthCare ultrasound devices, Genentech, Inc, Georgia University System, Gestion Kronos, GitLab, GlaxoSmithKline Patient Health, Google (thousands of times), Google Chrome, Google Document AI Warehouse, Granville Food Care Limited, Graphic Solutions Group Inc, Gravetye Manor, Greater Amsterdam School District, Grupo Cadarso, Guardian Analytics, Guardian Childcare Victoria, Gulp, Hamburg Airport, Hatari Electric Co, HawkEye, Hedbergs, Heineken, Helapet Ltd, Heron Therapeutics, Inc, Hit Promotional Products, HopSkipDrive, Hotel Kiosks, HSBC, Hugging Face Spaces, Iberdrola, IBM Cloud, IBM Neural Compressor AI, Illinois Secretary of State, Incyte Corporation, Indigo ENT Group, Interactive Brokers, Inventum Øst, Iranian Hajj, Iranian Pilgrims, Iress, Isaacs Odinocki, Iseto Corporation, Islamabad’s Safe City Authority, Israel-made industrial devices, Israeli Government and Military Infrastructure, ISTA International GmbH, Ivanti EPMM, IZOMAT Praha, J & N Stone, JAVS Courtroom Recording Software, Johnson & Johnson Patient Assistance Foundation, Inc, Johnson & Johnson Services, Inc, Jordano’s Inc, Jumbo Group, Kaiser Permanente, Keytronic, Klein ISD, Knowmad Mood, Kyber Post-Quantum Key Encapsulation Mechanism (KEM), Lactanet, Lane Gorman Trubitt, Lash Group, Laxmi Capital, Lee Shau Kee School of Creativity, LEMKEN, LenelS2 NetBox, Les Miroirs St Antoine Inc, Levin Porter Associates, Lintas Nusa, LivaNova, Live Nation, London Drugs, London Hospitals, Los Angeles Department of Mental Health (LACDMH), Los Angeles Unified School District (LAUSD), M2EConsulting Engineers, MagicLand, MAH Machine, Mainline Health Systems, Malaysia’s Railway Assets Corporation (RAC), Malone & Co, Malouf Companies, Manurewa Marae, NZ census, Marathon Pharmaceuticals, LLC, Marigin, Mariposa Landscapes Inc, Matusima, McLean Hospital, MediSecure, medQ, Inc, MF Group, Microsoft Exchange Server, Microsoft India, Microsoft Quick Assist, Midwest Covenant Home, Morton Williams, My Daily Choice, Inc, Myersville, Maryland, Mālama I Ke Ola Health Center, National Records of Scotland, Native American Health Center, NATO, Natsume Tax Accountant Corporation, Navvis & Company, LLC, Neovia Company, Netflix Genie, New Boston Dental Care, New Hampshire Public Radio, New York Times, Newfoundland Broadcasting Company Limited, Newman Ferrara, Nidec Motor Corporation, Nissan North America, Inc, Normie Meme Coin, North Texas Municipal Water District, Northeast Rehabilitation Hospital Network, Northern Minerals, Novartis Pharmaceuticals Corporation, Ntv, OakBend Medical, OmniVision, OneVue, OpenSea, Oracle WebLogic Server, Osaka Motorcycle Business Cooperative, OTR, Otsuka America Pharmaceutical, Inc, Oxford Global Resources, LLC, PAN-OS, Panasonic Australia, PandaBuy, Panorama Eyecare, Pantana CPA, Patriot Mobile, Patties Foods, pcTattletale, Peak Design, Pendle Token, PepsiCo, Pezesha, Pfizer Inc, Philippine National Police (PNP), Philips Respironics, PHP, Pope & Conner Consulting, Inc, Providence Hospital, PSG Banatski Dvor, Pulse Connect Secure VPN, QNAP NAS, QNAP QTS, Qualitas, QuoteWizard, R3 Education Inc, Rayner Surgical Inc, RDI-USA, Real Madrid CF, Red Bull, Red Cross, Regeneron Pharmaceuticals, Inc, Regional Obstetrical Consultants, Rex Signature Services, LLC, Richland, Washington, Rio Technology, Riyadh Airport, Robinsons Land, Robson, Rockford Public Schools, Rockwell Automation ICS, Royal Star & Garter, Räddningstjänsten Vä stra Blekinge, Samco, Sandoz Inc, Sanok Rubber Company Spólka Akcyjna, Santa Barbara Systems, Santander, Sav-Rx, Scanda, Schuette Metals, Science Po Paris, Seattle Public Library, Semicore Equipment, Service public de Wallonie, Servicio Móvil, Shirasaki, Shore Regional High School District, Sigmund Espeland AS, SLB Transit Inc, Smith and Caughey’s, Snchez-Betances Sifre & Muñoz-Noya, Snowflake, Solana Meme Coin, SonicWALL SSL-VPN, Sonne Finance, Southwark hospitals, Specialty Market Managers, Sree Hotels, SSI World, St. Landry Parish School, State Grid Corporation of China (SGCC), Sterling Transportation Services, Sumitomo Pharma America, Inc, Sumo, Superior Air-Ground Ambulance Service, Sysmex America, Takeda Pharmaceuticals USA, Inc, Talalay Global, Talley Group, Tamil Nadu, Tech in Asia, Telangana Police, Telefónica, Tesla’s Ultra-Wideband, Thayer Academy, The Egyptian-Sudanese Company, The Kelly Group, ThinkPHP, Ticketek Australia, Ticketmaster, Tietoevry, TikTok, Tinyproxy, Tobii Dynavox, Toshiba America, Town of Westlock, Toyota Philippines, TP-Link Archer C5400X, TRC Talent Solutions, Trib Total Media, TriLiteral, Trionfo Solutions, TruGreen, TSCOP App, UAE Ministry of Education, UK Armed Forces, United Urology Group, Universidad Nacional de Entre Ríos, University of Chicago Medical Center, University of Delhi, University of Hyderabad, University of Siena, US Environmental Protection Agency (EPA), Vannguard Utility Partners, Vasitam, Veeam Backup Enterprise Manager, Velocore, Victoria Eye Center, Victorian Freight Specialists, Vietnam Post, Visa Lighting, VIT Bhopal University, VWholesaleTour, Walmart pension plan, Walser Automotive Group, Walton County, Watt Carmicheal, WD Associates, Wealth Depot LLC, WebTPA, Welsh Rugby Union, Western Dovetail, Western Saw Inc, Western Sydney University, William S Hein & Co, Windows Defender, WIS Sicherheit, WordPress, WP Copymatic, WP Country State City Dropdown CF7 Plugin, WP Dessky Snippets, WP Easy Listing Directories, WP Fluent Forms Contact Form, WP Hash Form Drag & Drop Form Builder, WP LiteSpeed Cache, WP Meta SEO, WP Pie Register, WP Slider Revolution, WP Statistics, WP UserPro Plugin, WP Web Directory Free, WP WooCommerce, WPZOOM, XLink Bitcoin Bridge, Zuber Gardner CPA, and Zyxel NAS have reported hacking or compromises this month.

ARRL, TRAM Barcelona, Internet Archive, Queen Alia International Airport, LastPass, and Copilot have suffered from outages this month.

According to a recent study from Kaspersky, 59% of multi-site business experience monthly outages.

Last months updates broke Windows Taskbar, File Explorer, Windows Server 2019 updates, and Microsoft Outlook again, of course.

AI bots are ridiculously easy to convince to share sensitive information.

Apple is releasing a new password manager for macOS, iOS and iPadOS. But…to get an idea of how concerned Apple is about security, they’ve recently exposed that Wi-Fi on their devices can be used to geolocate any device around the globe.

Google is making it harder and harder to get help.

ICQ, my favorite messaging app from the 90s, has shut down after 28 years.

VBscript is on its deathbed.

FTX paid off whistleblowers.

Now for the good news:

Microsoft has reversed course on Windows Recall and is now making it “optional” even though it isn’t actually resolving most of the security issues or privacy risks.

Let’s Get Busy

Patch Tuesday is about average this month. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates to address 58 vulnerabilities in Azure Data Science Virtual Machines, Azure File Sync, Azure Monitor, Azure SDK, Azure Storage Library, Chrome, Dynamics Business Central, GitHub, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Streaming Service, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows, Microsoft Windows Speech, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows Container Manager Service, Windows Cryptographic Services, Windows DHCP Server, Windows Distributed File System (DFS), Windows Event Logging Service, Windows Kernel, Windows Kernel-Mode Drivers, Windows Link Layer Topology Discovery Protocol, Windows NT OS Kernel, Windows Perception Service, Windows Remote Access Connection Manager, Windows Routing and Remote Access Service (RRAS), Windows Server Service, Windows Standards-Based Storage Management Service, Windows Storage, Windows Themes, Windows Wi-Fi Driver, Windows Win32 Kernel Subsystem, Windows Win32K – GRFX, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for tvOS 17.5.1, iOS 17.5.1, iPadOS 17.5.1, and visionOS 1.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 17.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 17.5.1 is a security update. Use System, Software Update to install the most current version.

visionOS 1.2 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 125.0.6422.169 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.5.1 improves stability and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Nvidia Driver 475.06 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Samsung DeX 2.4.1.23 doesn’t provide a change log so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

UniFi airMAX NanoStation 5AC Loco 8.7.13 resolves several bugs. This is not a security update.
https://www.ui.com/download/software/loco5ac

UniFi Network Server 8.2.93 adds ACL rules, DNS records, MLO, BGP and Inspection support. This is not a security update.
https://www.ui.com/download/releases/network-server

Wacom Driver 6.4.6-2 adds support for newer hardware, improved reliability, and resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.66.118 is a security update.
https://brave.com/

Firefox 127.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.12.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 125.0.6422.141 is a security update.
https://www.google.com/chrome/

Microsoft Edge 125.0.2535.92 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.7.3329.39 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.16.2.75403 adds calendar support. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.16.2.75440 adds calendar support. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.11.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 8.1.0 improves performance and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Facebook Messenger 213.0.0.22.228 is a security update.
https://www.messenger.com/download

Microsoft Teams 1.7.00.13456 resolves several bugs and improves user controls. This is not a security update.
https://teams.microsoft.com/downloads

Mumble 1.5.634 adds over a dozen new features and resolves several bugs. This should be treated as a security update.
https://www.mumble.info/

Signal 7.11.1 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.8.1 doesn’t provide a detailed change log so should be treated as a security update.
https://signal.org/android/apk/

Telegram 5.1.5 improves stability and resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.13.1 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

Tigase Server 8.4.0 adds RBL support, portable export format, improved user management and resolves dozens of bugs. This should be treated as a security update.
https://github.com/tigase/tigase-server/releases/latest

curl 8.8.0 resolves over 200 bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 200.4.7134 resolves several bugs. This is not a security update.
https://www.dropbox.com/

MeshCentral 1.1.23 resolves dozens of bugs. This should be treated as a security update.
https://meshcentral.com/info/downloads.html

Nextcloud Server 29.0.2 resolves over a dozen bugs. This should be treated as a security update.
https://nextcloud.com/

Omada Software Controller 5.14.20.9 adds several new filters, features and controls. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Syncthing 1.27.8 resolves a couple bugs. This is not a security update.
https://syncthing.net/

Zoom 6.0.11.39959 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.5 improves cosmetics and resolves several bugs. This is not a security update.
https://en.3tene.com/

Grayjay 244 improves compatibility and resolves several bugs.
https://grayjay.app/index.html

Plex Desktop 1.94.1.155 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.62.1.152 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

VLC Media Player 3.0.21 improves hardware compatibility and resolves several bugs. This is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Java) 1.20.6 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 18.1.0 removes X/Twitter and social media integration and improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.522 improves performance and stability and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-05-21 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat Android 24.5.0.33694 is a security update.
https://helpx.adobe.com/security/products/acrobat-android/apsb24-50.html

Adobe Audition 23.6.6 and 24.4.1 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-32.html

Adobe ColdFusion 2021.14 and 2023.8 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-41.html

Adobe Commerce 2.4.0-ext-8, 2.4.1-ext-8, 2.4.2-ext-8, 2.4.3-ext-8, 2.4.4-p9, 2.4.5-p8, 2.4.6-p6 and 2.4.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Adobe Commerce Webhooks Plugin 1.5.0 is a security update.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Adobe Creative Cloud Desktop 6.2.0.554 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb24-44.html

Adobe Experience Manager 2024.5 and 6.5.21 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-28.html

Adobe FrameMaker Publishing Server 2022.3 is a security update.
https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-38.html

Adobe Media Encoder 23.6.6 and 24.4.1 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb24-34.html

Adobe Photoshop 24.7.4 and 25.9 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-27.html

Adobe Substance 3D Stager 3.0.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-43.html

Calibre 7.12.0 improves conversion, media support and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.1.2 improves performance, stability, and reliability, and adds a Timestamps and resolves a couple bugs. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Ghostscript 10.03.1 doesn’t provide a change log so should be treated as a security update.
https://www.ghostscript.com/releases/gsdnld.html

Kdenlive 24.05.0 reimplements audio capture, adds group effects and automatic subtitle translation, performance improvements and resolves several bugs. This is not a security update.
https://kdenlive.org/

LibreOffice Fresh 24.2.4 resolves over 70 bugs. This is not a security update.
https://www.libreoffice.org/

Magento Open Source 2.3.7-p4-ext-8, 2.4.4-p9, 2.4.5-p8, 2.4.6-p6 and 2.4.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Manager 24.6.11.1637 resolves several bugs but does not have current release notes so should be treated as a security update.
https://www.manager.io/

Notepad++ 8.6.8 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

QuickBooks Pro 2022 20240529-R16_8 resolves several bugs. This should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240529-R13_6 doesn’t provide a detailted change log. This should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

KeePass 2.57 improves privacy and security or
https://keepass.info/

OpenSSL 3.3.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.3.0 improves stability and resolves several bugs. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.17.0 improves detection and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.127 adds new detections and improves others. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.3 is a security update.
https://tails.net/install/download/index.en.html

uBlock Origin 1.58.0 resolves over a dozen bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

YARA 4.5.1 resolves several bugs. This is not a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.4 improves compression, video combine, and resolves several bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.9 improves subtitle support and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.8.0 updates libraries and resolves dozens of bugs. This is a security update.
https://handbrake.fr/

IsoBuster 5.4.1 adds support for new formats and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.17.7 updates license date. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 5.2.2 updates libraries. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.8.2 improves reliability, compatibility, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.3 improves performance, quality, and AI integration. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.34 resolves over a dozen bugs. This is not a security update.
https://1password.com/downloads/

7-Zip 24.06 improves reliability and resolves several bugs. This is not a security update.
https://www.7-zip.org/

Agent Ransack 2022.3435 resolves a crash bug. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitcoin 27.0 resolves several bugs and improves performance. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 2024.5.0 adds organization item cloning and begins the manifest v3 compatibility roll-out. This is not a security update.
https://bitwarden.com/

CCleaner 6.24.11060 improves cleanup and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

DesktopOK 11.24 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.6.0 adds several new features and updates libraries. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-05-25 adds JWT and resolves a python compatibility bug. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Etcher 1.19.21 resolves dependency bugs. This is not a security update.
https://www.balena.io/etcher/

Fido 1.56 adds 24H1 ISO UEFI support. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3435 resolves a crash bug. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.6.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.7.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Free Virtual Serial Ports 6.01.00.1309 adds several more controls. This is not a security update.
https://freevirtualserialports.com/

Git SCM 2.45.2 is a security update.
https://git-scm.com/

Go 1.22.4 is a security update.
https://go.dev/

GoodSync 12.6.9 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.1 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

GUIPropView 1.30 adds two new action commands. This is not a security update.
https://www.nirsoft.net/utils/gui_prop_view.html

NTLite 2024.5.9946 resolves several bugs and improves compatibility. This is not a security update.
https://www.ntlite.com/download/

osquery 5.12.2 is a security update.
https://osquery.io/downloads

PowerToys 0.81.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcDump 3.3 for Linux improves container support. This is not a security update.
https://github.com/Sysinternals/ProcDump-for-Linux

Process Explorer 17.06 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

RoboForm 9.6.1 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 4.5 updates libraries, adds UEFI validation, and resolves several bugs. This is a security update.
https://rufus.ie/en_US/

ScreenConnect 24.1.9.8915 improves compatibility, reliability, and stability, and resolves several bugs. This should be treated as a security update.
https://screenconnect.connectwise.com/download

SetUserFTA 1.8.1 implements a workaround for the new UCPD “security feature”. This is not a security update.
https://kolbi.cz/blog/2017/10/25/setuserfta-userchoice-hash-defeated-set-file-type-associations-per-user/

Ventoy 1.0.99 updates EFI binaries and resolves a couple bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WinRAR 7.01 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WizFile 3.10 adds include and exclude filters, adds more feature controls, and resolves several bugs. This is not a security update.
https://antibody-software.com/wizfile/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.6 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.3.1.20 is a security update.
https://developer.android.com/studio

AutoHotkey 2.0.17 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

cx_Freeze 7.1 updates libraries and resolves dozens of bugs. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GitHub Desktop 3.4.1 resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.3.1 improves compatibility and resolves dozens of bugs. This version also removes support for older operating systems. This is not a security update.
https://www.jrsoftware.org/isdl.php

Microsoft Visual C++ 2022 Redistributable 14.40.33810.0 doesn’t provide a change log so should be treated as a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Node.js 18.20.3 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.14.0 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 22.2.0 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.12.4 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.46.0 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.90 adds several new features. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.6 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Invision Community 4.7.17 resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

Joomla 5.1.1 resolves dozens of bugs. This is not a security update.
https://www.joomla.org/

ownCloud Client 5.3.0.13987 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

WordPress 6.5.4 resolves several bugs. This is not a security update.
https://wordpress.org/

BuddyPress 12.5.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.5 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Multisite Enhancements 1.7.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/multisite-enhancements/

Social Post Feed 4.2.5 resolves a couple menu bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

WooCommerce 8.9.2 is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.7 resolves several bugs. This is a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-05-14

Welcome back, Folks!

Today is Patch Tuesday for May, 2024.

There were 580+ major hacks, and over 460 application updates this month. It’s an insanely big month, with about 5 GB of updates for most users.

This Month in Technology

First, let me apologize for this list. It’s 3x longer than it was only a couple months ago and that’s not really my fault. I really want to keep sharing the hacked lists but at the rate it’s going 3/4 of the newletter will just be the list by the end of Summer. I’m going to need to rework this next month when I have more time.

1+1 Media, 4LEAF, Inc, A123 Systems, Access Intelligence, Accor, ACFIN SA, Active PCB Solutions, Acurrate Lock & Hardware, ADCOM911, Advanced Business Networks, Advarra, Inc., Aero Tec Laboratories Inc, Aetna ACE, Affordable Payroll & Bookkeeping Services, Agate Construction, Agency for the Sustainable Development of the Saint Nazaire Region, France, AirAsia Group, Airsoft, Allianz Global Risks U.S. Insurance Company, Alltruck Bodies, Alrajhi Bank, Altipal S.A.S, Amazon, Amberstone Security, AMD Radeon DirectX 11 Driver, American Builders Outlet, American Renal Associates, American Renal Management, Andovers Federal Credit Union, APS – Automotive Parts Solutions, Arbitrum, Argentina’s national registry, Army Welfare Trust, Array Networks, Asantee Games, Asbury Automotive Group, Ascension healthcare, Ashley Home Stores, Aspire Health Alliance, Astra Daihatsu Motor (ID), AT&T, Atlantic States Marine Fisheries Commission (ASMFC), Aussizz Group, Autodesk Drive, Axip Energy Services, Ayesa, B&G Foods, Badger Tag & Label, Banco Santander, Banten Regional Development Bank Tbk, Barclays Bank, Base Network, Bay Oral Surgery & Implant Center, Bağcılar Training and Research Hospital, Bega Valley Council, Belarusian KGB, Belvedere Vodka UK, BenefitsCal, Berry, Dunn, McNeil & Parker, Best Reward Federal Credit Union, BetterHelp, Bharat Sanchar Nigam Limited (BSNL), BHF Couriers, Biggs Cardosa Associates, Inc., Bira 91, Bitfinex, Blackstone Valley Community Health Care, Blooms Today, Bluebonnet Trails, Bluegrass Care Navigators, BMW BANK, Bodyartforms LLC, Boeing, Bradford-Scott, Brandywine Realty Trust, BreachForums, Bridgeway Center, Inc., British Columbia, Canada, Brocade SANnav SAN Management Software, Brovedani Group, Bundeswehr, Byron council, Café Soluble, California library system, Calumet Civil Contractors, Inc, Camino Nuevo Charter Academy, Canatal Industries, Canberra club, Cannes hospital, Cariboo library system, Carpetright, Catholic Diocese of Cleveland, Catholic Medical Center (CMC), CCM Health, Central Bank Argentina, Central Carolina Insurance Agency Inc, Central Florida Equipment, Central Power Systems & Services, Central Virginia Federal Credit Union, Change Healthcare, Channel Logistics LLC, Chemring Group, Cherry Health, Chicony Electronics, Chirp Systems, Christie’s Auction House, Cisco Duo, Cisco Integrated Management Controller (IMC), City of Buckeye, AZ, City of Donges, France, City of El Cerrito, California, City of London, UK, City of Pensacola, Florida, City of Wichita, Kansas, Cleveland Catholic Diocese, Community First Credit Union, Confins Transport, Consensus Medical Group, Consol Energy, Continuum Health, Coppel, Coradix-Magnescan, CorporateStack, Costa Edutainment SPA, Council for Relationships, County of Coffee, Georgia, County of Hernando, FLCounty of Jackson, MOCounty of Los Angeles, CA, Department of Health Services, County of Robeson, NC, County of San Bernardino, CA, CrushFTP, Cushman Contracting Corporation, CyberPower UPS, D-Link Devices, Daoust, Dawson Creek, Deeside Timberframe, Delinea Secret Server, Dell, Dental Group of Amarillo, Dental Health Services, DES Architects and Engineers,
Designed Receivable Solutions, Deutsche Telekom, Digi Yatra Foundation, Dijk, Discord, District of Columbia’s Department of Insurance, Securities and Banking (DISB), DocGo, Dominican Republic vaccination data, Donco Air, Doyon Drilling, Drive Sally LLC, DRM Arby’s, Dropbox Sign, Duvel Moortgat, D’amico & Pettinicchi, LLC, E-ZPass, East Central University, OK, Eden Project, Edlong and Holstein Association USA, Educational Computer Systems, EduMarket, Efrat Airlines, Egypt Ministry of Supply and Internal Trade, El Salvador, El Salvador’s Chivo Wallet, Electric Mirror, Empath Health, Engineered Automation of Maine, Enstar, Epilepsy Foundation of Metro NY, EqualizeRCM and 1st Credentialing, Ernest Health, Eucatex, European Parliament, Europol, EvoBanco, F5 Central Manager, Feldstein & Stewart, Fic Expertise, Financial Business and Consumer Solutions (FBCS), Firstmac, FiXBET, Floirac, Footdistrict, Fort Worth, Texas, Foxit Reader, French Ministry of Agriculture, Frontier Communications, FrotCom, GBI Genios, Gerber Life Insurance Company, Giant Tiger, GitHub Search, GitLab, Glendale Unified School District, Glints, Global Tel Link, Google Chrome, Google, Graphic Solutions Group Inc, Grassroot DICOM, Great Firewall of China, Green Diamond Resource Company, Greylock McKinnon, Grindr, Grodno Azot, Group Health Cooperative of South-Central Wisconsin (GHC-SCW), Guadeloupe, Canada, Guardant Health, Inc., Guardian Analytics, Hapy Bear Surgery Center, Hardeman County Community Health Center, Hedgey Finance, Helapet Ltd, Helsinki Education Division, Heritage Cooperative, High Performance Services, Hillsong Church, Hirsh Industries, Hit Promotional Products, Home Depot, Hong Kong Arts Development Council, Hong Kong College of Technology, Hong Kong Fire Department, Hong Kong Union Hospital, Hooker Furniture, Hosocongty, Hospital Simone Veil, 100 hotels in Japan, Houser LLP, Hoya Optics, HP, HPE ArubaOS Devices, HSBC Bank, HTW, Hub International Limited, Human Events, IBM’s Enterprise Terminal, iCabbi, ICICI Bank, IDS Michigan, Illinois State Credit Union, Illinois Tollway, In The Know, India’s Central Board of Secondary Education (CBSE), India’s HRYLabour, India’s ICICI Bank, Ingo Money Inc, Inland Physicians Billing Services, Intel CPUs (Spectre v2), Intel Hardware Firmware, Interim Healthcare of Lubbock, International Baccalaureate Exam, Inventum Øst, Iranian Pipeline Company, Iress Ltd, Israel Electric Corporation (IEC), Israeli Real Estate Companies, ISTA International GmbH, It4 Solutions Robras Corp, Italian Red Cross Network, Ivanti Avalanche, J.P. Morgan Chase, JE Owens, Kaiser Foundation Health Plan, Inc., Kaiser Permanente, Kameymall, Kansas City Scout System, Keenan & Associates, Kintetsu World Express, Kisco Senior Living, KISTI SMART K2C, Kowloon Shangri-La, La Chapelle-des-marais, France, Ladakh Social Welfare Department, Lamont Hanley & Associates, Latvian TV Channels, LDLC, Le Slip Français, Leicester City Council, Lenovo Hardware Firmware, Lewis & Clark College, LG TVs, Lieberman LLP, Lilly Drogerie, Lincoln Project, LiteSpeed Cache, LivaNova, LiveHelpNow, LocalPlace JP, London Drugs, London Stock Exchange Group, Lopesan Hotels, Lotz Trucking, Lpdb Kumkm, LRB Info Tech, Lukfook Jewellery, Lumina Americas, Luxor, LYON TERMINAL, M2E Consulting Engineers, Macedonian Joint Stock Company, Madata, Magnet+, Malone & Co, Manchester’s Catholic Medical Center, Marpai Health, Mauritzon, McKinley Packing, Medequip Assistive Technology, Medical Home Network, MediExcel, Medios de Prevención Externos Sur SL, MedStar Health, Meduza, Mellitah Company, Mercedes, Merchants Benefit Administration, Metropolitan Life Insurance Company, Microsoft, Microsoft Azure Entra ID, Microsoft Outlook, Missouri Electric Cooperatives, Moffitt Cancer Center and Research Institute, Moldova Government, MoldTech, Molen & Associates, Monash Health, Monday.com, MongoDB, Monocon, Montoir-de-Bretagne, France, Moscow Moskollector, MovieBoxPro, MRA – The Management Association, Mt Hira College, Myers Automotive Group, National Energy Research Scientific Computing Center (NERSC), Nespresso, Nestle, New Boston Dental Care, New Hudson Facades, New Mexico Administrative Office of the District Attorneys, New Mexico Highlands University, New York’s state legislature, Nexperia, NHS Dumfries and Galloway, NK Parts Industries, NorthBay Health, Nota by M&T Bank and TTEC Databases, Nothing, Nova Scotia Health, NRS Healthcare, Numotion, NVIDIA, OakBend Medical, Octopharma Plasma, OE Federal Credit Union, Ogero, Ohio Lottery, Okta, Olson Steel, Olympus Group, OracleCMS, OraSure, Original Herkimer Cheese, OrthoConnecticut, Outabox, Pacific Guardian, Pak Suzuki, Palo Alto Networks PAN-OS, Panda Restaurant Group, Pandemonium Rocks, Panoramic Health, Parent Teacher Association (PTA), Paris Saint-Germain (PSG), Parklane Group, Patricia AI, Paychex, Inc., Paytm, Pennsylvania Convention Center, Pennsylvania Insurance Department, Peplink Smart Reader, Persyn, Philadelphia Inquirer, Philips Respironics, Phoenix Business Consulting, PHP, Pifer’s Auction & Realty, Pilot, Pinnacle Engineering, Pinnacle Orthopaedics, Pioneer Oil Company, Inc, Piping Rock, Police Service of Northern Ireland (PSNI), Porniche, France, Pratham, Precision Fluid Controls, Premier Dermatology, Prisma Finance, Pro Metals LLC, Process Solutions, Procuraduría General de la República, Profile Products, Progress Flowmon, Promarka Peru, Pub And Club, Public service of Wallonia, PWS – The Laundry Company, Qantas, QNAP, Quebec CEGEPs, RAF El Salvador, Randolph Health, RaySharp, RB Woodcraft, Reading Electric, Rebound Orthopedics & Neurosurgery, Recology, Redwood Coast Regional Center, Rehabilitation Hospital of Southern New Mexico, Reliable Networks, Rocky Mountain Sales, Roku, Romeo Pitaro Injury and Litigation Lawyers, Rushd Bookstore, Rutgers University, Räddningstjänsten Vä stra Blekinge, Sachkhere, Sahara Bank, Saint-Nazaire, France, Sanok Rubber Company, Saudi Water Facilities, Scanda Group, Scigames, Scottish health board, Seaman’s Mechanical, SEK Studio, Seneca Nation Health System, Sentry Data Management, Servicio Móvil, Shadow, Siemens Manufacturing, Sigmund Espeland, Signature Healthcare Services LLC, SigningHub, Simmons Perrine Moyer Bergman PLC, Singapore’s Ministry of Education, Singapore’s Mobile Guardian, SinglePoint Outsourcing, Inc., SIS Automatisering, Sisense, Skanlog, Sleep Data Holdings, LLC, Sleep Management Institute, Smoke Alarm Solutions, SOA Architecture, Softura, Somerset Dental Las Vegas, Somerville, Sonadev, France, South Africa’s International Trade Administration Commission (ITAC), South Korean courts, South Korean cable & satellite, South Korean Defense Companies, South Texas Oncology and Hematology, Space X, Space-Eyes, Speedy France, Sri Lanka’s visa system, SSCL, SSS Australia, St-Jerome Company, St. Helena Public Library, Stainless Foundry & Engineering, StarWallets, States of Guernsey, Sterling Holidays, Sterling Plumbing Inc., Studio LAMBDA, Swisspro, SynLab Italia, Sysmex America, Inc, T2 Tea Australia, Tamil Nadu Police, Tappware, Targus, Tatarstan, Russia, Taxi Software, Ted Brown Music, Telecom Argentina, Telit Cinterion modems, Texas Retina Associates, The Epilepsy Institute, The Georgia Institute for Plastic Surgery, The Heritage Foundation, The Kennedy Collective, The Lagunitas Brewing Company, The Line Up, Inc, The May Institute, Inc., The Philadelphia Inquirer, PBC, The Post and Courier, The Post Millennial, The Prudential Insurance Company of America, The Roman Catholic Diocese of Phoenix, The State of Kansas Office of Judicial Administration, The Tech Interactive, Theatrixx Technologies, Therapeutic Health Services, 50,000 Tinyproxy servers, Tipton Municipal Utilities, IN, Toolmarts, Toronto Transit Commission, Transamerica Life Insurance Company, Trib Total Media, True Homes, LLC, TRUE Solicitors, Trylon Srl, Tyler Technologies, UAE Government, UK Government’s System Database, UK Ministry of Defence, UK Royal Mail, 20 Ukrainian Energy and Water Sites, Ukrainian TV, United Nations Development Programme, University of Alabama, University of Alberta, University System of Georgia (USG), US Air Force Academy (USAFA), US Atlantic Fisheries, US Coast Guard Reserve, US Consumer Database, US Health and Human Services (HHS), US Internal Revenue Service (IRS), US Medicare, US Patent and Trademark Office, US Space Forces (USSF) Military Bases, USA Health Providence Hospital, Utica Mack, Valley Mountain Regional Center, Valley Veterinary Clinic, LLC, Van Gogh Museum, Varo Bank, N.A., Veeam, Velvet Capital, Verizon, Victorian Ambulance Union, Virginia Union University, VirtualBox, Visionary Integration Professionals, VMware Cloud Foundation, VMware ESXi, VMware Fusion Pro/Fusion, VMware Workstation Pro/Player, Void Interactive, Volkswagen, VPN traffic (TunnelVision), VTRP, W.I.S. Sicherheit-Service GmbH & Co. KG, Washington State’s Swinomish Casino and Lodge, WebTPA Employer Services, LLC, WEL Partners, Wells Fargo, Welsh Government, Wescom Central Credit Union, West Idaho Orthopedics and Sports Medicine, Westboro Baptist Church, WhatsApp, Windows, Windows Apps, Windows Print Spooler, WOM, World Architects, World-Check, WP Forminator plugin, WP-Automatic Plugin, Xiaomi, Yale Mortgage, YRW Limited – Chartered Accountants, ZA Government Employees Pension Fund’s (GEPF), ZircoDATA, and Zscaler Inc have reported hacking or compromises this month.

Central Power Systems & Services, Final Fantasy, Frontier Communications, Kansas City’s official website, Ogero, Reddit, and Telegram have suffered from outages this month.

Last months updates broke Outlook, Windows (thanks ManageEngine), and VPN connections.

An update to ManageEngine has caused thousands of Windows machines to fail to boot. I guess that’s one way to make sure that they can’t be hacked through ManageEngine vulnerabilities?

Windows has officially added advertisements to the Windows 11 Start Menu.

The PuTTY Pageant key generation weakness will require millions upon millions of certificates to be rekeyed.

The Windows Boot Manager update released in January still has no automated fix from Microsoft. Third parties have created several methods of installing the update, and the closest-to-perfect automation yet requires seven (7!) restarts.

Microsoft has announced plans to implement fully locked down DNS via a pairing of DNS and the firewall, branded Zero Trust DNS – ZTDNS.

A recent technical paper described the process of using LLM (GPT-4) to automate the process of building exploits for newly discovered vulnerabilities. Reviews of the paper tend to acknowledge that it can be used in this fashion but focus instead on the use of the word “autonomously” which they treat as sentience. No guys, the paper isn’t saying that Skynet is here, just that LLMs are getting to the point where they can build functional exploit code based on brief descriptions of vulnerabilities.

I first saw the description of “Kobold Letters” a couple months ago. While a very creative use of CSS and an interesting idea, what are the chances that this kind of thing would actually be used in real life? 100%. I’ve now seen this behavior on three different client mail accounts in Microsoft Online and Gmail.

The founder of Telegram has publicly reported that the FBI pressured an employee to build a backdoor into the system. They refused.

Thunderbird has added Microsoft Exchange support. This means you won’t be forced to use the “New Outlook” crapp to access your Microsoft Exchange accounts. 🙂

Now for the good news:

We won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is insane this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released updates to address 67 vulnerabilities in .NET and Visual Studio, Azure Migrate, Microsoft Bing, Microsoft Brokering File System, Microsoft Dynamics 365 Customer Insights, Microsoft Edge (Chromium-based), Microsoft Intune, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Microsoft Windows Search Component, Power BI, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows CNG Key Isolation Service, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Deployment Services, Windows DHCP Server, Windows DWM Core Library, Windows Hyper-V, Windows Kernel, Windows Mark of the Web (MOTW), Windows Mobile Broadband, Windows MSHTML Platform, Windows NTFS, Windows Remote Access Connection Manager, Windows Routing and Remote Access Service (RRAS), Windows Task Scheduler, Windows Win32K – GRFX, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.

Oracle released 441 security updates this quarter to address vulnerabilities in 119 applications.
https://www.oracle.com/security-alerts/cpuapr2024.html

Apple released updates for iOS 16.7.8, iOS 17.5, iPadOS 16.7.8, iPadOS 17.5, iTunes 12.13.2 for Windows, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, Safari 17.5, tvOS 17.5, and watchOS 10.5. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 6.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.5 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.5 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 124.0.6367.154 and 120.0.6099.310 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 40-1.14 is a major update, replacing BerkeleyDB with alternatives, updating libraries, and including adding new features and defaults. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.4.1 adds support for new software, performance improvements, and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 12.1.0 improves tooltips, and resolves a couple bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Dymo Connect for Desktop 1.3.2.18 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dymo.com/label-makers-printers/labelwriter-label-printers/dymo-labelwriter-450-duo-thermal-label-printer/SAP_1752267.html

TP-Link Archer AX55 v1 240325 adds almost a dozen new features, improves stability and resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

TP-Link Archer AX73 v2.0 240323 resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

UniFi Network Server 8.1.127 enhances firewall rules visibility, adds tunnel IP addresses, OSPF dynamic routing support, and resolves a dozen bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.1.19.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Wacom Driver 6.4.6-1 adds support for newer hardware, resolves several bugs and improves stability.
https://www.wacom.com/en-us/support/product-support/drivers

Xerox Smart Start 2.0.34.0 doesn’t provide a change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.65.133 is a security update.
https://brave.com/

Firefox 126 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 124.0.6367.207 is a security update.
https://www.google.com/chrome/

Microsoft Edge 124.0.2478.97 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.7.3329.29 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.15.5.72973 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.15.5.72972 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.10.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.10 is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.0.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 199.4.6287 removes a cosmetic defect. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 211.0.0.18.236 is a security update.
https://www.messenger.com/download

FileZilla Client 3.67.0 is a security update.
https://filezilla-project.org/

FileZilla Server 1.8.2 is a security update.
https://filezilla-project.org/

FreeFileSync 13.6 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 90.0 resolves several bugs. This is the last version to support macOS 10.15 – if your hardware can not support macOS 11 you should have already removed it from the Internet, but if not, please take this as one more signal that it’s time to replace it.
https://drive.google.com/start

Microsoft Teams 1.7.00.10152 resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.0 is a major update, resolving dozens of bugs, updating libraries, and improving workflow and design. This should be treated as a security update.
https://nextcloud.com/

Nmap 7.95 adds over 6,500 more fingerprints, new scripts and resolves several bugs. This is a security update.
https://nmap.org/

PuTTY 0.81 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Signal 7.8.0 adds emoji call responses and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.6.2 adds emoji call responses, adds sent message editing, and resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Skype 8.116.0.213 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.27.7 resolves a potential security bug.
https://syncthing.net/

Telegram 5.0.1 resolves several bugs. This is not a security update.
https://telegram.org/

USB Drive Log 1.13 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/usb_drive_log.html

Z-Library 1.02 doesn’t provide a change log so should be treated as a security update.
https://z-library.se/z-access#desktop_app_tab

Zoom 6.0.4.38135 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.4 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.9 resolves several bugs. This is a security update.
https://www.bitwig.com/download/

Grayjay 240 adds several new features, sources, improvements, and resolves a dozen bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.2.3 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.92.1.140 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.60.1.134 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.2.8395 resolves several bugs, including an installation path issue. If you used a custom path you will need to uninstall and reinstall in order for future automatic updates to work correctly. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2024.4.0.137 changes homepage. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.201 resolves several bugs and improves interface. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.81.01 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.20.6 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 18.0.1 resolves several bugs. This is a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.430 resolves several bugs and improves hardware support. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-05-13 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
By the way, we won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

SteamOS SteamDeck Update 2024-05-03 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat and Reader 24.002.20759 and 20.005.30636 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-29.html

Adobe Aero 0.24.4 is a security update.
https://helpx.adobe.com/security/products/aero/apsb24-33.html

Adobe Animate 23.0.6 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-36.html

Adobe Dreamweaver 21.4 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb24-39.html

Adobe FrameMaker 2020.6 and 2022.4 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-37.html

Adobe Illustrator 28.5 and 27.9.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-30.html

Adobe Substance 3D Designer 13.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-35.html

Adobe Substance 3D Painter 10.0.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html

Aronium 1.43.0.2 adds dual currency and night theme, improves refund behavior, and resolves several bugs. This is not a security update.
https://aronium.com/

Audacity 3.5.1 adds a bunch of new features and resolves dozens of bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.10.0 adds export support, spell check, color inversion and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.6 improves wrapped line caompatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Formatta Filler 8.19.0.4 doesn’t provide a change log so should be treated as a security update.
https://formatta.com/formatta-products/complete-submit/

GIMP 2.10.38 doesn’t provide a detailed change log so should be treated as a security update.
https://www.gimp.org/

Java 8u411 is a security update.
https://www.java.com/en/download/manual.jsp

JShelter 0.18 improves compatibility. This is not a security update.
https://jshelter.org/install/

Kdenlive 24.02.2 improves compatibility and resolves several bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.3.70840 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.6.7 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.3 resolves over 75 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.5.13.1531 adds several new features and improves email integration and display. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.0 resolves dozens of bugs and updates libraries. This is a security update.
https://nextcloud.com/

Notepad++ 8.6.7 improves multiedit and language support, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.3.0.386 adds page extraction, label modification, improves sort and group behavior and resolves dozens of bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240509-R15_25 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240509-R12_15 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.9.0 adds native rules, timezone improvements, and adds ability to change default conditional when searching. This is not a security update.
https://github.com/countercept/chainsaw

Microsoft Edge Policy 2024.05.07 updates policies. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

OpenSSL 3.3.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.2.2 improves performance. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.16.1 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.118 adds support for more detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1266 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

Tails 6.2 is a security update.
https://tails.net/install/download/index.en.html

Velociraptor 0.72 adds EWF support and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.3 improves OCR, performances, updates libraries and resovles several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.7 resolves several couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.7.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.0 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.32 improves compatibility, adds support to import from more third-party platforms, and resolves several bugs. This is a security update.
https://1password.com/downloads/

Agent Ransack 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AOMEI Partition Assistant 10.4.0 improves the user interface. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.4.2 improves passkeys support and secrets manager, and adds a new Authenticator app. This is not a security update.
https://bitwarden.com/

BulkFileChanger 1.73 resolves a timezone-related bug. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

CCleaner 6.23.11010 resolves several bugs. This is a security update.
https://www.ccleaner.com/

DesktopOK 11.21 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.92.0 resolves a .git/.gitignore bug, updates .NET library and translations. This is a security update.
https://dngrep.github.io/

ExplorerPatcher 22621.3527.65.2 resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FileLocator Pro 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FoneTool 2.6.1 adds iOS Data Recovery and resolves a crash bug. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.45.0 adds dozens of new features and behaviors, and resolves over 50 bugs. This is not a security update.
https://git-scm.com/

Go 1.22.3 is a security update.
https://go.dev/

GoodSync 12.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.02 doesn’t provide a change log so should be treated as a security update.
https://www.hwinfo.com/download/

InstalledAppView 1.08 resolves a CLI bug. This is not a security update.
https://www.nirsoft.net/utils/installed_app_view.html

IsMyHdOK 3.96 improves performance and testing accuracy. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 2.0.1 updates dependencies and build environment, and resolves a stability bug. This is not a security update.
https://lessmsi.activescott.com/

NirCmd 2.87 adds and resolves ~$ variables. This is not a security update.
https://www.nirsoft.net/utils/nircmd.html

NTLite 2024.5.9931 resolves dozens of bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.12.1 is a security update.
https://osquery.io/downloads

PingInfoView 3.05 adds option to map source IPv4 Address. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.80.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.10.1 adds a dozen features and parameters, improves stability and reliability, and resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 9.5.8 improves GUI. This is not a security update.
https://www.roboform.com/

ScreenConnect 24.1.7.8892 resolves dozens of bugs and improves compatibility. This should be treated as a security update.
https://screenconnect.connectwise.com/download

Starwind V2V Converter 9.444 adds support for new conversions. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

WinGet 1.7.11261 fixes elevation issues, updates dependencies and libraries. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WUMT 04.22.2022 improves Windows 11 compatibility. This is not a security update.
https://www.oldergeeks.com/downloads/file.php?id=1366

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.5 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.3.1 adds device streaming for testing, integrates crashlytics, improves App Quality Insights, and adds audio redirection. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.14 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

cx_Freeze 7.0 updates dependencies and libraries and resolves hundreds of bugs. This should be treated as a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GitHub Desktop 3.3.17 removes support for older macOS versions, resolves a dozen bugs and improves user interface. This is not a security update.
https://desktop.github.com/

Godot 4.2.2 improves CLI support, resolves the audio bug, and more than 200 other issues. This is a security update.
https://godotengine.org/

MySQL ConnectorNet 8.4.0 updates libraries and resolves several bugs. This is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.37 resolves dozens of bugs. This is a security update.
https://dev.mysql.com/downloads/installer/

NASM 2.16.03 improves the build process. This is not a security update.
https://www.nasm.us/index.php

Node.js 18.20.2 is a security update.
https://nodejs.org/en/

Node.js 20.13.1 resolves several bugs and updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 21.7.3 is a security update.
https://nodejs.org/en/

Node.js 22.1.0 is a major update. This is a security update.
https://nodejs.org/en/

Redemption 6.5.0.6294 improves integration and resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

Rustup 1.27.1 resolves several bugs. This is not a security update.
https://www.rust-lang.org/

SQLite 3.45.3 adds new JSON handling behaviors and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.16.0 resolves a dozen bugs and updates libraries. This is a security update.
https://tortoisegit.org/

TortoiseSVN 1.14.7 resolves several bugs. This is a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.89.1 adds support to exclude content from Copilot and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.40 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.18 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.5 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.1.0 adds more than a dozen features and code and performance improvements. This is not a security update.
https://www.joomla.org/

MAMP 5.0.6 updates dependencies. This should be treated as a security update.
https://www.mamp.info/en/mamp/windows/

phpList 3.6.15 is a security update.
https://www.phplist.org/

Piwigo 14.4.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.5.3 is a security update.
https://wordpress.org/

BuddyPress 12.4.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.4 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.9 improves compatibility and resolves a bug. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar 2.7 resolves a cosmetic bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.69 should be treated as a security update.
https://wordpress.org/extend/plugins/postie/

Slider Revolution 6.7 resolves several bugs. This is a security update.
https://revolution.themepunch.com/

Social Post Feed 4.2.4 improves integration. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.44 improves API key controls. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.7.2 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.9.0 improves compatibility and resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.6 resolves several bugs. This is a security update.
https://wpbakery.com/

WPtouch 4.3.59 adds support for Reddit, improves compatibility, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-03-12

Welcome back, Folks!

Today is Patch Tuesday for March, 2024.

There were 300+ major hacks, and over 175 application updates this month. It’s a small month, with about 2.3 GB of updates for most users.

This Month in Technology

Ace Air Cargo, Air Methods, Aleo, AlgoSec, Alliance Solutions Group, American Express, American Vision Partners, Android and iOS biometric information (GoldPickaxe), AnyCubic Kobra 3D printers, APK.TW, Apple Shortcuts, Assurance IQ, Auxo, Azure AD/Entra ID (Silver SAML), Baesman Group, Inc., Bangalore One, Bank of America, 61 Brazilian Banks, Bay Area Anesthesia, LLC, Benefit Design Group, Inc., Biomedical Research Institute, BlueCare Plus Tennessee, Booking.com, Bradford-Scott Data, Bright Wires, Capita, CareFirst BlueCross BlueShield Community Health Plan – District of Columbia, CareTree, Inc., Carnet-AMM, Casino Del Sol, Cencora, Centre Hospitalier D’Armentieres, CGM, Inc., Change Healthcare, Cheat-Database, Chunghwa Telecom, CIPC, CISA, Citrus Diagnostic Center, City of Dubuque Fire Department, City of Hamilton, Ontario, City of Oakley, CA, City of Pleasant Hill, CA, Coffee Beyers, Cogdell Memorial Hospital, Coinsquare, Colorado Department of Health Care Policy & Financing, Concord Music Group, Inc., ConnectWise Control/ScreenConnect, Continental Aerospace Technologies, Crossroads Equipment Lease & Finance, LLC, CUSO Financial Services, Cutout.Pro, CVS Pharmacy, Inc., David’s Bridal, Davlyn Investments, Denninger’s, Department of State Hospitals (DSH), DGA-Producer Pension & Health Plans, Dignity Health Welfare Benefits Plan, DiVal Safety Equipment, Inc, DJI, 8,000 major brands’ DNS, Duvel Moortgat Brewery, Eagers Automotive, East Carolina University’s Brody School of Medicine, Eastern Radiologists, Inc, EasyPark, EdisonLearning, Inc., Egyptian Health Department, EKEN cameras, El Al Airline, Election Commission of India, Elemetal, LLC, Empire Fidelity Investments Life Insurance Company, Employee Benefits Corporation of America, ETISALAT, Ewig Group, Facebook Marketplace, Fairway Independent Mortgage, FBI, FBinsure, fckeditor, Federal Communications Commission, Fidelity Investments Life Insurance, Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), FixedFloat, Fortinet FortiOS, Fortinet FortiProxy, Framwellgate School, FullPress, Future Generations Foundation, GCA Nederland, Gilroy Gardens, Gixen, Global Tel*Link, Golden Corral, Grace Lutheran Communities, Group Health Cooperative, Grupo Bimbo, Habib’s, Haivision MCS, Hampton County School District, Harvard Pilgrim Health Care, Hathway Cable & Datacom Limited, HAWITA Group, Health NZ, Hessen Consumer Center, Highland Health Systems, Hochschule Kempten, Hospice of Huntington, Houser LLP, Human Affairs International of California, HWL Ebsworth, Imaging Data Commons libdicom, InfoSys McCamish, Infraestructura Portuaria Mexicana, Insomniac Games, Institute of Food Technologists, Insurance ACE/Humana Inc., INTEGRIS Health, Interventional Pain and Regenerative Medicine, iSoon, Ivanti Pulse Secure, Jaypee University, Jersey’s Financial Services Commission, JFSC, Joomla, Jovani Fashions, Juniper Support Portal, JVC Kenwood, Kick, Kids Care Dental & Orthodontics, KNS Bank, La Bonne Alternance, LDLC, Leicester City Council, Lena Pope Home Inc., LenDenClub, Lindsey Municipal Hospital, Liquid Environmental Solutions, Littleton Regional Healthcare, llama.cpp GGUF library, Llamaya, loanDepot.com, LLC, Loghman Pharmaceuticals, Los Angeles International Airport (LAX), Malawi’s passport system, Maranhao Military Police, Maryville Addiction Treatment Centers, Maryville, Inc., McKenzie County Healthcare System, Inc., MedQ, Inc., Mental Health Center of North Central Alabama, Inc., Merchant.ID, Microsoft (yet again!), Microsoft .NET Framework, Microsoft Azure, 97,000 Microsoft Exchange servers, Microsoft Outlook, Microsoft Streaming Service, MicroStrategy, Ministry of Planning, Minnesota State University-Moorhead, Mirtylla, Motilal Oswal Financial Services, Mr. Green Gaming, NALS Apartment Homes LLC, National Police of Peru, Netgear RAX30, NewGen Administrative Services, LLC, North Hill Employee Dental Plan, North Hill Home Health Care, Inc., North Hill Needham, Inc., Northeast Orthopedics and Sports Medicine, PLLC, Northwestern Mutual Life Insurance, NVIDIA drivers, Oculus Meta, Odette, Online Trade (Онлайн Трейд), Opensea, Orlando VA Medical Center, P-Fleet, Pakistan National Bank, Paragon Technology and Innovation, Paul Davis Restoration, Paysign, Pennsylvania’s State Courts, PetSmart, Philips Respironics, PlayDapp, PowerRail, Prague Regional Memorial Hospital, Prince George’s County Public Schools, Procopio, Cory, Hargreaves & Savitch LLP, Prudential Financial, PSI Software SE, QEMU, QNAP NAS devices, Qualcomm Incorporated, RCI, LLC, Redis servers, Redwood Coast RC, Revolut, Richland Community College, Rio Hondo Community College, RMH Franchise, Robert Half, Roblox, Roku, Inc., Romanian medical facilities (approximately 100), Roswell Park Comprehensive Cancer Center, Royal Canadian Mounted Police (RCMP), Russian Ministry of Defense (Minoborony), SAFE Credit Union, Saint Joseph’s College of Maine, Samsung Electronics, Santa Clarita Community College District, Santa Monica-Malibu Unified School District, SCEVN, Schneider Electric, Seminole County Public Schools, Seneca, Seven Seas Group, Shein, SK Hynix, smartphone voice assistants (VoltSchemer), SolarWinds Access Rights Manager, Sony’s Insomniac Games, South Korean President, Southern Water, Spectrum Vision, SPMundi, Superior Communications, Tangerine, TeamCity, Tehachapi Unified School District, Tesla Phone Key, Texx Offroad, Thai Summit, The Biosig Project, The Northwestern Mutual Life Insurance Company (twice), ThyssenKrupp, Toner-dumping, Tornado Cash, Tracy Unified School District, Trans-Northern Pipelines, Tshwane University Of Technology, TTM Technologies, U-Haul, U.S. Department of the Interior, UAE’s IEMS, Ubiquiti Edge OS routers, UC San Diego Health Hillcrest – Hillcrest Medical Center, Ukraine’s State Environmental Inspector, UniCredit, Unisys, UNITE HERE, University of Cambridge’s Clinical School Computing Service, University of Machester, University of Wolverhampton, US Citizenship and Immigration Services, US Customs Enforcement, Valorem Reply, VARTA AG, Veeco, Vi Senior Living, Victor Valley Union High School District, Victoria Police, Virgin Hotels, Virginia Farm Bureau, VMware Cloud Foundation, VMware ESXi, VMware Fusion, VMware Workstation, VSexShop, Ward Transport & Logistics, Washington County Hospital and Nursing Home, Watson Clinic, WayForward, Webber International University, WebMarketPoint, Welltok, Inc., Western National Group, Western Union, Weston Embedded, Williamson County, TX, Windows AppLocker, Windows Defender SmartScreen, WordPress Brick Builder Theme, WordPress LiteSpeed Cache, WordPress Popup Builder, WordPress Ultimate Member, WoTLabs, Wyze, Yakima Valley Radiology, PC, YX International (2FA provider for Facebook and WhatsApp, Google, TikTok, and others), Zenlayer, Zoom, Zyxel firewalls, and ​​Harvard Pilgrim Health Care​ have reported hacking or compromises this month.

AT&T, Change Healthcare, Facebook, Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Instagram, LinkedIn, Microsoft Outlook Exchange via ActiveSync, Minnesota State University-Moorhead, Royal Canadian Mounted Police (RCMP), US military pharmacies, WhatsApp, and Wyze have suffered from outages this month.

Citrix and Sophos (both companies over 29 years old) suffered from leap year bugs this year.

Microsoft has announced they’re throwing support behind the “privacy-preserving ads API” which is designed to “less uniquely” identify users. The new system is still designed to collect and share all your interests and internet activity (in fact, the one that will be used in Edge will share your desktop/mobile experience as well as activity in other applications, as Edge does now), but it will not be used to “uniquely” identify you, rather it will collect all this information about your activities and assign your profile to various collections through a process known as meta tagging, and these tags will be used to market to you.

In this way, they’ll be able to tell you’re a divorced Christian 40-something year old female with 2 children, dark hair, wears a size 3, prefers red wine, lives within a 2-block radius of Bank of America in Modesto, orders from Papa Johns once per month and only votes every other election cycle, but they won’t know it’s “you.” Please use an ad-blocker and disable all these metric and ad-measurement features.

The “new Outlook” by Microsoft is collecting logins from third-party accounts and storing them in the Microsoft Cloud without telling their users. Email, contacts and other information from third-party accounts, as well.

While I’m on the topic of Microsoft email…after pushing for better validation and spam controls among their industry partners, Microsoft Exchange is still responsible for a large amount of spam.

Microsoft is also making another push to upgrade those still on Windows 10 to Windows 11. For some devices this means they will be aggressively force-upgraded as happened to Windows 7 users win Windows 10 was released and to some Windows 10 users when Windows 11 was released.

Apple has disabled the Epic developer account, again, claiming that they can’t be trusted. Pot, kettle?

Google Pay is shutting down in the US. If you’ve stored money within this platform you need to move it out before early June. They couldn’t keep their own payment platform alive, but Google believes their AI should be trusted with direct access to information about all hacking incidents so it can be used “for defense.” Somehow I’m just not buying it.

The first publicly known AI prompt injection worm has been created and shown to self-propagate by telling the AI to send a copy of itself through to other AI nodes.

Troy Hunt has a great write-up that demonstrates why it is so easy for scammers to get away with text scams. The vendors suck.

Now for the good news:

Bitcoin broke $73,000 yesterday for the first time, which is $30,000 more than it was at the beginning of the year and $50,000 more than it was a year ago. If you’re looking to sell, don’t. But if you must, we still have about a month of growth yet before the bull run is over. I would be surprised if it doesn’t break at least $82,000 by the first week of April.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is small this month. The typical computer should see roughly 2.3 GB in updates today. Let’s get started.

Microsoft released updates to address 69 vulnerabilities in .NET, Azure Data Studio, Azure SDK, Microsoft Authenticator, Microsoft Azure Kubernetes Service, Microsoft Django Backend for SQL Server, Microsoft Dynamics, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Intune, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft QUIC, Microsoft SharePoint Server, Microsoft Teams, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Open Management Infrastructure, Outlook for Android, Role: Windows Hyper-V, Servicing Stack Update, Servicing Stack Updates, Skype for Consumer, Software for Open Networking in the Cloud (SONiC), Visual Studio Code, Windows AllJoyn API, Windows Cloud Files Mini Filter Driver, Windows Composite Image File System, Windows Compressed Folder, Windows Defender, Windows Error Reporting, Windows Installer, Windows Kerberos, Windows Kernel, Windows NTFS, Windows ODBC Driver, Windows OLE, Windows Print Spooler Components, Windows Standards-Based Storage Management Service, Windows Telephony Server, Windows Update Stack, Windows USB Hub Driver, Windows USB Print Driver, Windows USB Serial Driver, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iOS 15.8.2, iOS 16.7.6, iOS 17.4, iPadOS 16.7.6, iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, Safari 17.4, tvOS 17.4, visionOS 1.1, and watchOS 10.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.8.2, 16.7.6 and 17.4 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.6 and 17.4 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.4 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.4 is a security update. Use System, Software Update to install the most current version.

visionOS 1.1 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 120.0.6099.301, 121.0.6167.188 and 122.0.6045.214 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.2.1 improves stability and resolves more than a dozen bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.7.3 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Nvidia Driver 474.89 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.63.169 is a security update.
https://brave.com/

Google Chrome 122.0.6261.111 is a security update.
https://www.google.com/chrome/

Microsoft Edge 122.0.2365.80 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 123.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.8.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Opera 108.0.5067.24 is a security update.
https://www.opera.com/browsers/opera

Opera GX 107.0.5045.60 is a security update.
https://www.opera.com/gx

Vivaldi 6.6.3271.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.14.3.67453 improves AI training process. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.8.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 193.4.5594 resolves stability bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 206.0.0.8.218 is a security update.
https://www.messenger.com/download

FreeFileSync 13.4 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 88.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

MeshCentral 1.1.21 resolves dozens of bugs. This is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.6058 adds several new features. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0.3 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.13.30.8 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.66.0 resolves dozens of bugs. This is not a security update.
https://rclone.org/

Signal 7.1.1 is a major update, adding username support, improved privacy controls, new emoji, and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.0.2 is a major update, adding username support, improved privacy controls, new emoji and resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Skype 8.113.0.210 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.27.4 resolves several bugs. This is not a security update.
https://syncthing.net/

Telegram 4.15.1 adds Telegram Business features and adds emoji. This is not a security update.
https://telegram.org/

Telegram (Android) 10.9.1 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

WinSCP 6.3.2 updates libraries and resolves several bugs. This is a security update.
https://winscp.net/eng/index.php

Zoom 5.17.11.34827 improves AI and resolves several bugs. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.2 improves face detection, lip sync, and resolves several bugs. This is not a security update.
https://en.3tene.com/

darktable 4.6.1 improves performance and resolves dozens of bugs. This is a security update.
https://www.darktable.org/

Grayjay 236 adds cache support, improved performance, adds watch filters, and resolves several cosmetic bugs. This is not a security update. They also announced that Grayjay Desktop will be available in the coming months. Yay! 🙂
https://grayjay.app/index.html

Kodi 20.5 updates libraries and resolves several bugs. This is a security update.
https://kodi.tv/

Plex Desktop 1.88.1.96 improves stability and resolves a cosmetic bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.57.1.100 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

TuneIn 1.28.0 doesn’t provide a change log so should be treated as a security update.
https://tunein.com/radio/home/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2024.2.0.132 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.194 adds notification support, QRCode support, one-click iOS export, resolves several bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.71.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS3 4.91 adds support for the latest BluRay encodings and improves perofrmance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

PS5 24.01-08.60.00 improves Parties, hardware support, and performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-03-07 resolves dozens of bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS 3.5.17 resolves dozens of bugs and improves compatibility and stability. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.4 and 24.0.1 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-19.html

Adobe Bridge 13.0.6 and 14.0.2 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-15.html

Adobe ColdFusion 2021.13 and 2023.7 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html

Adobe Experience Manager 2024.03 and 6.5.20.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html

Adobe Lightroom 7.2 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb24-17.html

Adobe Premiere Pro 23.6.4 and 24.2.1 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb24-12.html

Calibre 7.6.0 adds profile support, merge support, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.5 resolves a tab-to-spaces bug and adds support for notifications coming in the next version of Notepad++. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Ghostscript 10.03.0 resolves several bugs and improves OCR support. This is not a security update.
https://www.ghostscript.com/releases/gsdnld.html

ImageMagick 7.1.1-29 resolves several bugs. This is not a security update.
https://imagemagick.org/

Kdenlive 24.02.0 is a major update, adding native support for DirectX, Metal and Vulkan, Apple Silicon support, and resolves several bugs. This is not a security update.
https://kdenlive.org/

LibreOffice 7.6.5 resolves over 90 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.1 resolves almost 100 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/

Manager 24.3.10.1347 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.12.1 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.6.4 resolves a focus bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.13 resolves a couple bugs and updates libraries. This is a security update.
https://www.getpaint.net/

QuickBooks Pro 2022 20231120-R13_69 no longer provides a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20231107-R9_133 does not provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 4.3.1 adds support for new smart cards, Windows root CAs, and resolves several bugs. This is a security update.
https://www.gpg4win.org/download.html

iOS 17.4 is a security update.
https://support.apple.com/kb/HT204204

iPadOS 17.4 is a security update.
https://support.apple.com/kb/HT204204

macOS 14.4 is a security update.
https://support.apple.com/kb/HT201541

MalwareBytes Anti-Malware 4.6.9 prepares the software for the v5 release. This is not a security update.
https://www.malwarebytes.org/antimalware/

OnionShare 2.6.1 updates dependencies, updates release process, resolves several bugs. This is not a security update.
https://onionshare.org/

ProtonVPN (macOS) 4.1.7 improves stability and resolves several bugs. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.15.3 updates engine, improves exclusion and configuration controls, adds support for multiple threat names and multiple schedules. This is not a security update.
https://www.adlice.com/download/roguekiller/

SanDisk PrivateAccess 6.4.10.0 does not provide a change log so should be treated as a security update.
https://support-en.wd.com/app/answers/detailweb/a_id/48025

Stinger 13.0.0.72 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Symantec Norton Removal Tool 20240303
https://support.norton.com/sp/en/us/home/current/solutions/v60392881

Tails 6.0 is a major update, improving persistent storage support, external mounting, session resumption, and application and library updates. This is a security update.
https://tails.net/install/download/index.en.html

tvOS 17.4 is a security update.
https://support.apple.com/kb/HT202716

uBlock Origin 1.56.0 resolves dozens of bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

watchOS 10.4 is a security update.
https://support.apple.com/kb/HT204641

Wireless Network Watcher 2.41 adds option to scan IPv6 addresses. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.1 updates libraries, improves mute detection, camera mode swapping, and resolves several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.3 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.6.8 improves compabitility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.1.2 improves enlarger and upscaling, improves performance for deinterlacer and denoiser, and resolve several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.35 resolves several bugs, improves compatibility, and updates signature. This should be treated as a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.27 improves compatibility and resolves several bugs. This is not a security update.
https://1password.com/downloads/

Agent Ransack 2022.3425 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2024.3.0 adds passkey support to self-hosted version, improved 2FA, redesigned interface. This is a security update.
https://bitwarden.com/

CalyxOS Device Flasher 1.0.9 doesn’t provide a change log so should be treated as a security update.
https://calyxos.org/install/

CCleaner 6.21.10918 resolves several bugs and improves software udpater. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.5.1-1 resolves several bugs. This should be treated as a security update.
https://cygwin.com/

DesktopOK 11.17 resovles several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.27.0 improves plugin support, adds sticky scrolling, extends date filters, improves installer and resolves several bugs. This is a security update.
https://dngrep.github.io/

ExplorerPatcher 22621.3007.63.2 improves compatibility, resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FileLocator Pro 2022.3425 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FileTypesMan 2.00 adds option to exclude loading of icons which might cause it to hang or crash. This is not a security update.
https://www.nirsoft.net/utils/file_types_manager.html

Fing 3.6.2 updates signature, improves service not found page, and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Git SCM 2.44.0 resolves several bugs and improves syntax. This is not a security update.
https://git-scm.com/

Go 1.22.1 is a security update.
https://go.dev/

GoodSync 12.5.8 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

Hiren’s BootCD PE 1.0.8 updates drivers. This is not a security update.
https://www.hirensbootcd.org/download/

Homedale 2.11 improves channel width display. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.53 adds hardware support. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

MobileFileSearch 1.48 resolves a bug in export content. This is not a security update.
https://www.nirsoft.net/utils/mobile_device_file_search.html

NConvert 7.172 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NetworkOpenedFiles 1.62 adds sort button to toolbar. This is not a security update.
https://www.nirsoft.net/utils/network_opened_files.html

OSFMount 3.1.1003 improves compatibility. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

OSForensics 11.0.1006 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.79.0 rsolves dozens of bugs and updates libraries. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 23.9.10.8817 is a security update.
https://www.connectwise.com/software/control/download

Starwind V2V Converter 9.413 adds support for converting VMs to and from VirtualBox. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

Sysmon 15.14 resolves crash bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

Unity 2023.2.12 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WifiInfoView 2.93 adds support for 8.2.11be. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Windows Migration Assistant 3.0.0.0 doesn’t provide a detailed change log so should be treated as a security update.
https://support.apple.com/en-us/118595

WinGet 1.7.10582 is now officially stable, updating libraries and resolve dozens of bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinRAR 7.00 is a major version, increasing the maximum dictionary size, maximum path length, improved security tagging (MotW), and resolves dozens of bugs. This is not a security update.
https://www.rarlab.com/

WinScan2PDF 8.72 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.19 adds quick and dirty duplicate detection (name patterns only!) and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

XnConvert 1.100.1 improves batch operation. This is not a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2022.2402.1.400 improves tracking, compatibility, and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2023.2402.1.400 improves tracking, compatibility and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.3 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

ADB 35.0.0 resolves compatibility bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2023.2.1.23 updates libraries and resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.11 resolves several bugs. This is not a security update.
https://desktop.github.com/

Node.js 18.19.1 is a security update.
https://nodejs.org/en/

Node.js 20.11.1 is a security update.
https://nodejs.org/en/

Node.js 21.7.1 is a security update.
https://nodejs.org/en/

Rustup 1.27.0 improves compatibility, updates libraries, and resolves several bugs. This is not a security update.
https://www.rust-lang.org/

SQLite 3.45.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.87.2 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Workstation Player 17.5.1 is a security update.
https://customerconnect.vmware.com/downloads/#all_products

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.16 is a security update.
https://invisioncommunity.com/

Joomla 5.0.3 and 4.4.3 are security updates.
https://www.joomla.org/

Piwigo 14.3.0 is a security update.
https://piwigo.org/

Autoptimize 3.1.11 resolves several bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 12.3.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.2 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

My Sticky Bar 2.6.8 is a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Theme My Login 7.1.7 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/

W3 Total Cache 2.7.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.6.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.5 resolves several bugs. This is not a security update.
https://wpbakery.com/

WP Mail SMTP 4.0.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WP Plugin Update Checker 5.4 improves detection and resolves a couple bugs. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/