Updates 2021-03-09

Welcome back, Folks!

Today is Patch Tuesday for March, 2021.

This Month in Technology

Gab has been hacked at least a couple more times. (Would you trust the security of a Gab-owned bank?)

A new form of “supply-chain” attack demonstrating dependency vulnerabilities has been used against many major vendors, including Microsoft, Apple, Tesla, and dozens more.

32redAccellionAllergy PartnersAppleBombardierCA DMVClubhouse ChatsCovenant HealthCareCSXD-Link devices, Ecuador’s Ministry of Finance and Banco Pichincha, the European Banking AuthorityEXMOExperian (again), France’s Ministry of HealthGeorgetown County (SC), Hipcam (and other baby monitors), HumanaIBM, over a hundred Italian banksKeepChangeKiaKrogerLakehead UniversityMalaysia AirlinesNess Digital EngineeringNinja FormsNgrokNurseryCam, Oxford University, RealPage, RIPE NCC accountsRockwell Automation PLCsMaza, a Russian Cybercrime forum, SingtelSITA (an airline service provider), SolarCityPayPalQualysSendgrid accounts (to send spam – how could anyone tell the difference?!), Sequoia CapitalSignalT-Mobile, TMS, 15 UK schoolsUnderwriters LaboratoriesUniversal Health ServicesVMWare vCenter ServerWashington State Unemployment DepartmentWawa, Apple’s WebKit, and Yandex have been hacked.

According to a study by Bridewell Consulting, 86% of UK critical national infrastructure organizations have experienced cyber-attacks. I think it would be more accurate to present these numbers as, “14% of UKs critical national infrastructure doesn’t have the technology in place to know they were hacked.”

Even more malware related to the SolarWinds hack has been discovered. Since AWS was used for the SolarWinds hack, shouldn’t Amazon shut AWS down, too?

Microsoft is now admitting that Azure and Exchange source code has been compromised by the SolarWinds attackers.

The big news this month is that a vulnerability in Microsoft Exchange (coincidence?) has resulted in over thirty thousand servers being hackedThis is huge. So what did Microsoft do? Microsoft has announced it has changed their policy to crack down on hosted email accounts that receive a lot of email. Sigh.

Another interesting new tactic, bitsquatting, has proved far more effective than one would think. The demonstration allowed them to hijack thousands of requests intended for Microsoft. Used maliciously, this method will cause serious damage.

Censorship has finally made it before the Supreme Court, but Dr. Suess is only the latest target, while Facebook allowed actual genocide, but forbade discussion about news articles, Google acknowledges their efforts to perform censorship “better,” and Firefox has released a new extension to aid in censorship, while Streamlabs waited for the payment to clear before censoring one paid user. The Beverly Hills Police Department is using the novel approach of playing copyrighted music to prevent their actions from being observed, and Congress is now violating federal law by demanding censorship of media.

It amazes me that people actually trust “fact checkers.” Censorship doesn’t work!

Poland isn’t taking it anymore. Italy is fining Facebook, too.

Tor was hacked years ago, but new implementations (like that in Brave) are still popping up with their own problems.

Another 21 million VPN users were taught the lesson about the difference between customers and products. If you’re not the customer, you’re the product.

Instagram (like parent Facebook) is sharing everything you do with law enforcement. So is Apple’s iCloud.

The Windows 10 implementation of web fonts can be used to hack you. Apple M1 chips (less than 6 months old) have been targeted with several pieces of malware, but we should trust the MORPHEUS chip, right? BTW, M1 Macs are eating their (soldered in) SSDs, too.

It’s not just Google. Apple can disable all of your accounts and services on a whim, too. Or for your name.

Amazon has been caught duplicating products, can they be trusted to sell your products or host your content?

Is half a billion dollars enough to get you to rethink a bad user interface?

The whole point of unified interfaces and consistent logins is to ensure a familiar experience so you know whether you’re visiting the real site. Attackers take advantage of this to build their own imagekits and forms, even using their own fake security measures to convince you you’re on the “real” site since they are forced to validate that *you* are really you.

The malicious Gootkit Trojan can help the SEO of your websites. Just not for you.

Never reuse passwords. Or hard-code them. And don’t use obvious passwords either. But if you do, don’t blame a fabricated intern.

Apple claims that a new (available since 2019, but only recently launched on iOS) application execution technique will make it more difficult for iPhones to be hacked,
while yet another iPhone bug has demonstrated to successfully jailbreak every active iOS/iPhone line.

North Dakota and Arizona may save the Internet by forbidding the ability for vendors to force the use of their own app stores.

While many treat Google’s lockdown of their data APIs in Chromium as a bad thing, I see it as getting Google further out of Chromium – which can only be a net positive.

AT&T and Frontier have consistently abandoned phone networks in California, but we knew that: AT&T said they were going to do this when Title II passed. Sometimes the only thing to make a company following through is enough bad press.

Deepfakes for everyone! While most focus on Deepfakes are about their potential for evil, they can be used for good.

On patents: Intel owes $2.2 billion for saving power, and Apple has violated several biometric patents.

Dr. Fauci has known all along that the PCR test was useless. The WHO has launched their own COVID-specific version of “we investigated ourselves and found we did nothing wrong.” The dystopian concept of vaccine passports has been struck down by the Council of Europe. Unfortunately their power is mostly cosmetic.

The CDC inflated “COVID deaths” over 1600% in violation of multiple federal laws. CDS is real though. COVID has been “really good for CNN ratings,” though. Thousands of people have died in the US from the experimental COVID “vaccines,” (and elsewhere) or suffered from other harm. Many more internationally. Quarantine internment camps are a real thing. People are being harmed from the tests (or forcefully vaccinated), too. You can do something about it. (They sure won’t.) BTW, the CDC has had to remove their claim that vaccines don’t cause Autism.

Pennsylvania, New Mexico, and Texas have joined in on efforts to end lockdown insanity.

Don’t be selfishMasks still don’t work, but masks can kill you. (At least they won’t rape you.)

Keep the pedophile, but ban the words.

Green Energy killed Texas. It shouldn’t have been allowed to happen.

Governors Cuomo and Whitmer are finally being taken to task on their “accidental” murder of thousands of nursing home residents. Don’t expect the President to get involved. Genocide is just “different norms” to him. Instead of those in “National Security” investigating this, they’re convinced their time is better used calling half the population terrorists.

Facebook has had more than 20 million child sex abuse incidents, more than 20x greater than any other website, including Google. Nevertheless, the masses aren’t calling for cancelling Facebook. It’s tolerance when “they” do it.

Speaker Pelosi (who is responsible for security at the House) refused National Guard assistance, supposedly over “optics“, before the staged January 6riot“. Chris Wray lied to Congress about Antifa dressing as Trump supporters. So did former Deputy Attorney General Rod Rosenstein. They’ve knowingly falsified FISA warrants. So is it really any surprise there are calls to shut down the FBI?

Some states are finally allowing election audits, with evidence of 6% discrepancies in every single race, others as much as 78%, and other serious math problems, while others refuse to release ballots for inspection, purge election data, or allow the FBI to shred ballots without oversight or inspection. Then they poison the people they are forcing to guard them.

Is it any surprise that their Section 230 “reforms” are designed to completely silence online discourse? After all, the President doesn’t understand what “clandestine” means. (Quick tip: If you announce your intentions on the MSM, it’s not clandestine!)

The Babylon Bee is probably the best news site on the Internet, not because they actually have any news, but because they shine a light on the fraud that passes for news today.

Now for the good news:

California has finally been allowed to implement their own brand of Net Neutrality. I strongly oppose Net Neutrality, as getting government involved in something (even under the auspices of protection) always results in unintended consequences. This is, fortunately, no exception. CA Net Neutrality can now be used by myself and others to target Big Tech to penalize them for their continuous acts of censorship.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Big Sur 11.2.3, watchOS 7.3.2, Safari 14.0.3, iOS 14.4.1 and iPadOS 14.4.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.4.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 14.4.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.3.2 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 88.0.4324.186 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.0) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v2009) is huge (about 18% larger than v2004, which was 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

BullZip PDF Printer 12.2.0.2902 resolves several bugs. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Display Driver Uninstaller 18.0.3.7 improves cleanup and adds network path support. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DirectX 9.29.1974.1 doesn’t provide a changelog, so should be treated as a security update.

nVidia 461.72 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.21.74 resolved several bugs. This is a security update.
https://brave.com/

Google Chrome 89.0.4389.82 is a security update.
https://www.google.com/chrome/

Microsoft Edge 89.0.774.48 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 86.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.8.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 3.6.2165.40 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.8.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Mumble 1.2.19 is a security update.
http://wiki.mumble.info/wiki/Main_Page

Prosody 0.11.8 is a security update.
https://prosody.im/download/start

Trillian 6.4.0.5 resolves a settings bug. This is not a security update.
https://www.trillian.im/

Dropbox 117.4.378 does not provide a changelog so should be treated like a security update.
https://www.dropbox.com/

FreeFileSync 11.8 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Zoom 5.5.13142.0301 resolves several bugs, improves grid view, and better indicates when content is being shared. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.12 adds 3 new types of motion, show/hide shortcut, and resolves several bugs. This is not a security update.
https://en.3tene.com/

Flickr Downloadr 3.3.4.1 updates the Docker image. This is not a security update.
https://flickrdownloadr.com/downloads/

Office Updates

One or more of these are likely to be of interest to most people.

Atom 1.55.0 allows git configuration without a repository. This is not a security update.
https://atom.io/

IcoFX 3.5.1 resolves several bugs. This is not a security update.
https://icofx.ro/

LibreOffice Fresh 7.1.1 resolves almost a hundred bugs. Remember that this is beta software, so should be avoided for the stable version whenever possible. This should be treated as a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.1.3 is a security update.
https://nextcloud.com/

Notepad++ 7.9.3 adds new folder features that now prevent it working on Windows XP. If you are still running XP you should really consider switching to Linux, but if you must continue to use XP then use Notepad++ 7.9.2. This is not a security update.
https://12pd.com/click?npp32

VideoCleaner 5.8 improves Matrix, Sharpening and Mask features. This is not a security update.
https://videocleaner.com/download.html

Adobe Connect 11.2 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-19.html

Adobe Creative Cloud Desktop Application 5.4 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-18.html

Adobe Framemaker 2020.0.2 is a security update.
https://helpx.adobe.com/security/products/framemaker/apsb21-14.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.16 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

OpenSSL 1.1.1j is a security update.
https://www.openssl.org/source/

RogueKiller 14.8.5 updates core and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Wireless Network Watcher 2.25 improved compatibility with high-DPI. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 3.06 adds support for the new cache partitioning structure in chromium-based browsers. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.16.1 resolves several bugs and adds ARM support. This is not a security update.
https://12pd.com/click?makemkv

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8 adds native M1 support and resolves dozens of bugs. This is a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.6.793 improves performance and resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

CCleaner 5.77.8521 improves cleaning and resolves several bugs. This is a security update.
https://www.ccleaner.com/

ControlMyMonitor 1.28 improves compatibility with high DPI. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Coreinfo 3.52 adds reporting for CET (shadow stack). This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/coreinfo

Cygwin 3.1.7 resolves several bugs. This is not a security update.
https://cygwin.com/

Dell Command Update 4.1 is a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 8.66 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Eraser 6.2.0.2992 doesn’t provide a changelog so should be treated as a security update.
https://eraser.heidi.ie/download/

Everything Toolbar 0.6.2 adds an installer, drag & drop support, elevation support, and more. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Homedale 1.93 adds an option to set the gps baud rate from the command line. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 3.01 resolves a bug in screenshot generation. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.0.0.7820 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSFMount 3.1.1000 updates drivers and improves CLI support. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

PointerStick 5.05 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

QuickSetDNS 1.31 adds option to start hidden. This is not a security update.
https://www.nirsoft.net/utils/quick_set_dns.html

TeamViewer 15.15.5 was released. The TeamViewer release notes have been unavailable for months now, so while it might be a security update, it would be safer to remove TeamViewer until these issues are resolved.
https://www.teamviewer.com/en/download/windows/

TraceRouteOK 2.42 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinScan2PDF 6.91 adds support for multi-page TIF and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.37 improves compatibility, refresh behavior, and resolves several bugs. This is not a security update.
https://wiztreefree.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.33.05 resolves several bugs and improves compatibility. This is not a security update.
https://www.autohotkey.com/download/

Node.js 12.21.0 is a security update.
https://nodejs.org/en/

Node.js 14.16.0 is a security update.
https://nodejs.org/en/

Node.js 15.11.0 resolves dozens of bugs. This is a security update.
https://nodejs.org/en/

TortoiseSVN 1.14.1 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.54 resolves an extension dependency bug. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.11.3 resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.8.0 adds several new features and improves compatibility. This is not a security update.
https://www.adminer.org/en/

Docker Desktop 3.2.1 updates the Docker Engine. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.1.5 resolves dozens of bugs. This is not a security update.
https://drupal.org/download

HumHub 1.8.0 adds a bunch of new features, improves permissions, brute force delays, style and administration improvements, and resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 3.9.25 is a security update.
https://www.joomla.org/

MailEnable 10.32 resolves several bugs and adds LDAP support. This is not a security update.
https://www.mailenable.com/

Nextcloud Server 21.0.0 improves performance (up to 10x!), collaboration, groupware and more. This is not a security update.
https://nextcloud.com/

OpenPetra 2021.02 adds several new features, improvements, and resolves bugs. This is not a security update.
https://www.openpetra.org/

phpList 3.6.1 improves short URLs, PHP8 support, and security improvements. This is a security update.
https://www.phplist.org/

phpMyAdmin 5.1.0 resolves several bugs, improves compatibility, and adds several new options. This is not a security update.
https://www.phpmyadmin.net/

ScreenConnect 21.3.2160.7699 resolves several bugs, renamed End to Delete, and improves compatibility. This is not a security update.
https://www.connectwise.com/software/control/download

YOURLS 1.8.1 improves IDN, UTF8, time zone, and PHP8 support, removes support for PHP 7.2, and resolves several bugs. This is not a security update.
https://yourls.org/

WordPress 5.7 resolves several bugs and adds a few new features, improving accessibility, and (finally) adding a feature to update HTTP to HTTPS links throughout your site when you switch to HTTPS. This is not a security update.
https://wordpress.org/

Akismet 4.1.9 improves handling of pingbacks in XML-RPC calls. This is not a security update.

BuddyPress 7.2.0 resolves several bugs. This is not a security update.

Conditional Widgets 3 improves translation support. This is not a security update.

Contact Form 7 5.4 adds Sendinblue support, updates libraries and improves reliability and compatibility. This is not a security update.

Social Post Feed 2.19 improves error handling and reporting, cleanup, resolves several bugs and updates libraries. This is not a security update.

myStickymenu 2.5.1 improves instructions and compatibility. This is not a security update.

Postie 1.9.55 improves compatibility and removes legacy image sizing feature. This is not a security update.

Really Simple CAPTCHA 2.1 improves hash comparison. This is not a security update.

W3 Total Cache 2.1.1 resolves several bugs and adds information links and ogg caching support. This is not a security update.

WooCommerce 5.1.0 is a major update. This version improves compatibility, localization, and resolves dozens of bugs. This is not a security update.

WordPress Zero Spam 5.0.9 resolves several bugs and improves spam detection. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-01-12

Welcome back, Folks!

Today is Patch Tuesday for January, 2021.

This Month in Technology

By now you’re probably very aware with the SolarWinds “hack” since it was 24/7 news only a month ago, though mostly conjecture. We now know they were hacked over a year before a third-party (FireEye) pointed it out to them, and the malware remained on their servers weeks after it was identified.

What we’ve learned of it over the last month is a rich reminder of do’s and don’ts:

  • Don’t trust multi-factor authentication – it’s not nearly as effective at preventing logins as you’ve been lead to believe.
  • Don’t take over devices you can’t exploit quickly – don’t expose yourself wideband for 0.2%.
  • Do use a strong, unique password for everything – never something as absurd as “solarwinds123“.
  • Do modify your firewall to eliminate automatic whitelists for government IP addresses.
  • Do regular checkups – you never know what you’re going to find.

Don’t worry, though, they’ve hired a political hack to CYA!

Austin City, the City of CorneliaCity of EllensburgIndependence City (Kansas), Chatham County (North Carolina), Huntsville City Schools (Alabama), Jefferson County (Kentucky), Subway, Intel’s Habana LabsMicrosoftFireEye, the United NationsMaryland’s GBMC HealthCare, the US Dept of JusticeNissanLivecoinSpotifyIndiGo, various Israeli companies, the US Judiciary case file system, and many gaming companies have all been hacked.

Security issues or backdoors were found in Zyxel firewalls, Typo3Android BluetoothGlassdoorNintendo 3DSMicrosoft 365Google Titan security keys, Signal App cryptography, Starbucks mobile, and terabytes of secrets and databases have been dumped online.

Point-of-sale hardware has a “service mode” with a default password, malware is fingerprinting and mapping networks using the MAC address, Smart Doorbells are still a bad idea, Gionee has been infecting their own budget smartphones for kickbacks, and Google is still the easiest way to hack Google.

Ticketmaster hacked their competition 7 years ago and is only now paying a fine for it, Twitter is being fined almost half a million Euros for its breach handling, and Sabre Corp has now settled with 27 states over data breach.

WhatsApp won’t let you use it if you don’t want it to have your data tied to the rest of Facebook. The bigger you are, the bigger the target is on your back.

The “secure communication” tool Telegram tells everyone your precise location if you enable location support. One of my favorite browser extensions, The Great Suspender, changed hands in 2020 and the new publisher has recently been caught using it to distribute malware under the guise of analytics. Shopify, BigCommerce and other large sales platforms are being targeted with a card skimmer.

Mozilla (creator of Firefox and Thunderbird) wants the entire Internet to be used to censor certain publishers (that’s a bad thing), which is sad since they recently dropped support for PWAs (that’s a good thing).

Speaking of censorship and cancel culture, a potential new federal banking rule could put an end to the social/financial terrorism employed by cancel culture devotees. However, Big Tech censorship is at an all-time high in the wake of “riots” that were tame for the last year.

Corellium is protected by Fair Use and Tim Cook is going to have to testify more than a mere 4 hours about how his elimination of competition and closed ecosystem aren’t “really” a monopoly.

Ledger WalletT-Mobile (yet again), Amazon partner JuspayUbiquitiNintendo21 ButtonsSangoma TechnologiesDental Care AllianceKoei Tecmo, and Apex Laboratory all suffered data leaks/breaches.

Zoom, however, willingly shared their US user data with China.

Facebook’s recent Instagram hack exposed a massive click farm.

Google has had several service outages in the last month, as has Apple and even #Slack.

WinZip is vulnerable to a MitM attack (dude, no SSL, really?!).

Google broke SMS on many Android devices, your RAM can be used to exfil data from your device, Apple iPhone assembly plant Wistron in India has been suspended after a riot causes $60 million in damages. That may be a good thing, though, since the Apple MagSafe chargers can deactivate pacemakers.

macOS Preview is damaging PDFs (again).

Apple has removed the ability to download combo updates for Big Sur. This is going to cause serious security problems for the vast majority of the world that doesn’t have Bay Area bandwidth available to them.

In a good move, Apple has upset Facebooks advertising ecosystem by preventing certain data collection and use on their latest platforms, even Google is trying to figure out how to get around the new privacy requirements.

Why don’t I trust government? It’s hard to pick just one reason, but this month has many examples. Government employees tasked with preserving election data call for its mass deletion, or “accidentally” delete the security log files, while ignoring hundreds of pages of evidence and “moving the goalposts.”

The FBI has been hiding Seth Rich’s laptop while claiming they didn’t have it, public schools are purchasing hacking tools to get the data off student’s phones, mass data collection never ends, agencies fine you for helping during a crisis or being in a car without permission, while they hack journalist’s phones and run pedophile rings out of large white government buildings in DC. Nevertheless, you should trust the math and not look behind the curtain. Or else.

By the way, streaming content that you don’t have rights to is now a felony thanks to a nearly 6,000 page bill passed without anyone reading itHypocrisy is their bread and butter. Which is why they have such religiously held beliefs that violate all common sense.

Now for the good news:

It is now possible to integrate Everything into the Windows taskbar!

Starlink is approved for use in the UK, opening the door to true worldwide broadband.

Let’s Get Busy

Now back to our regularly scheduled program.

Adobe Flash Player is finally dead! There will be no more security updates released for Flash, and it’s probably the application single-most responsible for infections world-wide over the last 20 years, so it should be removed immediately. Use the utility below to remove it.
Win: https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-windows.html
Mac: https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-mac-os.html

Patch Tuesday this month is pretty big. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, and MSRT (~ 1.6 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, Safari 14.0.2, macOS Server 5.11, macOS X Combo Update 10.15.7, Brother Printer Drivers 4.1.1 and HP Printer Drivers 5.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.3 and iOS 12.5.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 14.3 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.2 and watchOS 6.3 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 14.3 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 87.0.4280.142 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.0) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v2009) is huge (about 18% larger than v2004, which was 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Crucial Storage Executive 6.09 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.3.5 improves removal of various artifacts. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

nVidia 461.09 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.18.78 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 87.0.4280.141 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 87.0.664.75 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 84.0.2 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/

Firefox ESR 78.6.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/

Iridium 2020.11 is a security update (but still not patched to the current Chromium security updates). Use Menu, Help, About to install the most current version.
https://iridiumbrowser.de/

Vivaldi 3.5.2115.87 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.6.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Facebook Messenger 20201207 is a security update, but is still a month behind the current chromium security level. You should remove Facebook Messenger if you have it installed.
https://www.messenger.com/download

Trillian 6.4.0.2 resolves several bugs. This is not a security update.
https://www.trillian.im/

curl 7.74.0 is a security update.
https://curl.haxx.se/windows/

Dropbox 112.4.321 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.52.0.5 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.5 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Minds 4.7.0 improves data use and channel header, restyles posts, and resolves several bugs. This is not a security update.
https://www.minds.com/mobile

Npcap 1.10 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Technitium DNS Server 5.6 adds dynamic configuration application, adds cleanup options, block list refresh intervals, forced refresh, and resolves many other bugs. This is not a security update.
https://technitium.com/dns/

Zoom 5.4.59931.0110 adds ability to block insecure participants, force authentication, silence notifications when sharing, and management improvements. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Adobe FrameMaker 2020.0.1 doesn’t provide a changelog so should be treated as a security update.
https://supportdownloads.adobe.com/detail.jsp?ftpID=7061

Adobe Bridge 11.0.1 is a security update.
https://helpx.adobe.com/security/products/bridge/apsb21-07.html

Adobe Captivate 2019 11.5.1.499 hotfix 1 is a security update.
https://helpx.adobe.com/security/products/captivate/apsb21-06.html

Adobe InCopy 16.0 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-05.html

Adobe Campaign Classic Gold Standard 11, 20.3.3.9234, 20.2.4.9187, 20.1.4.9126, 19.2.4.9082, and 19.1.8.9039 are security updates.
https://helpx.adobe.com/security/products/campaign/apsb21-04.html

Adobe Animate 21.0.2 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-03.html

Adobe Illustrator 25.1 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb21-02.html

Adobe Photoshop 22.1.1 is a security update.
https://helpx.adobe.com/security/products/photoshop/apsb21-01.html

darktable 3.4.0 resolves over 100 issues and adds several new features. This is not a security update.
https://www.darktable.org/install/

Flickr Downloadr 3.3.3.2 resolves a couple bugs. This is not a security update.
https://flickrdownloadr.com/downloads/

Picard 2.5.6 resolves several bugs.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.12.21 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PlayStation PS3 4.87 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

PlayStation PS4 8.03 adds option to disable Game Chat Audio. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PlayStation PS5 20.02-02.30.00 resolves PS4 transfer bugs, text input and Wi-Fi stability issues, and improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Interactive Calendar 2.2 adds color schemes, resolves search issues, improves stability & performance, and fixes several bugs. This is not a security update.
https://www.csoftlab.com/calendar

LibreOffice 7.0.4 resolves over a hundred bugs and is now the new general release. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.1.1 resolves dozens of bugs and improves compatibility. This is not a security update.
https://nextcloud.com/

Notepad++ 7.9.2 resolves over three dozen issues including performance and stability. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.14 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

Gpg4win 3.1.15 improves AD support and resolves a random security key selection bug. This is a security update.
https://www.gpg4win.org/download.html

KeePass 2.47 resolves several bugs, improves search and options. This is not a security update.
https://keepass.info/

NSudo 8.0.1 updates libraries and adds translations. This is not a security update.
https://github.com/M2Team/NSudo/releases/latest

RogueKiller 14.8.3 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.32.4 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Wireless Network Watcher 2.23 updates internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2021.1.0 improves transparency handling, scaling improvements, and resolves several bugs. This is not a security update.
https://12pd.com/click?snagit

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.1.5 adds new models and profiles, improved Enlarger AI handling. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 4.7 adds an option to import and export templates, improved reliability, scanning, and read handling, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.15.4 improves compatibility, implements seamless join of TrueHD streams, and resolves bugs. This is not a security update.
https://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

BulkFileChanger 1.72 adds “Photo – Date Taken” option. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

CCleaner 5.75.8238 adds import for “Cookies to Keep” option, and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

ControlMyMonitor 1.27 adds switches for turning on, off, and toggling on/off state. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Dell Command Update 4.0 adds support for DCH drivers, adds a filter for Security updates, and improves user interface. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 8.38 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dupeGuru 4.1.0 now uses tabs instead of windows, adds cosmetic fixes and options, and resolves several bugs. This is not a security update.
https://dupeguru.voltaicideas.net/

Etcher 1.5.113 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything 1.4.1.1003 resolves issues with the exit switch, improves shortcuts and autofocus. This is not a security update.
https://www.voidtools.com/

GoodSync 11.5.4 resolves several bugs. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 2.71 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 1.8.0 improves usability. This is not a security update.
https://lessmsi.activescott.com/

MS ISO Downloader 8.46 adds new builds for Office 2019 for Mac, more Dell models and ISO Tools hash improvements. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 2.0.0.7756 resolves several bugs and improves controls. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.1 resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 5.01 improves rendering. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Process Monitor 3.61 adds monitoring for various registry APIs and resolves a query output bug. This is not a security update.
https://live.sysinternals.com/

PsExec 2.21 is a security update.
https://live.sysinternals.com/

Sysmon 13.00 adds image tampering events and resolves several bugs. This is not a security update.
https://live.sysinternals.com/

TaskSchedulerView 1.65 adds columns for Task File Created/Modified. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.13.6 is released – but their changelog is on their community site (forum) which is currently down and redirecting to a third-party site. The new build may be a security update, but I recommend disabling TeamViewer completely for the near future just to be safe.
https://www.teamviewer.com/en/download/windows/

TraceRouteOK 2.31 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WakeMeOnLan 1.87 updates the internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WifiChannelMonitor 1.66 adds option to copy clicked cell and updates MAC addresses file. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.67 adds window resizing and pagination to the properties window, and adds wildcard filter support. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 6.41 improves duplex support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WirelessKeyView 2.21 improves display and adds QR Code view (F2). This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

Developer Updates

These are unlikely to be of interest to most people.

Node.js 12.20.1 is a security update.
https://nodejs.org/en/

Node.js 14.15.4 is a security update.
https://nodejs.org/en/

Node.js 15.5.1 is a security update.
https://nodejs.org/en/

Redemption 5.26.0.5872 adds ability to remember SMTP passwords, and resolves several bugs. This is not a security update.
http://www.dimastr.com/redemption/

Visual Studio Code 1.52.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Docker Desktop 3.0.4 resolves a stability bug. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.1.2 updates libraries and resolves several bugs. This is not a security update.
https://drupal.org/download

Joomla 3.9.24 is a security update.
https://www.joomla.org/

Nextcloud Server 20.0.4 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

OpenPetra 2020.12 removes support for SQLite, improves Find, Type Ahead, and resolves several bugs. This is not a security update.
https://www.openpetra.org/

phpList 3.6.0 adds blacklisting hook, and counter limits. This is not a security update.
https://www.phplist.org/

phpMyAdmin 5.0.4 resolves several bugs. This is not a security update.
https://www.phpmyadmin.net/

ConnectWise Control 21.1.2009.7678 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.6 improves layout flexibility, adds new block patterns, captions, new default theme, and improved auto-update capabilities. This is not a security update.
https://wordpress.org/

Akismet 4.1.8 resolves a couple bugs. This is not a security update.

Autoptimize 2.8.1 resolves several bugs. This is not a security update.

BuddyPress 7.1.0 resolves two bugs. This is not a security update.

Contact Form 7 5.3.2 is a security update.

Social Post Feed 2.18.1 resolves several bugs. This is not a security update.

Interactive World Map 3.1.9 improves compatibility. This is not a security update.

myStickymenu 2.4.9 resolves a couple bugs. This is not a security update.

W3 Total Cache 2.0.1 resolves several bugs. This is not a security update.

Widgets on Pages 1.5.0 is a security update.

WooCommerce 4.9.0 resolves dozens of bugs. This is not a security update.

Show IDs 1.1.6 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2019-08-13

Hi, Folks!

Today is Patch Tuesday for August 2019 and it’s huge. It was a pretty big month for security news, too.

This month demonstrates several points I’ve been making for years:

1) Often the addition of yet another antivirus actually weakens your security. With Windows Defender scoring a perfect 100 there’s no good reason to install one of the “free” or even paid alternatives. Remember that there are only three parties to an exchange: the vendor, the customer, and the product. If you’re not selling or paying for a service, you’re the product.

2) Everything will be hacked eventually. Capital One and Binance demonstrate that even those tasked with the highest levels of security can be bribed or make mistakes, and since all encryption is weighted only by time and resources that are becoming ever-cheaper, assume anything you share will inevitably be compromised, even if you didn’t put it online yourself.

3) It isn’t just computers and phones that can be hacked. Everything from cameras, to airplanes, to Navy destroyers, and much more are also vulnerable.

4) The gatekeepers of “reasonable” vulnerability disclosure are as responsible as anyone else for zero-day exploits being exposed.

That’s enough horror stories for now. Let’s get back to our regularly scheduled program. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates for Windows, .NET, Edge, Internet Explorer, Flash, and MSRT (~2 GB). This includes security updates. TWO reboots are required.

Apple released updates for iOS 12.4, macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, Safari 12.1.2, watchOS 5.3, tvOS 12.4, iCloud for Windows 7.13, iCloud for Windows 10.6, and iTunes for Windows 12.9.6. These are security updates. Use Apple Software Update to install the most current versions.

iOS 12.4 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 5.3 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 12.4 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 76.0.3809.102 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 32.0.0.238 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of Windows 10 (1903) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6 GB through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.1.7 resolves bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

nVidia 431.60 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

BullZip PDF Printer 11.10.0.2761 adds print redirection and improves compatibility. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Crucial Storage Executive 5.02 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/usa/en/support-storage-executive

Intel Driver and Support Assistant 19.7.30 resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 76.0.3809.100 is a security update. Use Menu, Help, About to install the most current version.

Firefox 68.0.1 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.6.1566.49 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.25 adds search-in-attachments option. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 60.8.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Trillian 6.2.0.11 resolves several bugs. This is not a security update.
https://www.trillian.im/

Trillian Mac 6.2.0.18 resolves several bugs. This is not a security update.
https://www.trillian.im/

BrowsingHistoryView 2.21 adds option to use local time for time range. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

FileZilla Client 3.44.1 resolves several bugs, adds search to Site Manager, and adds warnings to insecure connections. This is not a security update.
https://filezilla-project.org/

FreeFileSync 10.14 enforces TLS for all endpoints and resolves several bugs. This should be considered a security update.
https://www.freefilesync.org/download.php

MaxMind GeoIP 201908 is a data refresh.
https://dev.maxmind.com/geoip/

Nmap 7.80 includes an updated Npcap, adds NSE scripts and resolves several bugs. This is a security update.
https://nmap.org/

Npcap 0.9982 is a security update.
https://nmap.org/npcap/

PuTTY installer 0.72 resolves several bugs. This is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

WinSCP 5.15.3 resolves several bugs. This is a security update.
https://winscp.net/eng/index.php

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.9.6 is a security update.
https://www.apple.com/itunes/download/

Game Updates

These are unlikely to be of interest to most people.

Lego Digital Designer 4.3.12 doesn’t provide a changelog so should be treated as a security update.
https://www.lego.com/en-us/ldd

Steam 2019.08.06 resolves several bugs. This is a security update. Use Steam to update Steam.

PlayStation PS4 6.72 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

RetroPie 4.5.1 improves compatibility with RPI4 and reverts the kernel to improve stability. This is not a security update.
https://retropie.org.uk/

SteamOS Installer 2019-07-17 is a security update.
https://store.steampowered.com/steamos/download/?ver=custom

Office Updates

One or more of these are likely to be of interest to most people.

Atom 1.40.0 resolves several bugs. This is not a security update.
https://atom.io/

Artweaver 7.0 improves brush handling, simplified presets, Windows Ink Pen support, improved update, and resolves several bugs. This is not a security update.
https://www.artweaver.de/

Krita 4.2.5 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Still 6.2.5 is a major update to LibreOffice Still, and adds several features and improved stability. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 6.3.0 is a major new release with improved integration, performance improvements, and many new features. This is not a security update.
https://www.libreoffice.org/

Paint.net 4.2.1 adds HEIC and JPEG XR support, resolves several bugs. This is not a security update.
https://www.getpaint.net/

Adobe Creative Cloud Desktop 4.9 is a security update.
https://www.adobe.com/creativecloud/catalog/desktop.html

Adobe Photoshop CC 19.1.9 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Adobe Photoshop CC 20.0.6 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Adobe Experience Manager hotfix 30379 is a security update for AEM 6.4 and 6.5.
6.4: https://www.adobeaemcloud.com/content/companies/public/adobe/packages/cq640/hotfix/cq-6.4.0-hotfix-30379
6.5: https://www.adobeaemcloud.com/content/companies/public/adobe/packages/cq650/hotfix/cq-6.5.0-hotfix-30379

Adobe Acrobat DC 2019.012.20036 is a security update. Use Help, Check for Updates to get the most current version.

Adobe Acrobat Reader DC 2019.012.20036 is a security update. Use Help, Check for Updates to get the most current version.

Acrobat 2017 2017.011.30144 is a security update. Use Help, Check for Updates to get the most current version.

Acrobat Reader DC 2017 2017.011.30144 is a security update. Use Help, Check for Updates to get the most current version.

Acrobat DC 2015.006.30499 is a security update. Use Help, Check for Updates to get the most current version.

Acrobat Reader DC 2015.006.30499 is a security update. Use Help, Check for Updates to get the most current version.

Adobe Prelude CC 8.1.1 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Adobe Premiere Pro CC 13.1.3 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Adobe Character Animator CC 2.1.1 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Adobe After Effects CC 16.1.2 is a security update. Use Creative Cloud Desktop to install the most current version (after patching the security issues in Creative Cloud Desktop).

Security Software Updates

One or more of these is likely to be of interest to most people.

QubesOS 4.0.2 updates kernel and TemplateVM components. This is not a security update.
https://www.qubes-os.org/downloads/

Java 8u221 is a security update. If you’re not 110% sure you need Java, remove it instead.
https://www.java.com/en/download/manual.jsp

Gpg4win 3.1.10 resolves a security bug.
https://www.gpg4win.org/download.html

RogueKiller 13.4.2 resolves several bugs. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

RouterPassView 1.86 adds support for additional hardware. This is not a security update.
https://www.nirsoft.net/utils/router_password_recovery.html

TinyWall 2.1.11 improves compatibility and resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2019.1.3 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

Stop using CDex. CDex now includes malware as part of the installation, so should be treated as untrustworthy. Even if the accessory malware is removed, any developer willing to include malware should be assumed to be malicious and the core software likely has many other security issues and should be avoided completely. Again, remove CDex.

DVDFab 11.0.4.2 adds support or new encodings, improves compatibility, greatly improves subtitle parsing. This is not a security update.
http://www.dvdfab.cn/download.htm

FFmpeg 4.2 is a new major build, adding many filters and decoders and improving performance. This is not a security update.
https://ffmpeg.org/download.html

Education updates

One or more of these are likely to be of interest to most people.

e-Sword 12.0 adds themes and low-light display support, and makes hundreds of other refinements and bug fixes. This is not a security update.
https://www.e-sword.net/

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.6.0 resolves several bugs. This is not a security update.
https://12pd.com/click?rf

1Password for Mac 7.3.2 improves stability. This is not a security update.
https://1password.com/downloads/mac/

Bitcoin 0.18.1 adds new features, resolves bugs, and improves performance. This is not a security update.
https://bitcoin.org/en/download

BulkFileChanger 1.65 adds support for changing timestamps within mp4 and mov files. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

DesktopOK 6.45 adds uninstall and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

GoodSync 10.10.5 resolves several bugs and changes licensing behavior (again).
https://12pd.com/click?goodsync

IsMyHdOK 1.81 improves support for newer hardware. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NirCmd 2.86 resolves a bug with the elevate command. This is not a security update.
https://www.nirsoft.net/utils/nircmd.html

NTLite 1.8.0.7080 updates components and improves compatibility. This is not a security update.
https://www.ntlite.com/download/

OSFMount 3.0.1005 adds physical/logical emulation options and resolves a bug. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

OSForensics 7.0.1001 adds many new features and resolves bugs. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 3.66 resolves a bug. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Rufus 3.6 adds support for persistent partitions, improves compatibility, and resolves several bugs. This is not a security update.
https://rufus.ie/en_IE.html

SearchMyFiles 3.01 adds option to prevent saving search options and support for searching within Office and PDF files. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

SimpleWMIView 1.38 improves refresh behavior. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

TaskSchedulerView 1.51 adds a new column to indicate whether device will be awakened to run task. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TraceRouteOK 1.44 resolves a bug. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinScan2PDF 4.93 improves WIA and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.8 updates static URLs, servicing stacks and improves compatibility. This is not a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 3.4.2.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio/index.html

MySQL 8.0.17 resolves several bugs and adds several new features. This is not a security update.
https://www.mysql.com/downloads/installer/

Node.js 12.8.0 resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Redemption 5.21.0.5378 adds RDOFolders and appointment exception removal/undo support as well as resolving several bugs. This is not a security update.
http://www.dimastr.com/redemption/

SQLite 3.29.0 adds several new features. This is not a security update.
https://www.sqlite.org/download.html

TortoiseSVN 1.12.2 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.37 adds several new features and improvements. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.4 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.10-132072 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

ScreenConnect 19.2.24707.7131 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

phpList 3.4.5 resolves several bugs. This is not a security update.
https://www.phplist.com/download

Drupal 8.7.6 resolves several bugs. This version follows quickly on the heels on 8.7.5, which is a security release.
https://drupal.org/download

Joomla 3.9.11 is a security update.
https://www.joomla.org/

MailEnable 10.26 resolves several bugs. This is not a security update.
https://www.mailenable.com/

Adminer 4.7.2 resolves several bugs. This is not a security update.
https://www.adminer.org/en/

BuddyPress 4.4.0 is a security update.

Contact Form 7 5.1.4 resolves several bugs. This is not a security update.

myStickymenu 2.2.1 improves compatibility. This is not a security update.

Postie 1.9.38 resolves an attachment filtering bug. This is not a security update.

Redirection 4.3.3 resolves bugs and improves compatibility. This is not a security update.

WooCommerce 3.7.0 resolves dozens of bugs, and provides feature, compatibility, and performance improvements. This is not a security update.

WP Add Custom CSS 1.1.5 replaces code editor. This is not a security update.

WP Mail SMTP 1.5.2 resolves a Gmail compatibility bug. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2017-01-10

Happy New Year, Folks!

It’s Patch Tuesday.

The typical computer should see roughly 1.5gb in updates today. We’re starting out the new year with a much smaller number of updates, but they’re still quite large. Let’s get started.

Microsoft released updates to Windows, Internet Explorer, Edge, Exchange, MS Office and MSRT (~1.1gb). This includes security updates. A reboot is required.

Apple released updates for AirPort Base Station. This includes security updates. Follow these directions to install this update:
https://support.apple.com/en-us/HT201519

Google Chrome OS 55.0.2883.105 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 24.0.0.194 is a security update. Flash is being actively replaced with HTML5 on most sites and services, however, so unless you’re 110% positive you need it for critical functions, you should remove it instead. And, within those browsers that have it embedded (Chrome, Edge, Internet Explorer 11+) disable it. It’s just not worth the risk.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.4.3 fixes several bugs. This is not a security update.
http://www.wagnardsoft.com/display-driver-uninstaller-ddu

nVidia 342.01 is a security update.
http://www.nvidia.com/Download/index.aspx?lang=en-us

Samsung SideSync 4.7.0.84 doesn’t provide a changelog, so should be treated as a security update.
http://www.samsung.com/us/sidesync

Wacom Pen and Touch 6.3.20-3 doesn’t provide a changelog, so should be treated as a security update.
http://us.wacom.com/en/support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 55.0.2883.95 for Mac is a security update. Use Menu, Help, About to install the most current version.

Firefox 50.1.0 is a security update. Use Menu, Help, About to install the most current version.

Blisk 2.0.136.192 is a security update.
https://blisk.io/

SeaMonkey 2.46 fixes several bugs. This is not a security update.
http://www.seamonkey-project.org/releases/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 45.6.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

aria2 1.30.0 fixes several bugs. This is not a security update.
https://aria2.github.io/

curl 7.52.1 is a security update.
http://winampplugins.co.uk/curl/

Nmap 7.40 fixes several bugs and adds features. This is not a security update.
http://nmap.org/

uTorrent 3.4.9 Build 43085 is a security update.
http://www.utorrent.com/downloads

MaxMind GeoIP 201701 is a data refresh. This is not a security update.
http://dev.maxmind.com/geoip/

IPNetInfo 1.75 fixes several bugs. This is not a security update.
http://www.nirsoft.net/utils/ipnetinfo.html

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.5.7.6499 updates libraries. This should be treated as a security update.
http://cdburnerxp.se/

FastStone Viewer 6.1 improves performance, fixes several bugs. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

Game Updates

These are unlikely to be of interest to most people.

Minecraft 1.11.2 adds “/locate” and other new features, fixes several bugs. This is not a security update.
http://www.minecraft.net/

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.3 adds MD5 generator. This is not a security update.
https://12pd.com/click?npp

LibreOffice 5.2.4 fixes several bugs. This is not a security update.
http://www.libreoffice.org/

Adobe Reader 11.0.19 is a security update. Use Help, Check for Updates to get the most current version.

Adobe Reader DC 2015.023.20053 is a security update. Use Help, Check for Updates to get the most current version.

Artweaver 5.1.5 fixes several bugs. This is not a security update.
http://www.artweaver.de/

Krita 3.1.1 fixes several bugs and improves stability. This is not a security update.
https://krita.org/download/krita-desktop/

Security Software Updates

One or more of these is likely to be of interest to most people.

KeePass 2.35 fixes several bugs. This is not a security update.
http://keepass.info/download.html

Wireshark 2.2.3 is a security update.
http://www.wireshark.org/

Hashcat 3.30 fixes many bugs. There is no detailed changelog, so this should be treated as a security update.
http://hashcat.net/hashcat/#downloadlatest

Junkware Removal Tool 8.1.1 doesn’t provide a changelog, so should be treated as a security update.
https://www.malwarebytes.org/junkwareremovaltool/

RogueKiller 12.9.2 fixes a critical bug. This is a security update.
http://www.adlice.com/softwares/roguekiller/

SuperAntiSpyware 6.0.1232 fixes a BitDefender compatibility bug. This is not a security update.
http://www.superantispyware.com/download.html

MSRT 5.44 is a security update.
http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

Capture Updates

These are unlikely to be of interest to most people.

Greenshot 1.2.9.112 fixes several bugs. This is not a security update.
https://github.com/greenshot/greenshot/releases

XSplit Broadcaster 2.9.1611.1627 fixes several bugs. This is not a security update.
http://www.xsplit.com/get/

XSplit Gamecaster 2.9.1611.1721 fixes several bugs. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.10.4 fixes several bugs. This is not a security update.
https://12pd.com/click?makemkv

CDex 1.82 fixes several bugs. This is not a security update.
http://cdex.mu/?q=download

DVDFab 10.0.1.7 fixes several bugs, improves compatibility, updates decryption engine. This is not a security update.
http://www.dvdfab.cn/download.htm

Handbrake 1.0.1 fixes several bugs. This is not a security update.
https://handbrake.fr/downloads.php

IsoBuster 3.9 adds several new formats and features, fixes several bugs. This is not a security update.
https://www.isobuster.com/download.php

MKVToolNix 9.7.1 fixes several bugs. This is not a security update.
http://www.videohelp.com/software/MKVtoolnix

AVStoDVD 2.8.5 fixes several bugs. This is not a security update.
https://sites.google.com/site/avstodvdmain/

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.2.8 fixes several bugs. This is not a security update.
https://12pd.com/click?rf

GoodSync2Go 10.2.6 fixes several bugs. This is not a security update.
https://12pd.com/click?goodsync

CintaNotes 3.5 fixes several bugs, adds licensing options and changes. This is not a security update.
http://cintanotes.com/download

NTLite 1.2.0.4680 fixes several bugs. This is not a security update.
https://www.ntlite.com/download/

iExplorer 4.0.4 adds iOS 10.2 support. This is not a security update.
https://www.macroplant.com/iexplorer/

Drive Snapshot 1.45 adds support for large sectors and Windows Server 2016. This is not a security update.
http://www.drivesnapshot.de/en/

FileLocator Pro 8.1.2695 improves performance, fixes bugs. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

NetworkTrafficView 2.05 adds option to Save All Items. This is not a security update.
http://www.nirsoft.net/utils/network_traffic_view.html

SearchMyFiles 2.78 adds Entry Modified Time column. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

TcpLogView 1.26 adds option to Save All Items. This is not a security update.
http://www.nirsoft.net/utils/tcp_log_view.html

USBDeview 2.62 adds elevation via CLI option. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

WhosIP 1.18 improves reliability for Brazil, adds CIDR and From/To IP fields. This is not a security update.
http://www.nirsoft.net/utils/whosip.html

WifiChannelMonitor 1.47 adds option to begin capture immediately upon start. This is not a security update.
http://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.10 adds option to limit to specific BSSIDs. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

SystemRescueCD 4.9.1 is a security update.
http://www.sysresccd.org/

TaskSchedulerView 1.22 adds option to Save All Items. This is not a security update.
http://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 12.0.72365 fixes several bugs. This should be treated as a security update.
https://www.teamviewer.com/en-us/download/windows/

WSUS Offline 10.9 fixes several bugs, improves supercedence policies. This is a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

Redemption 5.12.0.4674 adds features, improves compatibility with CTR Office and fixes several bugs. This is not a security update.
http://www.dimastr.com/redemption/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 5.1.12-112440 resolves several bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

phpList 3.2.7 is a security update.
http://www.phplist.com/download

Piwigo 2.8.5 is a security update.
http://piwigo.org/

TinyMCE 4.5.2 fixes several bugs. This is not a security update.
http://www.tinymce.com/download/

Drupal 8.2.5 fixes several bugs. This is not a security update.
http://drupal.org/download

SMF 2.0.13 is a security update.
http://download.simplemachines.org/

Anti-Splog 2.2 fixes several bugs. This should be treated as a security update, since one of the bugs prevents old versions from functioning.

BuddyPress 2.7.4 is a security update.

NextScripts Social Networks Auto-Poster 3.7.9 fixes several bugs. This is not a security update.

Theme My Login 6.4.7 is a security update.

WooCommerce 2.6.11 fixes several bugs. This is not a security update.

WordPress Zero Spam 3.0.6 fixes several bugs. This is not a security update.

WP Mail SMTP 0.10.1 is a security update.

WPtouch 4.3.10 fixes a bug. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2016-12-13

Hi, Folks!

It’s Patch Tuesday.

The typical computer should see roughly 1.6gb in updates today. The new MS update engine will help if you’re using the peer-to-peer features on *local* networks, or it will kill your performance if it’s touching the ‘net. The new release cycle of 1gb blobs is great for mass distribution, but chews through bandwidth if you’re not peering it for other devices on your LAN. Adobe has released 10 separate security updates today – still not remotely close to Oracle Tuesday last month, but more people use Adobe products than Oracle’s. The other updates run the gamut: every browser and almost everything from Chrome OS to WordPress. Let’s get started.

Microsoft released updates to Windows, Office, .NET, Edge, IE, Flash, Exchange, AAD, TZData, Uniscribe, SSPI and MSRT (~1.25gb). This includes security updates. A reboot is required. NOTE: For some devices a second update+reboot cycle will be necessary!

Apple released updates for OS X, macOS, Safari, iTunes, iCloud for Windows, iOS, Transporter, watchOS, and tvOS. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 10.2 is a security update. Use Settings, General, Software Update to install the most current update.

Google Chrome OS 55.0.2883.87 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 24.0.0.186 is a security update. Flash is being actively replaced with HTML5 on most sites and services, however, so unless you’re 110% positive you need it for critical functions, you should remove it instead. And, within those browsers that have it embedded (Chrome, Edge, Internet Explorer 11+) disable it. It’s just not worth the risk.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Adobe AIR 24.0.0.180 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.4.0 adds support for newer hardware. This is not a security update.
http://www.wagnardsoft.com/

Intel Driver Update 2.6.2 adds support for additional hardware, improves performance and fixes several bugs. This is not a security update.
http://www.intel.com/p/en_US/support/detect

Samsung Kies3 201611 doesn’t provide a changelog, so should be treated as a security update.
http://www.samsung.com/us/support/owners/app/kies

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 55.0.2883.87 is a security update. Use Menu, Help, About to install the most current version.

Firefox 50.0.2 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 2.96 resolves a stability bug. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 45.5.1 is a security update. Use Menu, Help, About to install the most current version.
http://www.mozilla.org/en-US/thunderbird/

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 7.30.85.103 adds several new features. This is not a security update.
https://12pd.com/click?skype

iCloud for Windows v6.1 is a security update. Use Apple Software Update to get the most current version.

Mumble 1.2.18 is a security update.
http://wiki.mumble.info/wiki/Main_Page

aria2 1.29.0 fixes several bugs. This is not a security update.
https://aria2.github.io/

WinSCP 5.9.3 is a security update.
http://winscp.net/eng/index.php

uTorrent 3.4.9 Build 42973 fixes several bugs. This is not a security update.
http://www.utorrent.com/downloads

FileZilla 3.23.0.2 fixes several bugs. This is not a security update.
http://filezilla-project.org/

MaxMind GeoIP 201612 is a data refresh. This is not a security update.
http://dev.maxmind.com/geoip/

IPInfoOffline 1.44 updates the internal IP database. This is not a security update.
http://www.nirsoft.net/utils/ip_country_info_offline.html

Flickr Downloadr 2.2.2.3 adds several new features including SSL support, updates libraries, and fixes several bugs. This should be treated as a security update.
https://flickrdownloadr.com/downloads/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.5.4 adds several new compatibility features. This is not a security update. Use Apple Software Update to get the most current version.

CDBurnerXP 4.5.7.6452 improves logging, GUI fixes, and updates libraries. This should be treated as a security update.
http://cdburnerxp.se/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.3.3.1921 adds gifting and security fixes.
https://www.origin.com/en-us/download

Minecraft 1.11 adds several new features and mobs. This is not a security update.
http://www.minecraft.net/

SteamOS 2.98 is a security update and resolves wifi problems for some hardware.
http://store.steampowered.com/steamos/download/?ver=custom

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 16.0.0.112 is a security update.
https://creative.adobe.com/products/download/animate

Adobe Experience Manager Forms 6.2.0.2 is a security update.
https://helpx.adobe.com/security/products/aem-forms/apsb16-40.html

Adobe DNG Converter 9.8 is a security update.
Win: https://www.adobe.com/support/downloads/detail.jsp?ftpID=6108
Mac: https://www.adobe.com/support/downloads/detail.jsp?ftpID=6107

Adobe Experience Manager 6.2.1 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html

Adobe InDesign 12.0.0 is a security update. Patches to previous versions (<=11.4.1) will *not* be made available.
https://helpx.adobe.com/indesign/release-note/indesign-cc-2017.html

Adobe ColdFusion Builder 2016.3 is a security update.
https://helpx.adobe.com/coldfusion/kb/coldfusion-builder-2016-update-3.html

Adobe Digital Editions 4.5.3 is a security update.
https://www.adobe.com/solutions/ebook/digital-editions/download.html

Adobe RoboHelp 2015.0.4 is a security update.
https://www.adobe.com/support/robohelp/downloads.html

Paint.net 4.0.13 fixes several bugs. This is not a security update.
http://www.getpaint.net/

Krita 3.0.1.1 doesn’t provide a detailed changelog, so should be treated as a security update.
https://krita.org/download/krita-desktop/

Notepad++ 7.2.2 fixes several minor bugs. This is not a security update.
https://12pd.com/click?npp

SketchUp 17.1.174 fixes stability and reliability issues, and adds CDT. This is not a security update.
http://www.sketchup.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

EMET 5.52 should always be treated as a security update.
http://www.microsoft.com/emet

MSRT 5.43 is a security update.
http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

Wireshark 2.2.2 is a security update.
http://www.wireshark.org/

Hashcat 3.20 is a major rewrite offering significant security improvements. This is a security update.
http://hashcat.net/hashcat/#downloadlatest

DNSQuerySniffer 1.58 improves logging. This is not a security update.
http://www.nirsoft.net/utils/dns_query_sniffer.html

Wireless Network Watcher 2.03 is a cosmetic improvement. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

OpenSSL Binaries 1.1.0c is a security update.
http://slproweb.com/products/Win32OpenSSL.html

RogueKiller 12.8.5 adds detections and more. This is a security update.
http://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 2.97 improves reliability. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

XSplit Broadcaster 2.9.1611.1622 adds support for more hardware, improves reliability, and various fixes. This is not a security update.
http://www.xsplit.com/get/

XSplit Gamecaster 2.9.1611.1715 adds several new features, improves reliability, and various fixes. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 10.0.1.5 is a major update, offering a new and improved UI, cloud sync, and adds support for new encodings. This is not a security update.
http://www.dvdfab.cn/download.htm

MakeMKV 1.10.3 fixes the auto-path bug, improves reliability and BD+ engine, adds support for new encodings. This is not a security update.
http://www.makemkv.com/download/

MKVToolNix 9.6.0 fixes several bugs, improves subtitle support, and various stability and GUI improvements. Thsi is not a security update.
http://www.videohelp.com/software/MKVtoolnix

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.2.0.4550 improves reliability in TH3, and fixes several bugs. This is not a security update.
https://www.ntlite.com/download/

GoodSync2Go 10.2.4 resolves several bugs, improves reliability. This is not a security update.
https://12pd.com/click?goodsync

RoboForm 7.9.25 resolves One Time Password problem and UI issues. This is not a security update. No, v8 still isn’t ready. 🙁
https://12pd.com/click?rf

DMDE 3.2.0.690 adds several new features including RAID detection, VHD and VHDX support, custom file signature support, SMART reading and more. This is not a security update.
https://dmde.com/

dupeGuru 4.0.3 updates picture cache backend and disables automatic updates on macOS. This is not a security update.
http://www.hardcoded.net/dupeguru/

Easy2Boot 1.87 fixes several bugs. This is not a security update.
http://www.easy2boot.com/download/

Everything 1.4.1.809b fixes several bugs and adds filter functions. This is not a security update.
http://www.voidtools.com/

GPU-Z 1.16.0 fixes a parsing bug. This is not a security update.
http://www.techpowerup.com/downloads/SysInfo/GPU-Z/

LessMSI 1.5.1 fixes several bugs. This is not a security update.
http://lessmsi.activescott.com/

FileLocator Pro 8.1.2682 improves cache size, error reporting, fixes several bugs. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

DriveLetterView 1.46 now supports stdout. This is not a security update.
http://www.nirsoft.net/utils/drive_letter_view.html

FolderChangesView 2.00 adds improved notification support. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html

SearchMyFiles 2.77 improves error reporting. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

SimpleWMIView 1.21 improves logging support. This is not a security update.
http://www.nirsoft.net/utils/simple_wmi_view.html

WhosIP 1.16 improves IPv6 support. This is not a security update.
http://www.nirsoft.net/utils/whosip.html

WirelessKeyView 2.05 adds advanced options to command line support. This is not a security update.
http://www.nirsoft.net/utils/wireless_key.html

OSForensics 4.0.1002 improves task logging, case management, various bug fixes and more. This is not a security update.
http://www.osforensics.com/download.html

CCleaner 5.25.5902 improves browser support, and fixes bugs. This is not a security update.
http://www.piriform.com/ccleaner

Speccy 1.30.730 improves reliability, adds support for new hardware and GUI improvements. This is not a security update.
http://www.piriform.com/speccy

RapidEE 9.1 build 931 fixes several bugs. This is not a security update.
http://www.rapidee.com/en/download

Sysmon 5.0 introduces file create and registry modification logging. This should be treated as a security update.
http://live.sysinternals.com/

Process Explorer 16.20 adds reporting of process Control Flow Guard (CFG) status and dynamically updates to reflect changes to process Data Execution Prevention (DEP) configuration. This is a security update.
http://live.sysinternals.com/

Procdump 8.2 adds a -kill option that terminates a process after its dump completes rather than allowing an exception to pass to Windows Error Reporting (WER), and a -wer switch to copy dumps to the WER queue. This is not a security update.
http://live.sysinternals.com/

LiveKd 5.6 includes a batch-mode option designed for scripted analysis that omits the prompt to re-execute LiveKD after a debugger session terminates. This is not a security update.
http://live.sysinternals.com/

TeamViewer 12.0.71503 fixes several connection problems and crash bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WSUS Offline 10.8.1 updates libraries and superseded updates. This is a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

TortoiseSVN 1.9.5 fixes many bugs. This is not a security update.
http://tortoisesvn.net/downloads.html

MySQL 5.7.17 is a security update.
http://www.mysql.com/downloads/installer/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 12.5.2 is a security update.
http://www.vmware.com/products/player/

VirtualBox 5.1.10-112026 fixes several bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

phpList 3.2.6 fixes several bugs. This is not a security update.
http://www.phplist.com/download

Piwigo 2.8.3 is a security update.
http://piwigo.org/

Plupload 2.2.1 doesn’t provide a changelog, so should be treated as a security update.
http://www.plupload.com/

TinyMCE 4.5.1 adds several new features and many bug fixes. This should be treated as a security update.
http://www.tinymce.com/download/

Drupal 8.2.4 is a security update.
http://drupal.org/download

HumHub 1.1.2 adds several new features and events, fixes dozens of bugs. This is not a security update.
https://www.humhub.org/en/download

phpMyAdmin 4.6.5.2 is a security update.
http://www.phpmyadmin.net/home_page/news.php

WordPress 4.7 fixes several bugs and adds many new features (including keyboard shortcuts and tooltips). This is not a security update.
http://wordpress.org/

bbPress 2.5.12 fixes a role init bug. This should be treated as a security update.

BuddyPress 2.7.3 fixes several bugs. This is not a security update.

Contact Form 7 4.6 makes several improvements for reliability and maintainability. This is not a security update.

NextScripts Social Networks Auto-Poster 3.7.8 adds several new services, fixes bugs. This is not a security update.

Postie 1.8.22 fixes several bugs. This is not a security update.

Redirection 2.5 fixes several bugs. This is not a security update.

Top Commentators Widget 1.5.2 fixes a bug. This is not a security update.

WooCommerce 2.6.9 fixes several bugs. This is a security update.

WordPress Zero Spam 3.0.4 fixes several bugs. This is not a security update.

WPtouch 4.3.9 fixes several bugs. This is not a security update.

Sovrn (was Zemanta) 1.3.2 is a rebrand. This is not a security update.
That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/