Updates 2022-05-10

Welcome back, Folks!

Today is Patch Tuesday for May, 2022. There’s a lot of news this month, and sunlight is proving to be the best disinfectant. It’s a big one.

This Month in Technology

AA Traveller, Adaptive Health Integrations, AGCO, Aimware, Amazon Web Services, American Dental Association, Android, Apple, ARcare, Aruba and Avaya network switches, Austin Peay State University, Avvo, Bank of Israel, Beanstalk, Bob’s Red Mill Natural Foods, Central Florida Cardiology Group, Cisco Umbrella Virtual Appliances, Coca-Cola, Costa Rica government, County of Los Angeles Department of Mental Health, Dedalus Biology, Deus, Devil-Torrents, Discord, District 518 in Minnesota, Docker servers, DVR devices, EGAIS, F5 BIG-IP, Facebook, Fairfield County Implants and Periodontics, LLC, Fei protocol, Ferrari, Funky Pigeon, GHT Coeur Grand Est. Hospitals and Health Care group, Good Samaritan in West Palm Beach, Google, HealthActions, P.A., Healthplex, Inc, Heroku, Hetzner Online GmbH, IKEA Canada, Illinois Gastroenterology Group, PLLC, Illuminate Education, Kellogg Community College, Kenosha Community Health Center, King County Public Hospital District No. 2, La Casa de Salud, Lakeview Loan Servicing, Lincoln College, Linux, Lutheran Services Carolinas, Mental Health Center of Greater Manchester, MetroHealth System, Microsoft Azure, Microsoft Exchange servers, Nauru Police Force, New Creation Counseling Center, Newman Regional Health, Nordex, Nordic Hotels & Resorts, NPM, Oklahoma City Indian Clinic, Onleihe, OpenSea, Optima Dermatology Holdings, LLC, PayHere, QIWI, QNAP, RainLoop, Rarible NFT, Romania, Ronin Network, RuTube, Scott County, IowaSelect Benefits Group, LLC dba Dental Select, Sixt, Smile Brands, Snapchat, Southern Ohio Medical Center, Spanish football federation, St. Mary’s Medical Center in West Palm Beach, State Bar of Georgia, SUMMIT EYE ASSOCIATES P.C., Sunwing Airlines, Synology, T-Mobile, The Energy Cooperative Group Benefits Plan, The Mental Health Center of Greater Manchester, Twitter, U.S. DoD, UK Ministry of Defense, UK NHS, Ukrainian government, Urgent Team Holdings, US Department of Homeland Security (DHS) (with permission), US Health and Human Services, VMware Workspace ONE Access, Wayne Family Practice Associates, PC, WellDyneRx, LLC, Windows Event Logs, and WSO2 have reportedly been hacked or compromised this month.

Atlassian, Google Docs, WhatsApp, and Xbox have suffered from widespread outages.

A software bug in Harris County Jail has caused problems with hundreds of cases, preventing access to arrest and hearing information, resulting in major issues for law enforcement and the DA.

Google has added a feature to fight doxxing by removing supplied personal information from search results. This would, of course, not be so ridiculous if they hadn’t recently shared victim information with scammers so they could be scammed or abused all over again.

Science is still a joke. So is the news. And yes, the vaccines are shedding. Yet, governments are still penalizing those who refuse to participate in the experiments. VAERS is being purged in violation of federal law. Search warrants are passé. Did you know that the USPS is a spying agency?  Facebook’s Meta is a bunch of hypocrites.

The US federal government has announced a new Disinformation Governance Board under the Department of Homeland Security to combat “disinformation,” staffed by the same people that have promulgated lies and deceit for years, complicit in the very deception they claim to want to prevent. It’s different when they do it, though.

There is a very dark side of electric vehicles, including child slavery, and they still produce CO2 directly, too.

Various open source projects, node-ipc, which wiped the drives of Russian users, and event-source-polyfill “protest” by changing their behavior based on the user, or who they perceive the user to be. Projects like this destroy the trust of all of their users, even if they agree with their agenda. You never know what signal they’ll choose to use against you in the future. Others, including Avast, Coinbase, even CAs (certificate authorities), Dell, DuckDuckGo, GitHub, hacked WordPress sites, Google Play, Google News, Mozilla Firefox, and many others, are projecting their own politics on the world. Disagree and be censored.

iOS and iPadOS updates, security updates, are now being delayed by up to four weeks after release for those who have automatic updates enabled. Just how defective does your release quality testing have to be to postpone security updates for a month?

There’s yet another speculative execution vulnerability in pretty much every CPU. UPS (uninterruptible power supplies/battery backups) demonstrate the significance of a default password vulnerability. The Smart Meters that were promised to never be used to collect personal information are now being used with AI to profile individuals and households.

In an effort to make everyone want to abandon Windows, Microsoft is now pushing ads within the new File Explorer on Windows 11.

Cloud service providers can disappear on a whim. The recent disappearance of the entire Insteon service from under the feet of those that, in some cases, paid thousands of dollars for hardware to work with this home automation provider, demonstrates the insanity of reliance on external services.

Nigeria has blocked 73 million mobile phones (more than half of the Internet-connected population!) for failing to sign up for their digital identity/social credit ecosystem. Most people in Nigeria, like the vast majority of people in nations across the planet, only have access to the Internet through their mobile phones, so this digital identity implementation is intentionally cutting many users in that tiny nation from the Internet.

There is growing evidence that the entire national food supply is at risk, as well as dozens of food processing facilities (much more than in previous years). In response, California is paying farmers not to grow food.

Now for the good news:

When you think about how similar search results have become, this video will blow your mind: Where did the rest of the Internet go? Consider Swisscows for better variety, privacy and breadth of search.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is quite large this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates to address 77 vulnerabilities in .NET and Visual Studio, .NET Framework, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Local Security Authority Server, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Windows ALPC, Remote Desktop Client, Servicing Stack Update, Servicing Stack Updates, Tablet Windows User Interface, Visual Studio, Visual Studio Code, Windows Active Directory, Windows Address Book, Windows Authentication Methods, Windows BitLocker, Windows Cluster Shared Volume (CSV), Windows Failover Cluster Automation Server, Windows Fax Service, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows LDAP – Lightweight Directory Access Protocol, Windows Media, Windows Network File System, Windows NTFS, Windows Point-to-Point Tunneling Protocol, Windows PowerShell, Windows Print Spooler Components, Windows Push Notifications, Windows Remote Access Connection Manager, Windows Remote Desktop, Windows Remote Procedure Call Runtime, Windows Server Service, Windows Storage Spaces Controller, Windows WLAN Auto Config Service, and MSRT (~2 GB). This includes security updates. A reboot is required.

Google Chrome OS 101.0.4951.59 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 36-1.5 is a major update, including library and dependency updates. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.5.0 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

HP M281cdw Firmware 20220414 is a security update.
https://support.hp.com/us-en/drivers/selfservice/hp-color-laserjet-pro-m280-m281-multifunction-printer-series/14142489/model/16748237

Logitech Unify 2.52.33 is a security update.
https://support.logitech.com/en_us/software/unifying

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.38.111 is a security update. Use Menu, Help, About to get the most current version.
https://brave.com/

Google Chrome 101.0.4951.54 is a security update. Use Menu, Help, About to get the most current version.
https://www.google.com/chrome/

Microsoft Edge 101.0.1210.39 is a security update. Use Menu, Help, About to get the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 100.0 is a security update. Use Menu, Help, About to get the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.9.0 is a security update. Use Menu, Help, About to get the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.12 is a security update. Use Menu, Help, About to get the most current version.
https://www.seamonkey-project.org/

Vivaldi 5.2.2623.41 is a security update. Use Menu, Help, About to get the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.3 resolves several bugs. This is not a security update.
https://getmailspring.com/

NK2Edit 3.44 adds column sorting from menus. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

Thunderbird 91.9.0 is a security update. Use Menu, Help, About to get the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.8 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 6.5.1 resolves several bugs and adds option to remove all stored session profiles. This is not a security update.
https://anydesk.com/en/downloads

curl 7.83.0 adds several new features and resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 147.4.4800 adds backup settings and sync configuration, right-click menu capabilities, and taskbar icon changes. This is not a security update.
https://www.dropbox.com/

FileZilla Server 1.4.1 resolves several bugs and improves upgrade converter. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.20 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 57.0 improves notifications and resolves several bugs. This is not a security update.
https://drive.google.com/start

Omada Software Controller 5.3.1 adds over 20 new features and a dozen fixes. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Java 8u333 is a security update. This is the second update in two weeks, and one of the rare out-of-cycle updates from Oracle. If you have Java installed, update as soon as possible.
https://www.java.com/en/download/manual.jsp

Nextcloud Server 23.0.4 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.58.1 resolves several bugs. This is not a security update.
https://rclone.org/

Syncthing 1.20.1 resolves a stability bug. This is not a security update.
https://syncthing.net/

Signal 5.42.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Technitium DNS Server 8.1 resolves several bugs and improves reliability. This is not a security update.
https://technitium.com/dns/

Telegram 3.7.3 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.10.4.5035 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Plex Desktop 1.44.0.2981 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.15.1.2976 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.26.0.5715 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.17.4 should be treated as a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

Battle.net Client 2.9.0.13279 resolves several bugs. This is not a security update.
https://us.battle.net/en/app/

Epic Games 14.0.7 resolves several bugs. This is not a security update.
https://www.epicgames.com/

Nintendo Switch 14.1.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS3 4.89 reduces on-device features (such as account creation and management) to improve device security.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

PlayStation PS5 22.01-05.02.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.12 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Krita 5.0.6 resolves two crash bugs, and follows shortly after the 5.0.5 release which resolves dozens of outstanding bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.3.3 resolves nearly 100 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.5.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4 updates the Scintilla library. Be aware that some plugins may not work after this update until they’re made compatible with the new release. This is not a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.12 resolves several bugs. This is not a security update. I recommend using LibreOffice instead of OpenOffice. It’s much better maintained and does not rely on an external 32-bit Java dependency.
http://www.openoffice.org/download/

PDF-XChange Editor 9.3.361.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Calibre 5.42.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Kindle for PC 1.36.65107 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Adobe Reader DC 22.001.20117 is a security update. Use Help, Check for Updates to get the most current version.
https://get.adobe.com/reader

Adobe Reader DC (Mac) 22.001.20112 is a security update. Use Help, Check for Updates to get the most current version.
https://get.adobe.com/reader

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 5.0 is a major update with updates to several libraries, newer hardware support, and resolving several bugs. This is a security update.
https://tails.boum.org/install/dvd/index.en.html

Gpg4win 4.0.2 resolves dozens of bugs and updates libraries. This is a security update.
https://www.gpg4win.org/download.html

KeePass 2.51.1 resolves dozens of bugs. This is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.5.8 improves performance and resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.15 resolves several bugs. This is not a security update.
https://www.malwarebytes.com/mac/

OpenSSL 3.0.3 is a security update.
https://curl.se/windows/

RogueKiller 15.5.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.41.0 adds dark mode, and resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.10.2 improves collection management. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

YARA 4.2.1 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.37 updates libraries, resolves several bugs, and adds AV1 export. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 22.0.2 is a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.7.1 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.7 adds new features and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

Bitwarden 1.33.0 resolves several bugs. This is not a security update.
https://bitwarden.com/

CPU-Z Installer 2.01 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 9.85 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.7.9 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Git SCM 2.36.1 resolves several bugs. This is not a security update.
https://git-scm.com/

GoodSync 11.10.9 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWMonitor 1.46 adds support for new hardware and new sensors. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NTLite 2.3.4.8675 cleans up leftovers from previous updates. This is not a security update.
https://www.ntlite.com/download/

OpenToonz 1.6.0 adds several new features, bug fixes and performance improvements. This is not a security update.
https://github.com/opentoonz/opentoonz/

osquery 5.2.3 is a security update.
https://osquery.io/downloads

AOMEI Partition Assistant 9.7.0 adds speed test, and app mover improvements. This is not a security update.
https://www.diskpart.com/

PointerStick 5.77 adds support for dark mode, improves DPI scaling, and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.58.0 resolves a dozen bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.2.7 resolves compatibility issues. This is not a security update.
https://www.roboform.com/

ScreenConnect 22.4.7745.8154 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SmartMonTools 7.3 resolves several bugs, adds support for new hardware, and several new diagnostic and testing options. This is not a security update.
https://smartmontools.org/

Speccy 1.32.774 improves hardware support. This is not a security update.
https://www.piriform.com/speccy

Synergy 1.14.3 improves compatibility. This is not a security update.
https://symless.com/synergy/

TeamViewer 15.29.4 resolves a file transfer bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.0 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WhyNotWin11 2.4.3.2 resolves several bugs and improves detection and command-line support. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinScan2PDF 7.77 improves TWAIN support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

ZoomText 2022.2204.21.400 resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.34.01 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

AutoIt 3.3.16.0 resolves dozens of bugs and adds several new features. This is not a security update.
https://www.autoitscript.com/autoit3/docs/history.htm

Docker Desktop 4.8.1 adds several new features, updates libraries, and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

GitHub Desktop 3.0.0 updates notification capabilities, and resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.2.1 is a security update.
https://www.jrsoftware.org/isdl.php

MySQL Server 8.0.29 is a security update.
https://dev.mysql.com/downloads/installer/

MySQL ConnectorNet 8.0.29 is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 14.19.2 is a security update.
https://nodejs.org/en/

Node.js 16.15.0 adds fetch API and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 18.1.0 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.38.5 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.67.1 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.34 resolves dozens of bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.19 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.2.17 resolves several bugs. This is not a security update.
https://drupal.org/download

Drupal 9.3.12 is a security update.
https://drupal.org/download

HumHub 1.11.1 is a security update.
https://www.humhub.com/en/download

Joomla 4.1.3 resolves several bugs. This is not a security update.
https://www.joomla.org/

SMF 2.1.2 is a security update.
https://www.simplemachines.org/

YOURLS 1.9 is a security update.
https://yourls.org/

Akismet 4.2.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.0.4 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

Slider Revolution 6.5.20 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Social Post Feed 4.1.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Duplicator 1.4.5 improves several features, This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Interactive World Map 3.1.9.2 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/interactive-world-map/

Postie 1.9.60 improves translatable strings. This is not a security update.
https://wordpress.org/extend/plugins/postie/

WooCommerce 6.4.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.4.0 improves compatibility, integration, and resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-04-12

Welcome back, Folks!

Today is Patch Tuesday for April, 2022.

It’s another big one. Sprinkle a little disaster and angst on a world war, give script kiddies a megaphone and encourage them to hack strangers and you end up with the perfect storm of malice.

This Month in Technology

2FA/MFA implementations, Advanced Medical Practice Management, Alacrity Solutions Group, LLC, Alberta vaccine passport system, American Express, ASUS routers, Atlassian, Ballad Health, a large banking platform, Bank of Ireland, Bernards Township School District, Bet9ja, Black River Falls School District, Bradley Airport, Bridgestone Americas, CafePress, Caisse nationale d’assurance maladie, Cancer and Hematology Centers of Western Michigan, Capital Region Medical Center, Cash App, CDEK, Central Indiana Orthopedics, Central Minnesota Mental Health Center, Central Vermont Eye Care, Charleston Area Medical Center, Inc., Chelan Douglas Health District, Christie Clinic, Clinic of North Texas, LLP, Colorado Physician Partners, PLLC, Creative Services Inc, Cytometry Specialists, Denso, Dialyze Direct, LLC, Doctors Me, Duncan Regional Hospital, East Tennessee Children’s Hospital, East Windsor Township, Electoral Services Department of Wandsworth Council, EMC National Life Insurance, Emma Sleep Company, Englewood Health, Ermenegildo Zegna, Finland Department of Defense, Fox, Gainwell Technologies, LLC, GitLab, Globant, hundreds of GoDaddy’s Managed WordPress sites, Google Chrome (over 40 security vulnerabilities fixed in the last month), Grand Coloane Resort, H.P. Hood Dairy, Harris County Jail, Hellenic Post, Highmark Inc, Honda and Acura cars, Horizon Actuarial Services LLC, hundreds of HP printer models, HubSpot, Iberdrola, Isle of Wight EV chargers, Israeli government, Jefferson Dental and Orthodontics, l’Assurance, Labette Health, Law Enforcement Health Benefits, Inc., Local 295 IBT Employer Group Welfare Fund, Lutheran Social Services of Illinois, MailChimp, Major League Baseball Players Benefit Plan, Mansfield company, Medical Surgical Eye Care, Mercado Libre, Microsoft, MikroTik routers, Miratorg Agribusiness HoldingMN District 518, Morgan Stanley Wealth Management, National Rifle Association, New Jersey Brain and Spine, New York City public schools, Nordex, Northern Ireland TrustFord, Norwood Clinic, Okta (though they initially claimed otherwise, then backtracked), Palo Alto Networks, Palo Alto Networks hardware, Parker Hannifin Corp, Partnership HealthPlan of California, PhySynergy, LLC, PressReader, QNAP, Ronin, Rosaviatsia, Roskomnadzor, Rostec, Royal Enfield, Russia’s Federal Security Service (FSB), Russian Lipetsk Mechanical Plant, Russian Orthodox Church, Samsung Electronics, Scottish Association for Mental Health, Scottish Power, Sea Mar Community Health Center, Shutterfly, Snap-On, Sophos Security, South Denver Cardiology Associates, Spokane Regional Health District, Spring Framework for Java, SummaCare, SuperCare, Taylor Regional Hospital, Tennessee Pediatric Hospital, Texas Department of Insurance, The Works, Thomas Allen, Inc., Toei, Toyota, Transneft, TransUnion, Travelio, Trend Micro Apex Central, Trezor, Trinity Home Care, Inc., Ubisoft, Ukrainian IT Army, Ukrtelecom, Valley View Hospital Association, Veeam products, Viasat modems, Virginia Mason Medical Center, Vodafone, WatchGuard, Western Digital My Cloud, Wheeling Health Right Inc, Wynn Palace, Wyze Cam, ZAP-Hosting, and Zyxel hardware were hacked or compromised this month.

Now for the good news:

Internet Explorer is finally going to be going away in only two months. While this will eliminate a program that nobody should be using, it will have some side-effects  for businesses that rely on Active-X objects. Still, net win.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is smaller than it has been in months. The typical computer should see roughly 2.7 GB in updates today. Let’s get started.

Microsoft released updates for .NET Framework, Active Directory Domain Services, Azure SDK, Azure Site Recovery, LDAP, Microsoft Bluetooth Driver, Microsoft Dynamics, Microsoft Edge, Microsoft Graphics Component, Microsoft Local Security Authority Server, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Microsoft Windows Media Foundation, Power BI, Role: DNS Server, Role: Windows Hyper-V, Skype for Business, Visual Studio, Visual Studio Code, Windows Ancillary Function Driver for WinSock, Windows App Store, Windows AppX Package Manager, Windows Cluster Client Failover, Windows Cluster Shared Volume, Windows Common Log File System Driver, Windows Defender, Windows DWM Core Library, Windows Endpoint Configuration Manager, Windows Fax Compose Form, Windows Feedback Hub, Windows File Explorer, Windows File Server, Windows Installer, Windows iSCSI Target Service, Windows Kerberos, Windows Kernel, Windows Local Security Authority Subsystem Service, Windows Media, Windows Network File System, Windows PowerShell, Windows Print Spooler Components, Windows RDP, Windows Remote Procedure Call Runtime, Windows schannel, Windows SMB, Windows Telephony Server, Windows Upgrade Assistant, Windows User Profile Service, Windows Win32K, Windows Work Folder Service, YARP reverse proxy and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.4.1, iPadOS 15.4.1, macOS Big Sur 11.6.5, macOS Monterey 12.3.1, Security Update 2022-003 Catalina, GarageBand 10.4.6, iTunes 12.12.3 for Windows, Logic Pro X 10.7.3, tvOS 15.4, watchOS 8.5.1, Xcode 13.3. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.4.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 15.4.1 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 15.4 is a security update. Use System, Software Update to install the most current version.

watchOS 8.5.1 are security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 100.0.4896.82 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every year and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Hundreds of HP printer models have new firmware security updates or advise disabling the LLMNR protocol. While you’re there consider disabling IPv6, WSD, DHCPv6, as well as SLP unless you’re in a corporate environment, and Bonjour unless you need to print from Apple mobile devices.
https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780

Drivers by Seagull 2022.1 adds support for over 190 new printer models, improves GUI for Driver Wizard and resolves a bug with the GS1 Datamatrix AI 11. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.37.113 is a security update.
https://brave.com/

Google Chrome 100.0.4896.88 is a security update.
https://www.google.com/chrome/

Microsoft Edge 100.0.1185.39 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 99.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.8.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.11.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.2.2623.33 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.2 is a security update.
https://getmailspring.com/

Thunderbird 91.8.0 is a security update.
https://www.thunderbird.net/en-US/

NK2Edit 3.43 adds an option to copy the contents of the selected cell. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.7 resolves several bugs, and improves reliability. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk for macOS 6.5.0 adds permission profiles and resolves a layout bug. This is the last version to support EOL macOS versions. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 145.4.4921 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.59.0 updates libraries. This is a security update.
https://filezilla-project.org/

Google Drive 56.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Nextcloud Server 23.0.3 updates libraries and resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

ownCloud Client 2.10.1.7187 resolves many bugs. This is not a security update.
https://owncloud.com/desktop-app/

Prosody 0.12.0 resolves several bugs and improves security defaults. This should be treated as a security update.
https://prosody.im/download/start

Rclone 1.58.0 adds several new backends and resolves dozens of bugs. This is a security update.
https://rclone.org/

Skype 8.82.0.403 resolves several bugs and makes cosmetic improvements. This is not a security update.
https://www.skype.com/

Syncthing 1.19.2 updates error messaging. This is not a security update.
https://syncthing.net/

Technitium DNS Server 8.0.2 is a major update adding several new features, updates libraries and apps, and resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 3.6.1 resolves several bugs. This is not a security update.
https://telegram.org/

Trillian Mac 6.5.0.11 adds native support for M1, new emoji and history features, and resolves many bugs. This is not a security update.
https://www.trillian.im/

WGet 1.21.3 updates libraries. This is a security update.
https://eternallybored.org/misc/wget/

Zoom 5.10.1.4420 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

FastStone Viewer 7.6 adds several new display controls and improves performance. This is not a security update.
https://www.faststone.org/FSViewerDetail.htm

Plex Desktop 1.43.3.2951 improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.14.0.2935 adds a couple new features and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.25.9.5721 updates scanning behavior, adds support for plexmatch files, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.0.3 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.3.0.625 makes cosmetic and localization changes, adds several new features, and resolves dozens of bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Nintendo Switch 14.1.0 adds PPN. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 22.01-05.00.00 provides many changes to the user interface and nomenclature. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

RetroPie 4.8 updates libraries and apps. This is not a security update.
https://retropie.org.uk/

Steam 2022.03.16 resolves cosmetic issues. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Commerce 2.3.7-p3, 2.4.3-p2, and 2.4.4 are security updates.
https://helpx.adobe.com/security/products/magento/apsb22-13.html

Adobe Acrobat and Reader 22.001.20117, 22.001.20112, 20.005.30334, 20.005.30331, 17.012.30229, and 17.012.30227 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb22-16.html

Adobe After Effects 22.3 and 18.4.6 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb22-19.html

Adobe Photoshop 22.5.7 and 23.3 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-20.html

Blender 3.1 vastly improves performance and adds several new features and controls. This is not a security update.
https://www.blender.org/download/

Calibre 5.40.0 adds new features, news sources, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

IcoFX 3.7.1 resolves several bugs. This is not a security update.
https://icofx.ro/

Kindle for PC 1.35.64251 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Still 7.2.6 resolves over 50 bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.3.2 resolves over 70 bugs, including stability and crash bugs. This should be treated as a security update. The “Fresh” line is beta software so should be avoided by most users.
https://www.libreoffice.org/

Nextcloud Desktop 3.4.4 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.3.3 resolves a crash bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.10 resolves a resize bug. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.3.360.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 1.1.7 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

MalwareBytes Anti-Malware 4.5.7 is a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.0.2 is a security update.
https://curl.se/windows/

OSFClone 1.3.1001 updates operating system. This is not a security update.
https://www.osforensics.com/tools/create-disk-images.html

Tails 4.29 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.42.4 improves reliability. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.10.1 improves organization. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

YARA 4.2.0 updates syntax and resolves several bugs. This is a security update.
https://github.com/countercept/chainsaw

Zorin OS 16.1 updates libraries, apps, improves hardware support, and performance. This is not a security update.
https://zorin.com/os/mirrors/

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD (macOS) 2.11.14 improves Twitch API support. This is not a security update.
https://help.elgato.com/hc/en-us/articles/360027963512

Open Broadcaster Software 27.2.4 resolves several bugs. This is not a security update.
https://obsproject.com/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.6.9 adds support for new encodings.
https://www.dvdfab.cn/download.htm

PDF Creator 4.4.2 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.4 is a major update that adds several new features and resolves two dozen bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9.4 resolves several bugs and improves performance. This is a security update.
https://1password.com/downloads/mac/

Agent Ransack 2022.3314 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Beyond Compare 4.4.2.26348 improves command line support. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 1.32.1 updates Safari extension and resolves several bugs. This is not a security update.
https://bitwarden.com/

Dell Command Update 4.5 improves startup and SRP performance and adds deferral, session management, and WER handling. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 9.81 improves dark theme. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.76 adds new quick filter option. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

dnGrep 3.0.42.0 improves regular expressions and boolean testing and resolves several bugs. This is not a security update.
https://dngrep.github.io/

dupeGuru 4.2.1 resolves several bugs and updates libraries. This should be treated as a security update.
https://dupeguru.voltaicideas.net/

Etcher 1.7.8 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 2022.3314 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

GoodSync 11.10.8 resolves dozens of bugs. This is a security update.
https://www.goodsync.com/

NTLite 2.3.4.8658 adds YubiKey compatibility, upgrades components and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.57.2 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Recuva 1.53.2078 improves licensing controls. This is not a security update.
https://www.ccleaner.com/recuva

RoboForm 9.2.5 is a security update.
https://www.roboform.com/

Rufus 3.18 is a security update.
https://rufus.ie/en_US/

ScreenConnect 22.3.7487.8130 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SearchMyFiles 3.17 adds folder background context option. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

SimpleWMIView 1.51 updates the /columns command line switch behavior. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Ookla Speedtest CLI 1.1.1 doesn’t provide a changelog so should be treated as a security update.
https://www.speedtest.net/apps/cli

TeamViewer 15.28.9 resolves a reliability bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2021.3.0 resolves many bugs and updates libraries. This is not a security update.
https://unity3d.com/get-unity/download/archive

USBDeview 3.03 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

Wazuh Agent 4.2.6 updates Kibana plugin and Splunk app and resolves a bug. This is a security update.
https://wazuh.com/start/

WifiInfoView 2.76 resolves a marking bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Developer Updates

These are unlikely to be of interest to most people.

ADB 33.0.1 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Docker Desktop 4.7.0 is a security update.
https://www.docker.com/products/docker-desktop

GitHub Desktop 2.9.12 adds support for Brackets Editor, JetBrains RubyMine, JetBrains GoLand, and Android Studio, and resolves several bugs. This is not a security update.
https://desktop.github.com/

Godot 3.4.4 resolves several bugs. This is not a security update.
https://godotengine.org/

Node.js 12.22.12 is a security update. This is the final release of the 12.x line.
https://nodejs.org/en/

Node.js 14.19.1 is a security update.
https://nodejs.org/en/

Node.js 16.14.2 is a security update.
https://nodejs.org/en/

Node.js 17.9.0 is a security update.
https://nodejs.org/en/

SQLite 3.38.2 resolves several bugs, improves compatibility and CLI support. This is not a security update.
https://www.sqlite.org/download.html

TortoiseSVN 1.14.3 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.66.1 updates libraries and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.18 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.3.9 is a security update.
https://drupal.org/download

Joomla 4.1.2 is a security update.
https://www.joomla.org/

MailEnable 10.39 resolves several bugs and improves security defaults. This is a security update.
https://www.mailenable.com/

WordPress 5.9.3 resolves several bugs. This is not a security update.
https://wordpress.org/

Autoptimize 3.0.2 improves stability. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 10.2.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Slider Revolution 6.5.19 resolves a couple bugs. This is not a security update.
https://revolution.themepunch.com/

WooCommerce 6.3.1 is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 6.9.0 improves compatibility and resolves several bugs. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-03-08

Welcome back, Folks!

Today is Patch Tuesday for March, 2022. It’s a big one. This month is ugly – and not just in the tech world. It seems that in the same breath that the elite acknowledged and swept the COVID hysteria under the rug, admitting their intervention was entirely propaganda, every government, financial system, media outlet, and software vendor has chosen to simultaneously swallowed a new collection of (quickly disproven) propaganda without the slightest hint of irony. Sigh. We can only do what we can do, but do not be afraid to talk about it. Censorship is how you make enemies, not friends.

This Month in Technology

A1 Hrvatska, Adafruit, Aetna ACE, Allen ISD, Alliance Physical Therapy Group, LLC, Amazon Alexa, AON, Ascension Michigan (single affiliated covered entity) ACE, Asterisk, Asustor NAS devices, Axeda agent, Axis Communications, Baltimore Mayor’s Office of Children and Family Success, Beetle Eye, Belarus online services, Bible Fellowship Church Homes, Bronx Addiction Services Integrated Concepts Systems, Inc., CA State Bar, CareOregon Advantage, Caritas Internationalis, CBORD’s GET Mobile security platform, Charlotte Radiology, Cisco’s Email Security Appliance, Coinbase, Community Medical Center, Comprehensive Health Services LLC, Conti ransomware gang, Credit Suisse, Crossroads Health, CVS Pharmacy, dozens of COVID passport apps, Dr. Morrow, Element Vape, Englewood Health, EPIC Pharmacy Network, Inc., Expeditors International, Extend Fertility, Family Christian Health Center, Family Fare LLC, Fleetwood Area School District, FlexBooker, Gems Education, GiveSendGo/Canadian Freedom Convoy, Google Android, Harbour Plaza Hotel, Hays USD 489, Highland Hospital, Houston Health Department, Intel CPU vulnerabilities can expose your cryptographic keys, International Committee of the Red Cross, Internet Society (ISOC), Ireland’s Health Service, Jackson County Hospital District, JAX Spine and Pain Centers, Jersey City Medical Center, KLAYswap, La Posada at Park Centre, Inc., LAPSUS$, LendUs, Liberty of Oklahoma Corporation, Logan Health Medical Center, MacGeneration, Memorial Hermann Health System, Meyer, Microsoft, Microsoft App Store, Microsoft Azure, Microsoft Exchange, Microsoft SQL Servers, Mizuno, Monongalia Health System, more than 500 Magento 1-based online stores, Morley Companies, Moscow Stock Exchange, Motorola Solutions Inc, new form of distributed denial of service attack, New York State’s Joint Commission on Public Ethics, Nvidia (and it’s BAD), Ohlone College, Oklahoma City Police Department Rape Kit information, Okta Advanced Server Access, PressReader, Priority Health, PROMESA, Puma, Reality Winner’s Twitter account, Rompetrol, Russian TV stations, Samsung Electronics (including source code), San Francisco 49ers, SAP Internet Communication Manager, Sberbank, Sea Mar Community Health Centers, Seneca Nation Health System, South Shore Hospital, Swissport, T-Mobile, Taylor, Ganson & Perrin LLP, TfNSW, the Russian Military, Town Home Care, LLC, Toyota Motor Corp., UK’s Foreign Office, UK’s Information Commissioner’s Office, Ukraine local government websites, Ukrainian Cabinet of Ministers, Ukrainian Ministry of Defense, Ukrainian Ministry of Foreign Affairs, Ukrainian Verkhovna Rada, UMass Memorial Health, Inc., 52 organizations from multiple US critical infrastructure sectors, US defense contractors, US Radiology Specialists, Inc., Viasat, Visual Voice Mail, Vodafone Portugal, VxWorks-based Smart Infusion Pumps, Washington Department of Licensing, WatchGuard firewalls, Williamsville Central School District, Zabbix servers, Zenly, and Zoe Therapy Services have been hacked.

Slack and Twitter both had large outages.

AB Volvo, Activision Blizzard, Adobe, Airbnb, Apple, Apple Maps, Apple Pay, Aston Martin, BMW, Cisco, Coinbase, Daimler Truck, Dell, Epic Games, Ford Motor Company, Google, Google AdWords, Google Maps, Harley-Davidson, Intel, Jaguar Land Rover, Jolla, Mastercard, Mercedes-Benz, Microsoft, Mitsubishi Motors, Namecheap, Netflix, Nintendo, PayPal, Reddit, Readdle, Samsung Electronics, Snapchat, Spotify, SWIFT, Telegram, The EU, TikTok, Toyota Motor Corporation, Twitter, Ubisoft, Visa, Volkswagen, and YouTube have imposed their own private sanctions on Russia and sometimes Belarus.

In response to software vendors (Apple, Microsoft, Readdle and others) imposing their own form of sanctions on Russia, Russia has passed new a licensing law, effectively greenlighting piracy. After ceasing reporting from Russia, the BBC has launched Tor access in several languages. Meanwhile Russia blocks sites that violate their new propaganda law and even rocket sales to the US.

Elon Musk, never a stranger to controversy, has declared that his Starlink service will not bow to censorship demands.

It was disheartening when Canada stole the bank accounts of anyone who dared to donate to a legal protest and dispatched Antifa and the UN to put down protestors

it was worse when they simply locked down all the banks (or at least realized the damage they were doing to themselves), even if they did quickly reverse their insanity. The Mercury account lockouts affected “a large set of accounts” throughout Africa. Worse yet, the entire world banking system has locked out Russia. By the way, do Google and Apple think that disabling their pay platforms in Russia will be the move that will encourage adoption by the rest of the world?

On the topic of social credit systems, I’d like to address the theory that cryptocurrency can be used in spite of bank interventions and government lockdowns. That’s not always the case, as Coinbase demonstrated this week.

As if spurned to action by the recent release of vaccine information and bribery, Twitch is now banning streamers that share “misinformation,” such as the actual medical fraud vaccine information and research by the vaccine manufacturers themselveswill now be banned.

That’s ok, you can go back to “real life” now that cities are opening back up. Did the science change, is it all part of some greater agenda, or are people just bored?

With such a war on truth and science, how can anyone fall for the Battle of Snake Island, Ghost of Kiev, Ukrainian ransomware, or any of the dozen other examples of legacy media propaganda right now?

The CIA has been conducting bulk surveillance on US citizens and the Supreme Court is okay with police planting hidden cameras throughout your property. Telegram isn’t as secure as you might think it is.

Oh – Let’s talk about Apple AirTags…one lady tracked her shipped goods with them and caught the mover lying about it. I’m more skeptical of this story about exposing a secret intelligence service, but the reality is that stalking and tracking for vehicle/home theft are part of the downside.

Microsoft is testing a new build of Windows 11 Pro that will now require a Microsoft account in order to be able to use Windows. This directly violates their previous statements about not forcing Windows Professional and Enterprise versions to use Microsoft accounts. While this will increase deployment and maintenance costs, the real trouble is going to be with transient users that are forced to login with “a” Microsoft account on a business machine and will no longer be able to easily untie that machine or role account from the deeply embedded Microsoft “features.”

Meris Botnet was used to target a single website with over 21 million requests per second. Google Drive is flagging native macOS files as violating copyright. Another new rootable vulnerability has been discovered for Linux. The EU is trying to mandate weakened security so they can better enforce the GDPR, digital identity and social credit systems.

Now for the good news:

The problem with cryptocurrency is that it necessarily depends on a public ledger (the blockchain). Espresso intends to fix that.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is a big one. The typical computer should see roughly 2.2 GB in updates today. Let’s get started.

Microsoft released updates for .NET and Visual Studio, HEIF Image Extension, HEVC Video Extension, Microsoft 365, Raw Image Extension, Remote Desktop client, VP9 Video Extension, Windows 10, Windows 7, Windows 8.1, Windows RT, Windows Server, Azure Site Recovery, Microsoft Defender for Endpoint, Microsoft Defender for IoT, Microsoft Edge, Microsoft Exchange Server, Microsoft Intune, Microsoft Office Visio, Microsoft Office Word, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Paint 3D, Role: Windows Hyper-V, Skype Extension for Chrome, Tablet Windows User Interface, Visual Studio Code, Windows Ancillary Function Driver for WinSock, Windows CD-ROM Driver, Windows Cloud Files Mini Filter Driver, Windows COM, Windows Common Log File System Driver, Windows DWM Core Library, Windows Event Tracing, Windows Fastfat Driver, Windows Fax and Scan Service, Windows HTML Platform, Windows Installer, Windows Kernel, Windows Media, Windows PDEV, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Remote Desktop, Windows Security Support Provider Interface, Windows SMB Server, Windows Update Stack, XBox, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.3.1 and iPadOS 15.3.1, macOS Monterey 12.2.1, macOS Big Sur 11.6.4, Security Update 2022-002 Catalina, Safari 15.3, and watchOS 8.4.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.3.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 15.3.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 8.4.2 are security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 98.0.4758.107 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.9 improves cleanup. This is not a security update.

HP M281cdw Firmware 20211221 resolves the network stability issue from the previous firmware that effectively disabled the device.

Logitech Options 9.60.87 is a security update.

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.36.111 is a security update.

Firefox 98.0 is a security update.

Firefox ESR 91.7.0 is a security update.

Google Chrome 99.0.4844.51 is a security update.

Microsoft Edge 99.0.1150.36 is a security update.

SeaMonkey 2.53.11 is a security update.

Vivaldi 5.1.2567.57 is a security update.

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.0 is a major update to the underlying code, adding ARM support, improved spellcheck, performance, and port improvements. This is not a security update.

Thunderbird 91.6.2 is a security update.

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.6 improves password management and resolves several bugs. This should be treated as a security update.

curl 7.82.0 resolves dozens of bugs and adds several new automations. This is not a security update.

Dropbox 143.4.4161 doesn’t provide a changelog so should be treated as a security update.

FileZilla Client 3.58.0 updates libraries, log details and prepares for 2FA support. This is not a security update.

FileZilla Server 1.3.0 is a security update.

FreeFileSync 11.18 resolves several bugs. This is not a security update.

Omada Software Controller 5.1.7 resolves several bugs, adds new services and features, increases hard limits, and adds support for newer hardware. This is not a security update.

Skype 8.81.0.268 resolves several bugs and adds ability to revoke and recreate profile. This is not a security update.

Syncthing 1.19.1 resolves several bugs. This is not a security update.

WinSCP 5.19.6 is a security update.

Zoom 5.9.7.3931 is a security update.

Media Updates

These are unlikely to be of interest to most people.

darktable 3.8.1 improves performance and stability, and resolves several bugs. This is not a security update.

iTunes 12.12.2.2 doesn’t provide a changelog so should be treated as a security update.

Plex Desktop 1.41.0.2876 resolves DVR and LiveTV bugs, and improves search. This is not a security update.

Plex Home Theater 1.12.0.2884 resolves several bugs, resolution and MPV improvements, and improves stability. This is not a security update.

Plex Media Server 1.25.6.5577 resolves several bugs, improves collection, smart filtering, and reliability during media changes and replacement. This is not a security update.

Adobe Photoshop 22.5.6 and 23.2 are security updates.

Adobe Illustrator 26.1.0 is a security update.

Adobe After Effects 22.2.1 and 18.4.5 are security updates.

Game Updates

These are unlikely to be of interest to most people.

Epic Games 13.2.0 resolves several bugs. This is not a security update.

GameMaker Studio 2022.2.0.614 adds Text-In-Sequence, Track-In-Sequence, changes array behavior, updates libraries, and resolves dozens of bugs. This is not a security update.

Steam 2022.03.04 resolves over 20 bugs. This is not a security update.

PlayStation PS5 21.02-04.51.00 improves performance. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Atom 1.60.0 improves usability and resolves dozens of bugs. This is not a security update.

IcoFX 3.7 resolves several bugs and improves compatibility. This is not a security update.

LibreOffice Fresh 7.3.1 resolves over a hundred bugs, including crash and freeze issues. This is not a security update. Remember that the Fresh line is beta software and should be avoided in favor of the Still (stable) version by most users.

Nextcloud Desktop 3.4.3 resolves several bugs. This is not a security update.

Notepad++ 8.3.2 resolves several bugs. This is not a security update.

Paint.net 4.3.8 resolves several bugs and updates libraries. This is not a security update.

Calibre 5.38.0 resolves several bugs and adds new news sources. This is not a security update.

Adobe Reader DC 22.001.20085 is a security update.

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes Anti-Malware 4.5.4 resolves a dozen bugs. This is not a security update.

RogueKiller 15.4.0 resolves several bugs. This is not a security update.

uBlock Origin 1.41.8 resolves several bugs. This is not a security update.

Velociraptor 0.6.3 adds several new features and improves performance. This is not a security update.

Wireless Network Watcher 2.30 adds custom context menu items option. This is not a security update.

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD 3.70.56 updates Twitch API. This is not a security update.

Open Broadcaster Software 27.2.3 resolves dozens of bugs. This is not a security update.

ScreenToGif 2.36 resolves several bugs and adds new installation packages and package types. This is not a security update.

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.6.3 adds support for new encodings and resolves several bugs. This is not a security update.

IsoBuster 4.9.1 doesn’t provide a detailed changelog so should be treated as a security update.

MakeMKV 1.16.7 improves reliability and resolves several bugs. This is not a security update.

Utility Updates

These are unlikely to be of interest to most people.

Agent Ransack 2022.3307 resolves several bugs and adds new columns for Folder Depth, Product Version, File Version, and filtering for Owner and Product Version. This is not a security update.

Autoruns 14.09 resolves a reliability bug. This is not a security update.

Bitwarden 1.31.3 resolves several bugs. This is not a security update.

Carbonite 6.4.1 resolves two bugs. This is not a security update.

CPU-Z 2.00 adds support for new hardware. This is not a security update.

DesktopOK 9.71 resolves several bugs. This is not a security update.

DMDE 4.0.0.800 adds Btrfs support, improves ReFS, and resolves several bugs. This is not a security update.

dnGrep 3.0.29.0 resolves several bugs. This is not a security update.

Etcher 1.7.7 updates libraries, improves updater, and resolves several bugs. This is a security update.

FileLocator Pro 2022.3307 resolves several bugs and adds new columns for Folder Depth, Product Version, File Version, and filtering for Owner and Product Version. This is not a security update.

GoodSync 11.10.5 resolves dozens of bugs. This is not a security update.

grepWin 2.0.10 improves cosmetics. This is not a security update.

Nextcloud Server 23.0.2 updates libraries and resolves dozens of bugs. This is not a security update.

NTLite 2.3.4.8643 resolves several bugs. This is not a security update.

osquery 5.2.2 updates libraries, improves compatibility, and resolves several bugs. This is a security update.

AOMEI Partition Assistant 9.6.1 resolves several bugs. This is not a security update.

PowerToys 0.56.2 adds new features and resolves several bugs. This is not a security update.

ProcessMonitor 3.89 resolves a crash bug. This is not a security update.

Recuva 1.53.2065 adds telemetry. This is not a security update.

Macrium Reflect 8.0.6636 resolves several bugs. This is not a security update.

ScreenConnect 22.2.7029.8094 resolves several bugs. This is not a security update.

SimpleWMIView 1.48 adds quick-filter option “begins with.”

Sysmon 13.33 resolves a crash bug and improves memory handling. This is not a security update.

TaskSchedulerView 1.70 adds option to open task folder and enable or disable header line in exports. This is not a security update.

Unity 2021.2.14 updates libraries and resolves several bugs. This is not a security update.

Wazuh Agent 4.2.5 resolves several bugs. This is a security update.

WifiInfoView 2.75 adds MAC Group column, MAC Group filtering and 64-bit build. This is not a security update.

WinGet 1.1.12653 resolves dozens of bugs. This is not a security update.

WinRAR 6.11 improves reliability and compatibility. This is not a security update.

WinScan2PDF 7.55 improves reliability. This is not a security update.

WizTree 4.08 adds custom filtering for full scan results. This is not a security update.

ZoomText 2022.2202.36.400 adds new voices and languages, improves compatibility, and resolves several bugs. This is not a security update.

Developer Updates

These are unlikely to be of interest to most people.

ADB 33.0.0 resolves a crash bug. This is not a security update.

Docker Desktop 4.5.1 is a security update.

GitHub Desktop 2.9.11 resolves several bugs. This is not a security update.

Godot 3.4.3 resolves dozens of bugs. This is not a security update.

Node.js 16.14.0 resolves dozens of bugs. This is not a security update.

Node.js 17.6.0 updates libraries and resolves dozens of bugs. This is not a security update.

SQLite 3.38.0 resolves several bugs and updates syntax and compatibility. This is not a security update.

Visual Studio Code 1.65.1 is a security update.

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.18.0 adds LWP support and resolves an invalid mailbox bug. This is not a security update.

Drupal 9.2.13 is a security update.

Drupal 9.3.7 is a security update.

Joomla 4.1.0 is a major update adding task scheduling, child template overrides, accessibility improvements and syntax highlighting. This is not a security update.

MailArchiva 8.7.4 improves performance. This is not a security update.

MailEnable 10.38 updates libraries and resolves several bugs. This is not a security update.

phpList 3.6.7 resolves several bugs. This is not a security update.

phpMyAdmin 5.1.3 is a security update.

SMF 2.1.1 is a major update release with several new features, and improves compatibility and reliability. This update will disable any mods and custom themes and some older mods and themes will need changes to be compatible. This is not a security update.

WordPress 5.9.1 resolves over 80 bugs. This is not a security update.

Antispam Bee 2.11.0 resolves several bugs. This is not a security update.

BuddyPress 10.1.0 resolves several bugs. This is not a security update.

Contact Form 7 5.5.6 resolves several bugs. This is not a security update.

Slider Revolution 6.5.18 resolves several bugs. This is not a security update.

Social Post Feed 4.1.2 resolves several bugs. This is not a security update.

myStickymenu 2.5.8 resolves a couple bugs and adds cosmetic and layout features. This is not a security update.

Widgets on Pages 1.6.0 is a security update.

WooCommerce 6.3.0 is a security update.

WP Mail SMTP 3.3.0 improves compatibility and resolves several bugs.

WordPress Zero Spam 5.2.15 is a security and woke-ness update. Since they’re now injecting content of their own choice into your website, they can no longer be trusted and you should remove this plugin from your websites.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-02-08

Welcome back, Folks!

Today is Patch Tuesday for February, 2022.

It’s only the beginning. February tends to be “patch it once, whoops, patch it again” month most years, so expect another cycle later in the month.

This Month in Technology

Abington Memorial Hospital (dba Jefferson Abington Hospital), dozens of WordPress  Themes and Plugins by AccessPressAditya Birla Fashion and RetailAdvocates, Inc., Albany Family DentistryAlbuquerque Public SchoolsAllegheny Health Network Home Infusion, LLCArgo CDArnprior Regional HealthAWS GlueBoxBTC-AlphaCaring CommunitiesChico StateCisco StarOSColorado Department of Human ServicesCounty of Kings (CA)Crypto.comDelta ElectronicsDigital Insurance, LLC doing business as OneDigital, Evos in the NetherlandsFiondella, Milone & LaSaracina, LLPGlobal Affairs CanadaGolden State DermatologyGoodwillGreensward AcademyGriggsville-Perry School DistrictHensoldtIDEMIA biometric ID hardwareIndependence Blue Cross, International Committee of the Red CrossiRise Florida Spine and Joint Institute, LLCKP SnacksLympoMcAfee Enterprise (Trellix)various medical devicesMedical Healthcare Solutions, Inc., Medical Review Institute of AmericaMemorial Health SystemMeterMidland UniversityMillennium Eye Care LLCMonclerMotorolaMultichainNews Corp, publisher of The Wall Street JournalNobel FoundationOiltanking in GermanyOlympic Games AppOpenSubtitles, Oscar Buckeye State Insurance CorporationOscar Health Plan of CaliforniaOscar Insurance Company of FloridaOscar Insurance Corporation of OhioPace Center for GirlsPanasonicPellissippi State Community College in TennesseePennsbury School DistrictPhiladelphia FIGHT Community Health CentersPolkitPractolytics LLCPumaR.R. DonnellyRaveco MedicalRedDoorzSEA-Invest in BelgiumSecuritasSegwaySeneca Family of AgenciesSouth City HospitalSpencer Gifts LLC Health and Welfare Benefit PlanSt. Lucie County’s Drug Screening LabSwiss Federal RailwaysSwissportTaylor Regional HospitalThai University Central Admission SystemThomas Jefferson University Hospital, Inc., Ubiquiti’s UniFi NetworkUniversity of Arkansas for Medical SciencesUpstoxVantage Holding Company, LLCVolunteers of America Southwest CaliforniaWalgreen Co., Washington Department of LicensingWormhole, and Zimbra have been hacked.

GitHubDiscord, and Telegram have suffered major outages.

Phishing is proving to be even more effective against multi-factor authentication (MFA), as I’ve warned for decades. UPnP is still the worst network design feature. Buy an expensive GPU, gift your identity. Firefox’s “private” email relay service has been added to disposable email blacklists. As expected. Target, the premier member of the “hacked every month club“, is releasing the source code for some of their security software. Google Drive is flagging files containing the number “1” as violating copyrights. VPN companies Nord and Surfshark will merge. 11th and 12th generation Intel CPUs will not be able to play Blu-ray UHD disks.

The IRS is now mandating the use of a private third-party in order to access your own IRS information online. But wait, there’s more! The company, id.me, conceals their own identity and hides their WHOIS data. Tax-filers are already being phished with a threat of refunds being cancelled. The worst news: Nvidia has called off its efforts to acquire Arm.

Now for the good news:

The US Department of Justice has indicted 6 India Call Centers for Scams Targeting Seniors. Maybe the amount of scam calls we get will decrease? I doubt it though, considering the vast increase I’ve received in the last month. 🙁

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is almost back to normal. Well, for now. The typical computer should see roughly 1.8 GB in updates today. Let’s get started.

Microsoft released updates for .NET, Windows, Azure Data Explorer, Kestrel Web Server, Microsoft DNS Server, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft OneDrive, Microsoft Teams, Microsoft Windows Codecs Library, Power BI, Roaming Security Rights Management Services, SQL Server, Visual Studio Code, Windows Common Log File System Driver, Windows DWM Core Library, Windows Hyper-V, Windows Kernel, Windows Kernel-Mode Drivers, Windows Named Pipe File System, Windows Print Spooler Components, Windows Remote Access Connection Manager, Windows Remote Procedure Call Runtime, Windows User Account Profile, Windows Win32K, and MSRT (~1.4 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.3 and 15.2.1, iPadOS 15.3 and 15.2.1, tvOS 15.3, watchOS 8.4.1, Safari 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3, and Security Update 2022-001 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.3 and 15.2.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.3 and 15.2.1 are security updates. Use Settings, General, Software Update to install the most current update.

tvOS 15.3 is a security update. Use System, Software Update to install the most current version.

watchOS 8.4.1 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 98.0.4758.91 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.8 is a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Daemon Tools Lite 11.0.0 adds new image support, DD write, and resolves several other bugs. This is a security update.
https://www.daemon-tools.cc/products/dtLite

Logi Bolt App 1.2.6024 adds support for the Logitech Unifying Adapter and resolves several bugs. This is not a security update.
https://support.logi.com/hc/en-us/articles/4418089333655

Logitech Options 9.50.269 is a security update.
https://support.logi.com/hc/en-us/articles/360025297893

Nvidia 473.04 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.35.100 is a security update.
https://brave.com/

Google Chrome 98.0.4758.80 is a security update.
https://www.google.com/chrome/

Microsoft Edge 98.0.1108.43 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 97 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.6 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 5.0.2497.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.5.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Mumble 1.4.230 is a major update resolving dozens of bugs, adding many new features and introducing true plugin support. This is not a security update.
https://www.mumble.info/downloads/

Prosody 0.11.13 is a security update.
https://prosody.im/download/start

Telegram 3.5.2 resolves several bugs and improves reactions. This is not a security update.
https://telegram.org/

Trillian Mac 6.4.0.4 improves compatibility and resolves several bugs. This is not a security update.
https://www.trillian.im/

BrowsingHistoryView 2.51 adds Visit Duration and improves Visited From. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Dropbox 141.4.3299 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FreeFileSync 11.17 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 55.0 adds integrated desktop search, resolves several bugs and improves performance. This is not a security update.
https://drive.google.com/start

Omada Software Controller 5.0.30 adds newer hardware support, 2FA for Cloud Access, DHCP reservations in Services, and resolves dozens of bugs. This is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Syncthing 1.19.0 resolves a bug and improves ignore patterns. This is not a security update.
https://syncthing.net/

Zoom 5.9.3.3169 resolves several bugs, adds new features (and requirements) and controls. This is a security update.
https://zoom.us/

Java 8u321 is a security update.
https://www.java.com/en/download/manual.jsp

Media Updates

These are unlikely to be of interest to most people.

Flickr Downloadr 3.4.5.1 only updates the packager. This is not a security update.
https://flickrdownloadr.com/downloads/

Picard 2.7.3 resolves the launcher bug. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.40.1.2823 resolves a packaging error in the installer. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.10.0.2819 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.25.5.5492 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 13.1.7 resolves a couple bugs and prepares for feature changes. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.1.1.610 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Nintendo Switch 13.2.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

Steam 2022.01.20 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe After Effects 22.2 and 18.4.4 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb22-09.html

Adobe Creative Cloud Desktop 2.7.0.15 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb22-11.html

Adobe Illustrator 26.0.3 and 25.4.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-07.html

Adobe Photoshop 22.5.5 and 23.1.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-08.html

Adobe Premiere Rush 2.3 is a security update.
https://helpx.adobe.com/security/products/premiere_rush/apsb22-06.html

Artweaver 7.0.11 is a security update.
https://www.artweaver.de/

Atom 1.59.0 resolves several bugs. This is not a security update.
https://atom.io/

Blender 3.0.1 doesn’t provide a changelog so should be treated as a security update.
https://www.blender.org/download/

Inkscape 1.1.2 resolves over 40 bugs, improves stability and reliability. This is not a security update.
https://inkscape.org/release/

LibreOffice Fresh 7.3.0 resolves hundreds of bugs. This is not a security update. The “Fresh” line is beta software and should be avoided in favor of the “Still” line whenever possible.
https://www.libreoffice.org/

LibreOffice Still 7.2.5 resolves almost a hundred bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.4.2 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.3 improves support for large files and resolves several bugs. Be aware there may be plugin stability issues for the near future. This is not a security update.
https://notepad-plus-plus.org/

Scribus 1.5.8 improves dark mode, import, PDF export, and resolves several bugs. This is not a security update.
https://www.scribus.net/

Calibre 5.36.0 improves metadata parsing and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Kindle for PC 1.34.63103 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes Anti-Malware 4.5.2 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.14 improves up-sell ability. This is not a security update.
https://www.malwarebytes.com/mac/

OnionShare 2.5 is a security update.
https://onionshare.org/

RogueKiller 15.2.0 adds several new features and cosmetics. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 4.27 updates components and libraries. This is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

uBlock Origin 1.41.0 adds dark mode and resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

QubesOS 4.1.0 is a major update, with updated components, improved granular controls, new features and resolves many bugs. This is a security update.
https://www.qubes-os.org/downloads/

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 3.09 improves compatibility with new Chromium-based browsers. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.6.0 resolves several crash bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

Agent Ransack 2022.3294 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Autoruns 14.08 resolves several bugs. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

ControlMyMonitor 1.35 adds display filter options. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Cygwin 3.3.4 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 9.61 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.0.0 improves the build process and now generates signed packages, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

Everything CLI 1.1.0.23 adds support for long file names. This is not a security update.
https://www.voidtools.com/

Everything Toolbar 0.7.4 resolves a first-boot filter bug. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.28 adds support for Windows 11 21H2 v1. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3294 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.35.1 resolves dozens of bugs. This is not a security update.
https://git-scm.com/

GoodSync 11.10.3 resolves several compatibility bugs. This is not a security update.
https://www.goodsync.com/

Kingston SSD Manager 1.5.1.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2.3.3.8585 adds new settings, upgrades components, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.55.1 resolves several bugs and improves reliability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.88 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Macrium Reflect 8.0.6525 improves media creation, compatibility, and resolves several bugs. This is not a security update.
https://www.macrium.com/reflectfree

RoboForm 9.2.4 improves Basic Auth support and resolves several bugs. This is not a security update.
https://www.roboform.com/

Samsung Magician 7.0.1 doesn’t provide a changelog, so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

SmartMonTools 7.2 significantly improves field detection and reporting, offers YAML output, drive database extensions, and other fixes. This is not a security update.
https://smartmontools.org/

Sysmon 13.32 improves compatibility. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.17 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

VMMap 3.32 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/vmmap

Windows 11 RCT 1.4.0 adds support for newer hardware. This is not a security update.
https://bytejams.com/

WinRAR 6.10 adds support for new formats, improved compatibility, resolves several bugs, and optimizes user interface. This is not a security update.
https://www.rarlab.com/

ZoomIt 5.0 adds support for Windows 11 and resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

ADB 32.0.0 adds native M1 support. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Docker Desktop 4.4.4 is a security update.
https://www.docker.com/products/docker-desktop

MySQL ConnectorNet 8.0.28 is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 12.22.10 upgrades libraries and time zone information. This is not a security update.
https://nodejs.org/en/

Node.js 14.19.0 updates time zone information, adds Corepack and updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 17.4.0 resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

TortoiseGit 2.13.0.1 updates requirements, libraries, and resolves dozens of bugs. This is not a security update.
https://tortoisegit.org/

Visual Studio Code 1.64 improves cosmetics, automation, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.32 is a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.2.12 is a security update.
https://drupal.org/download

MailArchiva 8.7.1 improves role functionality and resolves several bugs. This is not a security update.
https://mailarchiva.com/

ownCloud Client 2.10.0.6519 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

ownCloud Server 10.9.1 improves stability and reliability. This is not a security update.
https://owncloud.org/install/

phpMyAdmin 5.1.2 and 4.9.9 are security updates.
https://www.phpmyadmin.net/

ScreenConnect 21.15.6739.8073 improves automation, triggers, auditing, 2FA timeouts, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.9 resolves dozens of bugs and implements front-end editing. This is not a security update.
https://wordpress.org/

Akismet 4.2.2 improves compatibility and resolves several bugs. This is not a security update.

Autoptimize 2.9.5.1 resolves a stability bug. This is not a security update.

BuddyPress 10.0.0 is a major update offering several new features and resolving dozens of bugs. This is not a security update.

Contact Form 7 5.5.4 adds double opt-in support, new action and filter hooks and resolves a bug with the default contact form. This is not a security update.

Duplicator 1.4.4 resolves several bugs. This is not a security update.

Redirection 5.2.3 resolves several bugs. This is not a security update.

Slider Revolution 6.5.15 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

WooCommerce 6.1.1 resolves dozens of bugs. This is not a security update.

WordPress Zero Spam 5.2.10 is a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/