Updates 2019-09-10

Hi, Folks!

Today is Patch Tuesday for September 2019 and it’s another big one.

The next build of Windows 10, version 1909, is scheduled to be released later this month. This version will be minor compared to other Windows 10 upgrades and should be nearly indistinguishable from 1903. Well, hopefully local search will work when Cortana Web Search is disabled, but indistinguishable otherwise.

Windows 7 will fall completely out of support in only 4 months. Don’t run out the clock. If you are running a licensed version of Windows 7 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Get it done before it’s too late. Don’t want to do it yourself? Call me!

Borderlands 3 will be released on Friday! If you haven’t pre-ordered yet, you can still get a hefty discount. It’ll available for preinstallation starting this evening.

This month we’ve had another series of security lessons.

The Jordan Peterson “deepfake” platform was just the tiniest recent example of how such technology would inevitably be abused. Even though it was removed, it was followed shortly by a custom deepfake that cost one company $243,000. Oops.

The most popular email server and web management platforms both had critical security issues allowing malicious third parties to take over the entire server.

Don’t trust your mobile. Apple iOS and Google Android vulnerabilities disclosed and abused this month can be used to take over your device. Patches are not yet available to resolve these recent exploits for either platform, though both have released patches for unrelelated security vulnerabilities. Google finally acknowledged a security issue in Google Calendar that has been exploited for at least 3 years and the Google Play Store has been publishing malicious apps.

Your “automated assistant” (Siri, Alexa, Cortana, and Hello Google) defaults to calling unrelated third parties since the numbers are pulled from search results, which are easily abused. Heck, the “vast majority” of new domain registrations and websites exist only for malicious purposes. Even if you don’t visit unknown websites, your information is exposed to others whenever you use automated assistants and sometimes even if you don’t intend to. The best solution is to use a privacy respecting browser, such as Vivaldi or Brave and disable any automation and voice controls.

You should always assume all hardware and software will eventually be hacked and maintain them religiously. From Ring to lightbulbs, it will happen. This month shows how entire platforms are being exploited remotely through their networking features.

When even Jack gets hacked you should assume that your information is out there somewhere. This is demonstrated with the latest in a too-frequent series of Facebook data leaks, this time including phone numbers for over 419 million users.

Finally, a friendly reminder that even if your data is “backed up” by a third party you should always back it up again yourself. Between unreliable third party services to the potential damage from ransomware and trojans, there’s no good reason not to pick up a cheap USB thumb drive and toss your important data on it, then toss it into your fireproof safe.

Now back to our regularly scheduled program. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, .NET, Edge, Internet Explorer, Flash, and MSRT (~1.1 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Mojave 10.14.6 Supplemental Update, iOS 12.4.1, tvOS 12.4.1, and watchOS 5.3.1. These are security updates. Use Apple Software Update to install the most current versions.

iOS 12.4.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 5.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 12.4.1 is a security update. Use System, Software Update to install the most current version.

Adobe Flash Player 32.0.0.255 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of the Windows 10 (1903) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6 GB through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Intel Driver and Support Assistant 19.8.34 adds OEM links and improved hardware detection and installation. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 436.30 resolves several bugs. This is not s security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Display Driver Uninstaller 18.0.1.8 improves removal for Nvidia devices. This is not a security update. Be aware that DDU is now wallpapered in advertisements for crapware, so you should avoid it unless you know what you’re doing.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 77.0.3865.75 is a security update. Use Menu, Help, About to install the most current version.

Firefox 69.0 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 60.9.0 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.7.1628.33 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.26 resolves a bug when closed prematurely. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Trillian Mac 6.2.0.19 resolves several bugs. This is not a security update.
https://www.trillian.im/

FileZilla Client 3.44.2 resolves several bugs. This is not a security update.
https://filezilla-project.org/

MaxMind GeoIP 201909 is a data refresh.
https://dev.maxmind.com/geoip/

Npcap 0.9983 improves hardware detection, improves Loopback detection and support, and resolves several bugs. This is not a security update.
https://nmap.org/npcap/

ZeroNet 0.7.1 is a security update.
https://zeronet.io/

Media Updates

These are unlikely to be of interest to most people.

VLC Media Player 3.0.8 is a security update.
https://www.videolan.org/vlc/

FastStone Viewer 7.4 improves Clone and Heal, Pencil, Google Maps integration, and resolves several bugs. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

Game Updates

These are unlikely to be of interest to most people.

Steam 2019.08.26 is a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PlayStation PS3 4.85 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps3/

Office Updates

One or more of these are likely to be of interest to most people.

Atom 1.40.1 resolves a package integration update. This is not a security update.
https://atom.io/

Artweaver 7.0.1 resolves several bugs. This is not a security update.
http://www.artweaver.de/

Krita 4.2.6 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 6.3.1 is a security update.
https://www.libreoffice.org/

LibreOffice Still 6.2.7 is a security update.
https://www.libreoffice.org/

Adobe Reader DC Patch 19.012.20040 resolves a font-embedding bug. This is not a security update. Use Help, Check for updates to install the most current version.

Adobe Application Manager 2019.0 is a security update. AAM will be EOL very soon, so if you do not require it, you should remove it instead of updating to the latest version.
https://supportdownloads.adobe.com/detail.jsp?ftpID=4773

Adobe FrameMaker 2019.0.4 doesn’t provide a changelog so should be treated as a security update.
64-bit: https://supportdownloads.adobe.com/detail.jsp?ftpID=6739
32-bit: https://supportdownloads.adobe.com/detail.jsp?ftpID=6737

Security Software Updates

One or more of these is likely to be of interest to most people.

PureOS 9.0 is a major update to PureOS and signals that the Librem 5 release is likely just around the corner.
https://pureos.net/download/

Looking for a secure phone? Check out the Librem 5:
https://puri.sm/products/librem-5/

MSRT 5.76 updates detections. This is a security update.

RogueKiller 13.4.3 resolves several bugs and updates options. This is a security update.
https://www.adlice.com/softwares/roguekiller/

TinyWall 2.1.12 resolves a bug. This is not a security update.
http://tinywall.pados.hu/

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.14.5 resolves several bugs. This is not a security update.
https://12pd.com/click?makemkv

MKVToolnix 37.0.0 resolves several bugs. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

DVDFab 11.0.4.8 adds support for new encodings, improves Meta Info detection, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 4.2.1 resolves several bugs. This is not a security update.
https://ffmpeg.org/ffmpeg.html

Utility Updates

These are unlikely to be of interest to most people.

Windows 10 Upgrade v1903 updates the installation package for the Windows 10 v1903 build in preparation for v1909.
https://www.microsoft.com/en-us/software-download/windows10

ControlMyMonitor 1.20 improves refresh and default monitor behavior. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

CPU-Z Installer 1.90 adds support for newer hardware. This is not a security update.
http://www.cpuid.com/softwares/cpu-z.html

DesktopOK 6.56 improves portability, adds options for reporting and export analysis, window positions, and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 3.6.0 adds support for new filesystems, resolves several bugs. This is a security update.
https://dmde.com/

FolderChangesView 2.28 resolves a notification bug. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

GoodSync 10.10.7 removes support for Amazon Cloud Drive, resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

HWMonitor 1.41 adds support for newer hardware. This is not a security update.
http://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 1.84 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 1.8.0.7115 adds support for Windows 10 v1909, resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 7.0.1003 resolves several bugs. This is not a security update.
http://www.osforensics.com/download.html

PointerStick 3.68 improves multi-monitor operation. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Sysmon 10.4 adds nested rule support, improved conditions, and resolves several bugs. This is not a security update.
https://live.sysinternals.com/

Process Explorer 16.30 adds Shared Commit, and resolves several bugs. This is not a security update.
https://live.sysinternals.com/

Rufus 3.7 adds persistent partition support for Debian and Ubuntu flavored ISOs, reports SuperSpeed+ devices, resolves several bugs. This is not a security update.
https://rufus.ie/en_IE.html

SimpleWMIView 1.40 adds Case Sensitive option to Quick Filters. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Synergy 1.10.3 resolves several bugs and updates the VC++ dependency to 2019. If you’re having problems with the update, install the VC++ 2019 runtime, reboot, then reinstall.
https://members.symless.com/synergy/downloads/list/s1

TaskSchedulerView 1.52 adds Case Sensitive option to Quick Filters. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TraceRouteOK 1.51 updates language files and improves compatibility with Windows 10 v1909. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinScan2PDF 4.94 adds page selection and improved compatibility with Windows 10 v1909. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 3.5.0.21 integrates several automated improvements, performance optimizations, diagnostics, and resolves several bugs. This is not a security update.
https://developer.android.com/studio/index.html

Node.js 12.10.0 resolves many bugs, improves documentation, and updates dependencies. This is not a security update.
https://nodejs.org/en/

Visual Studio Code 1.38 improves search and replace, resolves several bugs, and adds new features. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.12-133076 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.7.3 improves performance and stability, resolves several bugs. This is not a security update.
https://www.adminer.org/en/

Drupal 8.7.7 resolves several bugs. This is not a security update.
https://drupal.org/download

Nextcloud Server 16.0.4 updates libraries and resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

ScreenConnect 19.3.25270.7185 resolves bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.2.3 is a security update.
https://wordpress.org/

myStickymenu 2.2.2 resolves a cosmetic bug. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.9 resolves several bugs, improves integration with Blogger, Reddit, Pinterest, and WordPress.com. This is not a security update.

Theme My Login 7.0.15 resolves update bug, adds two new filters. This is not a security update.

W3 Total Cache 0.10.0 resolves several bugs, adds support for new S3 regions, webp caching, and other improvements. This is not a security update.

WP Mail SMTP 1.6.2 improves reliability and resolves several bugs. This is not a security update.

Show IDs 1.1.3 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2019-08-13

Hi, Folks!

Today is Patch Tuesday for August 2019 and it’s huge. It was a pretty big month for security news, too.

This month demonstrates several points I’ve been making for years:

1) Often the addition of yet another antivirus actually weakens your security. With Windows Defender scoring a perfect 100 there’s no good reason to install one of the “free” or even paid alternatives. Remember that there are only three parties to an exchange: the vendor, the customer, and the product. If you’re not selling or paying for a service, you’re the product.

2) Everything will be hacked eventually. Capital One and Binance demonstrate that even those tasked with the highest levels of security can be bribed or make mistakes, and since all encryption is weighted only by time and resources that are becoming ever-cheaper, assume anything you share will inevitably be compromised, even if you didn’t put it online yourself.

3) It isn’t just computers and phones that can be hacked. Everything from cameras, to airplanes, to Navy destroyers, and much more are also vulnerable.

4) The gatekeepers of “reasonable” vulnerability disclosure are as responsible as anyone else for zero-day exploits being exposed.

That’s enough horror stories for now. Let’s get back to our regularly scheduled program. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates for Windows, .NET, Edge, Internet Explorer, Flash, and MSRT (~2 GB). This includes security updates. TWO reboots are required.

Apple released updates for iOS 12.4, macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, Safari 12.1.2, watchOS 5.3, tvOS 12.4, iCloud for Windows 7.13, iCloud for Windows 10.6, and iTunes for Windows 12.9.6. These are security updates. Use Apple Software Update to install the most current versions.

iOS 12.4 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 5.3 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 12.4 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 76.0.3809.102 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 32.0.0.238 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of the Windows 10 (1903) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6 GB through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.1.7 resolves bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

nVidia 431.60 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

BullZip PDF Printer 11.10.0.2761 adds print redirection and improves compatibility. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Crucial Storage Executive 5.02 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/usa/en/support-storage-executive

Intel Driver and Support Assistant 19.7.30 resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 76.0.3809.100 is a security update. Use Menu, Help, About to install the most current version.

Firefox 68.0.1 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.6.1566.49 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.25 adds search-in-attachments option. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 60.8.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Trillian 6.2.0.11 resolves several bugs. This is not a security update.
https://www.trillian.im/

Trillian Mac 6.2.0.18 resolves several bugs. This is not a security update.
https://www.trillian.im/

BrowsingHistoryView 2.21 adds option to use local time for time range. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

FileZilla Client 3.44.1 resolves several bugs, adds search to Site Manager, and adds warnings to insecure connections. This is not a security update.
https://filezilla-project.org/

FreeFileSync 10.14 enforces TLS for all endpoints and resolves several bugs. This should be considered a security update.
https://www.freefilesync.org/download.php

MaxMind GeoIP 201908 is a data refresh.
https://dev.maxmind.com/geoip/

Nmap 7.80 includes an updated Npcap, adds NSE scripts and resolves several bugs. This is a security update.
https://nmap.org/

Npcap 0.9982 is a security update.
https://nmap.org/npcap/

PuTTY installer 0.72 resolves several bugs. This is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

WinSCP 5.15.3 resolves several bugs. This is a security update.
https://winscp.net/eng/index.php

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.9.6 is a security update.
https://www.apple.com/itunes/download/

Game Updates

These are unlikely to be of interest to most people.

Lego Digital Designer 4.3.12 doesn’t provide a changelog so should be treated as a security update.
https://www.lego.com/en-us/ldd

Steam 2019.08.06 resolves several bugs. This is a security update. Use Steam to update Steam.

PlayStation PS4 6.72 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

RetroPie 4.5.1 improves compatibility with RPI4 and reverts the kernel to improve stability. This is not a security update.
https://retropie.org.uk/

SteamOS Installer 2019-07-17 is a security update.
https://store.steampowered.com/steamos/download/?ver=custom

Office Updates

One or more of these are likely to be of interest to most people.

Atom 1.40.0 resolves several bugs. This is not a security update.
https://atom.io/

Artweaver 7.0 improves brush handling, simplified presets, Windows Ink Pen support, improved update, and resolves several bugs. This is not a security update.
https://www.artweaver.de/

Krita 4.2.5 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Still 6.2.5 is a major update to LibreOffice Still, and adds several features and improved stability. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 6.3.0 is a major new release with improved integration, performance improvements, and many new features. This is not a security update.
https://www.libreoffice.org/

Paint.net 4.2.1 adds HEIC and JPEG XR support, resolves several bugs. This is not a security update.
https://www.getpaint.net/

Adobe Creative Cloud Desktop 4.9 is a security update.
https://www.adobe.com/creativecloud/catalog/desktop.html

Adobe Photoshop CC 19.1.9 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Adobe Photoshop CC 20.0.6 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Adobe Experience Manager hotfix 30379 is a security update for AEM 6.4 and 6.5.
6.4: https://www.adobeaemcloud.com/content/companies/public/adobe/packages/cq640/hotfix/cq-6.4.0-hotfix-30379
6.5: https://www.adobeaemcloud.com/content/companies/public/adobe/packages/cq650/hotfix/cq-6.5.0-hotfix-30379

Adobe Acrobat DC 2019.012.20036 is a security update. Use Help, Check for Updates to get the most current version.

Adobe Acrobat Reader DC 2019.012.20036 is a security update. Use Help, Check for Updates to get the most current version.

Acrobat 2017 2017.011.30144 is a security update. Use Help, Check for Updates to get the most current version.

Acrobat Reader DC 2017 2017.011.30144 is a security update. Use Help, Check for Updates to get the most current version.

Acrobat DC 2015.006.30499 is a security update. Use Help, Check for Updates to get the most current version.

Acrobat Reader DC 2015.006.30499 is a security update. Use Help, Check for Updates to get the most current version.

Adobe Prelude CC 8.1.1 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Adobe Premiere Pro CC 13.1.3 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Adobe Character Animator CC 2.1.1 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Adobe After Effects CC 16.1.2 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Security Software Updates

One or more of these is likely to be of interest to most people.

QubesOS 4.0.2 updates kernel and TemplateVM components. This is not a security update.
https://www.qubes-os.org/downloads/

Java 8u221 is a security update. If you’re not 110% sure you need Java, remove it instead.
https://www.java.com/en/download/manual.jsp

Gpg4win 3.1.10 resolves a security bug.
https://www.gpg4win.org/download.html

RogueKiller 13.4.2 resolves several bugs. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

RouterPassView 1.86 adds support for additional hardware. This is not a security update.
https://www.nirsoft.net/utils/router_password_recovery.html

TinyWall 2.1.11 improves compatibility and resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2019.1.3 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

Stop using CDex. CDex now includes malware as part of the installation, so should be treated as untrustworthy. Even if the accessory malware is removed, any developer willing to include malware should be assumed to be malicious and the core software likely has many other security issues and should be avoided completely. Again, remove CDex.

DVDFab 11.0.4.2 adds support or new encodings, improves compatibility, greatly improves subtitle parsing. This is not a security update.
http://www.dvdfab.cn/download.htm

FFmpeg 4.2 is a new major build, adding many filters and decoders and improving performance. This is not a security update.
https://ffmpeg.org/download.html

Education updates

One or more of these are likely to be of interest to most people.

e-Sword 12.0 adds themes and low-light display support, and makes hundreds of other refinements and bug fixes. This is not a security update.
https://www.e-sword.net/

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.6.0 resolves several bugs. This is not a security update.
https://12pd.com/click?rf

1Password for Mac 7.3.2 improves stability. This is not a security update.
https://1password.com/downloads/mac/

Bitcoin 0.18.1 adds new features, resolves bugs, and improves performance. This is not a security update.
https://bitcoin.org/en/download

BulkFileChanger 1.65 adds support for changing timestamps within mp4 and mov files. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

DesktopOK 6.45 adds uninstall and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

GoodSync 10.10.5 resolves several bugs and changes licensing behavior (again).
https://12pd.com/click?goodsync

IsMyHdOK 1.81 improves support for newer hardware. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NirCmd 2.86 resolves a bug with the elevate command. This is not a security update.
https://www.nirsoft.net/utils/nircmd.html

NTLite 1.8.0.7080 updates components and improves compatibility. This is not a security update.
https://www.ntlite.com/download/

OSFMount 3.0.1005 adds physical/logical emulation options and resolves a bug. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

OSForensics 7.0.1001 adds many new features and resolves bugs. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 3.66 resolves a bug. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Rufus 3.6 adds support for persistent partitions, improves compatibility, and resolves several bugs. This is not a security update.
https://rufus.ie/en_IE.html

SearchMyFiles 3.01 adds option to prevent saving search options and support for searching within Office and PDF files. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

SimpleWMIView 1.38 improves refresh behavior. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

TaskSchedulerView 1.51 adds a new column to indicate whether device will be awakened to run task. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TraceRouteOK 1.44 resolves a bug. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinScan2PDF 4.93 improves WIA and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.8 updates static URLs, servicing stacks and improves compatibility. This is not a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 3.4.2.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio/index.html

MySQL 8.0.17 resolves several bugs and adds several new features. This is not a security update.
https://www.mysql.com/downloads/installer/

Node.js 12.8.0 resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Redemption 5.21.0.5378 adds RDOFolders and appointment exception removal/undo support as well as resolving several bugs. This is not a security update.
http://www.dimastr.com/redemption/

SQLite 3.29.0 adds several new features. This is not a security update.
https://www.sqlite.org/download.html

TortoiseSVN 1.12.2 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.37 adds several new features and improvements. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.4 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.10-132072 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

ScreenConnect 19.2.24707.7131 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

phpList 3.4.5 resolves several bugs. This is not a security update.
https://www.phplist.com/download

Drupal 8.7.6 resolves several bugs. This version follows quickly on the heels on 8.7.5, which is a security release.
https://drupal.org/download

Joomla 3.9.11 is a security update.
https://www.joomla.org/

MailEnable 10.26 resolves several bugs. This is not a security update.
https://www.mailenable.com/

Adminer 4.7.2 resolves several bugs. This is not a security update.
https://www.adminer.org/en/

BuddyPress 4.4.0 is a security update.

Contact Form 7 5.1.4 resolves several bugs. This is not a security update.

myStickymenu 2.2.1 improves compatibility. This is not a security update.

Postie 1.9.38 resolves an attachment filtering bug. This is not a security update.

Redirection 4.3.3 resolves bugs and improves compatibility. This is not a security update.

WooCommerce 3.7.0 resolves dozens of bugs, and provides feature, compatibility, and performance improvements. This is not a security update.

WP Add Custom CSS 1.1.5 replaces code editor. This is not a security update.

WP Mail SMTP 1.5.2 resolves a Gmail compatibility bug. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2019-05-14

Hi, Folks!

Today is Patch Tuesday for May 2019.

This month was eventful.

Mozilla resolved the catastrophic end-of-extensions bug in Firefox that disabled all extensions worldwide for all Firefox users. From the rage and fear, you’d have thought the entire Internet was broken. While this event was disastrous for everyone who relies upon browser extensions for their daily lives (such as AdBlock), it was likely the single-most effective cleanup of malware in history.

Antivirus isn’t enough. According to reputable sources, a Russian hacking collective (Fxmsp) claims to have secured access to three leading antivirus companies.

According to the hacking collective, they worked tirelessly for the first quarter of 2019 to breach these companies and finally succeeded and obtained access to the companies’ internal networks.

The collective extracted sensitive source code from antivirus software, AI, and security plugins belonging to the three companies. Fxmsp also commented on the capabilities of the different companies’ software and assessed their efficiency.

Dell SupportAssist is probably the lowest-hanging fruit on your computer. An independent researcher was able to unwrap the Dell SupportAssist service and force install arbitrary software on networked devices using no more than a single DNS hijack and publicly-available “codes” that Dell uses to authenticate actions. Their design is roughly akin to taping the keys to your house on the front door. While you should, of course, remove SupportAssist, you should also treat this as a stark reminder of why you should never use untrusted networks.

Microsoft Office changed the EULA to their software, which triggered several different issues, including previously purchased software no longer working, new data sharing prompts and an unceasing series of popups for some users. Logging out of your Microsoft Account and back in resolves the issue for many, but others required registry hacks. Smooth move, MS.

Now back to our regularly scheduled program.

The typical computer should see roughly 1.3 GB in updates today. Let’s get started.

Microsoft released updates for Windows, .NET, Edge, Internet Explorer, Flash, and MSRT (~850 MB). This includes security updates. A reboot is required.

Apple released updates for macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, Safari 12.1.1, and Apple TV Software 7.3. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 12.3 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 5.2.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 12.3 is a security update. Use System, Software Update to install the most current version.

Adobe AIR 32.0.0.125 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Adobe Flash Player 32.0.0.192 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Fedora 30-1.2 is a major update improving compatibility, performance, and more. This build adds the optional Pantheon Desktop which will ease the transition of those coming from a macOS environment. Coupled with Darling it should now be much easier to leave Apple for Linux.
https://getfedora.org/en/workstation/download/

Google Chrome OS 74.0.3729.125 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of the Windows 10 (1903) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.1.3 improves reliability. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver & Support Assistant 19.4.18 improves detection of updates, adds support for Windows 10 LTSB, and adds notifications. This is a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 430.64 adds support for newer hardware, removes support for Kepler hardware, and resolves several bugs. This is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Logitech SetPoint 6.69.126 resolves several bugs. This is not a security update.
https://support.logitech.com/en_us/software/setpoint

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 74.0.3729.157 is a security update (and adds dark mode). Use Menu, Help, About to install the most current version.

Firefox 66.0.5 resolves the catastrophic end-of-extensions bug. Use Menu, Help, About to install the most current version.

Firefox ESR 60.6.3 resolves the catastrophic end-of-extensions bug. Use Menu, Help, About to install the most current version.

Iridium 2019.04.73.0 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.5.1525.41 resolves several bugs, adds new features, improves reliability and performance. This is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.16 adds a combobox to select folders to scan or skip. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.44.0.41 adds message forwarding, provides additional view options, adds optional background blur, and adds event notifications. This is not a security update.
https://12pd.com/click?skype

DynDNS Updater 5.5.0 removes backend service reporting. This should be considered a security update.
https://www.dyndns.com/

Evernote 6.18.4.8489 adds several new shortcuts, resolves several bugs. This is not a security update.
https://www.evernote.com/

FileZilla Client 3.42.1 resolves several bugs, updates libraries, improves compatibility with macOS. This is a security update.
https://filezilla-project.org/

MaxMind GeoIP 201905 is a data refresh.
https://dev.maxmind.com/geoip/

Npcap 0.995 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

WinSCP 5.15.1 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.38.25027 resolves several bugs. This is not a security update.
https://www.origin.com/en-us/download

Steam 2019.05.01 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

SteamOS 2.190 is a security update.
https://store.steampowered.com/steamos/download/?ver=custom

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat 19.012.20034 is a security update. Use Help, Check for Updates to get the most current version.

LibreOffice Still 6.1.6 is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 6.2.3 resolves dozens of bugs. This is not a security update.
https://www.libreoffice.org/

Adobe DNG Converter 11.3 adds support for newer hardware. This is a security update.
https://helpx.adobe.com/photoshop/digital-negative.html

Atom 1.37.0 improves security and resolves several bugs. This should be treated as a security update.
https://atom.io/

Security Software Updates

One or more of these is likely to be of interest to most people.

Java 8u211 is a security update. If you are not sure you need Java (or don’t know the difference between Java and JavaScript), you’re better off removing Java than installing an update.
https://www.java.com/en/download/manual.jsp

RogueKiller 13.2.0 updates engine, resolves several bugs, adds signature automatic update to free version. This should be treated as a security update.
https://www.adlice.com/softwares/roguekiller/

Stinger 12.1.0.3168 adds support for new detections. This is a security update.
https://12pd.com/click?stinger

TDSSKiller 3.1.0.28 adds support for new detections. This is a security update.
https://support.kaspersky.com/viruses/utility#TDSSKiller

Converter Updates

These are unlikely to be of interest to most people.

CDex 2.17 resolves several bugs. This is not a security update.
http://cdex.mu/?q=download

DVDFab 11.0.2.9 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 4.1.3 resolves several bugs. This is not a security update.
https://ffmpeg.org/ffmpeg.html

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.3.684 resolves several bugs, adds cleanup, improves performance. This is not a security update.
https://1password.com/downloads/windows/

Bitcoin Core 0.18.0 resolves dozens of bugs, improves performance, reliability, and privacy, updates many features, and reduces dependency on OpenSSL. This should be treated as a security update.
https://bitcoin.org/en/download

BulkFileChanger 1.61 adds new command-line option. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

ControlMyMonitor 1.15 adds an option to prevent changing a value if it is current. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

CurrPorts 2.55 adds ability to capture for an extended duration instead of capturing only a snapshot. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Cygwin 3.0.7 adds support for a new locale and resolves a winsock bug. This is not a security update.
https://cygwin.com/

DesktopOK 6.16 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

FolderChangesView 2.27 adds option to include header in output. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

GoodSync 10.9.32 resolves several bugs, updates libraries, and adds support for RealDisk. This is not a security update.
https://12pd.com/click?goodsync

ImageUSB 1.4.1003 resolves several bugs. This is not a security update.
https://www.osforensics.com/tools/write-usb-images.html

IsMyHdOK 1.66 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NetworkTrafficView 2.25 improves reliability and adds support for UDP. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

NirCmd 2.83 adds runinteractive options. This is not a security update.
https://www.nirsoft.net/utils/nircmd.html

NTLite 1.7.6.6912 adds support for Windows 10 v1903, resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSFMount 3.0.1003 improves performance, resolves several bugs. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

PointerStick 3.52 resolves a startup bug. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

RegFileExport 1.11 resolves a large-value bug. This is not a security update.
https://www.nirsoft.net/utils/registry_file_offline_export.html

SimpleWMIView 1.36 adds an option to attempt elevation. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Synergy 1.10.2 resolves several bugs. This should be treated as a security update.
https://symless.com/blog/synergy-1-10-2-finally-released

DebugView 4.90 doesn’t provide a changelog, so should be treated as a security update.
https://live.sysinternals.com/

RAMMap 1.52 doesn’t provide a changelog, so should be treated as a security update.
https://live.sysinternals.com/

TaskSchedulerView 1.50 adds options to control tasks from the command line. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

WifiChannelMonitor 1.59 resolves a displaymode bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.46 adds always on top and scanning options, and updates the MAC database. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 4.78 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.7 disables autorecall, updates libraries, improves detection. This is not a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.1.1 is a security update.
https://godotengine.org/

MySQL 8.0.16 updates libraries, grant/revoke behavior, and resolves many bugs. This is a security update.
https://www.mysql.com/downloads/installer/

Node.js 12.2.0 resolves dozens of bugs, updates libraries, and adds and improves features. This is a security update.
https://nodejs.org/en/

SQLite 3.28.0 resolves several bugs, improves compatibility, and offers new language constructs. This is a security update.
https://www.sqlite.org/download.html

StrawberryPerl 5.28.2.1 updates core, modules, and libraries. This is a security update.
http://strawberryperl.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.6-130049 resolves dozens of bugs. This should be treated as a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Joomla 3.9.6 is a security update.
https://www.joomla.org/

Drupal 8.7.1 is a security update.
https://drupal.org/download

Nextcloud Server 16.0.0 adds ACL support, Talk commands, and machine learning for security and productivity. This is a security update.
https://nextcloud.com/

ScreenConnect 19.0.23665.7058 adds several new features, cosmetics, dark mode, network information, improves auditing and more. This is not a security update.
https://www.screenconnect.com/Download

phpList 3.4.2 resolves several bugs. This is not a security update.
https://www.phplist.com/download

WordPress 5.2 improves self-diagnostics, accessibility, and more. This is not a security update.
https://wordpress.org/

Akismet 4.1.2 resolves bugs and improves compatibility. This is not a security update.

Autoptimize 2.5.0 adds lazyloading, and redesigns image optimization. This is not a security update.

BuddyPress 4.3.0 is a security update.

Custom Facebook Feed 2.9.1 resolves several bugs. This is not a security update.

Email Log 2.3.1 resolves a bug. This is not a security update.

myStickymenu 2.1.4 resolves several bugs. This is not a security update.

Postie 1.9.33 now assigns an author to all media items. This is not a security update.

Raw HTML 1.6 improves handling of raw objects. This is not a security update.

Redirection 4.2.3 resolves a bug. This is not a security update.

Register IPs 1.8.1 is a security update.

NextScripts Social Networks Auto-Poster 4.3.6 resolves several bugs, adds location and twitter handle support. This is not a security update.

Sucuri Security 1.8.21 adds several new diagnostic features and resolves several bugs. This is not a security update.

Theme My Login 7.0.14 improves compatibility. This is not a security update.

W3 Total Cache 0.9.7.4 resolves several bugs. This is a security update.

WooCommerce 3.6.2 resolves many bugs. This is a security update.

WPtouch 4.3.37 adds SMS sharing option. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2019-01-08

Welcome to 2019, Folks! I’ve never been so happy to have a year behind me. 2019 is looking good even if it starts with a huge number of updates.

Today is Patch Tuesday and it’s a big one. Every major vendor has their regular updates, and it looks like every minor vendor took the holiday break to work on updates for their software, too.

The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, Internet Explorer, .NET, Flash, and MSRT (~2 GB). This includes security updates. A reboot is required.

iOS 12.1.2 is a security update. Use Settings, General, Software Update to install the most current update.

Adobe AIR 32.0.0.89 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Adobe Flash Player 32.0.0.114 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google Chrome OS 71.0.3578.94 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of the Windows 10 (1809) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6 GB through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.0.6 resolves several bugs and adds support for newer hardware. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 7.10.5 is a security update.
https://support.logitech.com/en_us/software/options

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 71.0.3578.98 is a security update.

Vivaldi 2.2.1388.37 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.5.5 adds preview for common attachment types and resolves several bugs. This is not a security update.
https://getmailspring.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.36.0.52 resolves several bugs. This is not a security update.
https://12pd.com/click?skype

DNSDataView 1.56 adds command-line configuration syntax. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

IPNetInfo 1.80 now defaults to detecting IPv6 addresses and provides command-line configuration syntax. This is not a security update.
https://www.nirsoft.net/utils/ipnetinfo.html

WinSCP 5.13.7 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

uTorrent 3.5.5 Build 44954 resolves several bugs. This is not a security update.
https://www.utorrent.com/downloads

FreeFileSync 10.7 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Npcap 0.99-r8 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

MaxMind GeoIP Data 201901 is a data refresh.
https://dev.maxmind.com/geoip/geolite

Media Updates

These are unlikely to be of interest to most people.

VLC Media Player 3.0.5 resolves several bugs, updates libraries and components, and now imposes runtime hardening on macOS. This is not a security update.
https://www.videolan.org/vlc/

MusicBrainz Picard 2.1 resolves many bugs, adds AAC/ADTS/MIDI/SMF support, $delete, $title, and several other improvements. This is not a security update.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.32.18460 resolves several bugs and adds data moving. This is not a security update.
https://www.origin.com/en-us/download

PlayStation PS4 6.20 improves performance. This is not a security update. Note that Sony says it is important not to install this update “soon before or soon after” a power outage. If you’re planning to have a power outage, wait for well after it ends before installing the PS4 update. LOL
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 19.010.20069 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Connect 10.1 is a security update.
Win: https://www.adobe.com/go/Connectmsi
Mac: https://www.adobe.com/go/ConnectSetupMac

Adobe Digital Editions 4.5.10 is a security update.
https://www.adobe.com/solutions/ebook/digital-editions/download.html

Notepad++ 7.6.2 resolves several bugs and improves the plugin sanity…but requires that you move any plugins you put in %appdata% for 7.6 under %programdata% now with 7.6.1+, but still allows custom user-level configuration of the installed plugins through %appdata%. It’s the right way to do things and will be better for all of us once we get past this. This is not a security update.
https://12pd.com/click?npp

Krita 4.1.7 resolves several bugs, including a rather annoying wifi bug introduced by a dependency. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 6.1.4 resolves over a hundred bugs. This is not a security update.
https://www.libreoffice.org/

Kindle for PC 1.25.0 Build 52064 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

TDSSKiller 3.1.0.25 doesn’t provide a changelog so should be treated as a security update.
https://support.kaspersky.com/viruses/utility#TDSSKiller

Wireless Network Watcher 2.19 updates the MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 13.0.21 resolves several bugs, adds signatures, improves high-DPI support, and updates core engine. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

SuperAntiSpyware 8.0.1026 resolves several bugs and adds ability to disable notifications.
https://www.superantispyware.com/download.html

Avast! Home Edition 19.1.2360 resolves several bugs, improves GUI, and reduces clutter. It still doesn’t behave well with low-resolution screens.
https://www.avast.com/free-antivirus-download

KeePass 1.37 adds several options including the ability to avoid storing data in the clipboard history. This should be treated as a security update.
https://keepass.info/

Converter Updates

These are unlikely to be of interest to most people.

CDex 2.13 resolves several bugs. This is not a security update.
https://cdex.mu/?q=download

AVStoDVD 2.8.8 resolves several bugs, adds several new features, and updates libraries. This should be treated as a security update.
https://sites.google.com/site/avstodvdmain/

DVDFab 11.0.1.2 adds several new output options, new encodings, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 4.3 adds support to many new formats, resolves several new bugs, and adds syntax and command-line options, settings, performance improvements, and more. This is not a security update.
https://www.isobuster.com/download.php

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.5.5 resolves several bugs. This is not a security update.
https://12pd.com/click?rf

7-Zip 18.06 improves performance and resolves several bugs. This is not a security update.
https://www.7-zip.org/

GoodSync 10.9.21 improves stability, license management, and resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

NTLite 1.7.2.6650 adds command-line support and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

1Password for Mac 7.2.4 is a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.2.617 improves stability and compatibility. This should be considered a security update.
https://1password.com/downloads/windows/

DevManView 1.56 adds command-line configuration support and now returns an error code instead of 0 on error. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

DesktopOK 5.82 improves compatibility and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Everything 1.4.1.924 resolves several bugs. This is not a security update.
https://www.voidtools.com/

Sysmon 8.04 reverts a filtering change that broke existing configuration files, and resolves a couple bugs. This is not a security update.
https://sysinternals.com/

Bitcoin 0.17.1 resolves several bugs and improves performance. This is not a security update.
http://bitcoin.org/en/download

PointerStick 3.41 is a cosmetic update. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

SearchMyFiles 2.91 adds duplicate file indication. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TaskSchedulerView 1.46 adds policy control for multiple instances and a column for network availability requirement. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

WifiChannelMonitor 1.58 adds always on top support and updates internal MAC database. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WinScan2PDF 4.67 adds support for new translations and improves customization. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Node.js 11.6.0 adds and improves certificate trust and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.0-127566 is a major update with many resolved bugs. This version adds HiDPI support, export to Oracle Cloud Infrastructure, improved setup and maintenance, improved 3D support for guests, surround sound speakers, and Hyper-V as fallback core for compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

TinyMCE 4.9.2 resolves several bugs. This is not a security update.
https://www.tinymce.com/download/

phpList 3.3.7 resolves a minor bug. This is not a security update.
http://www.phplist.com/download

Coppermine Gallery 1.5.48 is a security update.
https://coppermine-gallery.net/

Drupal 8.6.5 resolves several bugs. This is not a security update.
https://drupal.org/download

YOURLS 1.7.3 resolves several bugs, adds hooks, and updates libraries. This should be treated as a security update.
https://yourls.org/

WordPress 5.0.2 resolves over 70 bugs in the 5.0 branch and follows quickly on the heels of the 5.0.1 security update. This should be treated as a security update to 5.0.
https://wordpress.org/

Contact Form 7 5.1.1 improves handling of empty response. This is not a security update.

Postie 1.9.27 improves support for parent post detection. This is not a security update.

Sucuri Security 1.8.19 resolves a couple bugs. This is not a security update.

Theme My Login 7.0.12 improves compatibility and reliability. This is not a security update.

WooCommerce 3.5.3 resolves a cosmetic bug for WP5 compatibility. This is not a security update.

WP Add Custom CSS 1.1.3 improves compatibility and uninstaller. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2018-11-13

Hi, Folks!

It’s Patch Tuesday and it’s a big one. Every major vendor has released security updates and there’s many smaller vendor updates released today, as well.

But before we get to that I want to briefly talk about something else. You’ve surely heard the phrase “Internet of Things” or “IoT”. This describes the common and growing practice of everything touching the Internet all the time. Besides the computers you have in your office and living room, the phone in your pocket, and the tablets you have littered across random flat surfaces across your home, there are now cars, toasters, refrigerators, light bulbs, irrigation systems, air conditioners, instant pots, and a million other things that are now Internet-enabled for our convenience or simply for the novelty of it. Nearly all of these devices don’t talk to the Internet directly, but through a router or modem which connects each of the devices at a specific location to the Internet through your Internet Service Provider. While it’s possible to hijack your light bulbs, fridge, and coffee maker, the low-hanging fruit of most networks is and always will be the router. This oft-overlooked device is poorly maintained and directly accessible from the Internet making it easy prey for attackers. Currently there’s a botnet called BCMUPnP_Hunter that has hijacked over 100,000 routers and is using them (and your Internet connection) to send spam and phishing messages.

In each case it could have been avoided.

All hardware is supported and maintained by the vendor for a limited time ranging from a mere 6 months to a decade. However, having it be “supported” is one thing – actually installing the firmware and software updates that would have prevented this and similar infections or proactively replacing end-of-life (EOL) hardware is critical. This neglect is like starving to death at a buffet. The updates and EOL information is out there, but you need to know your network (or hire someone to) and maintain or replace each device that touches it.

Know your network!

Now back to our regularly scheduled program.

The typical computer should see roughly 4gb in updates today. Let’s get started.

The first major update to macOS Mojave was released this week, as well as the first major update to iOS 12. Windows 10 v1809 has been released again. This version was pulled for the last two months because of a show-stopper bug that resulted in deleting user files of people with a specific configuration. That issue is now resolved, but it highlights the importance of letting other people be the guinea pig for major updates like this. Updates are important. Don’t get me wrong. Stability is more important, though, and there’s no reason to put a stable, secure, and supported operating system at risk with what amounts to a beta release. Microsoft maintains several versions of Windows 10 and there’s no reason to rush to the latest build. Install their standard security updates, but wait on new releases.

Windows 10 v1809 is about 3gb when downloaded by the Windows Upgrader/Windows Update, so expect it to randomly install for any Windows 10 Home user over the next month, consuming 3gb of bandwidth to get it done. If you have a slow connection, it could end up trying to download 3gb per day per device, so you would be better off downloading the installer yourself and installing it to ensure that the upgrade completes. That said, you should, of course, postpone upgrading to 1809 for the next couple months and let the rest of the world be the beta testers.

In any case, sometimes we all need that reminder: run your backups *now*.

Microsoft released Windows 10 v1809 and updates to Windows, Flash, Edge, Internet Explorer, and MSRT (~3gb). This includes security updates. A reboot is required.

Apple released macOS Mojave 10.14.1, macOS Mojave 10.14.1 Supplemental for MacBook Air, Security Update 2018-002 for High Sierra, Security Update 2018-005 for Sierra, iOS 12.1, tvOS 12.1, watchOS 5.1.1, Safari 12.0.1, iCloud for Windows 7.8, and iTunes 12.9.1. This includes security update. Use Apple Software Update to install these updates. A reboot is required.

Adobe Flash Player 31.0.0.148 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google Chrome OS 70.0.3538.76 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 29-1.2 is a new major version offering modularity, GNOME 3.30, Vagrant images, and more. This is not a security update.
https://getfedora.org/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of the Windows 10 (1809) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.0.3 improves removal and removes paexec to minimize false positives from AV software. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 70.0.3538.102 is a security update. Use Menu, Help, About to install the most current version.

Firefox 63.0.1 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 60.3.0 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.1.1337.47 improves quick commands, resolves several bugs, and updates chromium source to v70. This is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.5.2 improves compatibility, stability, performance, and updates libraries. This is a security update.
https://getmailspring.com/

Thunderbird 60.3.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.33.0.50 improves group moderation and adds send with enter key. This is not a security update.
https://12pd.com/click?skype

Evernote 6.16.4.8094 resolves several bugs and improves stability. This is not a security update.
https://www.evernote.com/

FileZilla 3.38.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 10.6 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

MaxMind GeoIP Data 201811 is a data refresh.
https://dev.maxmind.com/geoip/geolite

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.5.8.7041 adds the ability to filter drives to only those that are writeable. This is not a security update.
https://cdburnerxp.se/

FastStone Viewer 6.7 improves performance, resolves several bugs, and expands options. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

Flickr Downloadr 2.7.0.1 doesn’t provide a changelog so should be treated as a security update.
https://flickrdownloadr.com/downloads/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.30.15625 resolves several bugs. This is not a security update.

Steam 2018.11.08 resolves several bugs and improves stability. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 19.008.20081 is a security update. Use Help, Check for Updates to get the most current version.

Paint.net 4.1.4 improves performance and resolves several bugs. This is not a security update.
https://www.getpaint.net/

LibreOffice Still 6.0.7 resolves dozens of bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 6.1.3 resolves dozens of bugs. This is not a security update.
https://www.libreoffice.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 3.1.5 resolves many bugs. This is not a security update.
https://www.gpg4win.org/download.html

SuperAntiSpyware 8.0.1024 is a major update adding DND mode, repair and reset modes, and startup monitoring. This is not a security update.
https://www.superantispyware.com/download.html

RogueKiller 13.0.9 updates detection engine and signatures. This is a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2019.0.1 resolves several bugs and improves stability. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.0.0.3 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.14.1 improves stability, adds support for new encodings, and new options. This is not a security update.
https://12pd.com/click?makemkv

Utility Updates

These are unlikely to be of interest to most people.

Beyond Compare 4.2.8.23479 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitcoin 0.17.0.1 resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

Cygwin 2.11.2 is a security update.
https://cygwin.com/

DesktopOK 5.76 resolves a startup bug. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

GoodSync 10.9.16 resolves several bugs, improves user experience, and change default security options. This should be treated as a security update.
https://12pd.com/click?goodsync

ImageUSB 1.4.100 resolves several bugs, adds a new option to fill remaining space with an extended partition. This is not a security update.
https://www.osforensics.com/tools/write-usb-images.html

FileLocator Pro 8.5.2868 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

BulkFileChanger 1.52 adds an option to fill current time to file time command attributes. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

DevManView 1.55 adds delay controls. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

USBDeview 2.77 adds delay controls. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

OSForensics 6.1.1004 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

WinScan2PDF 4.56 resolves a driver bug. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

CPU-Z 1.87 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Developer Updates

These are unlikely to be of interest to most people.

Node.js 11.1.0 resolves dozens of bugs. This is a security update.
https://nodejs.org/en/

SQLite 3.25.3 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.7.1 doesn’t provide a detailed changelog, so should be treated as a security update.
https://ppsspp.org/downloads.html

VirtualBox 5.2.22-126460 resolves several bugs and improves compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Joomla 3.9.0 provides over 250 fixes and improves privacy controls.
https://www.joomla.org/

ModSecurity 3.0.3 resolves several bugs, adds new rules and controls. This is not a security update.
https://github.com/SpiderLabs/ModSecurity/releases

phpList 3.3.6 resolves several bugs and adds new features. This is not a security update.
https://www.phplist.com/download

TinyMCE 4.8.5 resolves several bugs. This is not a security update.
https://www.tinymce.com/download/

Drupal 8.6.2 is a security update.
https://drupal.org/download

Akismet 4.1 adds several new features. This is not a security update.

Contact Form 7 5.0.5 resolves several bugs. This is not a security update.

myStickymenu 2.0.6 resolves the 404 configuration bug. This is not a security update.

NextScripts Social Networks Auto-Poster 4.2.8 is a security update.

Redirection 3.6.2 improves compatibility. This is not a security update.

WooCommerce 3.5.1 resolves several bugs. This is not a security update.

WPtouch 4.3.33 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/