Updates 2025-06-10

Welcome back, Folks!

Today is Patch Tuesday for June, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer.

There were 418+ major hacks, and over 260 application updates this month. It’s a mild month, with only about 2 GB of updates for most users.

This Month in Technology

2BrightSparks SyncBackFree, 3P Corporation, A+ Machining, Abu Dhabi Department of Culture and Tourism, Access2Day Health, Action1, Adidas, Adobe Dreamweaver, Al Tadawi Specialty Hospital, Alera Group, Inc, Alliance Healthcare IT, ALN Medical Management, Amazon Spain, American Hospital in Dubai, American National Bank & Trust, AMI Group, Anne Arundel County Department of Health, AntFarm, Anyproxy, over 1 million consumer AOSP devices, Apache InLong, Apache Tomcat, Apple iMessage, Apple macOS, Apple XNU, Apple’s Safari web browser, Apro, Arla Foods, Arrowhead Evaluation Services, Ascension Health, over 9,000 ASUS routers, AT&T, Austin Small Business Group Health Insurance, Australian Human Rights Commission, Australian Taxation Office, Auto-ici, Autodesk Revit, AVCheck, AXT, Inc, Bailey’s, Balance Autism, Bank Street College of Education, Better Business Bureau Serving the Pacific Southwest, Central & Inland California (BBB), BidenCash, BitoPro, Blaine, MN, Brackett & Ellis, Bradford Health Services, British Horseracing Authority, Broadcom, Bronx Pro Group, Bumfords, Business Systems House, Cahaba Center for Mental Health, Canadian Rocky Mountain Resorts, Canon imageCLASS MF656Cdw, Cape Robbin, Capital Trade, CareNexa, LLC, Carpenter, McCadden & Lane, Carrera Chevrolet, Cartier, Catdoc, Cator Ruma & Associates, Cellcom, Central Maine Healthcare, Central Point School District 6, OR, Cetus Protocol, Channel Islands YMCA, Choice AG, Chroma, Cisco Customer Collaboration Platform (CCP), Cisco Identity Services Engine ISE),Cisco IOS XE, City of Belvedere, City of San Clemente, City of Sheboygan, CNHI LLC, Cobb County, GA, Coca-Cola, Cocospy, Cody Law Firm, Coinbase, Inc, ColoCrossing, Colombia National ID, Community Choice Credit Union, Community Counseling of Bristol County, Community Hospital of Anaconda, Compassion Health Care, Inc, Connections for Kids, ConnectWise, ConnectWise ScreenConnect, CookUnity, Cooper Health System, Covenant Health, Covenant Surgical Partners, Inc, Crystal Hotels, Cumberland County Hospital, Cyprus Airways, Czech Republic Ministry of Foreign Affairs, DanaBot, Dassault Systèmes eDrawings Viewer, Dior, Disk Union, Docker Desktop, Doctors Hospital at Renaissance, LTD, DSI Tech, EB Archbald & Associates, Effortel, Eight8Ate Holdings, Eindhoven University of Technology, El Dorado Irrigation District, Elit Avia, Epworth Healthcare, EsSalud, Etsy, Everest Bank, Excelsior Springs School District, eXch, Executive Jet Support, Facebook, Family Health Services, Inc, Family Health Specialists, Flagship Bank, FLOE International, Florida Lung, Force Bridge, Fortinet FortiWeb, FORTÉ, Frederick’s Machine & Tool Shop, Free (ISP), French Government, French Ministry of Education, Fujipoly, FWD Vietnam, Fédération Francaise de Rugby, Gargle, Gateway Community Services, Gearhiser Peters Elliott & Cannon, Ghana Insurance Database, GIMP, GitLab Duo, Gloucester County, CA, Google, Google Chrome, GovDelivery, Government of Spain, Greater Seattle Concrete, Hacendado, Haowang Guarantee, Harbin Clinic, Hartwig Mechanical, HealthEquity, Inc (twice), High Grade Materials, High-Logic FontCreator, HMRC, Homestead Gardens, HopeWay Foundation, Horde, Horizon Blue Cross Blue Shield NJ, Hostinger, HP Enterprise Insight Remote Support, HP Enterprise StoreOnce, Hudson River Housing, Humboldt County Office of Education, Humboldt Independent Practice Association, Hunter Health Clinic, iCloud, In’Tech Industries, Indian Navy, Indigo Group SA, Indonesian Nuclear Energy Regulator BAPETEN, Indonesian Polytechnic Politeknik Tonggak Equator, Ingonyama Trust Board, Inns of Aurora, Instituto de Ojos de Puerto Rico, Insulet Corporation, Interactive Brokers LLC, Iowa County, IA, ITinSell, Ivanti Endpoint Manager Mobile, Ivanti Workspace Control, Jackson Health System, JDC Air & Sea Freight, JetBrains TeamCity, Jordan Kuwait Bank, JPMorgan Chase, Kalamazoo Public Schools District, Kansas City Aviation Center, Katie Jo Sider, Kelly & Associates Insurance Group, KENAI DRILLING LIMITED, Kenneth Wong, CPA, Kettering Health, KiranaPro, Kittery Police Department, Kronick Moskovitz Tiedemann & Girard, Lafayette Federal Credit Union, Landmark Properties, Lasercam, Lee Enterprises, Legal Practice Board of Western Australia, LexisNexis Risk Solutions, Liberty Tax, Lila, Linux Kernel, Logan University, Lower Merion School District, Lumma, MailEnable Webmail, MainStreet Bancshares, Making Tech Happen, Mantis Creative, Marlboro-Chesterfield Pathology, Marriott International, Maruichi Leavitt Pipe & Tube, Masimo, Mastery Schools, MathWorks/MATLAB, McKenzie Commercial Contractors, MDaemon, Mediclinic Group, Mercer Capital, Mercy Surgical Dressing Group, Inc, Microsoft OneDrive, Microsoft PC Manager, Microsoft SharePoint, Microsoft Windows Installer Service, Missouri Conservation Department, Morgan County 911 service, Mozilla Firefox, Mozilla Firefox Accounts API, Myer Auto, Naper Grove Vision Care, NASA, Nationwide Recovery Service, Naukri, Nepal Police, Next Step Healthcare, NHPP Physical Medicine and Rehabilitation, Nokota Packers, North Shore University Hospital Sleep Disorders Center, North Sulawesi Provincial Government, Northwest Territories Health and Social Services Authority, Northwestern Community Services Board, Nottingham Construction, Nova Scotia Power, Nucor Corporation Steel, Nunez Dental, NVIDIA cuobjdump, NVIDIA Triton, Odoo, Olympus Aero, Operation Endgame 2.0, Opexus, Optima Tax Relief, Oracle VirtualBox, Origin PC, OurBus, Output Messenger Server Manager, OxBykes, Oxford Life Insurance Company, Pacific Summit Energy, Parallels Desktop, Passion.io, Payne County, OK, Payne County Sheriff’s Office, PDI Health, Pearson, Petroquim Chile, Pierce County Library, Planet IT, PPM Industries, Precision Tax Relief, Prenovost, Normandin, Dawe & Rocha, APC, PrepHero, Procolored, Promises2Kids, QuadMiners, Qualcomm Adreno GPU driver, Quick Frames USA, Radiology Chartered, Rajkot Municipal Corporation, RE/MAX, Rechler Equity Partners, Red Hat Enterprise Linux, Redis, Regents Capital, Renkim Corporation, RIBridges, RISE Racing, Riverdell Construction, Rivers Academy West London, Rockwell Automation PowerMonitor 1000, Rockwell Automation ThinManager ThinServer, Rommel Harley-Davidson, Roundcube webmail, Royal Chemical, Royal Moroccan Football Federation, S5 Agency World, Safalata, Samlify, Samsung MagicINFO, San Jose Country Club, Sandhills Medical Foundation, Sante DICOM Viewer, SAP NetWeaver, Schneider Electric Home Devices, Semple & Cooper, Sensata Technologies, Sequoia Capital, Serviceaide, SF Humane Society, Shopify, Shore Medical Center, Siena Hotel, Smartfren, Solar City Tyre Service, SolarWinds DameWare, Sonos Era 300, South African Airways, South Atlantic Federal Credit Union, South Bay Credit Union, Southeast Series of Lockton Companies, Spain’s DGT & CNMC, Sports Physical Therapy, Occupational Therapy and Rehabilitation Services of the North Shore, Sri Lanka’s Pensions Department, State of Indiana, STC Kuwait, Steam supply chain, Straits Construction, Sturdevant’s Auto Parts, SunMoon University, Swedish Edmonds Hospital, Sylvania, Syrian Army, Tata Consultancy Services, TBK DVR-4104 and DVR-4216, TD Bank, Texas Department of Transportation, Texas Digestive Specialists, Texas Health and Human Services Commission, The Epoch Times, The Green Flame Gas Co, The Habesha, The Haymond Law Firm, The Holiday Adult Care Community & Retirement Homes, The Salvation Army, The Smith Institute for Urology, The Vascular Experts, Ticketmaster, Tien Tuan Pharmaceutical Machinery, Tiffany & Co, TOP Ships Inc, Town of North Providence Rhode Island, Tradgo, Trend Micro Apex Central, Tri-City Cardiology Consultants, Trimble Cityworks, Triumph Construction, Tupolev, US Dermatology Partners, UAE Government, UChicago Medicine Medical Group, UK Legal Aid Agency (LAA), Ukrainian critical infrastructure, UNFI, Unigaz, Union County Children and Youth Services, Union Health System, Universidad Técnica del Norte Ecuador, Universitas Udayana Bali, University College London Hospitals, University Hospital Southampton, University of Chile, Uruguay’s National Vehicle System SUCIVE, US Center for Disease Control (CDC), the US telecom systems hack (Salt Typhoon) goes back a year earlier han they claimed, USA Credit Control, Valentin Hotels, Valiant Energy Solutions, Vanta, vBulletin, Vernon Milling, Versa Concerto, Victoria’s Secret, Virgin Islands Lottery, Virgin Media, VMware ESXi, Volkswagen Group, VS One Technology, Wadma Network, Wazuh Servers, Weis Markets, Weiser Memorial Hospital, West Lothian Council, Western Insurance Marketing Corporation, Williams Patent Crusher & Pulverizer, Windows 11, WiredBucks, WOLFBOX Level 2 EV Charger, WordPress Crawlomatic plugin, WordPress Motors theme, WordPress PayU CommercePro plugin, WordPress RomethemeKit for Elementor, WordPress Wishlist plugin, Worldline Yomani XR credit card readers, Xenoblade Chronicles X, YES24, York County, PA, Yuantong Express, Zhihu, Zimbra, Zlgoon, and Zoho ManageEngine Exchange Reporter have reported hacking or compromises this month. An interesting article published recently shows you how long it takes for companies to report that they’ve been compromised if they find out.

Cellcom, ChatGPT, Heroku, Kettering Health, MathWorks/MATLAB, Microsoft 365, NZ Internet (read that, it’s hilarious), Reddit, and SentinelOne have suffered from outages this month.

Last months updates broke Bitlocker on Windows 10, boot on Windows 11, Google Workspace Sync for Outlook, and Hyper-V VM.

Microsoft is killing off their Authenticator app shortly. Export your data and switch to another auth app.

Meta (Facebook) is requiring users to opt out of AI a second time, and will only respect it in certain areas.

In the UK, Apple is going to lose more than a billion dollars in revenue due to a comma. In the US, Epic Games has filed a motion alleging Apple violated the court’s injunction by blocking Fortnite’s App Store submission.

Google has released their block of Nextcloud after worldwide uproar.

President Trump has enlisted Palantir Technologies to build a massive, cross-agency database tracking every American citizen. … Let that sink in. A private company—deciding whose politics are too dangerous to exist?”

CIA-created Palantir is now publicly threatening reporters after being given a $795 million contract to track and report on every American to the government. I don’t understand why we should be paying for this. Hackers compile this data for free!

No, the DMV did not text you. It’s a scam. It’s always a scam.

To literally nobodies surprise, the Pakistani government is disabling IDs and devices of people within protest areas using geofencing methods. Do you still want digital ID?

Now for the good news:

FFmpeg has added a WHIP Muxer for sub-second streaming latency.

The Swiss authoritarian bill that would have all but eliminated the last refuge for privacy has failed.

The Linux Foundation is launching an independent WordPress package manager.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is mild this month. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released 41 updates to address 69 vulnerabilities in .NET and Visual Studio, App Control for Business (WDAC), Microsoft AutoUpdate (MAU), Microsoft Edge, Microsoft Local Security Authority Server (lsasrv), Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office PowerPoint, Microsoft Office SharePoint, Microsoft Office Word, Nuance Digital Engagement Platform, Power Automate, Remote Desktop Client, Visual Studio, WebDAV, Windows Common Log File System Driver, Windows Cryptographic Services, Windows DHCP Server, Windows DWM Core Library, Windows Hello, Windows Installer, Windows KDC Proxy Service (KPSSVC), Windows Kernel, Windows Local Security Authority (LSA), Windows Local Security Authority Subsystem Service (LSASS), Windows Media, Windows Netlogon, Windows Recovery Driver, Windows Remote Access Connection Manager, Windows Remote Desktop Services, Windows Routing and Remote Access Service (RRAS), Windows SDK, Windows Secure Boot, Windows Security App, Windows Shell, Windows SMB, Windows Standards-Based Storage Management Service, Windows Storage Management Provider, Windows Storage Port Driver, Windows Win32K – GRFX, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iPadOS 17.7.8. This includes security updates. Use Apple Software Update to install the most current versions.

iPadOS 17.7.8 is a security updates. Use Settings, General, Software Update to install the most current update.

Google ChromeOS 136.0.7103.158 and ChromeOS LTS 132.0.6834.225 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 25.6.1 adds support for new hardware, improves Vulkan support, improves compatibility and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.1.1.4 improves hardware support and translations. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

UniFi Network Server 9.2.87 adds WAN SLA, improved DHCP management, a dozen resolved bugs and many interface and configuration improvements. This is not a security update.
https://www.ui.com/download/releases/network-server

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.79.119 is a security update.
https://brave.com/

Firefox 139.0.4 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 137.0.7151.68
https://www.google.com/chrome/

SeaMonkey 2.53.21 is a security update.
https://www.seamonkey-project.org/

Vivaldi 7.4.3684.46 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.23.1.108665 adds Outlook Calendar import support and improves stability. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.23.1.108664 adds Outlook Calendar import support and improves stability. This is not a security update.
https://sparkmailapp.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.5.5 resolves over a dozen bugs. This should be treated as a security update.
https://anydesk.com/en/downloads

curl 8.14.1 resolves dozens of bugs. This should be treated as a security update.
https://curl.haxx.se/windows/

Discord June 3, 2025 updates libraries and resolves dozens of bugs. This is not a security update.
https://discord.com/download

Dropbox 225.4.4896 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Google Drive 109.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

jq 1.8.0 is a security update.
https://jqlang.github.io/jq/

MeshCentral 1.1.45 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.8.00.12555 adds dial-in details to invitations. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 31.0.5 resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

Rclone 1.69.3 is a security update.
https://rclone.org/

Signal 7.56.1 fixes a couple bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.44.2 improves sticker management. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.29.7 resolves several bugs and paves the way for 2.0. This is not a security update.
https://syncthing.net/

Telegram 5.15.3 improves cosmetics. This is not a security update.
https://telegram.org/

Zoom 6.4.13.2309 and 6.4.12.64384 are security updates.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Grayjay 319 improves playback controls, new engines, improves cosmetics and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

KaraFun Player 3.7.5 doesn’t provide a change log so should be treated as a security update.
https://www.karafun.com/karaoke-windows/

Plex Desktop 1.109.0.329 improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.8.9834 resolves several bugs including performance and stability issues. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.84.1 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 20.1.1 improves stability and resolves several bugs. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2025.522 changes some messaging and cosmetics. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.05.20 improves hardware compatibility and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS 3.7.8 is the first stable release for non-Valve hardware. It’s a major update with dozens of fixes and newer hardware support. This is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat DC 25.001.20531 and Adobe Acrobat DC 25.001.20529 (macOS) are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Adobe Acrobat Reader DC 25.001.20531 and 25.001.20529 (macOS) are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Adobe Acrobat 2024 24.001.30254 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Adobe Acrobat 2020 20.005.30774 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Adobe Acrobat Reader 2020 20.005.30774 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Adobe Commerce 2.4.9-alpha1, 2.4.8-p1 for 2.4.8, 2.4.7-p6 for 2.4.7-p5 and earlier, 2.4.6-p11 for 2.4.6-p10 and earlier, 2.4.5-p13 for 2.4.5-p12 and earlier, 2.4.4-p14 for 2.4.4-p13 and earlier are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-50.html

Adobe Commerce B2B 1.5.3-alpha1, 1.5.2-p1 for 1.5.2, 1.4.2-p6 for 1.4.2-p5 and earlier, 1.3.4-p13 for 1.3.4-p12 and earlier, 1.3.3-p14 for 1.3.3-p13 and earlier are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-50.html

Magento Open Source 2.4.9-alpha1, 2.4.8-p1 for 2.4.8, 2.4.7-p6 for 2.4.7-p5 and earlier, 2.4.6-p11 for 2.4.6-p10 and earlier, 2.4.5-p13 for 2.4.5-p12 and earlier are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-50.html

Adobe Commerce and Magento Open Source isolated patch for CVE-2025-47110 is a security update.
https://helpx.adobe.com/security/products/magento/apsb25-50.html

Adobe Experience Manager 2025.5 and 6.5.23 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html

Adobe InCopy 19.5.4 and 20.3 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb25-41.html

Adobe InDesign ID19.5.4 and ID20.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-53.html

Adobe Substance 3D Painter 11.0.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb25-58.html

Adobe Substance 3D Sampler 5.0.3 is a security update.
https://helpx.adobe.com/security/products/substance3d-sampler/apsb25-55.html

Audacity 3.7.4 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

GIMP 3.0.4 resolves several bugs. This is not a security update.
https://www.gimp.org/

LibreOffice Fresh 25.2.4 resolves over 50 bugs. This is not a security update. This is beta software so should not be used by most users.
https://www.libreoffice.org/

Manager 25.6.8.2380 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.16.5 resolves several bugs. This is not a security update.
https://nextcloud.com/

Paint.net 5.1.8 resolves several bugs. This is not a security update.
https://www.getpaint.net/

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

Tails 6.16 is a security update.
https://tails.net/install/download/index.en.html

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Runtime 9.0.5 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

FRSTx64 2025.6.6 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Gpg4win 4.4.1 is a security update.
https://www.gpg4win.org/download.html

MalwareBytes Desktop Security 5.3.2.195 resolves several bugs and improves stability. This is not a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 4.1.13 improves stability and updates libraries. This is a security update.
https://github.com/ProtonVPN/win-app/releases/latest

RogueKiller 16.2.2 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.372 updates detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

VT-CLI 1.1.1 resolves a bug. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

WebBrowserPassView 2.16 improves Chrome parsing. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

YARA 4.5.4 resolves several bugs. This should be treated as a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 31.0.3 removes support for older hardware and resolves several bugs. This is not a security update.
https://obsproject.com/

SnagIt 25.2.0 updates libraries, adds support for Camtasia editing, improves step capture, and improves performance. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.4.3 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.2.4.0 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.1.8 improves hardware support, adds subtitle generation and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.80 resolves several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.8.1 improves USB creation and improves stability. This is not a security update.
https://www.diskpart.com/

Beyond Compare 5.1.0.31016 resolves dozens of bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2025.5.1 updates dependencies and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.36.11508 improves reliability. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.6.3 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 11.83 updates language engine. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.5.30.0 updates libraries and resolves several bugs. This is a security update. Note that dnGrep no longer includes the Everything libraries for native Everything support. You can download them and add them manually. 🙁
https://dngrep.github.io/

Everything 1.4.1.1027 is a security update.
https://www.voidtools.com/

Everything CLI 1.1.0.30 adds a new code-signing certificate. This is not a security update.
https://www.voidtools.com/

Everything Portable 1.4.1.1027 is a security update.
https://www.voidtools.com/

Everything Toolbar 1.5.5 improves reliability and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22631.5335.68.2 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fing 3.9.0 integrates Desktop to Workspaces and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 12.9.1 resolves several bugs. This should be treated as a security update.
https://www.goodsync.com/

grepWin 2.1.9 resolves a blank popup. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

HWMonitor 1.58 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

Kingston SSD Manager 1.5.5.5 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 2.7.3 resolves several bugs. This is not a security update.
https://lessmsi.activescott.com/

NTLite 2025.06.10460 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Open-Shell 4.4.196 adds ARM64 support. This is not a security update.
https://github.com/Open-Shell/Open-Shell-Menu

PointerStick 6.77 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.91.1 resolves dozens of bugs and improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.7.5 integrates new authentication platform and automatic update engine. This is not a security update.
https://www.roboform.com/

ScreenConnect 25.4 is not available yet. Soon…maybe? So the drama, dude. ConnectWise announced that they’ll be releasing this new version (still in Canary status only 4 days ago) to address a “security concern” with only two days notice. The ConnectWise code signing certificate is being revoked due to the way their previous client installations were designed (which, in their defense, is how Microsoft encouraged apps to operate a few years ago), and all builds prior to the bleeding edge version are going to be not merely “unsupported,” but likely not installable and clients may be randomly removed by antivirus, security and client management software, leaving the clients inaccessible for support. ConnectWise will not be patching previous versions. ConnectWise isn’t even answering many support questions. Among other things, this means that many server platforms will no longer be supported, custom and even vendor-published extensions that are not compatible with the new bleeding-edge build will simply not work – possibly for months, if ever – and these “incompatible” extensions may not simply be disabled within ScreenConnect itself if they don’t have the right version attribute, but might take down the ScreenConnect server completely until they’re manually removed (which was my own experience when upgrading to 24.x). The installation process for all clients will change. ConnectWise hasn’t published the new process yet and have not updated much of their documentation for over a year. To say users are in limbo is about as accurate a statement as any. In the last week they published then removed 25.4, and have removed the downloads for all current and previous builds, save one (25.3.4) which they say isn’t even going to be supported later today. Sigh.
https://www.screenconnect.com/download

SetUserFTA 2.5.2 improves compatibility with UCPD 4.2.
https://setuserfta.com/

SpaceSniffer 2.0.2.5 resolves a cosmetic bug. This is not a security update.
http://www.uderzo.it/main_products/space_sniffer/

Synergy 3.3.1 is the first really stable build of v3. This resolves several bugs and improves compatibility. This is not a security update.
https://symless.com/synergy/

Sysmon 1.3.7 for Linux improves compatibility. This is not a security update.
https://github.com/microsoft/SysmonForLinux/releases/tag/1.3.7.0

System Informer 3.2.25011.2103 is a redesign and relaunch of ProcessHacker, adding dozens of features and improved analysis and over 5,000 changes. This is a security update.
https://github.com/winsiderss/systeminformer/

WizFile 3.13 resolves a couple bugs. This is not a security update.
https://antibody-software.com/wizfile/

ZoomText 2025.2505.31.400 improves compatibility. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.3.2.15 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.5.231 adds 3D physics-based vehicle behavior, Play and Jolt improvements, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.20 resolves a UNC mapping bug. This is not a security update.
https://desktop.github.com/

GitHub includefragment 6.4.0 updates libraries. This is not a security update.
https://github.github.io/include-fragment-element/

Go 1.24.4 is a security update.
https://go.dev/

Microsoft Visual C++ 2022 Redistributable 14.44.35208.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Node.js 20.19.2 is a security update.
https://nodejs.org/en/

Node.js 22.16.0 updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 23.11.1 is a security update.
https://nodejs.org/en/

Node.js 24.2.0 removes HTTP/2 priority signaling and resolves several bugs.
https://nodejs.org/en/

Python 3.13.4 resolves several bugs. This is a security update.
https://www.python.org/downloads/macos/

SQLite 3.50.1 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Unreal Engine 5.6 improves performance and threading on modern hardware, camera, motion, mapping and other features. This is not a security update.
https://unrealengine.com/en-US/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.10 resolves several bugs and improves compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.21 is a security update.
https://invisioncommunity.com/

Joomla 5.3.1 resolves over a dozen bugs. This is not a security update.
https://www.joomla.org/

phpList 3.6.16 resolves a reliability bug. This is not a security update.
https://www.phplist.org/

Sucuri Security 2.2 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

My Sticky Bar 2.8.2 improves support flow. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Theme My Login 7.1.12 resolves an extension bug. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/

WP Cerber Security 9.6.9 adds RDAP support, improved settings, htaccess lockdown, and resolves several bugs. This is not a security update.
https://wpcerber.com/

WP Plugin Update Checker 5.6 improves compatibility. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2025-04-08

Happy Easter, Folks!

Today is Patch Tuesday for April, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, the time was 3 months ago. Pickin’s are thin right now. 🙁

There were 320+ major hacks, and over 360 application updates this month. It’s a relatively small month, with about 2.5 GB of updates for most users.

This Month in Technology

13cabs, 9,300 WordPress websites (ClearFake), 150,000 WordPress websites (DollyWay), 70mai A510, Abracadabra, Access TeleCare, Adobe Acrobat Reader, ALN Medical Management, Amazon AWS CloudFormation, AMI MegaRAC, an Asian telecom, Android, Apache Parquet, Apache Pinot, Apache Tomcat, APIsec, Apple macOS, Apple Passwords app, Apple WebKit, Arista NG Firewall, Around the Clock Companies, Arts Council England, Ascoma Group, Association of Superannuation Funds of Australia, Astral Foods, Atlantis Operating LLC, Atlas CPAs & Advisors, Atutech, AustralianSuper, Autodesk AutoCAD, Autodesk Navisworks, Autodesk Payapps, Baidu, Bank of China, Barebox, Baylor Scott & White Texas Spine & Joint Hospital, Bdrive NetDrive, BDSM People, Beacon Health System, BEC Technologies Routers, Bigfork Valley Hospital, Blue Shield of California, Boulanger, Brave browser, Brish, Brocade Fibre Channel switches, BTS member Jungkook, Buckinghamshire Council, Bybit, California Cryobank, Canon printers, Capilano University (CapU), Cardiff City Council Department of Children’s Services, Cargills Bank, CarlinKit CPC200-CCPA, CDHA Management, Center for Digestive Health, CHC Solutions, Inc, Check Point, Check Point ZoneAlarm, Cherokee County School District, Chica, Choco Tei Camera, Chord Specialty Dental Partners, Chrome, Cisco IOS XR, Cisco Smart Licensing Utility, City of Lubbock, Ciuni & Panichi, Clinic’s Patient Management System, Cloudflare WAF, Columbia Eye Clinic, Compumedics, Concord Orthopaedics, Costa Rican President’s YouTube, Cottrill’s Pharmacy, Crossroads Trading Co, CrushFTP, CSG Consultants, D&S Insurance Agency, Dameron Hospital, DBS Signapore, Dell Unity, Dignity Health Lassen Medical Clinic, Dove Healthcare, DrayTek routers, Drugs.com, Dutch Public Prosecution Service, Edimax Cameras, El Camino Real Academy, Eprice, Erickson Companies, ESET security, ESHYFT, Europcar Mobility Group, Everest ransomware gang, Exim, Facebook FreeType 2, FacePass, Fidelity Life, First City Credit Union, Food For The Poor, Fortinet FortiWeb, French Department of Education, Gay Daddy, Georgia Urology, German Doner Kebab, Gilead Sciences, GIMP, GitLab Community Edition, GitLab Enterprise Edition, Google Quick Share, Grede Holdings, Growatt, GRUB2, Guardian Life Insurance, Hamilton County, Hand & Plastic Surgery Centre, Harcourts Prime Properties, Health NZ, HealthEquity, Hellenic Open University, HHH Acquisition, LLC, Highline Public Schools, Hillcrest Convalescent Center, Hokkaido Jalan, Houston Housing Authority, Houston Surgery Center, HTW Dresden, Hydro-Vacuum SA, ImagineX, Infosys McCamish Systems, Insignia, IOU Financial, Iraqi Council of Ministers, Iraqi Ministry of Finance, Islamic Republic of Iran Shipping Company, Ivanti Connect Secure, Jaguar Land Rover, Jira, Junos OS, Karl Malone Auto Group, Keeco Home, Klickitat Valley Health, Korea Aerospace Research Institute, Kronick Moskovitz Tiedemann & Girard, Kuala Lumpur Airport, Kubernetes Ingress Nginx Controller, LA Financial Federal Credit Union, Laborers’ International Union of North America, Local 1184, Lafayette Federal Credit Union, Lake Psychological Services, Lake Washington Vascular, Lee University, Legacy Professionals LLP, Lena Pope Home Inc, LensDeal, Lexipol, Life University, LiUNA, Lloyds Bank, Lukoil, Luxion KeyShot, Lyon Living, Lyon Management Group, M.A.D Mobile, Madison County, Mississippi, Malaysia Airports Holdings Bhd, Marina Bay Sands Singapore, Mark Thomas, Medway Community Healthcare, Meigs County Emergency Medical Services, MercadoLibre, Mercer County Joint Township Community Hospital, Merkur, Microsoft Exchange Online and M365, Microsoft SharePoint, Microsoft’s Trusted Signing platform, Microsoft’s Visual Studio Code Marketplace, Millennium Home Health Care, Mirror Mirror Beauty Boutique, Mission Bell Mfg, Mission, Texas, Monro, Inc, Morton Golf LLC, mySCADA myPRO, NAKIVO Backup & Replication, National Defense Corporation, National Iranian Tanker Company, NetApp SnapCenter, Nevro, New Era Life Insurance Companies, New South Wales Court Registry, New York University (NYU), NewAgeSys, NexOpt, Next.js, NI FlexLogger, NI Vision Builder AI, Nice Healthcare, Northern Ireland Commission, Northwest Retirement Plan Consultants, NTT, Numotion, NVIDIA Riva, OBI Seafoods, Oracle Cloud (from 2017!), Oracle Health, OrthoMinds, Pacific Residential Mortgage, Palmetto Subacute Care Center, Palo Alto Deep Packet Inspection, PAR Rehab, Parascript, Parcel Plus, PDF-XChange Editor, Pennsylvania State Education Association, pgAdmin, Pinehurst Radiology Consultants, Pineland Community Service Board, Pink, Port of Seattle, Presbyterian Health Plan, Progress Software Kemp LoadMaster, PTS News, Rakuten Securities, RansomHub, Red Lion Borough, PA, Rinehart Dentistry, Riverdale Joint Unified School District, Rodl Management, Royal Mail, SAG-AFTRA Health Plan, Sam’s Club, Samsung Germany, Sentara Health, Shopify Collabs, Shopify Pitchfork, Siegel Group, Siemens Simcenter, SimonMed, SIR.trading, SMA, Smart ERP Solutions, SoloPoint Solutions, Southeast Series of Lockton Companies, Spark DSO, SpotBugs, SpyX, St. Joseph’s College of Maine, State Bar of Texas, State of California, Department of Child Support Services, STE Group, STMicroelectronics X-CUBE, Stram Center for Integrative Medicine, StreamElements, Sungrow, Sydney Tools, Tata AIG, Tata Technologies, Tesla, TFE hotels group, Thailand Post, The Junction Casino Hotel, The Pension Specialist, Three Rivers Hospital, Toppan Next Tech, Topy America Inc, Tor Browser, Translove, Trend Micro Cleaner One, Trinity Petroleum Management, Troy Hunt’s Mailchimp List, Twilio SendGrid, Twitter (X), U-Boot, UAE Water & Electric Power, Ubuntu Linux, Ukrzaliznytsia, Ulrich Investment Consultants, Union County, United Domestic Workers of America, United Faith Ministries, United Seating and Mobility, Unitree Go1 robot dogs, University Diagnostic Medical Imaging, University of Notre Dame Fremantle, Urban Dictionary, Verizon Call Filter, VF Outdoor, Virginia Attorney General’s Office, Vista Point Mortgage, Vitenas Cosmetic Surgery, VMware Tools for Windows, Vroom, Watcher Guru, Welts, White, & Fontaine, WEMIX, Wesizwe, Western Alliance Bank, Western Wayne Family Physicians, WhatsApp, Whitman Hospital & Medical Clinics, WideOpenWest, William F Rinehart DMD PA, Windows, Windows Kernel, WinRAR, WK Kellogg Co, Woori Card, Word & Brown Insurance Administrators, WordPress Simple WP Events plugin, WordPress WooCommerce plugin, WordPress WP Ghost plugin, WordPress WP RealEstate plugin, WordPress WP Ultimate CSV Importer plugin, X.Org Server, Xen HVM, YAP Health Services, Yucatán Government, ushin America, zkLend hacker (lol), and Zoth Protocol have reported hacking or compromises this month.

ChatGPT, Cloudflare R2, DrayTek routers, Microsoft Exchange Online, Moscow Metro, and Naval Station Norfolk have suffered from outages this month.

Last months updates broke Microsoft Snipping Tool, Remote Desktop, security services including SenseShield on Windows 11 24H2, the ability to return to Outlook “Classic”, USB printers, Veeam recovery, and VMware Workstation updates.

23andMe has filed for bankruptcy, but not before they created plans to sell off all your DNA details.

Apple broke their N+2 trend and released security updates for much older devices to address critical vulnerabilities.

DoH (DNS over HTTPS) is being used to hijack mail accounts with extremely well-targeted phishing pages. How effective are phishing websites? Effective enough to get even the creator of Have I Beep Pwned to fall for it.

Microsoft has changed their mind on disabling WSUS driver sync. Microsoft is testing a new “quick machine recovery” platform to recover from buggy driver updates preventing the operating system from booting. Microsoft is removing the BypassNRO script from Windows 11 installers, but the underlying registry settings will still be available (for now).

Now for the good news:

Linux is making headway – more than 2% of devices running Steam are now actively using Linux.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is relatively small this month. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released 78 updates to address 128 vulnerabilities in Active Directory Certificate Services, Active Directory Domain Services, ASP.NET Core, Azure Local, Azure Local Cluster, Azure Portal Windows Admin Center, DirectX Graphics Kernel, HTTP.sys, Kerberos Key Distribution Proxy, Microsoft AutoUpdate (MAU), Microsoft Dynamics Business Central, Microsoft Edge, Microsoft Edge for iOS, Microsoft Excel, Microsoft Message Queuing (MSMQ), Microsoft Office, Microsoft Office Excel, Microsoft Office OneNote, Microsoft Office SharePoint, Microsoft Office Word, Microsoft OneNote, Microsoft SharePoint, Microsoft Streaming Service, Microsoft System Center, Microsoft Virtual Hard Drive, Microsoft Word, OpenSSH for Windows, Outlook for Android, Remote Desktop Client, Remote Desktop Gateway Service, RPC Endpoint Mapper Service, Servicing Stack Updates, Visual Studio, Visual Studio Code, Visual Studio Tools, Windows Active Directory Certificate Services, Windows BitLocker, Windows Bluetooth Service, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Defender Application Control (WDAC), Windows Digital Media, Windows Hello, Windows Hyper-V, Windows Installer, Windows Kerberos, Windows Kernel, Windows Kernel Memory, Windows Kernel-Mode Drivers, Windows Lightweight Directory Access Protocol (LDAP), Windows Local Security Authority (LSA), Windows Local Session Manager (LSM), Windows Mark of the Web (MOTW), Windows Media, Windows Mobile Broadband, Windows NTFS, Windows Power Dependency Coordinator, Windows Process Activation, Windows Remote Desktop Services, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Secure Channel, Windows Security Zone Mapping, Windows Shell, Windows Standards-Based Storage Management Service, Windows Subsystem for Linux, Windows TCP/IP, Windows Telephony Service, Windows Universal Plug and Play (UPnP) Device Host, Windows Update Stack, Windows upnphost.dll, Windows USB Print Driver, Windows Virtualization-Based Security (VBS) Enclave, Windows Win32K – GRFX, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iOS 15.8.4, iOS 16.7.11, iOS 18.4, iPadOS 15.8.4, iPadOS 16.7.11, iPadOS 17.7.6, iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, Safari 18.4, tvOS 18.4, visionOS 2.4, watchOS 11.4, and Xcode 16.3. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 15.8.4, 16.7.11, and 18.4 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.8.4, 16.7.11, 17.7.6, and 18.4 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.4 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.4 is a security update. Use System, Software Update to install the most current version.

visionOS 2.4 is a security update. Use System, Software Update to install the most current version.

Google ChromeOS 134.0.6998.183 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

GoXLR Utility 1.2.0 resolves several bugs and improves firmware update. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

Logitech Options 10.24.3 improves compatibility with Microsoft Office. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025297893

TP-Link Archer AX73 v2.0 250210 is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.77.95 is a security update.
https://brave.com/

Firefox 137.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.9.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 135.0.7049.52 is a security update.
https://www.google.com/chrome/

Vivaldi 7.3.3635.7 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.22.6.104601 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.22.6.104600 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 137.0.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.5.0 resolves more than a dozen bugs and improves multiple monitor support and AnyDeskOne compatibility. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 9.0.1 is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.60 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.13.0 improves debugging and resolves nearly 300 bugs. This should be treated as a security update.
https://curl.haxx.se/windows/

Discord April 3, 2025 resolves dozens of bugs. This is not a security update.
https://discord.com/download

Dropbox 221.4.5365 resolves a cosmetic bug. This is not a security update.
https://www.dropbox.com/

FileZilla Server 1.10.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 14.3 adds IDN support and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 106.0 now officially supports ARM64 on Windows. This is not a security update.
https://drive.google.com/start

Grocy Desktop 2.14.0 improves compatibility. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.43 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.8.00.6262 adds one-time passcode authentication, Storyline integration, chat controls and increases attendees to a max of 50,000 for Premium. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 31.0.2 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Pocketnet-Core 0.22.14  resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.9.116 is a security update.
https://pocketnet.app/

Signal 7.49.0 now synchronizes recent activity to new devices. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.38.7 now synchronizes recent activity to new devices. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.29.4 resolves a couple bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 13.5  resolves several bugs and implements new features. This is not a security update.
https://technitium.com/dns/

Telegram 5.13.1 resolves a crash bug. This is not a security update.
https://telegram.org/

WinSCP 6.5 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 6.4.3.63669 resolves several bugs. This is not a security update. The recent 6.4 update adds dozens of new features and a new user interface – it is also a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.16 adds several new 3D environments. This is not a security update.
https://en.3tene.com/

Grayjay 291 adds search and sorting to playlists, improves filters and search, and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.7.1 improves compatibility. This is a security update.
https://www.apple.com/itunes/download/

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.72.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21.5 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PS5 2025.314 improves compatibility and parental controls. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.04.01 improves compatibility and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2025.03.31 improves compatibility and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe AEM Forms 6.5.22.0 is a security update.
https://helpx.adobe.com/security/products/aem-forms/apsb25-27.html

Adobe AEM Screens 6.5 FP11.4 is a security update.
https://helpx.adobe.com/security/products/aem-screens/apsb25-32.html

Adobe After Effects 24.6.5 and 25.2 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb25-23.html

Adobe Animate 23.0.11 and 24.0.8 are security updates.
https://helpx.adobe.com/security/products/animate/apsb25-31.html

Adobe Bridge 14.1.6 and 15.0.3 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb25-25.html

Adobe ColdFusion 2025.1, 2023.13 and 2021.19 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html

Adobe Commerce B2B 1.5.2, 1.4.2-p5, 1.3.5-p10, 1.3.4-p12, and 1.3.3-p13 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-26.html

Adobe Commerce 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, and 2.4.4-p13 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-26.html

Adobe FrameMaker 2020.8 and 2022.6 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb25-33.html

Adobe Magento Open Source 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, and 2.4.4-p13 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-26.html

Adobe Media Encoder 24.6.5 and 25.2 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb25-24.html

Adobe Photoshop 26.5 and 25.12.2 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb25-30.html

Adobe Premiere Pro 25.2 and 24.6.5 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb25-28.html

Adobe XMP Toolkit SDK 2025.03 is a security update.
https://helpx.adobe.com/security/products/xmpcore/apsb25-34.html

Aronium 1.45.0.1 resolves a bug in the Z report. This is not a security update.
https://aronium.com/

Artweaver 7.0.18 is a security update.
https://www.artweaver.de/

Audacity 3.7.3 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 8.2.1 improves compatibility and resolves a couple bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.05.0 adds several new syntax controls. This is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GIMP 3.0 is a major update (the first in 7 years!) which adds huge strides in many features and improves compatibility and stability. GIMP 3.0.2 resolves several bugs. This is not a security update.
https://www.gimp.org/

GnuCash 5.11 resolves almost 20 bugs and improves stability. This is not a security update.
https://www.gnucash.org/

LibreOffice 24.8.6 resolves over 30 bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 25.2.2 resolves over 80 bugs. This is a security update.
https://www.libreoffice.org/

Manager 25.4.3.2227 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.16.2 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7.9 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.1.7 resolves a couple bugs. This should be treated as a security update.
https://www.getpaint.net/

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

ChromeOS 134.0.6998.183 is a security update.
https://chromereleases.googleblog.com/search/label/Stable%20updates+ChromeOS

iOS 18.4 is a security update.
https://support.apple.com/kb/HT204204

iPadOS 18.4 is a security update.
https://support.apple.com/kb/HT204204

macOS Sequoia 15.4, Sonoma 14.7.5 and Ventura 13.7.5 are security updates.
https://support.apple.com/kb/HT201541

Tails 6.14.1 is a security update.
https://tails.net/install/download/index.en.html

tvOS 18.4 is a security update.
https://support.apple.com/kb/HT202716

watchOS 11.4 is a security update.
https://support.apple.com/kb/HT204641

Zorin OS 17.3 is a huge compatibility update, adds improved alternative detections and suggestions, changes the default browser to Brave, and improves the Zorin Connect app to better function as an input device for the latest Zorin OS release. This should be treated as a security update.
https://zorin.com/os/mirrors/

Security Software Updates

One or more of these is likely to be of interest to most people.

Caine 14.0 improves UEFI support and updates kernel. This is a security update.
https://www.caine-live.net/

Chainsaw 2.12.2 is a housekeeping release. This is not a security update.
https://github.com/countercept/chainsaw

MalwareBytes Desktop Security 5.2.10.182 is a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 4.1.10 updates the user interface, adds a list of recent connections to quick access, and adds advanced profile settings such as port forwarding and autolaunch behaviors. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest

RogueKiller 16.1.2 expands the monitoring capabilities and improves detection logic. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.342 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1274 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.63.2 resolves a major stability issue. This should be treated as a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.74.1 improves the Sigma editor and adds new live event sources. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.41.2 adds AVIF support and resolves a couple bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 25.1.0 updates libraries, improves step capture, smart redact, stability and performance, and resolves several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.8 adds support for new encodings and improves OCR detection for subtitles. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.18.1 adds support for new encodings and resolves a couple bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.2.2.8 improves compatibility, adds support for newer playlist and distribution formats, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.1.2 resolves several bugs and adds faster upscaling model. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.15 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.70 adds new internetional keyboard layout support. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.8.0 finally adds a built-in update mechanism, improves Windows-To-Go support, and resolves several bugs. This is not a security update.
https://www.diskpart.com/

Bitcoin 28.1 adds new features, bug fixes and performance improvements. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 2025.3.0 adds 2SL login support to the user interface and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.34.11482 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.15 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.6.0-1 adds several new APIs, improves compatibility and resolves several bugs. This is not a security update.
https://cygwin.com/

Dell Command Update 5.5 adds automatic driver downloads to the Advance Driver Restore operation. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 11.71 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DiskCheckup 3.6 doesn’t provide a detailed change log so should be treated as a security update.
https://www.passmark.com/products/diskcheckup/

dnGrep 4.4.9.0 resolves several bugs. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2025-03-14 resovles several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Eraser 6.2.0.2996 doesn’t provide a change log so should be treated as a security update.
https://eraser.heidi.ie/download/

ESEDatabaseView 1.78 adds an optional black background. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html

Everything Toolbar 1.5.2 improves compatibility and resolves a couple bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

FoneTool 2.10.0 adds support to back up ringtones, improves System Repair and iTunes compatibility and resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

GoodSync 12.8.7 resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.24 adds support for newer hardware. This is not a security update.
https://www.hwinfo.com/download/

ImageUSB 1.5.1007 resolves a hardware compatibility bug. This is not a security update.
https://www.osforensics.com/tools/write-usb-images.html

Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

ManageWirelessNetworks 1.16 adds option to save all items. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NConvert 7.221 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NTLite 2025.03.10351 improves new Windows UEFI build behavior and updates libraries. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.1.1004 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.90.0 adds several new features and resolves a bunch of bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.6.6 changes a couple behaviors and resolves several bugs. This is not a security update.
https://www.roboform.com/

ScreenConnect 25.2.3.9216 resolves several bugs and now imposes a hardcoded email limit in the name of security – which means that monitoring events using the email action will no longer be reliable.
https://screenconnect.connectwise.com/download

SSD Life 2.5.82 adds support for newer hardware. This is not a security update.
https://ssd-life.com/eng/download-ssdlife.html

Starwind V2V Converter 9.626 improves conversions from Hyper-V to ESXi. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

TeamViewer 15.64.3 adds several new management features and resolves a couple bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WakeMeOnLan 1.93 adds a black background option. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WinRAR 7.11 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WinScan2PDF 9.31 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizFile 3.12 resolves a bug. This is not a security update.
https://antibody-software.com/wizfile/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.3.1.14 resolves several bugs. This is not a security update.
https://developer.android.com/studio

cx_Freeze 8.1 updates libraries and resolves several bugs. This should be treated as a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GameMaker Studio 2024.13.0.190 resolves over 500 bugs. This should be treated as a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.5.228 resolves a couple cosmetic bugs. This is not a security update.
https://gdevelop.io/download

Go 1.24.2 is a security update.
https://go.dev/

Godot 4.4.1 is a security update.
https://godotengine.org/

Inno Setup 6.4.2 adds a new setup directive. This is not a security update.
https://www.jrsoftware.org/isdl.php

Node.js 18.20.8 is a security update.
https://nodejs.org/en/

Node.js 20.19.0 resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 23.11.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.3 resolves dozens of bugs. This is a security update.
https://www.python.org/downloads/windows/

Visual Studio Code 1.99.1 resolves several bugs. This is a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 5.2.0 resolves several bugs and adds cosmetic improvements. Adminer has been under very active development the last couple months so expect many more future updates over time.
https://www.adminer.org/en/

Grocy 4.5.0 implements a new barcode reader and resolves a couple bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.17.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.2.6 and 4.4.13 are security updates.
https://www.joomla.org/

MailEnable 9.88 and 10.52 are security updates.
https://www.mailenable.com/

OpenCart 4.1.0.3 resolves several bugs. This is not a security update.
https://www.opencart.com/

Piwigo 15.5.0 resolves several bugs. This is not a security update.
https://piwigo.org/

YOURLS 1.10.0 updates requirements, dependences and resolves several bugs. This is not a security update.
https://yourls.org/

BuddyPress 14.3.4 is a security update.
https://wordpress.org/extend/plugins/buddypress/

My Sticky Bar 2.7.8 improves user interface. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

WordPress Importer 0.8.4 resolves a couple bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-10-08

Welcome back, Folks!

Today is Patch Tuesday for October, 2024.

Windows 11 24H2 is out. So is macOS 15/Sequoia. iOS 18, iPadOS 18, tvOS 18, watchOS 11, and visionOS 11 are out now.  The first set of security updates for each of these are released now, too.

All versions of Windows 11 prior to 23H2 are no longer be supported. Upgrade to 23H2 now, then do not upgrade to 24H2, yet. Let everyone else be the guinea pigs. It’s already showing quite a few issues.

All versions of macOS prior to 13/Ventura are no longer supported. If you can’t upgrade your Mac to Ventura you need to permanently take it offline and/or replace it.

Windows 10 now has only 12 months of support left. If your computer can not be upgraded to Windows 11 either start planning now for a switch to Linux or replacing your computer.

There were 505+ major hacks, and over 395 application updates this month. It’s an enormous month, with about 4 GB of updates for most users.

This Month in Technology

4B Components, 5.11 Tactical, A1 Mobile Locksmith, Access Ambulatory Surgery Center, LLC, Access Sports, Accurate Railroad Construction Ltd, Acuity Advisor, Adobe Acrobat Reader DC, Adobe After Effects, Adobe Audition, Adobe Commerce & Magento stores (5% of all their commerce sites!!!),  Adobe Media Encoder, Adobe Photoshop, Adobe Premiere Pro, ADT, Advanced Sterilization Products, Inc, Affirm Agency, AFP, air-gapped government systems, Akromold, Al Rajhi Bank, Albany College of Pharmacy, Alliance, Ally Bank, Alshaya Group, Altman Plants, Alvan Blanch, American Water Works, Amgen Inc, Amplitude Laser, Andamen, Andantex USA, Anniversary Holding, Apache Avro, Apache HugeGraph-Server, Apex Softcell, Aramark myPay, Arc browser, Arelance Group, Around the Clock Companies, Asheville Arthritis and Osteoporosis Center, PA, AT&T, ATG Communications Group, Atrium Health, Autel Maxicharger, Auto Recyclers, AutoCanada, Autodesk Navisworks Freedom DWF, automatic storage tank gauge (ATG) systems (6 models), Avi Resort & Casino, Avis, Balboa Bay Club Ventures LLC, Banana Gun, Bangladeshi government, Barbados Revenue Authority, Barnes & Cohen, Batcom, Battle Lumber Co, Bay Ridge Automotive Management Group, Bazooka, Bel-Air Bay Club, BELL DATA, Inc, Benny Gantz, Bethalto Community Unit School District, Betterhalf, Bharat Petroleum, BingX, Bloom Hearing Specialists, Blundstone USA Inc, BNBuilders, BotSpace, Branhaven Chrysler Dodge Jeep Ram, Brechbuhler Scales Inc, BroadGrain Commodities, Broward Realty Corp, Brown Bottling Group, Brown Integrated Logistics, Brunswick Hospital Center, BSH Soft, BudTrader, C&L Ward, CaleyWray, Calibrated Healthcare, LLC, California Department of Social Services, Cameroon’s pension fund, Canstar Restorations, Capgemini, Capital Printing, Carlile Group, Cascade Columbia Distribution, Casino Fandango, Casio, Caterpillar Inc, Cellular Plus, CentralTickets, CF Medical, Charles Darwin School, Chernan Technology, ChiceDNA, Chinese government, a Chinese government botnet, Chrome, Chunghwa Telecom Data, Cincinnati Public Schools, City of Aberdeen, WA, City of Forest Park, City of Pleasanton, CA, City of Richardson, TX, CK Associates, CKS Packaging, Classic Business Products, CobelPlast, Cohesive Networks VNS3, Comcast Cable Communications, Community Clinic of Maui, Inc, Community Hospital of Anaconda, Compass Group, Concord Management Services, Condere IP, Conductive Containers, Inc, Connally Memorial Medical Center, Control Panels USA, CopySmart LLC, Corantioquia, Creative Consumer Concepts, Creative Playthings, CrediHealth, Crown Mortgage Company, CSG Consultants, D-Link routers, DATASUS, Daughterly Care, David’s Bridal, Del Valle Independent School District, Delaware Library system, Dell (twice in a week),  Deloitte, Delta Prime, Department of Foreign Affairs (DFA), Philippines, DETRAN, Detroit Public TV, Diamond Contracting, LLC, Didi Chuxing, digiDirect, Dimensional Merchandising, DINAS Corp, Divine Interprises INC, DJH Jugendherberge, Domain Industries, DotPe, DPC DATA, Dr. Web, DrayTek routers, Dreyfuss + Blackford Architecture, Duopharma Biotech, Dutch Police, EasyMPS, Edge Imaging, eFile.com, EigenLayer, Elgin Separation Solutions, Elitecare Emergency Hospital, Elitecare, Empereon Marketing, English Football League, Enterprise Outsourcing, EnviroNET Inc, Environmental Code Consultants Inc, Erasmus+, ETC Companies, Ethena Labs, Eurobulk, Evans Distribution Systems, Experience Engine, Express Services, Fabrica Industrial Machinery & Equipment, FastStone Imave Viewer, Fazenda Brazil government, FBCS, Fedbank Financial Services, Feeld, Feldstein & Stewart, Fireworks Software, First Choice, Fleet Equipment, FoccoERP, Forshey Prostok LLP, Fortinet, Fortive, Foundation, Foxit PDF Reader, Freshstart Credit Repair, Frigocenter, Fritzøe Engros, FTV Employment Services LLC, Fylde Coast Academy Trust, G/S Solutions, Galloway MacLeod, Games Box, GameVN, Garvey, GenPro Inc, GitLab, GNOME Project G, GoDaddy, Golden Age Nursing Home, Gough Construction, Graminex, Graybill Medical Group, Greene Acres Nursing Home, Guerriere & Halnon, GW Mechanical, Hair Club for Men, Hamel Cranial Chiropractic & Wellness INC, Harvard Pilgrim Health Care, Harvey Nichols, HDI, Hertz, Hezbollah, Hindle Group, Holmes & Brakel, Howard CPAs, HPE Aruba Networking, Hughes Gill Cochrane Tinetti, Hunter Dickinson Inc, HuntStand, I-MED, Ibermutuamur, ICBC London, IDEALEASE INC, Idre Fjäll, Indian Supreme Court, Indodax, Infosys McCamish Systems, Instituto Nacional de Deportes de Chile, Insurance Agency Marketing Services, Inc, InteriorWorx Commercial Flooring, iOS Password Manager, 260,000 IoT devices (Raptor Train), Iron Metals, Isola, Israel Defense Minister, Israel Foreign Affairs Minister, Israel Harel Insurance, Israel Prime Minister, an Israeli analytics company, Israeli defense companies, Israeli Industrial Batteries, Istrail, Italian Ministry, Ivanti Cloud Services Appliance, Ivanti Endpoint Manager, Ivanti Workspace Control, Jackson Paper Manufacturing, Jacobsen Construction Co, Inc Health Plan, Joe Swartz Electric, Johnson & Wales University, JTaylor & Associates LLC, Juice Generation, Kawasaki Motors Europe, Keller Williams Realty Group, Kennedy Funding, Keuka College, Keya Accounting and Tax Services LLC, Kia dealer portal, Kia vehicles (again), KintApp, Kravit, Hovel & Krawczyk SC, KukuFM, Kuwait Health Ministry, LA Financial Federal Credit Union, Labib Funk Associates, Ladov Law Firm, Lakeland Chamber, Lancaster Royal Grammar, three-quarters of law firms (which explains a lot of the hacks this month), Law Offices of Michael J Gurfinkel, Inc, Lawrie Insurance Group, Lee Hoffoss Injury Lawyers, LEGO, Lenovo Service Bridge, Liberty First Credit Union, Local 1964 ILA Health & Insurance Fund, Lumen Technologies, Luso Cuanzа, Lyomark Pharma, MacGillivray Law, macOS graphics driver, macOS video decoder, Magenta Photo Studio, Malwarebytes Antimalware, Markdom Plastic Products, Maryville Academy, Mattson Technology, Inc, Max Shop, MC2 Data, McAbee Construction, Inc, McCarty Company, MCNA Dental, MDSi INC, MediCheck, MedReview, Messe C, Miami Dolphins Forum, Michigan Masonic Home, Michigan Medicine, Microsoft Azure API Management, Microsoft C++ redistributable, Microsoft Pragmatic General Multicast Server, Microsoft SharePoint, Microsoft Windows, Microsoft Windows 10 AllJoyn Router Service, Microsoft Windows Internet Explorer, Microsoft Windows SmartScreen, Mile Hi Foods, MIPS Holding, Inc, Mobility Compare, Model Engineering, Moeller Door and Window, MoneyGram, Mozambique Election System, Mt. Carmel Behavioral Healthcare, Muskogee City County Enhanced 911 Trust Authority, mySCADA myPRO, NASA, New Electric, New River Electrical, New York Sports Club, Noble Environmental, North American Breaker, Nova Sinseg, Nusser Mineralöl GmbH, NVIDIA Container Toolkit, Octapharma Plasma, OffRoadAction, Omega Industries, One Point HR Solutions, Onyx, OpenAI, OpenPLC_v3 Runtime, Optigo Networks ONS-S8, Oracle WebLogic, Pacific Coast Building Products, Pacific Islands Forum, Fiji, Pacific Scientific Energetic Materials Company LLC, Palomar Medical Group, PaperCut NG, Partners Air, Patelco Credit Union, Patrick Sanders Company, PDF-XChange Editor, Pearl Cohen, Peerless Umbrella, Performance Food Centers, Performance Therapies, PetEdge, Pete’s Road Service, PetroChina, Physical Medicine & Rehabilitation Center, Piggly Wiggly, Plaisted Companies, Plastics Plus, Plumbers Stock, Port of Seattle/Seattle-Tacoma International Airport (SEA), Power Torque Services, PRC-Saltillo, Premier Packaging, Prentke Romich Company, Progress Software WhatsUp Gold, Pureform Radiology Center, Qualcomm DSP, Quantum Healthcare, Raaga, Rackspace, Radio Geretsried, 19 UK railway stations, Ranveer Allahbadia, Reading Train Station, Red Barrels, Repsol, Research Electronics International, Reutter, Richland County, WI, Richmond Auto Mall, Richmond Community Schools, Riley Gear Corporation, Rim Country Health and Rehabilitation, Ring Power, River Delta Unified School District, River Region Cardiology Associates, Riverside Resort Casino, Rob Levine & Associates, Robson Planning Group Inc, Rockwell Automation PLC Software, Sacred Heart Catholic School, Sage Home Loans Corporation, SaniRent, Satia Group, Savannah Candy, Schäfer, dein Bäcker GmbH & Co KG, Scranton School District, Sellafield, ServiceNow, Shenango Area School District, Sherr Puttmann Akins Lamb PC, Shezmu, Shin Bet, ShoreMaster, Signature Healthcare Services LLC, siParadigm LLC, Slim CD, Smart Buy, Smart Source, Inc, 2,700 “smart” devices in the Netherlands, SolarWinds Access Rights Manager, Solutii Sistemas, Sono Bello, Southeast Cooler, Southern Bone, SpaceX, Spectrum Industries, Sportstech, spWETH Wallet, Star Blizzard, Star Health (India), Stillwater Mining Company, Storck-Baugesellschaft mbH, Structural Concepts, Sub-Zero, Wolf, and Cove, Sunrise Farms, Synnovis, TANYA Creations, TeamViewer, TeleHealth Center (India), Temu, Tewkesbury Borough Council, Thai Honda Manufacturing, The Gill Corporation, The Maids International, The Rubber Resources, The Superior Court of California, The Tech Interactive, Theresa Gordon Tax Services, Inc, Think Simple, Thomas Lloyd, Thompson Construction Supply, TIAA, Title Financial Corporation, Total Electronics, TOTVS, Toyota, TradeZero America Inc, Transport for London, Transtec SAS, TransUnion Risk and Alternative Data Solutions, Inc, Travel Alberta, TRC Worldwide Engineering, Trend Micro Deep Discovery Inspector, True Family Enterprises, Truflation, Truist Bank, Trump campaign, Tuttle-Click Automotive Group, Twilio, Uber Eats, UCC Retreivals, United Animal Health, Universal Music Group, University Medical Center, University of Minnesota Orthodontics, US Centers for Medicare and Medicaid Services, US Congress, US Dermatology Partners, UT Southwestern Medical Center, Uttarakhand (India) government, Veertu Anka Build, Verizon, Vermilion Parish Schools, Versa Director, VGTRK, Vickers Engineering, Vidisco, Virginia Dare Extract Co, Visionary Homes, Visteon Infotainment System, VMware vCenter Server, Ward Transport, Wayne County, MI, WazirX, We Level Up Treatment Lake Worth, Weiser Memorial Hospital, Weldco-Beales Manufacturing, Wells Fargo, Western Digital MyCloud PR4100, WhatsApp, Wichita Police, Wilmington Convention Center, Wilson & Lafleur, Wisconsin Physicians Service Insurance Corp, Woodard, Hernandez, Roth & Day, WordPress Houzez Login Register plugin, WordPress Houzez theme, WordPress LiteSpeed Cache Plugin, Wright, Moore, DeHart, Dupuis & Hutchinson, LLC, Young Consulting LLC, and Zimbra email servers have reported hacking or compromises this month.

AFP, AT&T, Cloudflare, Confidant Health, Dr. Web, Google CloudImposer, Highline Public Schools, MoneyGram, PlayStation Network, Port of Seattle, Providence Public Schools, State Data Center (India), Verizon, and WP Engine have suffered from outages this month.

Last months updates broke M4 iPad Pro devices, macOS Sequoia VPN & antivirus software, Microsoft 365 apps, Microsoft Outlook mail vs nested folders, Microsoft Word (serious – Word deletes your files if they have mixed case extensions!), Windows 11 24H2 BSODs, Windows 11 24H2 gaming performance, Windows 11 24H2 license activation, Windows reboots, and Windows USB & Bluetooth.

In other news

The Internet backdoor mandated by US federal law has been hijacked by China (Salt Typhoon) and is being actively exploited again across several phone providers. It’s not good.

Almost 3 in 5 of breached UK firms admit to paying ransom on demand. An insane 92% of healthcare firms in the US were hit by cyberattacks this year.

Now that “exploding pagers” (and more) are a thing, will people start to take supply chain and physical security seriously?

Fearing exposure of weak security processes, Apple has moved to dismiss their lawsuit against NSO Group.

Now for the good news

Discord has added end-to-end encryption for audio & video calls.

NIST has finally scrapped their complexity and change frequency recommendations. The math on these recommendations simply doesn’t add up.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is enormous this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released 65 updates to address 121 vulnerabilities in .NET Framework, .NET, Azure CLI, Azure Monitor, Azure Stack, BranchCache, Code Integrity Guard, DeepSpeed, Internet Small Computer Systems Interface (iSCSI), Microsoft ActiveX, Microsoft Configuration Manager, Microsoft Defender for Endpoint, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Management Console, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office, Microsoft Simple Certificate Enrollment Protocol, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Speech, OpenSSH for Windows, Outlook for Android, Power BI, Remote Desktop Client, RPC Endpoint Mapper Service, Service Fabric, Sudo for Windows, Visual C++ Redistributable Installer, Visual Studio Code, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows BitLocker, Windows Common Log File System Driver, Windows Cryptographic Services, Windows cURL Implementation, Windows EFI Partition, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows Kernel-Mode Drivers, Windows Local Security Authority (LSA), Windows Mobile Broadband, Windows MSHTML Platform, Windows Netlogon, Windows Network Address Translation (NAT), Windows NT OS Kernel, Windows NTFS, Windows Online Certificate Status Protocol (OCSP), Windows Print Spooler Components, Windows Remote Desktop Licensing Service, Windows Remote Desktop Services, Windows Remote Desktop, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Scripting, Windows Secure Channel, Windows Secure Kernel Mode, Windows Shell, Windows Standards-Based Storage Management Service, Windows Storage Port Driver, Windows Storage, Windows Telephony Server, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for Apple TV 1.5.0.152 for Windows, iOS 17.7, iOS 18, iOS 18.0.1, iPadOS 17.7, iPadOS 18, iPadOS 18.0.1, macOS Sequoia 15.0.1, macOS Sonoma 14.7, macOS Ventura 13.7, Safari 18, Safari 18.0.1, tvOS 17.6.1, tvOS 18, visionOS 2, visionOS 2.0.1, watchOS 10.6.1, watchOS 11, watchOS 11.0.1, and Xcode 16. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.6.1, 11, and 11.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 18 is a security update. Use System, Software Update to install the most current version.

visionOS 2 and 2.0.1 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 128.0.6613.163, 129.0.6668.80, and ChromeOS LTS 126.0.6478.254 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.9.1 improves hardware compatibility, game support, resolves several bugs and expands Vulkan extensions. This is not a security update.
https://www.amd.com/en/support

TP-Link Archer AX55 v1 240628 improves mesh and configuration controls. This is not a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

goxlr-utility 1.1.4 resolves several compatibility and reliability bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

UniFi Network Server 8.4.62 resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.2.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.70.123 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 129.0.6668.100 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 129.0.2792.79 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 131.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.3.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 6.9.3447.51 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.14.0 is a security update.
https://getmailspring.com/

ProtonMail (Android) 4.0.22.1 resolves a major stability bug. This is not a security update.
https://proton.me/mail/download

Spark 3.17.9.86866 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.9.86865 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.3.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.1.0 resolves dozens of bugs and improves stability. This is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.1.2 is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.58 resolves an export bug. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.10.1 resolves over a dozen bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 209.4.3661 does not provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.6.0.24.211 is a security update.
https://www.messenger.com/download

FileZilla Server 1.9.2 resolves a bug in the update engine. This is not a security update.
https://filezilla-project.org/

Google Drive 98.0 is a security update.
https://drive.google.com/start

MeshCentral 1.1.32 is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.26062 improves onboarding flow and allows external presenters to join from mobile platforms. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.0 is a major update, updating libraries, minimum requirements, and resolving more than a hundred bugs. This is a security update.
https://nextcloud.com/

Npcap 1.80 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Rclone 1.68.1 improves compatibility and resolves several bugs. This is not a security update.
https://rclone.org/

Signal 7.27.0 adds several new display options for media, groups and restores ability to search stored messages from groups you’re no longer part of. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.18.2 adds ability to search for emoji. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.0.2 resolves protocol bugs. v13 adds several other new DNS features and controls including ZONEMD, RP, Catalog Zones and improved logging. This is not a security update.
https://technitium.com/dns/

Telegram 5.6.1 resolves dozens of bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 11.1.3 resolves dozens of bugs. This is not a security update.
https://telegram.org/apps

Zoom 6.2.3.47507 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.10 resolves a couple bugs and improves lip sync. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.4 resolves over 20 bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 264 adds auto-play toggle, allows you to control rotation sensitivity, reverse rotation, and resolves several bugs and compatibility issues. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.3.2 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.102.0.230 resolves a couple bugs and adds an advertising consent notice. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.67.1.233 updates web engine. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.0.8994 adds support for external subtitles, improved ad detection, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.31.04 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 19.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.920 improves stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.09.17 changes the terms of use and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.10.03 improves Wi-Fi 7 compatibility. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.8 and 24.0.5 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-76.html

Adobe Commerce 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11, 1.4.2-p3, 1.3.5-p8, 1.3.4-p10, and 1.3.3-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Magento Open Source 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Adobe Dimension 4.0.4 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb24-74.html

Adobe FrameMaker 2020.7 and 2022.5 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-82.html

Adobe InCopy 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb24-79.html

Adobe InDesign 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-80.html

Adobe Lightroom 7.5, 13.5.1, and 12.5.2 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb24-78.html

Adobe Substance 3D Painter 10.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html

Adobe Substance 3D Stager 3.0.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html

Audacity 3.6.4 doesn’t have a change log so should be treated as a security update.
https://www.audacityteam.org/download/

Blender 4.2.2 resolves dozens of bugs. This is a security update.
https://www.blender.org/download/

Calibre 7.19.0 improves performance and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.04.0 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GnuCash 5.9 resolves several bugs. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.08.1 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Krita 5.2.6 resolves over 50 bugs and improves reliability and stability. This is not a security update.
https://krita.org/en/download/

LibreOffice Fresh 24.8.2 resolves almost 200 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.10.8.1879 adds business templates, FDX support, and resolves several bugs. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.14.1 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7 updates libraries, resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

PDF Candy Desktop 3.13 doesn’t provide a change log so should be treated as a security update.
https://pdfcandy.com/

PDF-XChange Editor 10.4.1.389 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_34 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_39 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

JShelter 0.19.1 improves Manifest V3 compatibility and performance. This is not a security update.
https://jshelter.org/install/

KeePass 2.57.1 is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 5.5.4 doesn’t provide a change log so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

RogueKiller 15.18.3 updates libraries and resolves several bugs. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/

SecurityCheck 2024.9.22 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/securitycheck/dl/123/

Stinger 13.0.0.197 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1268 adds support for new browsers, applications, unicode compatibility and resolves several bugs. This is a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.60.0 adds several new features and resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

QubesOS 4.2.3 is a security update.
https://www.qubes-os.org/downloads/

Tails 6.8 is a security update. 6.8 also signals the merger of Tails and the Tor Project.
https://tails.net/install/download/index.en.html

Zorin OS 17.2 improves customization, updates libraries, and resolves several bugs. This is not a security update.
https://zorin.com/os/mirrors/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.2.4 resolves stability bugs. This is not a security update. This is not a security update.
https://www.techsmith.com/screen-capture.html

VideoCacheView 3.10 improves compatibility with Google Chrome. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.7 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.17.8 improves defect tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.2.0.0 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.5 adds FLAC support and resolves sseveral bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.7 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.46 adds QR code authentication, Wi-Fi QR code sharing, accessibility improvements, and resolved several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.5.0 adds Boot Repair, improves Migrate OS and resolves bugs in the optical media creation flow. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.9.2 improves PDF attachment handling and improves Secrets Manager. This is not a security update.
https://bitwarden.com/

CCleaner 6.28.11297 adds support for new applications. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.11 improves mainboard detection and adds new hardware support. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Deskflow 1.17.0 is a complete rebrand of the upstream Synergy source, pushing the public code base into a useful utility. This is the first one, though, so I’d hold off a little while. This is not a security update.
https://deskflow.org/

DesktopOK 11.44 improves copmatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.84.0 improves cache plug-in to use hash data to reduce network chatter, encoding improvements, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-09-12 adds option to use password as credentials, improves documentation and resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.5.1 improves compatibility, adds RTL support, keyboard shortcuts and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3880.66.6 improves compatibility and adds support for Windows 11 v24H2. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.60 adds support for Windows 11 v24H2 and removes v23H2. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 3.7.1 improves Network Insights and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.9.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.46.1 resolves several bugs and improves documentation. This is not a security update.
https://git-scm.com/

GoodSync 12.7.6 improves logging and compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 2.13 adds channel utilization reporting, Wi-Fi 7 (802.11be) support and filtering improvements. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.12 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.55 adds support for newer hardware and battery information. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 4.11 adds support improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 2.2.0 adds Italian language support. This is not a security update.
https://lessmsi.activescott.com/

MultiMonitorTool 2.11 resolves a mapping bug. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NTLite 2024.9.10073 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1014 resolves over a dozen bugs including performance and reliability issues. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 6.44 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.85.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 24.2 should be avoided. It has had rollout “paused” due to stability issues four times already. Just wait for 24.3 or 24.4 to be stable.
https://screenconnect.connectwise.com/download

TeamViewer 15.58.5 resolves several bugs and implements new cosmetics. This is a security update.
https://www.teamviewer.com/en-us/download/windows/

TestDisk 7.3 doesn’t provide a change log so should be treated as a security update.
https://www.cgsecurity.org/wiki/TestDisk_Download

XnConvert 1.101.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.10 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.2.1.9 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.4.213 adds ability to change opacity within properties panel, tilemap improvements, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.6 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.2 resolves several bugs. This is not a security update.
https://go.dev/

Node.js 20.18.0 updates libraries, resovles several bugs and adds experimental support for network inspection. This is not a security update.
https://nodejs.org/en/

Node.js 22.9.0 updates libraries, adds support for stack trace, disables V8, and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.0 resolves over a dozen bugs. This is a security update.
https://www.python.org/downloads/windows/

Visual Studio Code 1.94 improves Explorer Find, adds filtering options to Source Control Graph, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.2 is a major update, changing style, performance, stability, hardware compatibility and adding many options. It also initially broke older guests and this release fixes that as well as a dozen other bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Duplicator 1.5.11 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Sucuri Security 1.9.5 improves analysis. This should be treated as a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-09-10

Welcome back, Folks!

Today is Patch Tuesday for September, 2024.

We’re one month closer to the next build of Windows 11 and the next release of macOS, both due in mere weeks. A new major version of Office (aka Microsoft 365) is due at the same time, as well.

When the new build of Windows 11 is released all versions of Windows 11 prior to 23H2 will no longer be supported. Upgrade to 23H2 now if you have not done so yet, then do not upgrade to 24H2 when it is released. Let everyone else be the guinea pigs.

When the new build of macOS is released all versions of macOS prior to 13/Ventura will no longer be supported. If you can’t upgrade your Mac to Ventura you need to switch it to Linux or replace it.

Windows 10 now has only 13 months of support left. If your computer can not be upgraded to Windows 11 either start planning for a switch to Linux or replacing your computer.

There were 310+ major hacks, and over 200 application updates this month.
It’s a relatively small month, with only about 2.0 GB of updates for most users.

This Month in Technology

ABC Parts International, Acadian Ambulance, Adina Design, Advanced Medical Management, LLC, Aioi Nissay Dowa Insurance, Air International Thermal Systems, Akeela, Alabama Cardiology Group, Alcampo, Allergy Medical Group of the North Area, Inc, Ambulnz Holdings, AMD, American Clinical Solutions, an “industrial company” in Somerset County, NJ, an Israeli IT company, Android, Angus Council, Apache OFBiz (Open For Business), Apache Tomcat, Applause, Arden Claims Service, Argentine Air Force, Armour Coatings, Around the Clock Companies, Artifact Uprising LLC, Asus RT-N15U, Australian Cancer Research Foundation, Autel Maxicharger, AutoCanada, Avis, AVTECH CCTV cameras, 15,000 AWS Load Balancers, Azure Health Bot, Baird Mandalas Brockstedt LLC, Baker Places, Inc, Banham Poultry, Bank Rakyat, Baptist Health Medical Center Drew County, Bar2, Barrie, Behavioral Health Alliance of Rural Pennsylvania, Beng Kuang Marine, Benson Kearley IFG, Biggin Hill’s Charles Darwin School, bitcoin hardware wallets (Dark Skippy), Blain Jacobson DMD, CAGS, Blooms Today, Boutiqaat, BPOTech, Bromley GP, BVI Electricity Corporation, Caja Los Andes, CannonDesign, Canvey Island Infant School, Carehands, Carespring Healthcare, Catholic Charities CYO of The Archdiocese of San Francisco, CBIZ Benefits & Insurance Services, Cellular Plus, Centers for Medicare & Medicaid Services, Chevrolet, Chris Leong, CinemaTech, Cisco Identity Services Engine, Cisco Smart Licensing Utility, City of Columbus, OH, City of Flint, MI, City of St. Helena, CA, Clabots, Communication Federal Credit Union, Compex Legal Services Inc, Confidant Health, Connex health portal, Consilium Staffing, Consulting Radiologists LTD, Covenant Care California, LLC, Crain Group, Dahua cameras, Data Bilgi Islem, Davidoff Hutcher & Citron LLP, DBA ATC Home Care, Deutsche Flugsicherung (DFS), Dibcase, Dick’s Sporting Goods, DimeCuba, Dingding Talk, Disney Cruise lines, Disneyland, Domino’s Pizza Singapore, Durex India, Ecovacs, EnglishCentral, Enroll Confidently, Inc, Eric Rossi CPA LLC, Erie Meats, EV infrastructure, Exotel, Explore Talent, External Secrets Operator, Facial Pain Center, Farmers’ Rice Cooperative, Fish Nelson & Holden, FlightAware, Florida Department of Health, Fortra FileCatalyst Workflow, Fota Wildlife Park, Free Russia Foundation, Futurity First Insurance Group, GDB International, GeoServer Project, GitHub Enterprise Server, GiveWP WordPress Plugin, Google Chrome, Gramercy Surgery Center, Granville Recreation District, Greater Manchester Council, Grid Subject Matter Experts, Halliburton, Highline Public Schools, Hospital Sisters Health System, HP Security Manager, HPE HP-UX, IBM webMethods Integration Server, ICWI, Imetame, Imperial Sprinkler, LLC, Infosys McCamish Systems LLC, Institut National des Langues Luxembourg, iPhone, Isuzu Motors International Operations (Thailand), Ivanti Virtual Traffic Manager, Jangho Group, JAS Forwarding, Jenkins, Jewish Home Lifecare, Katz Nannis + Solomon, PC, Keene School District, Kentucky Corrections Department, Keycloak, Keystone Pacific Property Management, Kingdom Trust, King’s Choice, KlockMetal, Kootenai Health, Lake Washington Institute of Technology, Lakeland’s Watson Clinic, LAPOR, Laybuy, LDLC, Leal.co, LiteSpeed Cache WordPress Plugin, Lookiero, Los Angeles County Department of Mental Health, Market Moveis, McDonald’s Instagram, Medical Center Barbour, MedicaMall, Metro Pacific Tollways Corporation, Microchip Technology, Micron Crucial MX500, Microsoft Copilot Studio, Microsoft Entra ID, Microsoft OneNote, Microsoft Outlook, Microsoft Teams, Microsoft Word, Mid-Columbia Center for Living, Mifare Smart Cards, Mill Creek Lumber, Mitsubishi Chemical Group, Mitsui Sumitomo Insurance, Mohawk Valley Cardiology PC, Monobank, Musely AI, Muzu.co, MyFreightWorld, National Oceanic and Atmospheric Administration (NOAA), National Public Data, National Research Council of Italy, NHS Grampian, Okanogan Behavioral HealthCare, Oldham Council, Omicron Granite & Tile, Oregon Zoo, Orion, Packaging Corporation of America, Parker Development Company, ParkTree Community Health Center, Park’N Fly, Patelco Credit Union, PBC Companies, Pi Camera, Planned Parenthood of Montana, Plastix Marketing, Pocahontas Medical Clinic, Policy Administration Solutions, Port of Seattle, PostgreSQL, Prasarana Malaysia, Precom, Progress Software LoadMaster, ProPark Mobility, Public Agency Retirement Services (PARS), Quilvest Capital Partners, Radar/Dispossessor, Radiological Society of North America, RapidCMS, RCG, Regent Caravans, Relevvo, Retail Data, Rhithm Wellness App, Riverside Resort & Casino, Roberto Verino Difusion, Roblox Developers, Rochester Honkers, Rödl Management, SAP, Schlatter Industries, Scott Pharma Solutions, Sea-Tac Airport, Seirus Innovation, SenangPay Malaysia, Service Access & Management, ServiceBridge, Siam Cement Group, Sibanye-Stillwater, siParadigm, Slack, Slim CD, Software Engineering Associates, Solana, SolarWinds Web Help Desk, Sompo Japan Insurance, SonicWall SonicOS, South Carolina State University, South Orange County Community College District, Southwest Family Medicine Associates, Spanish Athletics Federation, Specialty Networks, Sport 2000, Sri Lankan Farmers Community, St. Clair County, IL, Stein Fibers, Stoxkart, Stripe CLI, Strive Medical, Strong Current Enterprises, Supreme Court of Philippines, SWISSCZ, Swissphone DiCal-RED, Tabb Inc, Tamil Nadu Labour Department Data, Taxellent Accounting Services Inc, Tewkesbury Council, Texas Centers for Infectious Disease Associates, Texas Dow Employees Credit Union, The Bakersfield Californian, The SMS Group, ThinkPHP, Thompson Davis & Co, TIAA, Toaping, Tokio Marine & Nichido Fire Insurance, Toronto District School Board, Town of Plymouth, CT, Toyota, toyyibPay, Traccar GPS System, Tracki, Traderie, Transport for London, TRENDnet TEW, Trionfo Solutions, Turkish government, Turning Point of Central California, Inc, UConn Health, UK National Crime Agency, UK Political Party Donation Platforms, Ukrainian government, Unicoin, United Services Automobile Association (USAA), United Urology Group, United Way of Connecticut, Inc, Universal Pure, University of Toronto, US Federal Bureau of Investigation (FBI), US Lottery Corporation, US Marshals Service, US Merchants Financial Group, Inc, US Transportation Security Administration (TSA), Valisana, Veeam services, VeriSource Services, Inc, Verkada, Versa Director, VMware ESXi, VMware VCenter Server, VOP CZ, Wayne Wright, LLP, WazirX, Welcome Health, WellLife Network, Western Electrical Contractors Association, WhatsApp, WinRAR, WPS Office, XPERT Business Solutions GmbH, Young Consulting, YubiKey 5, Zee Media, and Zyxel have reported hacking or compromises this month.

HalliburtonTransport for London, and McLaren Health have suffered from outages this month.

Last months updates broke BitLockerdual-boot (Windows + Linux), Outlook, Word, and Windows.

The National Public Data breach (leak, to be more accurate) has had an interesting turn of events, where they are now claiming that they’ve removed the entire database from their platform (it’s still available everywhere else). Opting out via their platform is dismissed and they offer no resolution. Not that one could be had.

A novel side-channel attack dubbed “RAMBO” (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device’s RAM to send data from air-gapped computers.

Microsoft has finally removed the defective and half-baked WinRE update causing daily and sometimes hourly errors because it couldn’t install on many devices.

Twitch force-enabled VTubers’ cameras without their consent.

Now for the good news:

The US appeals court had ruled geofence warrants are unconstitutional.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is pretty small this month. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released 41 updates to address 79 vulnerabilities in Azure CycleCloud, Azure Network Watcher, Azure Stack, Azure Web Apps, Dynamics Business Central, Microsoft AutoUpdate, Microsoft Dynamics 365, Microsoft Graphics Component, Microsoft Management Console, Microsoft Office Excel, Microsoft Office Publisher, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Outlook for iOS, Microsoft Streaming Service, Power Automate, SQL Server, Windows Admin Center, Windows AllJoyn API, Windows Authentication Methods, Windows DHCP Server, Windows Hyper-V, Windows Installer, Windows Kerberos, Windows Kernel-Mode Drivers, Windows Libarchive, Windows Mark of the Web (MOTW), Windows MSHTML Platform, Windows Network Address Translation (NAT), Windows Network Virtualization, Windows PowerShell, Windows Remote Access Connection Manager, Windows Remote Desktop Licensing Service, Windows Security Zone Mapping, Windows Setup and Deployment, Windows Standards-Based Storage Management Service, Windows Storage, Windows TCP/IP, Windows Update, Windows Win32K – GRFX, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.

Apple released updates for tvOS 17.6.1 and watchOS 10.6.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

watchOS 10.6.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.6.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 126.0.6478.252, 127.0.6533.132 and 128.0.6613.133 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.8.1 adds support for several games, including Concord, for what that’s worth and resolves several bugs.. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 10.07 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive

UniFi Network Server 8.4.59 adds support for Passpoint/Hotspot 2.0, Packet Capture, AP Analyzer, Pro AV and advanced IGMP snppting. This is not a security update.
https://www.ui.com/download/releases/network-server

Wacom Driver 6.4.7-3 resolves several bugs. This is a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.69.162 is a security update.
https://brave.com/

Firefox 130.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Google Chrome 128.0.6613.84 is a security update.
https://www.google.com/chrome/

Microsoft Edge 128.0.2739.67 is a security update.
https://www.microsoft.com/en-us/edge/business/download

SeaMonkey 2.53.19 is a security update.
https://www.seamonkey-project.org/

Vivaldi 6.9.3447.41 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

ProtonMail (Android) 4.0.19.1 resolves several bugs. This is not a security update.
https://proton.me/mail/download

Spark 3.17.6 is a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.6 is a security update.
https://sparkmailapp.com/

Thunderbird 128.2.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.14 adds ability for custom clients to disable tray options. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 206.4.6506 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.4.0.14.211 is a security update.
https://www.messenger.com/download

FileZilla Server 1.9.1 is a security update.
https://filezilla-project.org/

Google Drive 96.0 now alerts users to stalls and resolves several bugs. This is not a security update.
https://drive.google.com/start

MeshCentral 1.1.29 resolves dozens of bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.21751 adds reaction support to Town Hall feature. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.6 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.68.0 adds several new backends, improves S3 support, and resolves dozens of bugs. This is not a security update.
https://rclone.org/

Signal 7.23.0 improves performance. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.15.4 doesn’t provide a detailed change log so should be treated as a security update.
https://signal.org/android/apk/

Syncthing 1.27.12 is a security update.
https://syncthing.net/

Telegram 5.5.3 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 11.0.0 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

Trillian 6.5.0.45 resolves several bugs.
https://www.trillian.im/

WinSCP 6.3.5 is a security update.
https://winscp.net/eng/index.php

Zoom 6.1.11.45504 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.9 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.3 improves hardware support and resolves a key binding error. This is not a security update.
https://www.bitwig.com/download/

Grayjay 262 adds recommendations, improved comment system, and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

Kodi 21.1 is a security update.
https://kodi.tv/

Plex Desktop 1.100.1.221 resolves a season poster display bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.66.1.215 updates the web TV client. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.5.8921 is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.23.01 doesn’t provide a detailed change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2024.829 adds URL sharing, improves performance and hardware support. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat 24.003.20112, 24.001.30187 and 20.005.30680 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-70.html

Adobe Acrobat Reader 24.003.20112 and 20.005.30680 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-70.html

Adobe After Effects 24.6 and 23.6.9 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb24-55.html

Adobe Audition 24.6 and 23.6.9 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-54.html

Adobe ColdFusion 2023.10 and 2021.16 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-71.html

Adobe Illustrator 28.7.1 and 27.9.6 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-66.html

Adobe Media Encoder 24.6 and 23.6.9 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb24-53.html

Adobe Photoshop 24.7.5 and 25.12 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-72.html

Adobe Premiere Pro 24.6 and 23.6.9 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb24-58.html

Audacity 3.6.3 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 4.2.1 doesn’t provide a detailed change log so should be treated as a security update.
https://www.blender.org/download/

Calibre 7.17.0 adds paper-edition page number support, editing, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Formatta Filler 8.19.04 doesn’t provide a change log so should be treated as a security update.
https://www.phreesia.com/filler-ifiller/

Kdenlive 24.08.0 improves user interface for easing modes, effect groups, transform, and curve, as well as several bug fixes. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.5.70951 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 24.2.6 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.8.0 resolves over 400 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/

Manager 24.9.9.1845 adds a business template gallery and support for Financial Data Exchange (FDX). This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.3 resolves almost 100 bugs. This is not a security update.
https://nextcloud.com/

PDF-XChange Editor 10.4.0.388 resolves dozens of bugs. This is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_22 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_25 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Scribus 1.6.2 resolves several bugs. This should be treated as a security update.
https://www.scribus.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.10.0 resolves several bugs and adds Key/Value container support.
https://github.com/countercept/chainsaw

FSS 2024.8.15 doesn’t provide a detailed change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

MalwareBytes Anti-Malware 5.1.10.127 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.3.2 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.4.0 resolves several bugs and improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.18.2 resolves several bugs. This is not a secuirty update.
https://www.adlice.com/download/roguekiller/

SecurityCheck 2024.8.24 doesn’t provide a detailed change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/securitycheck/dl/123/

Stinger 13.0.0.190 adds support for new detections. Thsi is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.7 is a security update.
https://tails.net/install/download/index.en.html

VT-CLI 1.0.1 adds support for Chocolatey, updates actions and resolves several bugs. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

YARA 4.5.2 is a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.2.3 resolves several bugs. This is a security update.
https://obsproject.com/

ScreenToGif 2.41.1 updates translatons and resolves a couple bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 24.2.2 adds support for HDR image capture and exporting to Camtasia, and resolves a PDF export bug. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.6 adds support for new encodings and resolves compatibility issues with some hardware. This is not a security update.
https://www.dvdfab.cn/download.htm

PDF Creator 5.3.0 adds OneDrive integration, improved sharing support, and updated libraries. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.9.7 resolves dozens of bugs and adds a couple new sources. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.3 adds GPU support, ability to remove the scene background, and resolves a few bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.3 adds rich text markup in titles, improves compatibility, and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.10.44 adds filtering support, visual and accessibility improvements, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.10.45 adds filtering support, visual and accessibility improvements, improves compatibility, and resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

AOMEI Partition Assistant 10.4.2 improves reliability and stability, and resolves several bugs. This is not a security update.
https://www.diskpart.com/

balenaEtcher 1.19.22 replaces Flowzone inputs. This is not a security update.
https://etcher.balena.io/

Beyond Compare 5.0.2.30045 resolves over a dozen bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2024.8.2 adds support for autofill cards and identities using keyboard shortcuts, biometrics on Linux, and password-protected exports
https://bitwarden.com/

CalyxOS Device Flasher 1.0.10 doesn’t provide a detailed change log so should be treated as a security update.
https://calyxos.org/install/

CCleaner 6.27.11214 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.5.4 resolves several bugs. This is a security update.
https://cygwin.com/

Dell Command Update 5.4.0 improves reliability and stability. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 11.35 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.59.0 adds several new display options, improved performance and translations, and updates libraries. This is a security update.
https://dngrep.github.io/

Everything Toolbar 1.4.1 resovles a sort order bug. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3880.66.5 resolves adds Windows 10 Taskbar Style support (with extra steps) and Windows 11 24H2 compatibility. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FolderChangesView 2.37 is a cosmetic update. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

GoodSync 12.7.5 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.10 adds support for newer hardware. This is not a security update.
https://www.hwinfo.com/download/

InstalledAppView 1.09 adds dark mode support. This is not a security update.
https://www.nirsoft.net/utils/installed_app_view.html

Kingston SSD Manager 1.5.4.6 doesn’t provide a detailed change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

Mac Migration Assistant 3.0.1.0 doesn’t provide a detailed change log so should be treated as a security update.
https://support.apple.com/en-us/HT204087

NConvert 7.192 doesn’t provide a detailed change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NTLite 2024.8.10045 adds support to disable MSA and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1010 resolves over a dozen bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.13.1 resolves a bug. This is not a security update.
https://osquery.io/downloads

PowerToys 0.84.1 resolves several bugs and improves behavior of many apps. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.10.2 resolves a dozen bugs. This is not a security update.
https://psappdeploytoolkit.com/

ripgrep 14.1.1 resolves a couple bugs. Thsi is not a security update.
https://github.com/BurntSushi/ripgrep/releases/latest

ScreenConnect 24.2.10.8991 resolves several bugs. This is a security update.
https://screenconnect.connectwise.com/download

SearchMyFiles 3.30 adds support to search by owner. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TeamViewer 15.57.5 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WifiInfoView 2.94 adds dark mode support. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 8.93 improves hardware support and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.1.2.12 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GameMaker Studio 2024.8.1.171 adds dozens of features. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.4.211 improves stability and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.5 adds support for custom editors and shells and resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.1 is a security update.
https://go.dev/

Godot 4.3 updates libraries, adds thousands of improvements, and resolves hundreds of bugs. This is not a security update.
https://godotengine.org/

Godot 3.6 updates libraries and resolves dozens of bugs. This is not a security update.
https://godotengine.org/

MySQL Server 8.0.39 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/installer/

Node.js 20.17.0 resolves dozens of bugs and updates libraries. This is not a security update.
https://nodejs.org/en/

Node.js 22.8.0 resolves dozens of bugs and updates libraries. This is not a security update.
https://nodejs.org/en/

Python 3.12.6 is a security update.
https://www.python.org/downloads/windows/

Unreal Engine 5.4 improves layered control rigs, adds new gizmos, constraints improvements, cosmetic improvements, and resolves several bugs. This is not a security update.
https://unrealengine.com/en-US/

Visual Studio Code 1.93 improves IntelliSense, column resizing, source control, Copilot integration and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.16.2 resolves dozens of bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.1.4 is a bug fix release shortly after a security update.
https://www.joomla.org/

MailEnable 10.49 resolves over a dozen bugs. This is a security update.
https://www.mailenable.com/

WordPress 6.6.2 resolves over a dozen bugs. This is not a security update.
https://wordpress.org/

BuddyPress 14.1.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Conditional Widgets 3.2 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/conditional-widgets/

My Sticky Bar 2.7.7 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Sucuri Security 1.9.4 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

Theme My Login 7.1.9 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/

WPBakery 7.9 resolves over a dozen bugs and improves compatibility. This is not a security update.
https://wpbakery.com/

WP Cerber Security 9.6.3 adds ability to scan for and resolve third-party plugin issues, and resolves several bugs. This is not a security update.
https://wpcerber.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-07-09

Today is Patch Tuesday for July, 2024.

There were 330+ major hacks, and over 360 application updates this month. It’s an average month, with about 3.0 GB of updates for most users.

This Month in Technology

3GL Technology Solutions, 50 Cent, Acrotech Biopharma Inc, Adobe Commerce and Magento, Advance Auto Parts, AEG Presents, LLC, Affirm, Agrani Bank, Agropur, Airtel, AJE Group, Alabama Education Department, Altoona Logan Township Mobile Medical Emergency Department Authority, Ambulnz Holdings, LLC, AMD, Amper Group, Amtrak, Android, Ann & Robert H. Lurie Children’s Hospital of Chicago, ANY.RUN, Apple, Arcis Golf, Árvakur, ASI, Association of Texas Professional Educators, Aultman Hospital, Authy, Baltimore 311 callers, Behavioral Health Response, Belle Tire, Benefit Management, Better Business Bureau, Bharat Sanchar Nigam Limited (BSNL), Bol d’air France, BootCDN, Bootcss, Brainworks Software, Bunger Steel, Cambridge University Press & Assessment, Canara Bank, CareDx, Inc, CDK Global (twice), Center for Digestive Health, Center for Human Capital Innovation, Change Healthcare, Channel 7 News Australia, Chicha San Chen, Chroma Color, Circle K Atlanta, CISA Chemical Security Assessment Tool (CSAT), Cisco Nexus switches, Cisco NX-OS, City of Cleveland, Ohio, City Of Coon Rapids, City of Helsinki, Finland, City of Newburgh, NY, Class Advisors, Coca Cola, Cognizant Open Insurance Policy Administration, CoinStats, Conference USA, Consulting Radiologists Ltd, Creative Realities, Credit Suisse, CredRight, Critchfield & Johnston, Crown Equipment, CTG Brands, CTSystem, Cukierski Associates LLC, Custom Concrete, D-Link DIR-859, Datamate Bookkeeping & Tax, Inc, DaVita Inc, Daystar, Derby School, Derbyshire County Council, Designed Receivable Solutions, Inc, Deskcenter, DG3 North America, Inc, Diogenet SR, Docker containers, Dordt University, Eagle Materials, Egyptian Health Department, Ejército del Per, Elite Fitness, Elite Limousine Plus Inc, Elyria Foundry, EqualizeRCM, Ernst & Young LLP, Escondido Union High School District, Esquerra Republicana de Catalunya, Ethereum’s mailing list provider, eVeridis, Evolve Bank & Trust, Facebook PrestaShop module, Fareri Associates, FBT Transport, Financial Business and Consumer Solutions, Inc, Florida Department of Health, Fortra FileCatalyst Workflow, Francesco Parisi, French Diplomats, Fédération Internationale de l’Automobile (FIA – Formula 1), GBA GROUP, GCash, Geisinger Healthcare, Ghostscript library, GitLab, GlobalWafers, Globe Life, Goodman Reichwald-Dodge, GoodTemps, Google Chrome, Gorrie-Regan, Grandstream GXP2135, Great Lakes International Trading, Greylock McKinnon Associates, Inc, Grupo Amper, HackerOne, Harvey Construction, HealthEquity, Hedrick Brothers Construction, Hey You, Highland Health Systems, HubSpot, Human Technology Inc, Husky Owners, Hydmech, INDA’s, India’s National Disaster Management Authority (NDMA), India’s Regional Cancer Centre, Indonesia’s National Data Center, Indonesian Directorate General of Civil Aviation, Infosys McCamish Systems, Innerspec Technologies, Innomar Strategies, Intel CPUs (Indirector), Internal Revenue Service (IRS), Internal Security Operations Command (ISOC), Island Transportation Corp, JM Thompson, Jollibee Group, Jordan’s Ministry of Education, Juniper Networks Session Smart Router, Juniper Networks Session Smart Conductor, Juniper Networks WAN Assurance Router, Kadokawa Corporation, Kairos Health Arizona, Inc, Kansas City, Kansas Police Department, KBC Zagreb, Key Benefit, Kinter, Kito Canada, Kraken crypto exchange, Ladco, Lake Medical Group, Landmark Life, Learnosity, Legend Properties, Inc, Len Dubois Trucking, LevelOne WBR-6013, Levi Strauss, Lexibar, Lindex Group, LivaNova, Longview Oral & Maxillofacial Surgery, Los Angeles County Department of Public Health, Louisiana Special School District, Mailcow Mail Server, Manchester City Football, Maryhaven, Mass General Brigham, Maxicare, MD Now Urgent Care, MEL Aviation Ltd, Mercku, MGF Sourcing, Microsoft Azure Machine Learning Services, Microsoft email, Microsoft O365, Microsoft PlayReady DRM, Middletown Township, Mitsubishi Electric Software, ModPlan, Mount Kisco Surgery, Mountjoy, MOVEit, National Identity Management Commission of Nigeria, National Publisher Services LLC, Neiman Marcus, NetOne, Niconico, OCEANAIR, Olson & Co Steel, Opaxe, OpenAI (twice), OpenSSH server, P Kaufmann, Palomar Health Medical Group, Patelco Credit Union, Payne & Jones, Pediatric Urology Associates, Peterbilt of Atlanta, Philippine Health Insurance Corporation, Philippine Maritime Authority, Phoenix SecureCore UEFI firmware, Pinnacle Orthopaedics & Sports Medicine Specialists LLC, Planar, Plavan Commercial Fueling Inc (“P-Fleet”), Polyfill.io, Prairie Athletic Club, Privia Medical Group of Georgia, Progress MOVEit Transfer, Progress Software Corporation WhatsUp Gold, ProMotion Holdings, Providence Mission Heritage Endocrinology, Prudential Financial, PT Latinusa, Puyallup Tribe, Radiology and Imaging Specialists, Rappi, REA Wire, Realtek rtl819x, Rejetto HTTP File Server (HFS), Rider, Roblox Developer Conference, Rockford Public School District, Rockwell Automation’s PanelView Plus, Rolls-Royce, Sacred Heart Community Service, Samaritan Health Services, Inc, Sanyo Shokai, Scout Energy Partners, Scrubs And Beyond, Seagulf Marine Industries, Sensory Spectrum, Sharp printers, Shinnick & Ryan, Shoe Zone, Shopify third-party app, SiriusXM, Sirva, SkinCure Oncology, Sky-light, SkyPartsUSA, SlowMist, Smartweb, Sofidel, SolarWinds Serv-U, South Africa’s National Health Laboratory Service, SouthCoast Health, Special Health Resources, Spike Chunsoft, Staticfile, Steps to Life, Suminoe, Synnovis Pathology, Taj Hotel Group, TeamViewer, TETRA Technologies, Texas Recycling, Texas Retina Associates, The Ambulatory Surgery Center of Westchester, The Northwestern Mutual Life Insurance Company, The Union Labor Life Insurance Company, Ticketmaster LLC, Toshiba printers, Total Fitness, Tp-Link ER7206 Omada Gigabit VPN Router, TPI, TPOCC, Traderie, Transit Mutual Insurance Corporation, Transport Laberge, Trisun Land Services, Truist Bank, Turkish Government Websites, Twilio, UEFA, UK Post Office, US Dermatology Partners, UwU Lend, Vanguard, Vanna AI, Ventura County Credit Union, Victoria Racing Club, VirtualBox, Virum Apotek, Waupaca County, WI, West Clermont Schools, Western Mechanical, Westview Co-op, Wind Composite Services Group, LLC, Windows Wi-Fi driver (still vulnerable!), Wisconsin Department of Health Services, Wise Payments, Woodruff-Sawyer & Co, WordPress.org, World inquest, Yieldstreet, Zadig & Voltaire, Zaire National Health Laboratory Services, Zerto, Zimbabwe Anti-Corruption Commission, and Zotac have reported hacking or compromises this month.

CDK GlobalCloudflare, OVHcloud, and Xbox Live have suffered from outages this month.

Last months updates broke AuthLite on Domain Controllers, Windows Update, Show Desktop preferences, Windows Taskbar, Windows language packs, and Windows virtualization services.

A new proof-of-concept (SnailLoad) demonstrates how to exploit latency to track a victim’s online activity.

Microsoft’s WSUS driver synchronization will be going away along with WordPad.

The Supreme Court has struck down efforts to hold the federal government responsible for their violations of the first amendment. The US federal government has proven itself impotent to investigate SolarWinds for the most significant hack of all time.

Now for the good news:

The EU Commission has put Meta on notice that their “pay or consent” model breaches EU law.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is about average this month. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates to address 143 vulnerabilities in .NET and Visual Studio, Active Directory Federation Services, Active Directory Rights Management Services, Azure CycleCloud, Azure DevOps, Azure Kinect SDK, Azure Network Watcher, Intel, Line Printer Daemon Service (LPD), Microsoft Defender for IoT, Microsoft Dynamics, Microsoft Graphics Component, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Streaming Service, Microsoft Windows Codecs Library, Microsoft WS-Discovery, NDIS, NPS RADIUS Server, Role: Active Directory Certificate Services; Active Directory Domain Services, Role: Windows Hyper-V, SQL Server, Windows BitLocker, Windows COM Session, Windows CoreMessaging, Windows Cryptographic Services, Windows DHCP Server, Windows Distributed Transaction Coordinator, Windows Enroll Engine, Windows Fax and Scan Service, Windows Filtering, Windows Image Acquisition, Windows Internet Connection Sharing (ICS), Windows iSCSI, Windows Kernel, Windows Kernel-Mode Drivers, Windows LockDown Policy (WLDP), Windows Message Queuing, Windows MSHTML Platform, Windows MultiPoint Services, Windows NTLM, Windows Online Certificate Status Protocol (OCSP), Windows Performance Monitor, Windows PowerShell, Windows Remote Access Connection Manager, Windows Remote Desktop, Windows Remote Desktop Licensing Service, Windows Secure Boot, Windows Server Backup, Windows TCP/IP, Windows Themes, Windows Win32 Kernel Subsystem, Windows Win32K – GRFX, Windows Win32K – ICOMP, Windows Workstation Service, XBox Crypto Graphic Services, and MSRT. This includes security updates. A reboot is required.

Apple released updates for AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Google Chrome OS 126.0.6478.132 and 120.0.6099.315 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AirPods Firmware Update 6A326 is a security update.
https://support.apple.com/HT214111

AirPods Firmware Update 6F8 is a security update.
https://support.apple.com/HT214111

AMD Adrenalin 24.6.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.amd.com/en/support

Beats Firmware Update 6F8 is a security update.
https://support.apple.com/HT214111

Nvidia Driver 475.14 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

TP-Link Archer AX72 v1.60 240426 is a security update.
https://www.tp-link.com/us/support/download/archer-ax72-pro/#Firmware

UniFi U6 Professional 6.6.73 resolves dozens of bugs. This is not a security update.
https://www.ui.com/download/software/u6-pro

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.67.123 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 128.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 126.0.6478.126 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 126.0.2592.87 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.8.3381.46 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.53 resolves a stray field at the end of exported data. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

ProtonMail (Android) 4.0.15 improves security and message header view. This is a security update.
https://proton.me/mail/download

Spark 3.16.7.78552 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.16.7.78551 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.12.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 202.4.5551 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 215.2.0.11.211 is a security update.
https://www.messenger.com/download

FreeFileSync 13.7 adds symlink support and resolves a couple bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 92.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

Microsoft Teams 1.7.00.17051 improves third-party app experience and adds bookable desks. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.3 updates dependencies and resolves several bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.67.0 is a security update.
https://rclone.org/

Signal 7.15.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.10.3 improves linked devices. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.27.9 resolves several bugs and updates dependencies. This is not a security update.
https://syncthing.net/

Technitium DNS Server 12.2.1 resolves a couple bugs. This is not a security update.
https://technitium.com/dns/

Telegram 5.2.3 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.14.3 updates libraries and resolves several bugs. This is not a security update.
https://telegram.org/apps

Trillian 6.5.0.40 resolves dozens of bugs. This should be treated as a security update.
https://www.trillian.im/

Trillian Mac 6.5.0.43 doesn’t provide a change log so should be treated as a security update.
https://www.trillian.im/

Zoom 6.1.1.41705 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.6 resolves a user interface bug. This is not a security update.
https://en.3tene.com/

darktable 4.8.0 adds a color equalizer, canvas enlargement, overlay support, performance improvements and resolves over 50 bugs. This is not a security update.
https://www.darktable.org/

Grayjay 249 adds support for Spotify, YouTube Channel Playlists, Nebula, Odysee, and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

KaraFun Player 2.6.2.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.karafun.com/karaokeplayer/

Plex Desktop 1.96.0.177 resolves a bug displaying Genre. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.64.0.170 updates libraries. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.3.8555 resolves several bugs and adds automatic 64-bit upgrade to 32-bit installs on 64-bit hardware. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.2.02 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PS5 2024.702 resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-06-20 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 24.002.20895 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Premiere Pro 24.5 and 23.6.7 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb24-46.html

Adobe InDesign 19.4 and 18.5.3 are security updates
https://helpx.adobe.com/security/products/indesign/apsb24-48.html

Adobe Bridge 13.0.8 and 14.1.1 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-51.html

Artweaver 7.0.17 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 7.13.0 adds ability to generate a CSV catalog and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

GnuCash 5.8 adds ability to move accounts into sub-accounts of another account. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.05.2 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.4.70904 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Krita 5.2.3 resolves 20 bugs. This is not a security update.
https://krita.org/en/download/

Manager 24.7.7.1713 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.2 resolves a couple bugs. This should be treated as a security update.
https://nextcloud.com/

PDF-XChange Editor 10.3.1.387 adds several new settings and resolves dozens of bugs. This is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240529-R16_17 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240529-R13_14 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.9.1-2 improves CLI and dump support, and fixes macOS builds. This is not a security update.
https://github.com/countercept/chainsaw

FSS 2024.6.20 doesn’t have a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

JShelter 0.18.1 resolves several bugs. This is not a security update.
https://jshelter.org/install/

RogueKiller 15.17.4 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SanDisk PrivateAccess 6.4.11.0 doesn’t provide a change log so should be treated as a security update.
https://support-en.wd.com/app/answers/detailweb/a_id/48025

Stinger 13.0.0.138 adds support for several new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.4 updates libraries and resolves several bugs. This is a security update.
https://tails.net/install/download/index.en.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.0 adds support for new encodings and resolves a compatibility bug. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.8.1 resolves several bugs and updates libraries. This is not a security update.
https://handbrake.fr/

StreamFab 6.1.8.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.35 is a security update.
https://1password.com/downloads/

7-Zip 24.07 improves stability. This is not a security update.
https://www.7-zip.org/

AOMEI Partition Assistant 10.4.1 resolves several bugs. This is not a security update.
https://www.diskpart.com/

Beyond Compare 5.0.0.29773 is a major update, adding dark mode, improved wrapping and table behavior, improved media compare, performance improvements and more. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 2024.6.4 improves legacy migration, administration and self-hosting. This is not a security update.
https://bitwarden.com/

CCleaner 6.25.11131 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z 2.10 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 11.29 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.29.0 resolves several bugs. This is a security update.
https://dngrep.github.io/

Everything Toolbar 1.3.4 resolves several bugs. This is a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3527.65.5 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.58 removes Windows 8.1 downloads. This is not a security update.
https://github.com/pbatard/Fido/releases

FolderChangesView 2.36 adds option to Save All Items. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

FoneTool 2.8.0 adds support for iOS 18, ringtone management and fixes bugs in the ringtone maker. This is not a security update.
https://www.fonetool.com/download.html

Go 1.22.5 is a security update.
https://go.dev/

GoodSync 12.7.2 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.3 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

HWiNFO 8.04 improves hardware support and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

ManageWirelessNetworks 1.14 adds option to set connection mode. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NTLite 2024.7.9997 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1008 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PingInfoView 3.15 resolves IPv6 address parsing and menu configuration. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.82.0 improves stability and resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcessMonitor 4.01 adds color display. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Recuva 1.54.120 adds license changes. This is not a security update.
https://www.ccleaner.com/recuva

SetUserFTA 1.8.2 doesn’t provide a change log so should be treated as a security update.
https://setuserfta.com/

Speccy 1.33.75 adds support for new hardware and improves licensing. This is not a security update.
https://www.ccleaner.com/speccy

Starwind V2V Converter 9.509 adds support for new conversions and improves performance. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

WhyNotWin11 2.6.1.0 resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinGet 1.8.1791 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.88 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.7 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.1.1.11 doesn’t provide a detailed change log so should be treated as a security update.
https://developer.android.com/studio

AutoHotkey 2.0.18 resolves a couple bugs. This is not a security update.
https://www.autohotkey.com/download/

GameMaker Studio 2024.6.1 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.4.205 improves performance, adds several new actions and variables, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.2 resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.3.2 resolves a bug in text parsing. This is not a security update.
https://www.jrsoftware.org/isdl.php

MySQL ConnectorNet 9.0.0 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 18.20.4 is a security update.
https://nodejs.org/en/

Node.js 20.15.1 is a security update.
https://nodejs.org/en/

Node.js 22.4.1 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.91 adds support for several new features. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.16.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.humhub.com/en

ISPConfig 3.2.12 resolves several bugs, improves compatibility, and adds a couple new features. This is not a security update.
https://www.ispconfig.org/ispconfig/download/

Joomla 5.1.2 is a security update.
https://www.joomla.org/

ownCloud Client 5.3.1.14018 resolves a linking bug. This is a security update.
https://owncloud.com/desktop-app/

WordPress 6.5.5 is a security update.
https://wordpress.org/

bbPress 2.6.11 resolves over a dozen bugs. This is not a security update.
https://wordpress.org/extend/plugins/bbpress/

Contact Form 7 5.9.6 resolves a compatibility bug. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.10 resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar 2.7.1 resolves a button bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

NextScripts Social Networks Auto-Poster 4.4.6 is a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Sucuri Security 1.9.1 adds support for configuring the cache-control header. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WPBakery 7.7.2 resolves a couple bugs. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/