Updates 2016-10-11

Hi, Folks!

It’s Patch Tuesday.

The typical computer should see roughly 1.5gb in updates today. It’s another big one. Let’s get started.

Microsoft released updates to Windows, Edge, Internet Explorer, .NET, Silverlight, Office, and MSRT (~1.2gb). This includes security updates. A reboot is required.

This month marks the beginning of a new Microsoft update policy of packaging updates in group rollups instead of individually for different applications, even for older supported operating systems like Windows 7 and 8.1. As of this month Microsoft will release all Windows-tied security patches in the same file each month, with a separate non-security update package and other minor updates for feature and compatibility fixes. What this means for you is that Windows will now impose security updates once they’ve passed limited testing, and will deal with the aftermath of inevitable failures after Patch Tuesday with additional rollups. Don’t get me wrong, the security updates are essential to good computing, but without the ability to selectively exclude known-bad updates after internal testing is performed, this is going to create a situation where most enterprise environments delay updates even longer. The only safe resolution for this is to have full backups and be prepared to perform a reset or system restore should, well, the inevitable disaster occur.

Apple released updates for macOS/OS X, Safari, iCloud for Windows, Windows Migration Assistant, and printer drivers. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 10.0.2 is the second security update to the new version of iOS 10 that was released last month. Use Settings, General, Software Update to install the most current version. It should be okay to install on your iOS device now, but be prepared for 10.0.3 anytime.

Google Chrome OS 53.0.2785.154 is a security update. Use Menu, Help, About to install the most current version.

Adobe Flash Player 23.0.0.185 is a security update. Flash is being actively replaced with HTML5 on most sites and services, however, so unless you’re 110% positive you need it for critical functions, you should remove it instead. And, within those browsers that have it embedded (Chrome, Edge, Internet Explorer 11+) disable it. It’s just not worth the risk.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.2.1 fixes reliability problems. This is not a security update.
http://www.wagnardmobile.com/DDU/

DS4Windows 1.4.52 adds support to new hardware, and fixes reliability problems. This is not a security update.
http://ds4windows.com/

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 53.0.2785.143 is a security update. Use Menu, Help, About to install the most current version.

Firefox 49.0.1 is a security update. Menu, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Adobe Shockwave 12.2.5.195 did not provide a changelog, so should be treated as a security update. Chances are very good you don’t need it anyway, though, so remove it if at all possible.
https://12pd.com/click?shockwave

Silverlight 5.1.50709 is a security update.
http://www.microsoft.com/getsilverlight/Get-Started/Install/Default.aspx

Skype 7.28.0.101 is no longer Windows 7-friendly, and doesn’t play well with older versions. There’s no indication that this release is a security update, so stick with 7.15 to 7.27.
https://12pd.com/click?skype

Mumble 1.2.17 is a security update.
https://github.com/mumble-voip/mumble/releases

BIND 9.10.4-P3, 9.11.0rc3, 9.9.9-P3, and 9.9.9-S5 are security updates.

curl 7.50.3 is a security update.

WinSCP 5.9.2 fixes several bugs. This is not a security update.
http://winscp.net/eng/index.php

Evernote 6.3.3.3502 fixes many bugs and improves Google Drive support. This is not a security update.
http://www.evernote.com/

Nmap 7.30 updates OS fingerprints, adds several new scripts, updates libraries and adds support for several additional protocols. This is not a security update.
http://nmap.org/

FileZilla 3.22.1 fixes a crash bug. This is not a security update.
http://filezilla-project.org/

MaxMind GeoIP Data 201610 is a data refresh.
http://dev.maxmind.com/geoip/geolite

BrowsingHistoryView 1.90 adds support for Vivaldi and profile management. This is not a security update.
http://www.nirsoft.net/utils/browsing_history_view.html

NK2Edit 3.26 adds ability to import from message store. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

IMAPSize is now dead. The source has been released for 0.3.7, but the author is discontinuing what little support existed over the last 7 years.
http://www.broobles.com/imapsize/news.php

Media Updates

These are unlikely to be of interest to most people.

Unreal Streaming Media Player 7.1 integrates HTML5 video element support and UMS-HTTPS into the engine, eliminating the need for the IIS extension.
http://www.umediaserver.net/umediaserver/download.html

Unreal Media Server 12.0 integrates HTML5 video element support and UMS-HTTPS into the engine, eliminating the need for the IIS extension.
http://www.umediaserver.net/umediaserver/download.html

Game Updates

These are unlikely to be of interest to most people.

Battle.net Client 20161011 doesn’t provide a changelog, so should be treated as a security update.
http://us.battle.net/en/app/

EA Origin 10.1.1.35466 fixes several bugs. This is not a security update.
https://www.origin.com/en-us/download

Lego Digital Designer 4.3.10 removes the ability to order your models. This is not a security update.
http://ldd.lego.com/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat 11.0.18 Pro is a security update. Use Help, Check for Updates to install the most current version.

Adobe Acrobat DC 2015.020.20039 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Reader 11.0.18 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Creative Cloud Desktop 3.8.0.310 is a security update. Since the security vulnerability is within the update feature, it’s not safe to use that to update it. Download the new build here:
https://www.adobe.com/creativecloud/desktop-app.html

Adobe FrameMaker 2015.0.5 is a security update.
Win: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6088

Adobe DNG Converter 9.7 adds support for new hardware. This is not a security update.
Win: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6087
Mac: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6086

Artweaver 5.1.4 fixes several bugs. This is not a security update.
http://www.artweaver.de/

LibreOffice 5.2.2 fixes several bugs and improves stability. This is not a security update.
http://www.libreoffice.org/

Notepad++ 7 adds 64-bit support, updates libraries, improve HDPI support and monitoring, many new commands and more. This is a security update.
https://12pd.com/click?npp

OpenPetra 2016.07.0.0 improves security and improves Finance and Partner System. This is a security update.
http://www.openpetra.org/

Kindle for PC 1.17.1 Build 44183 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

CertData 10 Oct 2016 is a security update. If you roll your own certificates, it’s time to update.
https://mxr.mozilla.org/mozilla-central/source/security/nss/lib/ckfw/builtins/certdata.txt

OpenSSL 1.1.0b is a security update.

Wireshark 2.2.1 is a security update.
http://www.wireshark.org/

Wireless Network Watcher 2.02 updates the internal MAC addresses database. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 12.7.1 improves scanning, telemetry and detections. This is not a security update.
http://www.adlice.com/softwares/roguekiller/

Stinger 12.1.0.2137 improves detections. This is a security update.
https://12pd.com/click?stinger

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 2.8.1607.1944 fixes several bugs. This is not a security update.
http://www.xsplit.com/get/

XSplit Gamecaster 2.8.1607.2031 fixes several bugs. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 9.3.1.6 adds support for new encodings, adds new conversion profiles, and fixes several bugs. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.2.0.4433 adds several new components and a wizard to refresh for new builds. This is not a security update.
https://www.ntlite.com/download/

SpaceSniffer 1.3.0.2 fixes an export data bug. This is not a security update.
http://www.uderzo.it/main_products/space_sniffer/

7-Zip 16.04 fixes several bugs. This is a security update.
http://www.7-zip.org/

8GadgetPack 21.0 adds Windows 10 Anniversary Update compatibility, fixes several bugs. This is not a security update.
http://8gadgetpack.net/

GoodSync2Go 10.1.4 fixes several bugs, including license issues, browse and event notification. This is not a security update.
https://12pd.com/click?goodsync

dupeGuru 4.0.2 fixes crash bug in macOS Sierra. This is not a security update.
http://www.hardcoded.net/dupeguru/

IEDigest 1.9.2 adds new policies from Windows 10 Anniversary Update, new warnings and registry keys. This is not a security update.
http://www.regente.de/IEDigest/?page_id=9

ImageUSB 1.3.1002 doesn’t provide a changelog, so should be treated as a security update.
http://www.osforensics.com/tools/write-usb-images.html

Ketarin 1.8.7 adds ifempty and runpowershell variable parsing, compatibility with PowerShell 4.0 and 5.0, and adds segmented downloading. This is not a security update.
http://ketarin.org/

Agent Ransack 2016.864 fixes bugs in context menu and registration. This is not a security update.
http://mythicsoft.com/agentransack/download

FileLocator Pro 8.1.2677 adds support for HDPI, improved PST/OST support, and reliability fixes. This is a security update.
http://www.mythicsoft.com/filelocatorpro/download

CurrPorts 2.25 adds the ability to hide loopback connections. This is not a security update.
http://www.nirsoft.net/utils/cports.html

Password Security Scanner 1.40 adds support for Yandex and Vivaldi browsers. This is not a security update.
http://www.nirsoft.net/utils/password_security_scanner.html

WakeMeOnLan 1.78 adds connection name to the network adapters list. This is not a security update.
http://www.nirsoft.net/utils/wake_on_lan.html

WifiInfoView 2.08 adds the connection name to the network adapters list. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

Synergy 1.8.3 fixes several bugs, adds macOS support and clipboard options, improves reliability and removes automatic elevation. This is a security update.
http://symless.com/download/

SystemRescueCD 4.8.3 updates libraries and tools. This is a security update.
http://www.sysresccd.org/

TeamViewer 11.0.66695 improves reliability, fixes several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WSUS Offline 10.8 fixes several bugs and improves reliability. This is a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

GitHub Desktop 3.3.1 is a security update.
https://desktop.github.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 12.5.0 adds support for Windows 10 Anniversary Update, and many bug fixes. This is a security update.
http://www.vmware.com/products/player/

PPSSPP 1.3 fixes many bugs, improves reliability and updates libraries. This is a security update.
http://ppsspp.org/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.5.44 is a security update.
http://coppermine-gallery.net/

ownCloud Client 2.2.4 fixes several bugs. This is not a security update.
https://owncloud.org/install/

Drupal 8.2.1 fixes several bugs, updates libraries, adds many improvements. This is a security update.
http://drupal.org/download

HumHub 1.1.1 fixes several bugs, improves reliability, and other enhancements. This is a security update.
https://www.humhub.org/en/download

MailEnable 9.50 adds PowerShell API, multifactor authentication, bulk operations for archive, move and delete, and fixes for several bugs. This is not a security update.
http://www.mailenable.com/

SMF 2.0.12 is a security update.
http://download.simplemachines.org/

Contact Form 7 4.5.1 fixes several bugs. This should be treated as a security update.

Multisite Enhancements 1.3.6 improves compatibility with the current release of WordPress.

NextScripts Social Networks Auto-Poster 3.7.3 adds MailChimp and Weibo, reset improvements, Twitter improvements and bug fixes. This is a security update.

Sucuri Security 1.8.3 fixed several bugs. This is not a security update.

W3 Total Cache 0.9.5.1 is a security update.

WP Edit 4.0 adds integration API and nonce support. This is a security update.

WPtouch 4.3.3 fixes several bugs. This is not a security update.
That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/