Welcome back, Folks!
Today is Patch Tuesday for February, 2022.
It’s only the beginning. February tends to be “patch it once, whoops, patch it again” month most years, so expect another cycle later in the month.
This Month in Technology
Abington Memorial Hospital (dba Jefferson Abington Hospital), dozens of WordPress Themes and Plugins by AccessPress, Aditya Birla Fashion and Retail, Advocates, Inc., Albany Family Dentistry, Albuquerque Public Schools, Allegheny Health Network Home Infusion, LLC, Argo CD, Arnprior Regional Health, AWS Glue, Box, BTC-Alpha, Caring Communities, Chico State, Cisco StarOS, Colorado Department of Human Services, County of Kings (CA), Crypto.com, Delta Electronics, Digital Insurance, LLC doing business as OneDigital, Evos in the Netherlands, Fiondella, Milone & LaSaracina, LLP, Global Affairs Canada, Golden State Dermatology, Goodwill, Greensward Academy, Griggsville-Perry School District, Hensoldt, IDEMIA biometric ID hardware, Independence Blue Cross, International Committee of the Red Cross, iRise Florida Spine and Joint Institute, LLC, KP Snacks, Lympo, McAfee Enterprise (Trellix), various medical devices, Medical Healthcare Solutions, Inc., Medical Review Institute of America, Memorial Health System, Meter, Midland University, Millennium Eye Care LLC, Moncler, Motorola, Multichain, News Corp, publisher of The Wall Street Journal, Nobel Foundation, Oiltanking in Germany, Olympic Games App, OpenSubtitles, Oscar Buckeye State Insurance Corporation, Oscar Health Plan of California, Oscar Insurance Company of Florida, Oscar Insurance Corporation of Ohio, Pace Center for Girls, Panasonic, Pellissippi State Community College in Tennessee, Pennsbury School District, Philadelphia FIGHT Community Health Centers, Polkit, Practolytics LLC, Puma, R.R. Donnelly, Raveco Medical, RedDoorz, SEA-Invest in Belgium, Securitas, Segway, Seneca Family of Agencies, South City Hospital, Spencer Gifts LLC Health and Welfare Benefit Plan, St. Lucie County’s Drug Screening Lab, Swiss Federal Railways, Swissport, Taylor Regional Hospital, Thai University Central Admission System, Thomas Jefferson University Hospital, Inc., Ubiquiti’s UniFi Network, University of Arkansas for Medical Sciences, Upstox, Vantage Holding Company, LLC, Volunteers of America Southwest California, Walgreen Co., Washington Department of Licensing, Wormhole, and Zimbra have been hacked.
GitHub, Discord, and Telegram have suffered major outages.
Phishing is proving to be even more effective against multi-factor authentication (MFA), as I’ve warned for decades. UPnP is still the worst network design feature. Buy an expensive GPU, gift your identity. Firefox’s “private” email relay service has been added to disposable email blacklists. As expected. Target, the premier member of the “hacked every month club“, is releasing the source code for some of their security software. Google Drive is flagging files containing the number “1” as violating copyrights. VPN companies Nord and Surfshark will merge. 11th and 12th generation Intel CPUs will not be able to play Blu-ray UHD disks.
The IRS is now mandating the use of a private third-party in order to access your own IRS information online. But wait, there’s more! The company, id.me, conceals their own identity and hides their WHOIS data. Tax-filers are already being phished with a threat of refunds being cancelled. The worst news: Nvidia has called off its efforts to acquire Arm.
Now for the good news:
The US Department of Justice has indicted 6 India Call Centers for Scams Targeting Seniors. Maybe the amount of scam calls we get will decrease? I doubt it though, considering the vast increase I’ve received in the last month. 🙁
Let’s Get Busy
Now back to our regularly scheduled program.
Patch Tuesday this month is almost back to normal. Well, for now. The typical computer should see roughly 1.8 GB in updates today. Let’s get started.
Microsoft released updates for .NET, Windows, Azure Data Explorer, Kestrel Web Server, Microsoft DNS Server, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft OneDrive, Microsoft Teams, Microsoft Windows Codecs Library, Power BI, Roaming Security Rights Management Services, SQL Server, Visual Studio Code, Windows Common Log File System Driver, Windows DWM Core Library, Windows Hyper-V, Windows Kernel, Windows Kernel-Mode Drivers, Windows Named Pipe File System, Windows Print Spooler Components, Windows Remote Access Connection Manager, Windows Remote Procedure Call Runtime, Windows User Account Profile, Windows Win32K, and MSRT (~1.4 GB). This includes security updates. A reboot is required.
Apple released updates for iOS 15.3 and 15.2.1, iPadOS 15.3 and 15.2.1, tvOS 15.3, watchOS 8.4.1, Safari 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3, and Security Update 2022-001 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.
iOS 15.3 and 15.2.1 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 15.3 and 15.2.1 are security updates. Use Settings, General, Software Update to install the most current update.
tvOS 15.3 is a security update. Use System, Software Update to install the most current version.
watchOS 8.4.1 is a security update. Use the Watch app on your iPhone to install the most current version.
Google Chrome OS 98.0.4758.91 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Important Notes
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
Driver Updates
If you’re using this hardware – these updates are for you.
Display Driver Uninstaller 18.0.4.8 is a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu
Daemon Tools Lite 11.0.0 adds new image support, DD write, and resolves several other bugs. This is a security update.
https://www.daemon-tools.cc/products/dtLite
Logi Bolt App 1.2.6024 adds support for the Logitech Unifying Adapter and resolves several bugs. This is not a security update.
https://support.logi.com/hc/en-us/articles/4418089333655
Logitech Options 9.50.269 is a security update.
https://support.logi.com/hc/en-us/articles/360025297893
Nvidia 473.04 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us
Browser Updates
One or more of these are likely to be of interest to everyone.
Brave 1.35.100 is a security update.
https://brave.com/
Google Chrome 98.0.4758.80 is a security update.
https://www.google.com/chrome/
Microsoft Edge 98.0.1108.43 is a security update.
https://www.microsoft.com/en-us/edge/business/download
Firefox 97 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 91.6 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Vivaldi 5.0.2497.48 is a security update.
https://vivaldi.com/
Email Updates
One or more of these are likely to be of interest to everyone.
Thunderbird 91.5.1 is a security update.
https://www.thunderbird.net/en-US/
Internet Updates
One or more of these are likely to be of interest to everyone.
Mumble 1.4.230 is a major update resolving dozens of bugs, adding many new features and introducing true plugin support. This is not a security update.
https://www.mumble.info/downloads/
Prosody 0.11.13 is a security update.
https://prosody.im/download/start
Telegram 3.5.2 resolves several bugs and improves reactions. This is not a security update.
https://telegram.org/
Trillian Mac 6.4.0.4 improves compatibility and resolves several bugs. This is not a security update.
https://www.trillian.im/
BrowsingHistoryView 2.51 adds Visit Duration and improves Visited From. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html
Dropbox 141.4.3299 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/
FreeFileSync 11.17 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php
Google Drive 55.0 adds integrated desktop search, resolves several bugs and improves performance. This is not a security update.
https://drive.google.com/start
Omada Software Controller 5.0.30 adds newer hardware support, 2FA for Cloud Access, DHCP reservations in Services, and resolves dozens of bugs. This is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/
Syncthing 1.19.0 resolves a bug and improves ignore patterns. This is not a security update.
https://syncthing.net/
Zoom 5.9.3.3169 resolves several bugs, adds new features (and requirements) and controls. This is a security update.
https://zoom.us/
Java 8u321 is a security update.
https://www.java.com/en/download/manual.jsp
Media Updates
These are unlikely to be of interest to most people.
Flickr Downloadr 3.4.5.1 only updates the packager. This is not a security update.
https://flickrdownloadr.com/downloads/
Picard 2.7.3 resolves the launcher bug. This is not a security update.
https://picard.musicbrainz.org/
Plex Desktop 1.40.1.2823 resolves a packaging error in the installer. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Home Theater 1.10.0.2819 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Media Server 1.25.5.5492 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
Game Updates
These are unlikely to be of interest to most people.
Epic Games 13.1.7 resolves a couple bugs and prepares for feature changes. This is not a security update.
https://www.epicgames.com/
GameMaker Studio 2022.1.1.610 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker
Nintendo Switch 13.2.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
Steam 2022.01.20 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0
Office Updates
One or more of these are likely to be of interest to most people.
Adobe After Effects 22.2 and 18.4.4 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb22-09.html
Adobe Creative Cloud Desktop 2.7.0.15 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb22-11.html
Adobe Illustrator 26.0.3 and 25.4.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-07.html
Adobe Photoshop 22.5.5 and 23.1.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-08.html
Adobe Premiere Rush 2.3 is a security update.
https://helpx.adobe.com/security/products/premiere_rush/apsb22-06.html
Artweaver 7.0.11 is a security update.
https://www.artweaver.de/
Atom 1.59.0 resolves several bugs. This is not a security update.
https://atom.io/
Blender 3.0.1 doesn’t provide a changelog so should be treated as a security update.
https://www.blender.org/download/
Inkscape 1.1.2 resolves over 40 bugs, improves stability and reliability. This is not a security update.
https://inkscape.org/release/
LibreOffice Fresh 7.3.0 resolves hundreds of bugs. This is not a security update. The “Fresh” line is beta software and should be avoided in favor of the “Still” line whenever possible.
https://www.libreoffice.org/
LibreOffice Still 7.2.5 resolves almost a hundred bugs. This is not a security update.
https://www.libreoffice.org/
Nextcloud Desktop 3.4.2 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/
Notepad++ 8.3 improves support for large files and resolves several bugs. Be aware there may be plugin stability issues for the near future. This is not a security update.
https://notepad-plus-plus.org/
Scribus 1.5.8 improves dark mode, import, PDF export, and resolves several bugs. This is not a security update.
https://www.scribus.net/
Calibre 5.36.0 improves metadata parsing and resolves several bugs. This is not a security update.
https://calibre-ebook.com/
Kindle for PC 1.34.63103 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc
Security Software Updates
One or more of these is likely to be of interest to most people.
MalwareBytes Anti-Malware 4.5.2 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/
MalwareBytes Anti-Malware Mac 4.14 improves up-sell ability. This is not a security update.
https://www.malwarebytes.com/mac/
OnionShare 2.5 is a security update.
https://onionshare.org/
RogueKiller 15.2.0 adds several new features and cosmetics. This is not a security update.
https://www.adlice.com/download/roguekiller/
Tails 4.27 updates components and libraries. This is a security update.
https://tails.boum.org/install/dvd-download/index.en.html
uBlock Origin 1.41.0 adds dark mode and resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
QubesOS 4.1.0 is a major update, with updated components, improved granular controls, new features and resolves many bugs. This is a security update.
https://www.qubes-os.org/downloads/
Capture Updates
These are unlikely to be of interest to most people.
VideoCacheView 3.09 improves compatibility with new Chromium-based browsers. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html
Converter Updates
These are unlikely to be of interest to most people.
DVDFab 12.0.6.0 resolves several crash bugs. This is not a security update.
https://www.dvdfab.cn/download.htm
Utility Updates
These are unlikely to be of interest to most people.
Agent Ransack 2022.3294 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/
Autoruns 14.08 resolves several bugs. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns
ControlMyMonitor 1.35 adds display filter options. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html
Cygwin 3.3.4 resolves several bugs. This is not a security update.
https://cygwin.com/
DesktopOK 9.61 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 3.0.0 improves the build process and now generates signed packages, and resolves several bugs. This is not a security update.
https://dngrep.github.io/
Everything CLI 1.1.0.23 adds support for long file names. This is not a security update.
https://www.voidtools.com/
Everything Toolbar 0.7.4 resolves a first-boot filter bug. This is not a security update.
https://github.com/stnkl/EverythingToolbar/
Fido 1.28 adds support for Windows 11 21H2 v1. This is not a security update.
https://github.com/pbatard/Fido/releases
FileLocator Pro 2022.3294 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download
Git SCM 2.35.1 resolves dozens of bugs. This is not a security update.
https://git-scm.com/
GoodSync 11.10.3 resolves several compatibility bugs. This is not a security update.
https://www.goodsync.com/
Kingston SSD Manager 1.5.1.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager
NTLite 2.3.3.8585 adds new settings, upgrades components, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/
PowerToys 0.55.1 resolves several bugs and improves reliability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
Process Monitor 3.88 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
Macrium Reflect 8.0.6525 improves media creation, compatibility, and resolves several bugs. This is not a security update.
https://www.macrium.com/reflectfree
RoboForm 9.2.4 improves Basic Auth support and resolves several bugs. This is not a security update.
https://www.roboform.com/
Samsung Magician 7.0.1 doesn’t provide a changelog, so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/
SmartMonTools 7.2 significantly improves field detection and reporting, offers YAML output, drive database extensions, and other fixes. This is not a security update.
https://smartmontools.org/
Sysmon 13.32 improves compatibility. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
TCPView 4.17 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview
VMMap 3.32 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/vmmap
Windows 11 RCT 1.4.0 adds support for newer hardware. This is not a security update.
https://bytejams.com/
WinRAR 6.10 adds support for new formats, improved compatibility, resolves several bugs, and optimizes user interface. This is not a security update.
https://www.rarlab.com/
ZoomIt 5.0 adds support for Windows 11 and resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/zoomit
Developer Updates
These are unlikely to be of interest to most people.
ADB 32.0.0 adds native M1 support. This is not a security update.
https://developer.android.com/studio/releases/platform-tools
Docker Desktop 4.4.4 is a security update.
https://www.docker.com/products/docker-desktop
MySQL ConnectorNet 8.0.28 is a security update.
https://dev.mysql.com/downloads/connector/net/
Node.js 12.22.10 upgrades libraries and time zone information. This is not a security update.
https://nodejs.org/en/
Node.js 14.19.0 updates time zone information, adds Corepack and updates libraries. This is a security update.
https://nodejs.org/en/
Node.js 17.4.0 resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/
TortoiseGit 2.13.0.1 updates requirements, libraries, and resolves dozens of bugs. This is not a security update.
https://tortoisegit.org/
Visual Studio Code 1.64 improves cosmetics, automation, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/
Virtual Machine Updates
These are unlikely to be of interest to most people.
VirtualBox 6.1.32 is a security update.
https://www.virtualbox.org/wiki/Downloads
Web Package Updates
These are likely to be of interest only to web developers.
Drupal 9.2.12 is a security update.
https://drupal.org/download
MailArchiva 8.7.1 improves role functionality and resolves several bugs. This is not a security update.
https://mailarchiva.com/
ownCloud Client 2.10.0.6519 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/
ownCloud Server 10.9.1 improves stability and reliability. This is not a security update.
https://owncloud.org/install/
phpMyAdmin 5.1.2 and 4.9.9 are security updates.
https://www.phpmyadmin.net/
ScreenConnect 21.15.6739.8073 improves automation, triggers, auditing, 2FA timeouts, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download
WordPress 5.9 resolves dozens of bugs and implements front-end editing. This is not a security update.
https://wordpress.org/
Akismet 4.2.2 improves compatibility and resolves several bugs. This is not a security update.
Autoptimize 2.9.5.1 resolves a stability bug. This is not a security update.
BuddyPress 10.0.0 is a major update offering several new features and resolving dozens of bugs. This is not a security update.
Contact Form 7 5.5.4 adds double opt-in support, new action and filter hooks and resolves a bug with the default contact form. This is not a security update.
Duplicator 1.4.4 resolves several bugs. This is not a security update.
Redirection 5.2.3 resolves several bugs. This is not a security update.
Slider Revolution 6.5.15 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/
WooCommerce 6.1.1 resolves dozens of bugs. This is not a security update.
WordPress Zero Spam 5.2.10 is a security update.
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/