Updates 2025-05-13

Welcome back, Folks!

Today is Patch Tuesday for May, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, the time was months ago. Pickin’s are thin right now. 🙁

However… if you do need to replace your laptop there’s an awesome Lenovo laptop available at Costco right now for $600 (plus tax & shipping).

There were 495+ major hacks, and over 600 application updates this month. It’s an insanely large month, with about 6 GB of updates for most users.

This Month in Technology

1st Health Inc, 30 London Job Centres, 4chan, 90 Degree Benefits, Inc – MN/WI Office, Abergavenny, Abilene, Texas, Active! Mail, Adelaide’s Women’s and Children’s Hospital, Adobe Acrobat Reader DC, Advanced Simulation Technology, Adyen, Agencia Browne y Espinoza, Ahold Delhaize, Alabama government, Alabama Ophthalmology Associates, Allegra, Allied Telesis, Inc, AllTrust, Alternate Solutions Health Network, Altior Healthcare, Alvin Independent School, Amazon ElastiCache, American Eagle Logistics, American Express Travel Related Services Co, Amethyst Group, Amtech Software, Andy Frain Services, Anfarm Hellas, Apache ActiveMQ, Apache Parquet, Apache Roller, Apache Tomcat, Apple AirPlay, Apple iPhone, Apple iPhone Messages, Apple macOS, Arizona Arthritis and Rheumatology Associates, Arkansas Primary Care, Ascension Health, Associated Wholesale Grocers, Astra Products, ASUS AiCloud, ASUS AMI, ASUS DriverHub, Avast Free Antivirus, Balance Diagnostics, Baltimore City Public Schools, Bangalore Water Supply and Sewerage Board (BWSSB), Barnstable County Sheriff’s Office, Barr Dermatopathology, Bartlesville Public Schools, BayMark Health Services, Bell Ambulance, Berkeley Research Group, Bertie, NC Schools, Bervar and Jones, Bigfork Valley Hospital, Bilbie Faraday Harrison, Bindi SpA, Bio-Clima Service, Bloom Family Eye Surgeons, Blue Shield of California (to Google!), Bluestone Bank, Bolivar Insulation, Boudreaux’s Specialty Compounding Pharmacy, Boulanger, Brainard Surgery Center LLC, British Columbia Health Authority, Broadcom Fabric OS, Brunswick Medical Center, Brydens Lawyers, Business Functions, Cabot Medical Care, California Correctional Health Care Services, Caltrol Inc, Cambridge University Press & Assessment, Canada Revenue Agency, CAPTCHA systems on 400,000+ websites (AkiraBot), Caritas Catholic charities, Carlton County Public Health and Human Services, Carrefour Mobile, Cato Networks Cato Client, Cell C, Central Texas Pediatric Orthopedics, Chang Shen Hospital, Charleston Fire Department, Chepstow, Chicano Federation of San Diego County, Cisco IOS XE, Cisco Webex, City of Bristol, TN, City of Grove, City of Long Beach, CA, Cloudera Hue Ace Editor, CMC Corporation, Co-op Group, Cobb County, GA, Colorado River Adventures, Community Dental Care, Commvault Command Center, Commvault, Complete Payroll SolutionsCompliance Consulting Group, Comport Technology Solutions, Conduent, Conrey Insurance Brokers & Risk Managers, Corporate Flight, Cortez Resources, Cosmos, Couples Learn, CPUs, Craft CMS, Culinary Services of America Inc, Curve Finance, Custom Paper, D’Granel, Dale Partners Architects, Dameron Hospital, Daniels & Taylor, PC, DaVita, six DDoS-for-hire platforms, Dedicated Web Consultants, DermCare Management, Destination Toronto, Diedrich Coffee, Dior, Discord, Disney, Dominion Lending Centres, Drug and Alcohol Treatment Services, Inc, Dutch Ministry of Climate Policy and Green Growth, Dutch Ministry of Economic Affairs, Dutch Ministry of the Interior and Kingdom Relations, DYNAMIS Insurance, East Central Missouri Behavioral Health Services, eCharge Hardy Barth, Eclipse ThreadX NetX Duo, ECOM America, Edinburgh schools, Ehlers Inc, EIZO Rugged Solutions, EMX Enterprises, Endue Software, Enflame Technology, Erlang/OTP SSH, Erlanger Health, ESP Associates, Esse Health, Everest Bank, eXch, Extreme Fire, Family Christian Health Center, Feldman & Lopez, Fleet Canada, Fogelman Management Group, Forsyth County Schools, 16,000 Fortinet devices, FortiSwitch, Fowler Elementary School District, Framlingham College, France’s Municipality of Ardon, Franklin Nursing Home, Frederick Health Medical Group, FreeType 2, Frisco Chamber, Galvatech, Gardena Honda, GeoLogics Corporation, German Association for East European Studies, Gistic Research, Gladinet CentreStack, Gladinet Triofox, Global Media Group, GlobalX, GMA Network, Google Chrome DevTools, Google Sites, Government of Peru, Great Plains Transport, GStreamer, Hacienda La Puente Unified School District, Hamilton County, TN, Hamrah Aval, Harman Becker MGU21, Harrods, Hayward Quartz Technology, HC Sheriff, HealthEquity, IncHeinz Hammer Vertragswerkstatt, Helix Tools, Hertz Corporation, Highland Rivers Behavioral Health, Hitachi Energy MicroSCADA Pro/X SYS600, Hong Kong Science and Technology Parks, HOPI, Horizon Behavioral Health, Hyalogic, Hyundai Motor Group, IBM Cloud, IBM Portal, iClicker, iHeartMedia + Entertainment, IKEA, Impact Canada, Inaba Denki Sangyo CHOCO TEI WATCHER, Independent Financial Services, Independent Title Agency, Indian Air Force (IAF) aircraft, Indian government defence websites, 1.5+ million Indian websites, Inductors Inc, Insight Partners, Insight Pipe Contracting, Interior Health, Internet Initiative Japan, Iowa County, WI, Iris ID, Isle of Man government, Ivanti Endpoint Manager, J. Banks Design, Jackpot Junction, Jacksonville Medical Care, James & Sons Fine Jewelers, Jamjoom Pharma, Janco Steel, Jani-King International, Inc, Jet Ice, Jordan Kuwait Bank, Ju Percussion Group, Julia Evans Accountants, Just Concrete & Masonry, Karachi Port Trust, Kasb Bank, Kaye Lifestyle Homes, Kelly & Associates Insurance Group, Kenworth Del Sur, Khan Academy, Kickidler, KiloEx, King Industries Inc, Kintetsu World Express, Kittrich Corporation, Korea Land and Housing Corporation, KraftKisarna, Kuala Lumpur International Airport, Kyiv Notaries, LabHost, Laboratory Services Cooperative, Lake HVAC, Lake Shore Paving, Lamberti Group, Landmark Admin, Langer & Langer, Langflow, Law Firm of Rochelle McCullough, Law Offices of Chris M. Ingram, Lee Valley Tools, Ltd, Legends International, Lemonade, Lexmark CX331adwe, Limestone District School Board, Lincoln Financial, Lithium Americas, LockBit Ransomware Group, Long Beach Convention and Entertainment Center, Loretto Hospital, Luxion KeyShot, Machu Picchu Foods, Madison School District, Magento, Malaysia Airports Holdings Berhad, Manchester Credit Union, Marc Irwin Sharfman, MD, PA, Marks & Spencer, Marsicovetere & Levine Law Group, Mashburn Construction, Masimo Corporation, Mataró Water Utility Company, MATE Desktop, McElwee Firm, MedDream PACS Server, MedDream WEB DICOM Viewer, MedEx Ambulance, Medical Express Ambulance Service, Megachem Singapore, Mercer County Joint Township Community Hospital, Merri-Makers, Microsoft 365 OAuth, Minyard Morris LLP, Mission Laguna Pathology Medical Group, Monongalia Health System, Mountain View Mushrooms, Movistar Venezuela, Mt. Baker Imaging and Northwest Radiologists, MTN Group, Munich Re, Municipality of Pisa, N8XT, Nagios Log Server, NASCAR, National Social Security Fund (CNSS) of Morocco, Nationwide Recovery Services, Nelson University, Neurological Institute of Savannah & Center for Spine, Nevada Ready Mix, New York Post, Newport Advisory, LLC, Nintendo, Nippon Life Mutual Fund, Nixon, Inc, North Kitsap School District, Northeast Georgia Health System, Northern California Children’s Therapy Center, Nova Scotia Power, Nth Degree, O’Brien & Ryan, OCH Regional Medical Center, Oettinger Brewery, Omni Healthcare Financial Holdings, OnRPG, Onsite Mammography, Oracle, Oracle VirtualBox, Orange County Medical Group Pathology, Oregon Department of Environmental Quality, Orthopaedic Specialists of Connecticut, OttoKit WordPress plugin, Output Messenger, Oversea Casing, Pacific Metallurgical, Palo Verde Hospital, Pawnee Heights Unified School District, Pearson, PESEL, Pharma Force, Pienaar Brothers, Planet Technology Industrial Switches, Planned Parenthood, Plastic Surgery Specialists of Lawrence, PlayStation, Port of Seattle, PR TIMES, Pratt Homes, Premier Meats South Africa, Prestonwood Baptist Church, Inc, Promenade Village Dental, Pryor Morrow, Pulse Urgent Care Center, Qraved, R&N Manufacturing, Radford University, Radware Cloud Web Application Firewall, Raw, Rayle Electric Membership Corporation, Red Chamber, RFID, Richmond СPA, Roblox, Rockwell Automation Industrial Data Center, Rocky View Schools, Roman Catholic Bishop of San Diego, Ruby Servers, Russell Child Development Center, Saint James Hospital Group, Sally B Gold, Salus Group, Samsung phones, Samsung Galaxy S24, Samsung Germany, Samsung MagicINFO 9 Server, San Francisco Campus for Jewish Living, San Francisco crosswalk system, Santa Cruz Properties, SAP NetWeaver, SavantCare, Scharnhorst Ast Kennard Griffin PC, Schultz Industries Inc, Scrubs & Beyond LLC, SeaCMS, Seneca Gaming, Sensata Technologies, Sentara Health, SentinelOne, Setpoint Systems, Seydel Companies, Shinko Shoji, Shopify, Shrader Law, Silgan Containers, SIMCO Electronics, Sinalisa Segurança Viária Ltda, SK Inc, SK Telecom, SogoTrade, Inc, SonicWALL Connect, SonicWall SMA, Sonos Era 300, Sonrisas Dental Health, South African Airways, South African IT, Southern Fidelity, Springer & Steinberg, St Anthony Hospital, St Clair Orthopaedics & Sports Medicine, St James Hospital, Study Hotels, Sunsweet Growers Inc, Sweet Shop USA, Synology BeeStation BST150-4T, Synology DiskStation DS1823xs+, Synology TC500, SysAid, T-Mobile, Takeda, TehetségKapu, TeleMessage, Tenda AC9, Tesla Model 3, Tesla Model S, Texas Health and Human Services Commission, The City of Long Beach, CA, The Fortune Society, The Michelson Organization, Thompson Coburn LLP, Thrive Physical Therapy Partners, TicketToCash, TikTok, TMA Group, Toppan Next, Toronto District School Board, Town of Orangeville, Traefik, Trend Micro Apex Central, Trend Micro Deep Security, Troicare College, True Dental Care for Kids and Adults, TrussWorks International, Tänzer GmbH, Ubiquity UniFi Protect Cameras, UK Department of Work and Pensions, UK Legal Aid Agency, Union Health System, Inc, UniTrak, Universal Window, Urban One, Urban Renewal Authority, US Claims Capital, Inc, US Office of the Comptroller of the Currency (OCC), Vanni and Humphrey, Vastaamo, VeriSource Services, Inc, Verrex, Versa Networks, Via Credit Union, Vicarage Court Solicitors, Victure RX1800, Virtuvian Health, Voigt-Abernathy Company, Wan Hai, Wazuh server, WDEF-TV, Webmin, Weil Construction, Weir Canyon Honda, West Lothian Council, Western New Mexico University, Western Sydney University, Whiteboard Technologies Pvt Ltd, Whitman County Public Hospital District No 3, Wilmington Personal Injury Lawyer – DPLAW, Windows Common Log File System, Windows NTLM hashes, Wisconsin Supreme Court, Wizz Air, Wolters Kluwer, WooCommerce, WordPress AIHub theme, WordPress BuddyBoss Platform Pro plugin, WordPress Flynax Bridge plugin, WordPress InstaWP Connect plugin, WordPress Smart Product Review plugin, WordPress UrbanGo Membership plugin, WorkComposer, WPM Pathology Laboratory, Chartered, XP Investimentos, XRP Ledger NPM Package (xrpl.js), Yale New Haven Health, Yankee Trails, Yodogawa Steel, Yokogawa Recorder, Young Consulting LLC, ZKsync, and Zoom remote control have reported hacking or compromises this month.

4chan, Atlassian Jira, Coinbase 2FA, Exchange Admin Center, Microsoft 365, and pretty much all of Spain (and some neighboring countries) less than a week after bragging about how they were finally able to run on 100% renewable energy, have suffered from outages this month.

By the way, did you know that 4chan was mostly run by the US government? Duh.

Last months updates broke
Broadcom Brocade Fabric OS, Classic Outlook calendar, Classic Outlook typing, Hitachi Vantara, Microsoft 365 “paste special”, Microsoft Entra ID, Microsoft Office, Microsoft Office 2016, Microsoft Outlook online, SAP NetWeaver, SharePoint Online, Windows 10 Start Menu, Windows 11 24H2 upgrades, Windows Domain Controllers, Windows Hello for Business (WHfB) Key Trust, Windows kernel, Windows Remote Desktop, Windows Server 2025, and the Win Recovery Environment (WinRE).

A Florida bill that would have required backdoors to any encryption for social media accounts has failed.

AT&T will be the first of the big telcos to drop their email-to-sms gateway – in only about a month. You’ll still be able to send emails to email addresses and text to and from cell numbers, but their gateway that allows you to send messages between email and text will be disabled in mid June. This should have a massive impact on the amount of spam received by AT&T mobile customers. It will not stop it, of course.

Broadcom is threatening to sue their own customers for installing security updates in VMware.

Your heated car seats (among other features) are exposing you to law enforcement tracking.

IPv6 makes MitM easy.

Kali Linux lost their repo signing key, requiring manual end-user intervention to install security updates.

CISA is “trimming the fat” by removing some of their communication methods (even though I’m sure they were fully automated). This is going to disrupt important intelligence resources for those in the tech industry.

Skype is dead. Microsoft will finally start killing off ActiveX in Office and Microsoft 365. All new Microsoft accounts will now be “passwordless” by default.

I’ve been warning about the Copilot AI storage access risks since they changed their Terms of Service in October. My fears were justified. Microsoft will no longer “accidentally” flag all Gmail messages as spamOr Adobe.

In the wake of a study that demonstrates how easy it was for AI to manipulate Reddit users, Reddit is considering legal action to protect their victims, I mean, users.

Android and Apple both now have auto-reboot to reduce the effectiveness of brute force attacks.

Apple is getting spanked for violating the letter and the intent of the judge’s order following the Apple v Epic Games lawsuit from a couple years ago.

BIG NEWS: US Attorney for the District of Columbia, Ed Martin, calls out Wikimedia Foundation (Wikipedia) for violating 501(c)(3) status by allowing propagandists to flood platform. He gave them until May 15th to turn over documents.

Google is finally consolidating all of it’s country TLDs to use “google.com“. Google will pay $1.4 billion to Texas to settle claims the company collected users’ data without permission. Google’s updated Local Services Ads Terms have sparked privacy fears and threaten confidentiality in medical and legal sectors. Google would never really harvest all of your medical data though, right? LOL.

Now for the good news:

T-Mobile has added satellite-based 5G support to their lineup. While currently in beta, this signals a huge improvement to coast to coast, and in fact world-wide, phone support using Starlink’s satellites to back up your 5G service when no towers are available (like when there’s a power outage or localized service issue or when you live in the middle of nowhere).

I suspect this mean Elon will soon be buying T-Mobile.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is insane this month. The typical computer should see roughly 6 GB in updates today. Let’s get started.

Microsoft released 48 updates to address 83 vulnerabilities in .NET, Active Directory Certificate Services, Azure, Azure Automation, Azure DevOps, Azure File Sync, Azure Storage Resource Provider, Build Tools for Visual Studio, Microsoft Brokering File System, Microsoft Dataverse, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Edge, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office PowerPoint, Microsoft Office SharePoint, Microsoft PC Manager, Microsoft Power Apps, Microsoft Scripting Engine, Remote Desktop Gateway Service, Universal Print Management Service, UrlMon, Visual Studio, Visual Studio Code, Web Threat Defense, Windows Ancillary Function Driver for WinSock, Windows Common Log File System Driver, Windows Deployment Services, Windows Drivers, Windows DWM, Windows File Server, Windows Fundamentals, Windows Hardware Lab Kit, Windows Hyper-V, Windows Installer, Windows Kernel, Windows LDAP, Windows Media, Windows NTFS, Windows Remote Desktop, Windows Routing and Remote Access Service, Windows Secure Kernel Mode, Windows SMB, Windows Trusted Runtime Interface Driver, Windows Virtual Machine Bus, Windows Win32K – GRFX, and MSRT. This includes security updates. A reboot is required.

Oracle released 378 security updates this quarter to address vulnerabilities in 117 products.

Apple released updates for macOS Sequoia 15.4.1, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, Safari 18.5, iOS 18.4.1, iOS 18.5, iPadOS 17.7.7, iPadOS 18.4.1, iPadOS 18.5, tvOS 18.4.1, tvOS 18.5, visionOS 2.4.1, visionOS 2.5, and watchOS 11.5. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 18.4.1 and 18.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7.7, 18.4.1 and 18.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.5 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.4.1 and 18.5 are security updates. Use System, Software Update to install the most current version.

visionOS 2.4.1 and 2.5 are security updates. Use System, Software Update to install the most current version.

Google ChromeOS 134.0.6998.198, ChromeOS 135.0.7049.120, and ChromeOS LTS 132.0.6834.223 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 42.0 is a major update (leaning hard into “42”), with changes to the installer, updates to libraries, defaults and now offering COSMIC. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 25.5.1 adds support for newer hardware, improves performance and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 11.03 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Daemon Tools Lite 12.3.0 resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

GoXLR Utility 1.2.2 resolves several bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

Intel Driver and Support Assistant 25.2.15.9 is a security update.
https://www.intel.com/p/en_US/support/detect

UniFi Network Server 9.1.120 is a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.8.1 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.78.97 is a security update.
https://brave.com/

Google Chrome 136.0.7103.92 is a security update.
https://www.google.com/chrome/

Firefox 138.0.3 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.10.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 7.3.3635.12 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.54 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.22.9.106186 improves Team support and resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.22.9.106183 improves Team support and resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 138.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.5.4 resolves several bugs. This should be treated as a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 9.0.2 resolves several bugs. This should be treated as a security update.
https://anydesk.com/en/downloads

Discord May 1, 2025 resolves dozens of bugs. This is not a security update.
https://discord.com/download

Dropbox 223.4.4909 resolves several bugs. This is not a security update.
https://www.dropbox.com/

FileZilla Client 3.69.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.10.3 resolves several bugs. This is not a security update.
https://filezilla-project.org/

Google Drive 108.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

MeshCentral 1.1.44 resolves dozens of bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.8.00.9760 improves GUI and resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 31.0.4 resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

Nmap 7.97 is a security update.
https://nmap.org/

Npcap 1.82 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Pocketnet-Core 0.22.17 resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.9.119 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.69.2 is a security update.
https://rclone.org/

Signal 7.53.0 adds new device attachment transfer and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.41.3 doesn’t provide a detailed change log so should be treated as a security update.
https://signal.org/android/apk/

Syncthing 1.29.6 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 13.6 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 5.14.2 resolves a compatibility bug and adds marketplace sales. This is not a security update.
https://telegram.org/

WinSCP 6.5.1 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 6.4.6.64360 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.17 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.3.8 resolves a series of crash bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 306 adds remote sync and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

Plex Media Server 1.41.6.9685 adds DOVI filter and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.80.3 should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 20.0.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2025.429 adds audio focus and new themes. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.05.10 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2025.05.06 improves compatibility, resolves several bugs, and updates libraries. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.12 and 24.0.9 are security updates.
https://helpx.adobe.com/security/products/animate/apsb25-42.html

Adobe Bridge 14.1.7 and 15.0.4 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb25-44.html

Adobe ColdFusion 2021.20, 2023.14, and 2025.2 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html

Adobe Connect 12.9 is a security update.
https://helpx.adobe.com/security/products/connect/apsb25-36.html

Adobe Dimension 4.1.2 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb25-45.html

Adobe Dreamweaver 21.5 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb25-35.html

Adobe Illustrator 28.7.6 and 29.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb25-43.html

Adobe InDesign 19.5.3 and 20.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-37.html

Adobe Lightroom 8.3 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb25-29.html

Adobe Photoshop 25.12.3 and 26.6 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb25-40.html

Adobe Reader DC 25.001.20467 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Substance 3D Modeler 1.22.0 is a security update.
https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-51.html

Adobe Substance 3D Painter 11.0.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb25-38.html

Adobe Substance 3D Stager 3.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-46.html

Artweaver 8.0.4 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 8.4.0 resolves several bugs and improves compatibility. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.05.1 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

Inkscape 1.4.2 resolves dozens of bugs. This is not a security update.
https://inkscape.org/release/

LibreOffice 24.8.7 resolves over a dozen bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 25.2.3 resolves over sixty bugs. This is not a security update.
https://www.libreoffice.org/

Manager 25.5.8.2317 does not provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.16.4 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.8.1 resolves over a dozen bugs and improves colorization. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.6.0.396 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

Scribus 1.6.4 resolves several bugs. This is not a security update.
https://www.scribus.net/

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

ChromeOS 134.0.6998.198 and ChromeOS 135.0.7049.120 are security updates.

Fedora 42.0 is a major update (leaning hard into “42”), with changes to the installer, updates to libraries, defaults and now offering COSMIC. This is not a security update.
https://getfedora.org/en/workstation/download/

iOS 18.4.1 and 18.5 are security updates.
https://support.apple.com/kb/HT204204

iPadOS 17.7.7, iPadOS 18.4.1, and iPadOS 18.5 are security updates.
https://support.apple.com/kb/HT204204

macOS Sequoia 15.4.1, macOS Sequoia 15.5, macOS Sonoma 14.7.6, and macOS Ventura 13.7.6 are security updates.
https://support.apple.com/kb/HT201541

Tails 6.14.2 and Tails 6.15 are security updates.
https://tails.net/install/download/index.en.html

tvOS 18.4.1 and tvOS 18.5 are security updates.
https://support.apple.com/kb/HT202716

visionOS 2.4.1 and visionOS 2.5 are security updates.
https://support.apple.com/en-us/122721

watchOS 11.5 is a security update.
https://support.apple.com/en-us/122722

Security Software Updates

One or more of these is likely to be of interest to most people.

FRSTx64 2025.5.9 doesn’t provide a detailed change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

HTTP Toolkit 1.20.1 doesn’t provide a detailed change log so should be treated as a security update.
https://httptoolkit.tech/

JShelter 0.20.2 improves privacy and resolves several bugs. This is not a security update.
https://jshelter.org/install/

MalwareBytes Desktop Security 5.3.0.186 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.5.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

PassRec 3.65 updates included apps. This is not a security update.
https://www.nirsoft.net/password_recovery_tools.html

RogueKiller 16.1.3 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.347 adds and improves detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

uBlock Origin 1.64.0 resolves a couple bugs and adds several new scriptlets and controls. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

WebBrowserPassView 2.15 adds support for app-bound encryption in recent Chrome releases. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 25.1.1 resolves a startup crash. This is not a security update.
https://www.techsmith.com/video-editor.html

SnagIt 25.1.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.4.0 adds support for newer encodings and adds an AI upscaler. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 5.6 adds support for new media formats, a new Preview mode, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

PDF Creator 6.0.0 is a major update, switching to newer libraries, adds document previews, SharePoint integration, and resolves a couple bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.2.3.5 improves compatibility, adds support to download from several new sources, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.1.6 adds SDR and new output formats, resolves several bugs and improves subtitle and Face Enhancer. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.76 resolves a couple bugs and improves error messages.
https://1password.com/downloads/

Agent Ransack 2022.3517 improves favorites list, cosmetics and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Beyond Compare 5.0.7.30840 improves cosmetics, updates libraries, and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2025.4.2 resolves several bugs. This is not a security update.
https://bitwarden.com/

CalyxOS Device Flasher 1.1.1 is a security upate.
https://calyxos.org/install/

CrucialScan 20250424 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/store/systemscanner

Cygwin 3.6.1 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 11.81 improves cosmetics. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.5.8.0 updates libraries. This is a security update.
https://dngrep.github.io/

Etcher 2.1.2 removes analytics. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 2022.3517 improves favorites list, cosmetics and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FoneTool 3.0.0 is a major update that adds a new “My Devices” interface, improves iPhone to PC interface, and resolves a couple bugs. This is not a security update.
https://www.fonetool.com/download.html

Free Virtual Serial Ports 6.22.00.1498 resolves several bugs. This is not a security update.
https://freevirtualserialports.com/

GoodSync 12.8.8 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.26 improves hardware detection and reporting. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.57 adds support for newer hardware and resolves a couple bugs. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

Kingston SSD Manager 1.5.5.3 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2025.04.10406 adds Power Plan integration support, improves registry writes, updates components and resolves a bug. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.1.1007 improves performance and resolves a couple bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.17.0 resolves over a dozen bugs and updates libraries. This is not a security update.
https://osquery.io/downloads

Password Security Scanner 1.63 adds support for app-bound passwords in recent Chrome releases. This is not a security update.
https://www.nirsoft.net/utils/password_security_scanner.html

PowerToys 0.90.1 resolves several bugs and updates libraries. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.6.8 improves update process and adds support for Google Workspace SSO. This is not a security update.
https://www.roboform.com/

Rufus 4.7 resolves several bugs and improves UEFI detection and download. This should be treated as a security update.
https://rufus.ie/en_US/

ScreenConnect 25.2.4.9229 is a security update. Updates were released for other “recent” versions as well so you’re not forced to upgrade to the Canary version that breaks several other features.
https://screenconnect.connectwise.com/download

SimpleWMIView 1.56 adds Black Background support. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

SmartMonTools 7.5 adds dozens of new diagnostic objects and reporting elements and improves reliability and performance. This is not a security update.
https://smartmontools.org/

Starwind V2V Converter 9.755 adds CLI conversion support. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

SysinternalsSuite 2025.5.5 updates RDCMan. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/

TeamViewer 15.65.6 resolves a bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WinGet 1.10.390 improves end-to-end support for Entra ID, configuration file controls, and resolves several bugs. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 9.33 improves hardware support and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

XnConvert 1.105.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2025 2025.2504.25.400 improves performance, multi-monitor support, and resolves several bugs.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 9.0.4 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

ADB 36.0.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2024.3.2.14 resolves several bugs. This is not a security update.
https://developer.android.com/studio

cx_Freeze 8.3 updates libraries. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GameMaker Studio 2024.13.1.193 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.5.230 resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.19 resolves over a dozen bugs. This is not a security update.
https://desktop.github.com/

Go 1.24.3 is a security update.
https://go.dev/

Inno Setup 6.4.3 improves restore operations, resolves seeral bugs, and adds a new tool for ECDSA P-256 support. This is not a security update.
https://www.jrsoftware.org/isdl.php

Java 8u451 is a security update.
https://www.java.com/en/download/manual.jsp

Node.js 20.19.1 updates libraries. This is not a security update.
https://nodejs.org/en/

Node.js 22.15.0 updates libraries and resolves several bugs. This is a security update.
https://nodejs.org/en/

Rustup 1.28.2 improves download stack and management controls. This is not a security update.
https://www.rust-lang.org/

SQLite 3.49.2 resolves several bugs. This should be treated as a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.100.1 is a security update.
https://code.visualstudio.com/

WinMerge 2.16.48.2 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.8 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 5.3.0 resolves over a dozen bugs and improves compatibility. This is not a security update.
https://www.adminer.org/en/

Joomla 5.3.0 improves email templates, media management, scheduled tasks, read more, accessibility and compatibility. This is not a security update.
https://www.joomla.org/

YOURLS 1.10.1 resolves several bugs. This is not a security update.
https://yourls.org/

WordPress 6.8.1 resolves over a dozen bugs. This is not a security update.
https://wordpress.org/

bbPress 2.6.13 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/bbpress/

Contact Form 7 6.0.6 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

My Sticky Bar 2.8.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Show IDs 1.1.11 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

Sucuri Security 2.1 resolves a couple bugs and adds support for several new scanners. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2025-04-08

Happy Easter, Folks!

Today is Patch Tuesday for April, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, the time was 3 months ago. Pickin’s are thin right now. 🙁

There were 320+ major hacks, and over 360 application updates this month. It’s a relatively small month, with about 2.5 GB of updates for most users.

This Month in Technology

13cabs, 9,300 WordPress websites (ClearFake), 150,000 WordPress websites (DollyWay), 70mai A510, Abracadabra, Access TeleCare, Adobe Acrobat Reader, ALN Medical Management, Amazon AWS CloudFormation, AMI MegaRAC, an Asian telecom, Android, Apache Parquet, Apache Pinot, Apache Tomcat, APIsec, Apple macOS, Apple Passwords app, Apple WebKit, Arista NG Firewall, Around the Clock Companies, Arts Council England, Ascoma Group, Association of Superannuation Funds of Australia, Astral Foods, Atlantis Operating LLC, Atlas CPAs & Advisors, Atutech, AustralianSuper, Autodesk AutoCAD, Autodesk Navisworks, Autodesk Payapps, Baidu, Bank of China, Barebox, Baylor Scott & White Texas Spine & Joint Hospital, Bdrive NetDrive, BDSM People, Beacon Health System, BEC Technologies Routers, Bigfork Valley Hospital, Blue Shield of California, Boulanger, Brave browser, Brish, Brocade Fibre Channel switches, BTS member Jungkook, Buckinghamshire Council, Bybit, California Cryobank, Canon printers, Capilano University (CapU), Cardiff City Council Department of Children’s Services, Cargills Bank, CarlinKit CPC200-CCPA, CDHA Management, Center for Digestive Health, CHC Solutions, Inc, Check Point, Check Point ZoneAlarm, Cherokee County School District, Chica, Choco Tei Camera, Chord Specialty Dental Partners, Chrome, Cisco IOS XR, Cisco Smart Licensing Utility, City of Lubbock, Ciuni & Panichi, Clinic’s Patient Management System, Cloudflare WAF, Columbia Eye Clinic, Compumedics, Concord Orthopaedics, Costa Rican President’s YouTube, Cottrill’s Pharmacy, Crossroads Trading Co, CrushFTP, CSG Consultants, D&S Insurance Agency, Dameron Hospital, DBS Signapore, Dell Unity, Dignity Health Lassen Medical Clinic, Dove Healthcare, DrayTek routers, Drugs.com, Dutch Public Prosecution Service, Edimax Cameras, El Camino Real Academy, Eprice, Erickson Companies, ESET security, ESHYFT, Europcar Mobility Group, Everest ransomware gang, Exim, Facebook FreeType 2, FacePass, Fidelity Life, First City Credit Union, Food For The Poor, Fortinet FortiWeb, French Department of Education, Gay Daddy, Georgia Urology, German Doner Kebab, Gilead Sciences, GIMP, GitLab Community Edition, GitLab Enterprise Edition, Google Quick Share, Grede Holdings, Growatt, GRUB2, Guardian Life Insurance, Hamilton County, Hand & Plastic Surgery Centre, Harcourts Prime Properties, Health NZ, HealthEquity, Hellenic Open University, HHH Acquisition, LLC, Highline Public Schools, Hillcrest Convalescent Center, Hokkaido Jalan, Houston Housing Authority, Houston Surgery Center, HTW Dresden, Hydro-Vacuum SA, ImagineX, Infosys McCamish Systems, Insignia, IOU Financial, Iraqi Council of Ministers, Iraqi Ministry of Finance, Islamic Republic of Iran Shipping Company, Ivanti Connect Secure, Jaguar Land Rover, Jira, Junos OS, Karl Malone Auto Group, Keeco Home, Klickitat Valley Health, Korea Aerospace Research Institute, Kronick Moskovitz Tiedemann & Girard, Kuala Lumpur Airport, Kubernetes Ingress Nginx Controller, LA Financial Federal Credit Union, Laborers’ International Union of North America, Local 1184, Lafayette Federal Credit Union, Lake Psychological Services, Lake Washington Vascular, Lee University, Legacy Professionals LLP, Lena Pope Home Inc, LensDeal, Lexipol, Life University, LiUNA, Lloyds Bank, Lukoil, Luxion KeyShot, Lyon Living, Lyon Management Group, M.A.D Mobile, Madison County, Mississippi, Malaysia Airports Holdings Bhd, Marina Bay Sands Singapore, Mark Thomas, Medway Community Healthcare, Meigs County Emergency Medical Services, MercadoLibre, Mercer County Joint Township Community Hospital, Merkur, Microsoft Exchange Online and M365, Microsoft SharePoint, Microsoft’s Trusted Signing platform, Microsoft’s Visual Studio Code Marketplace, Millennium Home Health Care, Mirror Mirror Beauty Boutique, Mission Bell Mfg, Mission, Texas, Monro, Inc, Morton Golf LLC, mySCADA myPRO, NAKIVO Backup & Replication, National Defense Corporation, National Iranian Tanker Company, NetApp SnapCenter, Nevro, New Era Life Insurance Companies, New South Wales Court Registry, New York University (NYU), NewAgeSys, NexOpt, Next.js, NI FlexLogger, NI Vision Builder AI, Nice Healthcare, Northern Ireland Commission, Northwest Retirement Plan Consultants, NTT, Numotion, NVIDIA Riva, OBI Seafoods, Oracle Cloud (from 2017!), Oracle Health, OrthoMinds, Pacific Residential Mortgage, Palmetto Subacute Care Center, Palo Alto Deep Packet Inspection, PAR Rehab, Parascript, Parcel Plus, PDF-XChange Editor, Pennsylvania State Education Association, pgAdmin, Pinehurst Radiology Consultants, Pineland Community Service Board, Pink, Port of Seattle, Presbyterian Health Plan, Progress Software Kemp LoadMaster, PTS News, Rakuten Securities, RansomHub, Red Lion Borough, PA, Rinehart Dentistry, Riverdale Joint Unified School District, Rodl Management, Royal Mail, SAG-AFTRA Health Plan, Sam’s Club, Samsung Germany, Sentara Health, Shopify Collabs, Shopify Pitchfork, Siegel Group, Siemens Simcenter, SimonMed, SIR.trading, SMA, Smart ERP Solutions, SoloPoint Solutions, Southeast Series of Lockton Companies, Spark DSO, SpotBugs, SpyX, St. Joseph’s College of Maine, State Bar of Texas, State of California, Department of Child Support Services, STE Group, STMicroelectronics X-CUBE, Stram Center for Integrative Medicine, StreamElements, Sungrow, Sydney Tools, Tata AIG, Tata Technologies, Tesla, TFE hotels group, Thailand Post, The Junction Casino Hotel, The Pension Specialist, Three Rivers Hospital, Toppan Next Tech, Topy America Inc, Tor Browser, Translove, Trend Micro Cleaner One, Trinity Petroleum Management, Troy Hunt’s Mailchimp List, Twilio SendGrid, Twitter (X), U-Boot, UAE Water & Electric Power, Ubuntu Linux, Ukrzaliznytsia, Ulrich Investment Consultants, Union County, United Domestic Workers of America, United Faith Ministries, United Seating and Mobility, Unitree Go1 robot dogs, University Diagnostic Medical Imaging, University of Notre Dame Fremantle, Urban Dictionary, Verizon Call Filter, VF Outdoor, Virginia Attorney General’s Office, Vista Point Mortgage, Vitenas Cosmetic Surgery, VMware Tools for Windows, Vroom, Watcher Guru, Welts, White, & Fontaine, WEMIX, Wesizwe, Western Alliance Bank, Western Wayne Family Physicians, WhatsApp, Whitman Hospital & Medical Clinics, WideOpenWest, William F Rinehart DMD PA, Windows, Windows Kernel, WinRAR, WK Kellogg Co, Woori Card, Word & Brown Insurance Administrators, WordPress Simple WP Events plugin, WordPress WooCommerce plugin, WordPress WP Ghost plugin, WordPress WP RealEstate plugin, WordPress WP Ultimate CSV Importer plugin, X.Org Server, Xen HVM, YAP Health Services, Yucatán Government, ushin America, zkLend hacker (lol), and Zoth Protocol have reported hacking or compromises this month.

ChatGPT, Cloudflare R2, DrayTek routers, Microsoft Exchange Online, Moscow Metro, and Naval Station Norfolk have suffered from outages this month.

Last months updates broke Microsoft Snipping Tool, Remote Desktop, security services including SenseShield on Windows 11 24H2, the ability to return to Outlook “Classic”, USB printers, Veeam recovery, and VMware Workstation updates.

23andMe has filed for bankruptcy, but not before they created plans to sell off all your DNA details.

Apple broke their N+2 trend and released security updates for much older devices to address critical vulnerabilities.

DoH (DNS over HTTPS) is being used to hijack mail accounts with extremely well-targeted phishing pages. How effective are phishing websites? Effective enough to get even the creator of Have I Beep Pwned to fall for it.

Microsoft has changed their mind on disabling WSUS driver sync. Microsoft is testing a new “quick machine recovery” platform to recover from buggy driver updates preventing the operating system from booting. Microsoft is removing the BypassNRO script from Windows 11 installers, but the underlying registry settings will still be available (for now).

Now for the good news:

Linux is making headway – more than 2% of devices running Steam are now actively using Linux.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is relatively small this month. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released 78 updates to address 128 vulnerabilities in Active Directory Certificate Services, Active Directory Domain Services, ASP.NET Core, Azure Local, Azure Local Cluster, Azure Portal Windows Admin Center, DirectX Graphics Kernel, HTTP.sys, Kerberos Key Distribution Proxy, Microsoft AutoUpdate (MAU), Microsoft Dynamics Business Central, Microsoft Edge, Microsoft Edge for iOS, Microsoft Excel, Microsoft Message Queuing (MSMQ), Microsoft Office, Microsoft Office Excel, Microsoft Office OneNote, Microsoft Office SharePoint, Microsoft Office Word, Microsoft OneNote, Microsoft SharePoint, Microsoft Streaming Service, Microsoft System Center, Microsoft Virtual Hard Drive, Microsoft Word, OpenSSH for Windows, Outlook for Android, Remote Desktop Client, Remote Desktop Gateway Service, RPC Endpoint Mapper Service, Servicing Stack Updates, Visual Studio, Visual Studio Code, Visual Studio Tools, Windows Active Directory Certificate Services, Windows BitLocker, Windows Bluetooth Service, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Defender Application Control (WDAC), Windows Digital Media, Windows Hello, Windows Hyper-V, Windows Installer, Windows Kerberos, Windows Kernel, Windows Kernel Memory, Windows Kernel-Mode Drivers, Windows Lightweight Directory Access Protocol (LDAP), Windows Local Security Authority (LSA), Windows Local Session Manager (LSM), Windows Mark of the Web (MOTW), Windows Media, Windows Mobile Broadband, Windows NTFS, Windows Power Dependency Coordinator, Windows Process Activation, Windows Remote Desktop Services, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Secure Channel, Windows Security Zone Mapping, Windows Shell, Windows Standards-Based Storage Management Service, Windows Subsystem for Linux, Windows TCP/IP, Windows Telephony Service, Windows Universal Plug and Play (UPnP) Device Host, Windows Update Stack, Windows upnphost.dll, Windows USB Print Driver, Windows Virtualization-Based Security (VBS) Enclave, Windows Win32K – GRFX, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iOS 15.8.4, iOS 16.7.11, iOS 18.4, iPadOS 15.8.4, iPadOS 16.7.11, iPadOS 17.7.6, iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, Safari 18.4, tvOS 18.4, visionOS 2.4, watchOS 11.4, and Xcode 16.3. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 15.8.4, 16.7.11, and 18.4 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.8.4, 16.7.11, 17.7.6, and 18.4 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.4 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.4 is a security update. Use System, Software Update to install the most current version.

visionOS 2.4 is a security update. Use System, Software Update to install the most current version.

Google ChromeOS 134.0.6998.183 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

GoXLR Utility 1.2.0 resolves several bugs and improves firmware update. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

Logitech Options 10.24.3 improves compatibility with Microsoft Office. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025297893

TP-Link Archer AX73 v2.0 250210 is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.77.95 is a security update.
https://brave.com/

Firefox 137.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.9.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 135.0.7049.52 is a security update.
https://www.google.com/chrome/

Vivaldi 7.3.3635.7 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.22.6.104601 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.22.6.104600 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 137.0.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.5.0 resolves more than a dozen bugs and improves multiple monitor support and AnyDeskOne compatibility. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 9.0.1 is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.60 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.13.0 improves debugging and resolves nearly 300 bugs. This should be treated as a security update.
https://curl.haxx.se/windows/

Discord April 3, 2025 resolves dozens of bugs. This is not a security update.
https://discord.com/download

Dropbox 221.4.5365 resolves a cosmetic bug. This is not a security update.
https://www.dropbox.com/

FileZilla Server 1.10.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 14.3 adds IDN support and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 106.0 now officially supports ARM64 on Windows. This is not a security update.
https://drive.google.com/start

Grocy Desktop 2.14.0 improves compatibility. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.43 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.8.00.6262 adds one-time passcode authentication, Storyline integration, chat controls and increases attendees to a max of 50,000 for Premium. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 31.0.2 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Pocketnet-Core 0.22.14  resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.9.116 is a security update.
https://pocketnet.app/

Signal 7.49.0 now synchronizes recent activity to new devices. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.38.7 now synchronizes recent activity to new devices. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.29.4 resolves a couple bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 13.5  resolves several bugs and implements new features. This is not a security update.
https://technitium.com/dns/

Telegram 5.13.1 resolves a crash bug. This is not a security update.
https://telegram.org/

WinSCP 6.5 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 6.4.3.63669 resolves several bugs. This is not a security update. The recent 6.4 update adds dozens of new features and a new user interface – it is also a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.16 adds several new 3D environments. This is not a security update.
https://en.3tene.com/

Grayjay 291 adds search and sorting to playlists, improves filters and search, and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.7.1 improves compatibility. This is a security update.
https://www.apple.com/itunes/download/

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.72.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21.5 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PS5 2025.314 improves compatibility and parental controls. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.04.01 improves compatibility and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2025.03.31 improves compatibility and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe AEM Forms 6.5.22.0 is a security update.
https://helpx.adobe.com/security/products/aem-forms/apsb25-27.html

Adobe AEM Screens 6.5 FP11.4 is a security update.
https://helpx.adobe.com/security/products/aem-screens/apsb25-32.html

Adobe After Effects 24.6.5 and 25.2 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb25-23.html

Adobe Animate 23.0.11 and 24.0.8 are security updates.
https://helpx.adobe.com/security/products/animate/apsb25-31.html

Adobe Bridge 14.1.6 and 15.0.3 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb25-25.html

Adobe ColdFusion 2025.1, 2023.13 and 2021.19 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html

Adobe Commerce B2B 1.5.2, 1.4.2-p5, 1.3.5-p10, 1.3.4-p12, and 1.3.3-p13 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-26.html

Adobe Commerce 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, and 2.4.4-p13 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-26.html

Adobe FrameMaker 2020.8 and 2022.6 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb25-33.html

Adobe Magento Open Source 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, and 2.4.4-p13 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-26.html

Adobe Media Encoder 24.6.5 and 25.2 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb25-24.html

Adobe Photoshop 26.5 and 25.12.2 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb25-30.html

Adobe Premiere Pro 25.2 and 24.6.5 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb25-28.html

Adobe XMP Toolkit SDK 2025.03 is a security update.
https://helpx.adobe.com/security/products/xmpcore/apsb25-34.html

Aronium 1.45.0.1 resolves a bug in the Z report. This is not a security update.
https://aronium.com/

Artweaver 7.0.18 is a security update.
https://www.artweaver.de/

Audacity 3.7.3 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 8.2.1 improves compatibility and resolves a couple bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.05.0 adds several new syntax controls. This is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GIMP 3.0 is a major update (the first in 7 years!) which adds huge strides in many features and improves compatibility and stability. GIMP 3.0.2 resolves several bugs. This is not a security update.
https://www.gimp.org/

GnuCash 5.11 resolves almost 20 bugs and improves stability. This is not a security update.
https://www.gnucash.org/

LibreOffice 24.8.6 resolves over 30 bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 25.2.2 resolves over 80 bugs. This is a security update.
https://www.libreoffice.org/

Manager 25.4.3.2227 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.16.2 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7.9 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.1.7 resolves a couple bugs. This should be treated as a security update.
https://www.getpaint.net/

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

ChromeOS 134.0.6998.183 is a security update.
https://chromereleases.googleblog.com/search/label/Stable%20updates+ChromeOS

iOS 18.4 is a security update.
https://support.apple.com/kb/HT204204

iPadOS 18.4 is a security update.
https://support.apple.com/kb/HT204204

macOS Sequoia 15.4, Sonoma 14.7.5 and Ventura 13.7.5 are security updates.
https://support.apple.com/kb/HT201541

Tails 6.14.1 is a security update.
https://tails.net/install/download/index.en.html

tvOS 18.4 is a security update.
https://support.apple.com/kb/HT202716

watchOS 11.4 is a security update.
https://support.apple.com/kb/HT204641

Zorin OS 17.3 is a huge compatibility update, adds improved alternative detections and suggestions, changes the default browser to Brave, and improves the Zorin Connect app to better function as an input device for the latest Zorin OS release. This should be treated as a security update.
https://zorin.com/os/mirrors/

Security Software Updates

One or more of these is likely to be of interest to most people.

Caine 14.0 improves UEFI support and updates kernel. This is a security update.
https://www.caine-live.net/

Chainsaw 2.12.2 is a housekeeping release. This is not a security update.
https://github.com/countercept/chainsaw

MalwareBytes Desktop Security 5.2.10.182 is a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 4.1.10 updates the user interface, adds a list of recent connections to quick access, and adds advanced profile settings such as port forwarding and autolaunch behaviors. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest

RogueKiller 16.1.2 expands the monitoring capabilities and improves detection logic. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.342 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1274 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.63.2 resolves a major stability issue. This should be treated as a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.74.1 improves the Sigma editor and adds new live event sources. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.41.2 adds AVIF support and resolves a couple bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 25.1.0 updates libraries, improves step capture, smart redact, stability and performance, and resolves several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.8 adds support for new encodings and improves OCR detection for subtitles. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.18.1 adds support for new encodings and resolves a couple bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.2.2.8 improves compatibility, adds support for newer playlist and distribution formats, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.1.2 resolves several bugs and adds faster upscaling model. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.15 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.70 adds new internetional keyboard layout support. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.8.0 finally adds a built-in update mechanism, improves Windows-To-Go support, and resolves several bugs. This is not a security update.
https://www.diskpart.com/

Bitcoin 28.1 adds new features, bug fixes and performance improvements. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 2025.3.0 adds 2SL login support to the user interface and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.34.11482 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.15 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.6.0-1 adds several new APIs, improves compatibility and resolves several bugs. This is not a security update.
https://cygwin.com/

Dell Command Update 5.5 adds automatic driver downloads to the Advance Driver Restore operation. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 11.71 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DiskCheckup 3.6 doesn’t provide a detailed change log so should be treated as a security update.
https://www.passmark.com/products/diskcheckup/

dnGrep 4.4.9.0 resolves several bugs. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2025-03-14 resovles several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Eraser 6.2.0.2996 doesn’t provide a change log so should be treated as a security update.
https://eraser.heidi.ie/download/

ESEDatabaseView 1.78 adds an optional black background. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html

Everything Toolbar 1.5.2 improves compatibility and resolves a couple bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

FoneTool 2.10.0 adds support to back up ringtones, improves System Repair and iTunes compatibility and resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

GoodSync 12.8.7 resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.24 adds support for newer hardware. This is not a security update.
https://www.hwinfo.com/download/

ImageUSB 1.5.1007 resolves a hardware compatibility bug. This is not a security update.
https://www.osforensics.com/tools/write-usb-images.html

Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

ManageWirelessNetworks 1.16 adds option to save all items. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NConvert 7.221 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NTLite 2025.03.10351 improves new Windows UEFI build behavior and updates libraries. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.1.1004 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.90.0 adds several new features and resolves a bunch of bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.6.6 changes a couple behaviors and resolves several bugs. This is not a security update.
https://www.roboform.com/

ScreenConnect 25.2.3.9216 resolves several bugs and now imposes a hardcoded email limit in the name of security – which means that monitoring events using the email action will no longer be reliable.
https://screenconnect.connectwise.com/download

SSD Life 2.5.82 adds support for newer hardware. This is not a security update.
https://ssd-life.com/eng/download-ssdlife.html

Starwind V2V Converter 9.626 improves conversions from Hyper-V to ESXi. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

TeamViewer 15.64.3 adds several new management features and resolves a couple bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WakeMeOnLan 1.93 adds a black background option. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WinRAR 7.11 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WinScan2PDF 9.31 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizFile 3.12 resolves a bug. This is not a security update.
https://antibody-software.com/wizfile/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.3.1.14 resolves several bugs. This is not a security update.
https://developer.android.com/studio

cx_Freeze 8.1 updates libraries and resolves several bugs. This should be treated as a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GameMaker Studio 2024.13.0.190 resolves over 500 bugs. This should be treated as a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.5.228 resolves a couple cosmetic bugs. This is not a security update.
https://gdevelop.io/download

Go 1.24.2 is a security update.
https://go.dev/

Godot 4.4.1 is a security update.
https://godotengine.org/

Inno Setup 6.4.2 adds a new setup directive. This is not a security update.
https://www.jrsoftware.org/isdl.php

Node.js 18.20.8 is a security update.
https://nodejs.org/en/

Node.js 20.19.0 resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 23.11.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.3 resolves dozens of bugs. This is a security update.
https://www.python.org/downloads/windows/

Visual Studio Code 1.99.1 resolves several bugs. This is a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 5.2.0 resolves several bugs and adds cosmetic improvements. Adminer has been under very active development the last couple months so expect many more future updates over time.
https://www.adminer.org/en/

Grocy 4.5.0 implements a new barcode reader and resolves a couple bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.17.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.2.6 and 4.4.13 are security updates.
https://www.joomla.org/

MailEnable 9.88 and 10.52 are security updates.
https://www.mailenable.com/

OpenCart 4.1.0.3 resolves several bugs. This is not a security update.
https://www.opencart.com/

Piwigo 15.5.0 resolves several bugs. This is not a security update.
https://piwigo.org/

YOURLS 1.10.0 updates requirements, dependences and resolves several bugs. This is not a security update.
https://yourls.org/

BuddyPress 14.3.4 is a security update.
https://wordpress.org/extend/plugins/buddypress/

My Sticky Bar 2.7.8 improves user interface. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

WordPress Importer 0.8.4 resolves a couple bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-10-08

Welcome back, Folks!

Today is Patch Tuesday for October, 2024.

Windows 11 24H2 is out. So is macOS 15/Sequoia. iOS 18, iPadOS 18, tvOS 18, watchOS 11, and visionOS 11 are out now.  The first set of security updates for each of these are released now, too.

All versions of Windows 11 prior to 23H2 are no longer be supported. Upgrade to 23H2 now, then do not upgrade to 24H2, yet. Let everyone else be the guinea pigs. It’s already showing quite a few issues.

All versions of macOS prior to 13/Ventura are no longer supported. If you can’t upgrade your Mac to Ventura you need to permanently take it offline and/or replace it.

Windows 10 now has only 12 months of support left. If your computer can not be upgraded to Windows 11 either start planning now for a switch to Linux or replacing your computer.

There were 505+ major hacks, and over 395 application updates this month. It’s an enormous month, with about 4 GB of updates for most users.

This Month in Technology

4B Components, 5.11 Tactical, A1 Mobile Locksmith, Access Ambulatory Surgery Center, LLC, Access Sports, Accurate Railroad Construction Ltd, Acuity Advisor, Adobe Acrobat Reader DC, Adobe After Effects, Adobe Audition, Adobe Commerce & Magento stores (5% of all their commerce sites!!!),  Adobe Media Encoder, Adobe Photoshop, Adobe Premiere Pro, ADT, Advanced Sterilization Products, Inc, Affirm Agency, AFP, air-gapped government systems, Akromold, Al Rajhi Bank, Albany College of Pharmacy, Alliance, Ally Bank, Alshaya Group, Altman Plants, Alvan Blanch, American Water Works, Amgen Inc, Amplitude Laser, Andamen, Andantex USA, Anniversary Holding, Apache Avro, Apache HugeGraph-Server, Apex Softcell, Aramark myPay, Arc browser, Arelance Group, Around the Clock Companies, Asheville Arthritis and Osteoporosis Center, PA, AT&T, ATG Communications Group, Atrium Health, Autel Maxicharger, Auto Recyclers, AutoCanada, Autodesk Navisworks Freedom DWF, automatic storage tank gauge (ATG) systems (6 models), Avi Resort & Casino, Avis, Balboa Bay Club Ventures LLC, Banana Gun, Bangladeshi government, Barbados Revenue Authority, Barnes & Cohen, Batcom, Battle Lumber Co, Bay Ridge Automotive Management Group, Bazooka, Bel-Air Bay Club, BELL DATA, Inc, Benny Gantz, Bethalto Community Unit School District, Betterhalf, Bharat Petroleum, BingX, Bloom Hearing Specialists, Blundstone USA Inc, BNBuilders, BotSpace, Branhaven Chrysler Dodge Jeep Ram, Brechbuhler Scales Inc, BroadGrain Commodities, Broward Realty Corp, Brown Bottling Group, Brown Integrated Logistics, Brunswick Hospital Center, BSH Soft, BudTrader, C&L Ward, CaleyWray, Calibrated Healthcare, LLC, California Department of Social Services, Cameroon’s pension fund, Canstar Restorations, Capgemini, Capital Printing, Carlile Group, Cascade Columbia Distribution, Casino Fandango, Casio, Caterpillar Inc, Cellular Plus, CentralTickets, CF Medical, Charles Darwin School, Chernan Technology, ChiceDNA, Chinese government, a Chinese government botnet, Chrome, Chunghwa Telecom Data, Cincinnati Public Schools, City of Aberdeen, WA, City of Forest Park, City of Pleasanton, CA, City of Richardson, TX, CK Associates, CKS Packaging, Classic Business Products, CobelPlast, Cohesive Networks VNS3, Comcast Cable Communications, Community Clinic of Maui, Inc, Community Hospital of Anaconda, Compass Group, Concord Management Services, Condere IP, Conductive Containers, Inc, Connally Memorial Medical Center, Control Panels USA, CopySmart LLC, Corantioquia, Creative Consumer Concepts, Creative Playthings, CrediHealth, Crown Mortgage Company, CSG Consultants, D-Link routers, DATASUS, Daughterly Care, David’s Bridal, Del Valle Independent School District, Delaware Library system, Dell (twice in a week),  Deloitte, Delta Prime, Department of Foreign Affairs (DFA), Philippines, DETRAN, Detroit Public TV, Diamond Contracting, LLC, Didi Chuxing, digiDirect, Dimensional Merchandising, DINAS Corp, Divine Interprises INC, DJH Jugendherberge, Domain Industries, DotPe, DPC DATA, Dr. Web, DrayTek routers, Dreyfuss + Blackford Architecture, Duopharma Biotech, Dutch Police, EasyMPS, Edge Imaging, eFile.com, EigenLayer, Elgin Separation Solutions, Elitecare Emergency Hospital, Elitecare, Empereon Marketing, English Football League, Enterprise Outsourcing, EnviroNET Inc, Environmental Code Consultants Inc, Erasmus+, ETC Companies, Ethena Labs, Eurobulk, Evans Distribution Systems, Experience Engine, Express Services, Fabrica Industrial Machinery & Equipment, FastStone Imave Viewer, Fazenda Brazil government, FBCS, Fedbank Financial Services, Feeld, Feldstein & Stewart, Fireworks Software, First Choice, Fleet Equipment, FoccoERP, Forshey Prostok LLP, Fortinet, Fortive, Foundation, Foxit PDF Reader, Freshstart Credit Repair, Frigocenter, Fritzøe Engros, FTV Employment Services LLC, Fylde Coast Academy Trust, G/S Solutions, Galloway MacLeod, Games Box, GameVN, Garvey, GenPro Inc, GitLab, GNOME Project G, GoDaddy, Golden Age Nursing Home, Gough Construction, Graminex, Graybill Medical Group, Greene Acres Nursing Home, Guerriere & Halnon, GW Mechanical, Hair Club for Men, Hamel Cranial Chiropractic & Wellness INC, Harvard Pilgrim Health Care, Harvey Nichols, HDI, Hertz, Hezbollah, Hindle Group, Holmes & Brakel, Howard CPAs, HPE Aruba Networking, Hughes Gill Cochrane Tinetti, Hunter Dickinson Inc, HuntStand, I-MED, Ibermutuamur, ICBC London, IDEALEASE INC, Idre Fjäll, Indian Supreme Court, Indodax, Infosys McCamish Systems, Instituto Nacional de Deportes de Chile, Insurance Agency Marketing Services, Inc, InteriorWorx Commercial Flooring, iOS Password Manager, 260,000 IoT devices (Raptor Train), Iron Metals, Isola, Israel Defense Minister, Israel Foreign Affairs Minister, Israel Harel Insurance, Israel Prime Minister, an Israeli analytics company, Israeli defense companies, Israeli Industrial Batteries, Istrail, Italian Ministry, Ivanti Cloud Services Appliance, Ivanti Endpoint Manager, Ivanti Workspace Control, Jackson Paper Manufacturing, Jacobsen Construction Co, Inc Health Plan, Joe Swartz Electric, Johnson & Wales University, JTaylor & Associates LLC, Juice Generation, Kawasaki Motors Europe, Keller Williams Realty Group, Kennedy Funding, Keuka College, Keya Accounting and Tax Services LLC, Kia dealer portal, Kia vehicles (again), KintApp, Kravit, Hovel & Krawczyk SC, KukuFM, Kuwait Health Ministry, LA Financial Federal Credit Union, Labib Funk Associates, Ladov Law Firm, Lakeland Chamber, Lancaster Royal Grammar, three-quarters of law firms (which explains a lot of the hacks this month), Law Offices of Michael J Gurfinkel, Inc, Lawrie Insurance Group, Lee Hoffoss Injury Lawyers, LEGO, Lenovo Service Bridge, Liberty First Credit Union, Local 1964 ILA Health & Insurance Fund, Lumen Technologies, Luso Cuanzа, Lyomark Pharma, MacGillivray Law, macOS graphics driver, macOS video decoder, Magenta Photo Studio, Malwarebytes Antimalware, Markdom Plastic Products, Maryville Academy, Mattson Technology, Inc, Max Shop, MC2 Data, McAbee Construction, Inc, McCarty Company, MCNA Dental, MDSi INC, MediCheck, MedReview, Messe C, Miami Dolphins Forum, Michigan Masonic Home, Michigan Medicine, Microsoft Azure API Management, Microsoft C++ redistributable, Microsoft Pragmatic General Multicast Server, Microsoft SharePoint, Microsoft Windows, Microsoft Windows 10 AllJoyn Router Service, Microsoft Windows Internet Explorer, Microsoft Windows SmartScreen, Mile Hi Foods, MIPS Holding, Inc, Mobility Compare, Model Engineering, Moeller Door and Window, MoneyGram, Mozambique Election System, Mt. Carmel Behavioral Healthcare, Muskogee City County Enhanced 911 Trust Authority, mySCADA myPRO, NASA, New Electric, New River Electrical, New York Sports Club, Noble Environmental, North American Breaker, Nova Sinseg, Nusser Mineralöl GmbH, NVIDIA Container Toolkit, Octapharma Plasma, OffRoadAction, Omega Industries, One Point HR Solutions, Onyx, OpenAI, OpenPLC_v3 Runtime, Optigo Networks ONS-S8, Oracle WebLogic, Pacific Coast Building Products, Pacific Islands Forum, Fiji, Pacific Scientific Energetic Materials Company LLC, Palomar Medical Group, PaperCut NG, Partners Air, Patelco Credit Union, Patrick Sanders Company, PDF-XChange Editor, Pearl Cohen, Peerless Umbrella, Performance Food Centers, Performance Therapies, PetEdge, Pete’s Road Service, PetroChina, Physical Medicine & Rehabilitation Center, Piggly Wiggly, Plaisted Companies, Plastics Plus, Plumbers Stock, Port of Seattle/Seattle-Tacoma International Airport (SEA), Power Torque Services, PRC-Saltillo, Premier Packaging, Prentke Romich Company, Progress Software WhatsUp Gold, Pureform Radiology Center, Qualcomm DSP, Quantum Healthcare, Raaga, Rackspace, Radio Geretsried, 19 UK railway stations, Ranveer Allahbadia, Reading Train Station, Red Barrels, Repsol, Research Electronics International, Reutter, Richland County, WI, Richmond Auto Mall, Richmond Community Schools, Riley Gear Corporation, Rim Country Health and Rehabilitation, Ring Power, River Delta Unified School District, River Region Cardiology Associates, Riverside Resort Casino, Rob Levine & Associates, Robson Planning Group Inc, Rockwell Automation PLC Software, Sacred Heart Catholic School, Sage Home Loans Corporation, SaniRent, Satia Group, Savannah Candy, Schäfer, dein Bäcker GmbH & Co KG, Scranton School District, Sellafield, ServiceNow, Shenango Area School District, Sherr Puttmann Akins Lamb PC, Shezmu, Shin Bet, ShoreMaster, Signature Healthcare Services LLC, siParadigm LLC, Slim CD, Smart Buy, Smart Source, Inc, 2,700 “smart” devices in the Netherlands, SolarWinds Access Rights Manager, Solutii Sistemas, Sono Bello, Southeast Cooler, Southern Bone, SpaceX, Spectrum Industries, Sportstech, spWETH Wallet, Star Blizzard, Star Health (India), Stillwater Mining Company, Storck-Baugesellschaft mbH, Structural Concepts, Sub-Zero, Wolf, and Cove, Sunrise Farms, Synnovis, TANYA Creations, TeamViewer, TeleHealth Center (India), Temu, Tewkesbury Borough Council, Thai Honda Manufacturing, The Gill Corporation, The Maids International, The Rubber Resources, The Superior Court of California, The Tech Interactive, Theresa Gordon Tax Services, Inc, Think Simple, Thomas Lloyd, Thompson Construction Supply, TIAA, Title Financial Corporation, Total Electronics, TOTVS, Toyota, TradeZero America Inc, Transport for London, Transtec SAS, TransUnion Risk and Alternative Data Solutions, Inc, Travel Alberta, TRC Worldwide Engineering, Trend Micro Deep Discovery Inspector, True Family Enterprises, Truflation, Truist Bank, Trump campaign, Tuttle-Click Automotive Group, Twilio, Uber Eats, UCC Retreivals, United Animal Health, Universal Music Group, University Medical Center, University of Minnesota Orthodontics, US Centers for Medicare and Medicaid Services, US Congress, US Dermatology Partners, UT Southwestern Medical Center, Uttarakhand (India) government, Veertu Anka Build, Verizon, Vermilion Parish Schools, Versa Director, VGTRK, Vickers Engineering, Vidisco, Virginia Dare Extract Co, Visionary Homes, Visteon Infotainment System, VMware vCenter Server, Ward Transport, Wayne County, MI, WazirX, We Level Up Treatment Lake Worth, Weiser Memorial Hospital, Weldco-Beales Manufacturing, Wells Fargo, Western Digital MyCloud PR4100, WhatsApp, Wichita Police, Wilmington Convention Center, Wilson & Lafleur, Wisconsin Physicians Service Insurance Corp, Woodard, Hernandez, Roth & Day, WordPress Houzez Login Register plugin, WordPress Houzez theme, WordPress LiteSpeed Cache Plugin, Wright, Moore, DeHart, Dupuis & Hutchinson, LLC, Young Consulting LLC, and Zimbra email servers have reported hacking or compromises this month.

AFP, AT&T, Cloudflare, Confidant Health, Dr. Web, Google CloudImposer, Highline Public Schools, MoneyGram, PlayStation Network, Port of Seattle, Providence Public Schools, State Data Center (India), Verizon, and WP Engine have suffered from outages this month.

Last months updates broke M4 iPad Pro devices, macOS Sequoia VPN & antivirus software, Microsoft 365 apps, Microsoft Outlook mail vs nested folders, Microsoft Word (serious – Word deletes your files if they have mixed case extensions!), Windows 11 24H2 BSODs, Windows 11 24H2 gaming performance, Windows 11 24H2 license activation, Windows reboots, and Windows USB & Bluetooth.

In other news

The Internet backdoor mandated by US federal law has been hijacked by China (Salt Typhoon) and is being actively exploited again across several phone providers. It’s not good.

Almost 3 in 5 of breached UK firms admit to paying ransom on demand. An insane 92% of healthcare firms in the US were hit by cyberattacks this year.

Now that “exploding pagers” (and more) are a thing, will people start to take supply chain and physical security seriously?

Fearing exposure of weak security processes, Apple has moved to dismiss their lawsuit against NSO Group.

Now for the good news

Discord has added end-to-end encryption for audio & video calls.

NIST has finally scrapped their complexity and change frequency recommendations. The math on these recommendations simply doesn’t add up.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is enormous this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released 65 updates to address 121 vulnerabilities in .NET Framework, .NET, Azure CLI, Azure Monitor, Azure Stack, BranchCache, Code Integrity Guard, DeepSpeed, Internet Small Computer Systems Interface (iSCSI), Microsoft ActiveX, Microsoft Configuration Manager, Microsoft Defender for Endpoint, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Management Console, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office, Microsoft Simple Certificate Enrollment Protocol, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Speech, OpenSSH for Windows, Outlook for Android, Power BI, Remote Desktop Client, RPC Endpoint Mapper Service, Service Fabric, Sudo for Windows, Visual C++ Redistributable Installer, Visual Studio Code, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows BitLocker, Windows Common Log File System Driver, Windows Cryptographic Services, Windows cURL Implementation, Windows EFI Partition, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows Kernel-Mode Drivers, Windows Local Security Authority (LSA), Windows Mobile Broadband, Windows MSHTML Platform, Windows Netlogon, Windows Network Address Translation (NAT), Windows NT OS Kernel, Windows NTFS, Windows Online Certificate Status Protocol (OCSP), Windows Print Spooler Components, Windows Remote Desktop Licensing Service, Windows Remote Desktop Services, Windows Remote Desktop, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Scripting, Windows Secure Channel, Windows Secure Kernel Mode, Windows Shell, Windows Standards-Based Storage Management Service, Windows Storage Port Driver, Windows Storage, Windows Telephony Server, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for Apple TV 1.5.0.152 for Windows, iOS 17.7, iOS 18, iOS 18.0.1, iPadOS 17.7, iPadOS 18, iPadOS 18.0.1, macOS Sequoia 15.0.1, macOS Sonoma 14.7, macOS Ventura 13.7, Safari 18, Safari 18.0.1, tvOS 17.6.1, tvOS 18, visionOS 2, visionOS 2.0.1, watchOS 10.6.1, watchOS 11, watchOS 11.0.1, and Xcode 16. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.6.1, 11, and 11.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 18 is a security update. Use System, Software Update to install the most current version.

visionOS 2 and 2.0.1 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 128.0.6613.163, 129.0.6668.80, and ChromeOS LTS 126.0.6478.254 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.9.1 improves hardware compatibility, game support, resolves several bugs and expands Vulkan extensions. This is not a security update.
https://www.amd.com/en/support

TP-Link Archer AX55 v1 240628 improves mesh and configuration controls. This is not a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

goxlr-utility 1.1.4 resolves several compatibility and reliability bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

UniFi Network Server 8.4.62 resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.2.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.70.123 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 129.0.6668.100 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 129.0.2792.79 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 131.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.3.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 6.9.3447.51 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.14.0 is a security update.
https://getmailspring.com/

ProtonMail (Android) 4.0.22.1 resolves a major stability bug. This is not a security update.
https://proton.me/mail/download

Spark 3.17.9.86866 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.9.86865 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.3.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.1.0 resolves dozens of bugs and improves stability. This is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.1.2 is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.58 resolves an export bug. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.10.1 resolves over a dozen bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 209.4.3661 does not provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.6.0.24.211 is a security update.
https://www.messenger.com/download

FileZilla Server 1.9.2 resolves a bug in the update engine. This is not a security update.
https://filezilla-project.org/

Google Drive 98.0 is a security update.
https://drive.google.com/start

MeshCentral 1.1.32 is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.26062 improves onboarding flow and allows external presenters to join from mobile platforms. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.0 is a major update, updating libraries, minimum requirements, and resolving more than a hundred bugs. This is a security update.
https://nextcloud.com/

Npcap 1.80 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Rclone 1.68.1 improves compatibility and resolves several bugs. This is not a security update.
https://rclone.org/

Signal 7.27.0 adds several new display options for media, groups and restores ability to search stored messages from groups you’re no longer part of. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.18.2 adds ability to search for emoji. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.0.2 resolves protocol bugs. v13 adds several other new DNS features and controls including ZONEMD, RP, Catalog Zones and improved logging. This is not a security update.
https://technitium.com/dns/

Telegram 5.6.1 resolves dozens of bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 11.1.3 resolves dozens of bugs. This is not a security update.
https://telegram.org/apps

Zoom 6.2.3.47507 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.10 resolves a couple bugs and improves lip sync. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.4 resolves over 20 bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 264 adds auto-play toggle, allows you to control rotation sensitivity, reverse rotation, and resolves several bugs and compatibility issues. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.3.2 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.102.0.230 resolves a couple bugs and adds an advertising consent notice. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.67.1.233 updates web engine. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.0.8994 adds support for external subtitles, improved ad detection, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.31.04 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 19.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.920 improves stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.09.17 changes the terms of use and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.10.03 improves Wi-Fi 7 compatibility. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.8 and 24.0.5 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-76.html

Adobe Commerce 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11, 1.4.2-p3, 1.3.5-p8, 1.3.4-p10, and 1.3.3-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Magento Open Source 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Adobe Dimension 4.0.4 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb24-74.html

Adobe FrameMaker 2020.7 and 2022.5 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-82.html

Adobe InCopy 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb24-79.html

Adobe InDesign 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-80.html

Adobe Lightroom 7.5, 13.5.1, and 12.5.2 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb24-78.html

Adobe Substance 3D Painter 10.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html

Adobe Substance 3D Stager 3.0.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html

Audacity 3.6.4 doesn’t have a change log so should be treated as a security update.
https://www.audacityteam.org/download/

Blender 4.2.2 resolves dozens of bugs. This is a security update.
https://www.blender.org/download/

Calibre 7.19.0 improves performance and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.04.0 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GnuCash 5.9 resolves several bugs. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.08.1 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Krita 5.2.6 resolves over 50 bugs and improves reliability and stability. This is not a security update.
https://krita.org/en/download/

LibreOffice Fresh 24.8.2 resolves almost 200 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.10.8.1879 adds business templates, FDX support, and resolves several bugs. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.14.1 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7 updates libraries, resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

PDF Candy Desktop 3.13 doesn’t provide a change log so should be treated as a security update.
https://pdfcandy.com/

PDF-XChange Editor 10.4.1.389 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_34 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_39 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

JShelter 0.19.1 improves Manifest V3 compatibility and performance. This is not a security update.
https://jshelter.org/install/

KeePass 2.57.1 is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 5.5.4 doesn’t provide a change log so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

RogueKiller 15.18.3 updates libraries and resolves several bugs. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/

SecurityCheck 2024.9.22 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/securitycheck/dl/123/

Stinger 13.0.0.197 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1268 adds support for new browsers, applications, unicode compatibility and resolves several bugs. This is a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.60.0 adds several new features and resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

QubesOS 4.2.3 is a security update.
https://www.qubes-os.org/downloads/

Tails 6.8 is a security update. 6.8 also signals the merger of Tails and the Tor Project.
https://tails.net/install/download/index.en.html

Zorin OS 17.2 improves customization, updates libraries, and resolves several bugs. This is not a security update.
https://zorin.com/os/mirrors/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.2.4 resolves stability bugs. This is not a security update. This is not a security update.
https://www.techsmith.com/screen-capture.html

VideoCacheView 3.10 improves compatibility with Google Chrome. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.7 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.17.8 improves defect tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.2.0.0 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.5 adds FLAC support and resolves sseveral bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.7 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.46 adds QR code authentication, Wi-Fi QR code sharing, accessibility improvements, and resolved several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.5.0 adds Boot Repair, improves Migrate OS and resolves bugs in the optical media creation flow. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.9.2 improves PDF attachment handling and improves Secrets Manager. This is not a security update.
https://bitwarden.com/

CCleaner 6.28.11297 adds support for new applications. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.11 improves mainboard detection and adds new hardware support. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Deskflow 1.17.0 is a complete rebrand of the upstream Synergy source, pushing the public code base into a useful utility. This is the first one, though, so I’d hold off a little while. This is not a security update.
https://deskflow.org/

DesktopOK 11.44 improves copmatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.84.0 improves cache plug-in to use hash data to reduce network chatter, encoding improvements, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-09-12 adds option to use password as credentials, improves documentation and resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.5.1 improves compatibility, adds RTL support, keyboard shortcuts and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3880.66.6 improves compatibility and adds support for Windows 11 v24H2. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.60 adds support for Windows 11 v24H2 and removes v23H2. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 3.7.1 improves Network Insights and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.9.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.46.1 resolves several bugs and improves documentation. This is not a security update.
https://git-scm.com/

GoodSync 12.7.6 improves logging and compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 2.13 adds channel utilization reporting, Wi-Fi 7 (802.11be) support and filtering improvements. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.12 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.55 adds support for newer hardware and battery information. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 4.11 adds support improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 2.2.0 adds Italian language support. This is not a security update.
https://lessmsi.activescott.com/

MultiMonitorTool 2.11 resolves a mapping bug. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NTLite 2024.9.10073 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1014 resolves over a dozen bugs including performance and reliability issues. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 6.44 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.85.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 24.2 should be avoided. It has had rollout “paused” due to stability issues four times already. Just wait for 24.3 or 24.4 to be stable.
https://screenconnect.connectwise.com/download

TeamViewer 15.58.5 resolves several bugs and implements new cosmetics. This is a security update.
https://www.teamviewer.com/en-us/download/windows/

TestDisk 7.3 doesn’t provide a change log so should be treated as a security update.
https://www.cgsecurity.org/wiki/TestDisk_Download

XnConvert 1.101.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.10 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.2.1.9 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.4.213 adds ability to change opacity within properties panel, tilemap improvements, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.6 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.2 resolves several bugs. This is not a security update.
https://go.dev/

Node.js 20.18.0 updates libraries, resovles several bugs and adds experimental support for network inspection. This is not a security update.
https://nodejs.org/en/

Node.js 22.9.0 updates libraries, adds support for stack trace, disables V8, and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.0 resolves over a dozen bugs. This is a security update.
https://www.python.org/downloads/windows/

Visual Studio Code 1.94 improves Explorer Find, adds filtering options to Source Control Graph, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.2 is a major update, changing style, performance, stability, hardware compatibility and adding many options. It also initially broke older guests and this release fixes that as well as a dozen other bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Duplicator 1.5.11 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Sucuri Security 1.9.5 improves analysis. This should be treated as a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-07-09

Today is Patch Tuesday for July, 2024.

There were 330+ major hacks, and over 360 application updates this month. It’s an average month, with about 3.0 GB of updates for most users.

This Month in Technology

3GL Technology Solutions, 50 Cent, Acrotech Biopharma Inc, Adobe Commerce and Magento, Advance Auto Parts, AEG Presents, LLC, Affirm, Agrani Bank, Agropur, Airtel, AJE Group, Alabama Education Department, Altoona Logan Township Mobile Medical Emergency Department Authority, Ambulnz Holdings, LLC, AMD, Amper Group, Amtrak, Android, Ann & Robert H. Lurie Children’s Hospital of Chicago, ANY.RUN, Apple, Arcis Golf, Árvakur, ASI, Association of Texas Professional Educators, Aultman Hospital, Authy, Baltimore 311 callers, Behavioral Health Response, Belle Tire, Benefit Management, Better Business Bureau, Bharat Sanchar Nigam Limited (BSNL), Bol d’air France, BootCDN, Bootcss, Brainworks Software, Bunger Steel, Cambridge University Press & Assessment, Canara Bank, CareDx, Inc, CDK Global (twice), Center for Digestive Health, Center for Human Capital Innovation, Change Healthcare, Channel 7 News Australia, Chicha San Chen, Chroma Color, Circle K Atlanta, CISA Chemical Security Assessment Tool (CSAT), Cisco Nexus switches, Cisco NX-OS, City of Cleveland, Ohio, City Of Coon Rapids, City of Helsinki, Finland, City of Newburgh, NY, Class Advisors, Coca Cola, Cognizant Open Insurance Policy Administration, CoinStats, Conference USA, Consulting Radiologists Ltd, Creative Realities, Credit Suisse, CredRight, Critchfield & Johnston, Crown Equipment, CTG Brands, CTSystem, Cukierski Associates LLC, Custom Concrete, D-Link DIR-859, Datamate Bookkeeping & Tax, Inc, DaVita Inc, Daystar, Derby School, Derbyshire County Council, Designed Receivable Solutions, Inc, Deskcenter, DG3 North America, Inc, Diogenet SR, Docker containers, Dordt University, Eagle Materials, Egyptian Health Department, Ejército del Per, Elite Fitness, Elite Limousine Plus Inc, Elyria Foundry, EqualizeRCM, Ernst & Young LLP, Escondido Union High School District, Esquerra Republicana de Catalunya, Ethereum’s mailing list provider, eVeridis, Evolve Bank & Trust, Facebook PrestaShop module, Fareri Associates, FBT Transport, Financial Business and Consumer Solutions, Inc, Florida Department of Health, Fortra FileCatalyst Workflow, Francesco Parisi, French Diplomats, Fédération Internationale de l’Automobile (FIA – Formula 1), GBA GROUP, GCash, Geisinger Healthcare, Ghostscript library, GitLab, GlobalWafers, Globe Life, Goodman Reichwald-Dodge, GoodTemps, Google Chrome, Gorrie-Regan, Grandstream GXP2135, Great Lakes International Trading, Greylock McKinnon Associates, Inc, Grupo Amper, HackerOne, Harvey Construction, HealthEquity, Hedrick Brothers Construction, Hey You, Highland Health Systems, HubSpot, Human Technology Inc, Husky Owners, Hydmech, INDA’s, India’s National Disaster Management Authority (NDMA), India’s Regional Cancer Centre, Indonesia’s National Data Center, Indonesian Directorate General of Civil Aviation, Infosys McCamish Systems, Innerspec Technologies, Innomar Strategies, Intel CPUs (Indirector), Internal Revenue Service (IRS), Internal Security Operations Command (ISOC), Island Transportation Corp, JM Thompson, Jollibee Group, Jordan’s Ministry of Education, Juniper Networks Session Smart Router, Juniper Networks Session Smart Conductor, Juniper Networks WAN Assurance Router, Kadokawa Corporation, Kairos Health Arizona, Inc, Kansas City, Kansas Police Department, KBC Zagreb, Key Benefit, Kinter, Kito Canada, Kraken crypto exchange, Ladco, Lake Medical Group, Landmark Life, Learnosity, Legend Properties, Inc, Len Dubois Trucking, LevelOne WBR-6013, Levi Strauss, Lexibar, Lindex Group, LivaNova, Longview Oral & Maxillofacial Surgery, Los Angeles County Department of Public Health, Louisiana Special School District, Mailcow Mail Server, Manchester City Football, Maryhaven, Mass General Brigham, Maxicare, MD Now Urgent Care, MEL Aviation Ltd, Mercku, MGF Sourcing, Microsoft Azure Machine Learning Services, Microsoft email, Microsoft O365, Microsoft PlayReady DRM, Middletown Township, Mitsubishi Electric Software, ModPlan, Mount Kisco Surgery, Mountjoy, MOVEit, National Identity Management Commission of Nigeria, National Publisher Services LLC, Neiman Marcus, NetOne, Niconico, OCEANAIR, Olson & Co Steel, Opaxe, OpenAI (twice), OpenSSH server, P Kaufmann, Palomar Health Medical Group, Patelco Credit Union, Payne & Jones, Pediatric Urology Associates, Peterbilt of Atlanta, Philippine Health Insurance Corporation, Philippine Maritime Authority, Phoenix SecureCore UEFI firmware, Pinnacle Orthopaedics & Sports Medicine Specialists LLC, Planar, Plavan Commercial Fueling Inc (“P-Fleet”), Polyfill.io, Prairie Athletic Club, Privia Medical Group of Georgia, Progress MOVEit Transfer, Progress Software Corporation WhatsUp Gold, ProMotion Holdings, Providence Mission Heritage Endocrinology, Prudential Financial, PT Latinusa, Puyallup Tribe, Radiology and Imaging Specialists, Rappi, REA Wire, Realtek rtl819x, Rejetto HTTP File Server (HFS), Rider, Roblox Developer Conference, Rockford Public School District, Rockwell Automation’s PanelView Plus, Rolls-Royce, Sacred Heart Community Service, Samaritan Health Services, Inc, Sanyo Shokai, Scout Energy Partners, Scrubs And Beyond, Seagulf Marine Industries, Sensory Spectrum, Sharp printers, Shinnick & Ryan, Shoe Zone, Shopify third-party app, SiriusXM, Sirva, SkinCure Oncology, Sky-light, SkyPartsUSA, SlowMist, Smartweb, Sofidel, SolarWinds Serv-U, South Africa’s National Health Laboratory Service, SouthCoast Health, Special Health Resources, Spike Chunsoft, Staticfile, Steps to Life, Suminoe, Synnovis Pathology, Taj Hotel Group, TeamViewer, TETRA Technologies, Texas Recycling, Texas Retina Associates, The Ambulatory Surgery Center of Westchester, The Northwestern Mutual Life Insurance Company, The Union Labor Life Insurance Company, Ticketmaster LLC, Toshiba printers, Total Fitness, Tp-Link ER7206 Omada Gigabit VPN Router, TPI, TPOCC, Traderie, Transit Mutual Insurance Corporation, Transport Laberge, Trisun Land Services, Truist Bank, Turkish Government Websites, Twilio, UEFA, UK Post Office, US Dermatology Partners, UwU Lend, Vanguard, Vanna AI, Ventura County Credit Union, Victoria Racing Club, VirtualBox, Virum Apotek, Waupaca County, WI, West Clermont Schools, Western Mechanical, Westview Co-op, Wind Composite Services Group, LLC, Windows Wi-Fi driver (still vulnerable!), Wisconsin Department of Health Services, Wise Payments, Woodruff-Sawyer & Co, WordPress.org, World inquest, Yieldstreet, Zadig & Voltaire, Zaire National Health Laboratory Services, Zerto, Zimbabwe Anti-Corruption Commission, and Zotac have reported hacking or compromises this month.

CDK GlobalCloudflare, OVHcloud, and Xbox Live have suffered from outages this month.

Last months updates broke AuthLite on Domain Controllers, Windows Update, Show Desktop preferences, Windows Taskbar, Windows language packs, and Windows virtualization services.

A new proof-of-concept (SnailLoad) demonstrates how to exploit latency to track a victim’s online activity.

Microsoft’s WSUS driver synchronization will be going away along with WordPad.

The Supreme Court has struck down efforts to hold the federal government responsible for their violations of the first amendment. The US federal government has proven itself impotent to investigate SolarWinds for the most significant hack of all time.

Now for the good news:

The EU Commission has put Meta on notice that their “pay or consent” model breaches EU law.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is about average this month. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates to address 143 vulnerabilities in .NET and Visual Studio, Active Directory Federation Services, Active Directory Rights Management Services, Azure CycleCloud, Azure DevOps, Azure Kinect SDK, Azure Network Watcher, Intel, Line Printer Daemon Service (LPD), Microsoft Defender for IoT, Microsoft Dynamics, Microsoft Graphics Component, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Streaming Service, Microsoft Windows Codecs Library, Microsoft WS-Discovery, NDIS, NPS RADIUS Server, Role: Active Directory Certificate Services; Active Directory Domain Services, Role: Windows Hyper-V, SQL Server, Windows BitLocker, Windows COM Session, Windows CoreMessaging, Windows Cryptographic Services, Windows DHCP Server, Windows Distributed Transaction Coordinator, Windows Enroll Engine, Windows Fax and Scan Service, Windows Filtering, Windows Image Acquisition, Windows Internet Connection Sharing (ICS), Windows iSCSI, Windows Kernel, Windows Kernel-Mode Drivers, Windows LockDown Policy (WLDP), Windows Message Queuing, Windows MSHTML Platform, Windows MultiPoint Services, Windows NTLM, Windows Online Certificate Status Protocol (OCSP), Windows Performance Monitor, Windows PowerShell, Windows Remote Access Connection Manager, Windows Remote Desktop, Windows Remote Desktop Licensing Service, Windows Secure Boot, Windows Server Backup, Windows TCP/IP, Windows Themes, Windows Win32 Kernel Subsystem, Windows Win32K – GRFX, Windows Win32K – ICOMP, Windows Workstation Service, XBox Crypto Graphic Services, and MSRT. This includes security updates. A reboot is required.

Apple released updates for AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Google Chrome OS 126.0.6478.132 and 120.0.6099.315 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AirPods Firmware Update 6A326 is a security update.
https://support.apple.com/HT214111

AirPods Firmware Update 6F8 is a security update.
https://support.apple.com/HT214111

AMD Adrenalin 24.6.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.amd.com/en/support

Beats Firmware Update 6F8 is a security update.
https://support.apple.com/HT214111

Nvidia Driver 475.14 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

TP-Link Archer AX72 v1.60 240426 is a security update.
https://www.tp-link.com/us/support/download/archer-ax72-pro/#Firmware

UniFi U6 Professional 6.6.73 resolves dozens of bugs. This is not a security update.
https://www.ui.com/download/software/u6-pro

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.67.123 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 128.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 126.0.6478.126 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 126.0.2592.87 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.8.3381.46 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.53 resolves a stray field at the end of exported data. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

ProtonMail (Android) 4.0.15 improves security and message header view. This is a security update.
https://proton.me/mail/download

Spark 3.16.7.78552 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.16.7.78551 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.12.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 202.4.5551 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 215.2.0.11.211 is a security update.
https://www.messenger.com/download

FreeFileSync 13.7 adds symlink support and resolves a couple bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 92.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

Microsoft Teams 1.7.00.17051 improves third-party app experience and adds bookable desks. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.3 updates dependencies and resolves several bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.67.0 is a security update.
https://rclone.org/

Signal 7.15.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.10.3 improves linked devices. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.27.9 resolves several bugs and updates dependencies. This is not a security update.
https://syncthing.net/

Technitium DNS Server 12.2.1 resolves a couple bugs. This is not a security update.
https://technitium.com/dns/

Telegram 5.2.3 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.14.3 updates libraries and resolves several bugs. This is not a security update.
https://telegram.org/apps

Trillian 6.5.0.40 resolves dozens of bugs. This should be treated as a security update.
https://www.trillian.im/

Trillian Mac 6.5.0.43 doesn’t provide a change log so should be treated as a security update.
https://www.trillian.im/

Zoom 6.1.1.41705 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.6 resolves a user interface bug. This is not a security update.
https://en.3tene.com/

darktable 4.8.0 adds a color equalizer, canvas enlargement, overlay support, performance improvements and resolves over 50 bugs. This is not a security update.
https://www.darktable.org/

Grayjay 249 adds support for Spotify, YouTube Channel Playlists, Nebula, Odysee, and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

KaraFun Player 2.6.2.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.karafun.com/karaokeplayer/

Plex Desktop 1.96.0.177 resolves a bug displaying Genre. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.64.0.170 updates libraries. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.3.8555 resolves several bugs and adds automatic 64-bit upgrade to 32-bit installs on 64-bit hardware. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.2.02 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PS5 2024.702 resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-06-20 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 24.002.20895 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Premiere Pro 24.5 and 23.6.7 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb24-46.html

Adobe InDesign 19.4 and 18.5.3 are security updates
https://helpx.adobe.com/security/products/indesign/apsb24-48.html

Adobe Bridge 13.0.8 and 14.1.1 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-51.html

Artweaver 7.0.17 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 7.13.0 adds ability to generate a CSV catalog and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

GnuCash 5.8 adds ability to move accounts into sub-accounts of another account. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.05.2 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.4.70904 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Krita 5.2.3 resolves 20 bugs. This is not a security update.
https://krita.org/en/download/

Manager 24.7.7.1713 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.2 resolves a couple bugs. This should be treated as a security update.
https://nextcloud.com/

PDF-XChange Editor 10.3.1.387 adds several new settings and resolves dozens of bugs. This is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240529-R16_17 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240529-R13_14 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.9.1-2 improves CLI and dump support, and fixes macOS builds. This is not a security update.
https://github.com/countercept/chainsaw

FSS 2024.6.20 doesn’t have a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

JShelter 0.18.1 resolves several bugs. This is not a security update.
https://jshelter.org/install/

RogueKiller 15.17.4 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SanDisk PrivateAccess 6.4.11.0 doesn’t provide a change log so should be treated as a security update.
https://support-en.wd.com/app/answers/detailweb/a_id/48025

Stinger 13.0.0.138 adds support for several new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.4 updates libraries and resolves several bugs. This is a security update.
https://tails.net/install/download/index.en.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.0 adds support for new encodings and resolves a compatibility bug. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.8.1 resolves several bugs and updates libraries. This is not a security update.
https://handbrake.fr/

StreamFab 6.1.8.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.35 is a security update.
https://1password.com/downloads/

7-Zip 24.07 improves stability. This is not a security update.
https://www.7-zip.org/

AOMEI Partition Assistant 10.4.1 resolves several bugs. This is not a security update.
https://www.diskpart.com/

Beyond Compare 5.0.0.29773 is a major update, adding dark mode, improved wrapping and table behavior, improved media compare, performance improvements and more. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 2024.6.4 improves legacy migration, administration and self-hosting. This is not a security update.
https://bitwarden.com/

CCleaner 6.25.11131 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z 2.10 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 11.29 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.29.0 resolves several bugs. This is a security update.
https://dngrep.github.io/

Everything Toolbar 1.3.4 resolves several bugs. This is a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3527.65.5 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.58 removes Windows 8.1 downloads. This is not a security update.
https://github.com/pbatard/Fido/releases

FolderChangesView 2.36 adds option to Save All Items. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

FoneTool 2.8.0 adds support for iOS 18, ringtone management and fixes bugs in the ringtone maker. This is not a security update.
https://www.fonetool.com/download.html

Go 1.22.5 is a security update.
https://go.dev/

GoodSync 12.7.2 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.3 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

HWiNFO 8.04 improves hardware support and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

ManageWirelessNetworks 1.14 adds option to set connection mode. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NTLite 2024.7.9997 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1008 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PingInfoView 3.15 resolves IPv6 address parsing and menu configuration. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.82.0 improves stability and resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcessMonitor 4.01 adds color display. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Recuva 1.54.120 adds license changes. This is not a security update.
https://www.ccleaner.com/recuva

SetUserFTA 1.8.2 doesn’t provide a change log so should be treated as a security update.
https://setuserfta.com/

Speccy 1.33.75 adds support for new hardware and improves licensing. This is not a security update.
https://www.ccleaner.com/speccy

Starwind V2V Converter 9.509 adds support for new conversions and improves performance. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

WhyNotWin11 2.6.1.0 resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinGet 1.8.1791 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.88 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.7 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.1.1.11 doesn’t provide a detailed change log so should be treated as a security update.
https://developer.android.com/studio

AutoHotkey 2.0.18 resolves a couple bugs. This is not a security update.
https://www.autohotkey.com/download/

GameMaker Studio 2024.6.1 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.4.205 improves performance, adds several new actions and variables, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.2 resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.3.2 resolves a bug in text parsing. This is not a security update.
https://www.jrsoftware.org/isdl.php

MySQL ConnectorNet 9.0.0 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 18.20.4 is a security update.
https://nodejs.org/en/

Node.js 20.15.1 is a security update.
https://nodejs.org/en/

Node.js 22.4.1 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.91 adds support for several new features. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.16.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.humhub.com/en

ISPConfig 3.2.12 resolves several bugs, improves compatibility, and adds a couple new features. This is not a security update.
https://www.ispconfig.org/ispconfig/download/

Joomla 5.1.2 is a security update.
https://www.joomla.org/

ownCloud Client 5.3.1.14018 resolves a linking bug. This is a security update.
https://owncloud.com/desktop-app/

WordPress 6.5.5 is a security update.
https://wordpress.org/

bbPress 2.6.11 resolves over a dozen bugs. This is not a security update.
https://wordpress.org/extend/plugins/bbpress/

Contact Form 7 5.9.6 resolves a compatibility bug. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.10 resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar 2.7.1 resolves a button bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

NextScripts Social Networks Auto-Poster 4.4.6 is a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Sucuri Security 1.9.1 adds support for configuring the cache-control header. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WPBakery 7.7.2 resolves a couple bugs. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-06-11

Welcome back, Folks!

Today is Patch Tuesday for June, 2024.

There were 460+ major hacks, and over 270 application updates this month.
It’s an average month, with about 2.5 GB of updates for most users.

This Month in Technology

4LEAF, Inc, A123Systems, Abbott, AbbVie Inc, ABN Amro, ABS-CBN Broadcasting, Absolute Telecom, AC Financial, AC Propulsion, Inc, Acadia Pharmaceuticals Inc, Access Sports Medicine & Orthopaedics, Accounting Professionals LLC Price Breazeale Chastang, ADCOM911, Adobe Acrobat Reader, Advance Auto Parts, Advance Press, Adventist Health Tulare, Affiliated Dermatologists, Agrani Bank, AirAsia Group, Akdenizchemson, Al-Rajhi Bank, Allied Mechanical Services Inc, Allied Telesis, ALN Medical Management, ALO diamonds, Aloft, Alpha Capital Group, Amazon, AmerisourceBergen Specialty Group, Amgen Inc, Amsterdam Schools, Anchorage Daily News, Anderson Mikos Architects, Android, Archi Hives, Architecture Lejeune Giovanelli, Ardenbrook, ARRL, Ascension Healthcare Network, Association of California School Administrators, Asst Rhodense, Astagiudiziaria, Aston Villa, Astra Daihatsu Motor, Atlas Oil, Atlassian Confluence, Audubon Nature Institute, Ausgrid, Aussizz Group, Avelina, Ayoub Associates CPA Firm, B&G Foods, Banco de Crédito del Perú, Barclays, Bausch Health Companies Inc, Bayer Corporation, BBC Pension Scheme, Berge Bulk, Billericay School, Birmingham Children’s Trust, BlockTower Capital, Bluewater Health, BNB Chain, BreachForums, BreingAir, Brett Slater Solicitors, Brick Court Chambers, Bring Me the Horizon’s website, Bristol Myers Squibb, British Columbia Government, Brockton Area Multi-Services, Brovedani Group, Bruno generators, Bulgarian Ports Infrastructure Company, Café Soluble, California Highway Patrol, California Northstate University, Call 4 Health, Inc, Catch News, CDU, Cencora (11 big pharma companies), Center Line schools, Central Contra Costa Transit Authority, CentroMed, Centurion University, Check Point VPN, Chicago Fire Football Club, Christie’s, Cinterion Modems, Cisco Webex, City of Clarksville, City of Helsinki, City of St. Cloud, Clevo, CoinGecko, College Ahuntsic, Columbus Regional Healthcare System, Comwave Networks, Continuing Healthcare Solutions, Cooler Master, Coplosa, Corr Corr, Corse GSM, Cortina Watch, Costa Edutainment SpA, Cox WiFi routers, Crandall ISD, Credit Central, Crescent Point Energy, Cressex Community School, Crooker, Crossroads Equipment Lease & Finance, LLC, Cryptonary, Cushman Contracting Corporation, Cylance, D-Link EXO AX4800 routers, Daniel E. Fitzgerald, CPA, Decathlon, Delano Adult School, Dendreon Pharmaceuticals LLC, DFINITY, DG3 North America, Inc, DGT traffic authority, Digital Pix & Composites, Discovery Insure, Disney, Dkhoon Emirates, DMM, Dohman, Akerlund & Eddy, Dollmar, Doral, Florida, Dota2, DreamWall, Drive Sally, LLC, Driver Group, DRMS, Dubai government, Dynasafe, E-T-A, Easterseals Central Illinois, Eden Project Ltd, Egyptian Universities, Eigen crypto, Electronic Arts, Elk Grove Unified School District, Elmhurst Group, Elutia, EmailGPT, Embellir, Endo Pharmaceuticals Inc, Ernest Health Facilities, ES Pack Euro, Especialistas Contacto Directo, EU Parliament, Everbridge, Ewing Marion Kauffman School, Excel Security Corp, Experis Technology Group, Facebook, Family Guardian, Faultless Brands, FEI Systems, Fic Expertise, Financial Business and Consumer Solutions (FBCS), Fincasrevuelta, First American, FIRST Heritage Co-operative Credit Union, First Nations Health Authority, First Priority Restoration, Firstmac, Fiskars, Fluent Bit, Form I-9 Compliance, Formosa Plastics, Foxit PDF Reader, FPL Food, France Solar, Frontier Communications, Frotcom International, Fulcrum, Gala Games, Gantan Beauty Industry, Gapbuster Worldwide Pty Ltd, GE HealthCare ultrasound devices, Genentech, Inc, Georgia University System, Gestion Kronos, GitLab, GlaxoSmithKline Patient Health, Google (thousands of times), Google Chrome, Google Document AI Warehouse, Granville Food Care Limited, Graphic Solutions Group Inc, Gravetye Manor, Greater Amsterdam School District, Grupo Cadarso, Guardian Analytics, Guardian Childcare Victoria, Gulp, Hamburg Airport, Hatari Electric Co, HawkEye, Hedbergs, Heineken, Helapet Ltd, Heron Therapeutics, Inc, Hit Promotional Products, HopSkipDrive, Hotel Kiosks, HSBC, Hugging Face Spaces, Iberdrola, IBM Cloud, IBM Neural Compressor AI, Illinois Secretary of State, Incyte Corporation, Indigo ENT Group, Interactive Brokers, Inventum Øst, Iranian Hajj, Iranian Pilgrims, Iress, Isaacs Odinocki, Iseto Corporation, Islamabad’s Safe City Authority, Israel-made industrial devices, Israeli Government and Military Infrastructure, ISTA International GmbH, Ivanti EPMM, IZOMAT Praha, J & N Stone, JAVS Courtroom Recording Software, Johnson & Johnson Patient Assistance Foundation, Inc, Johnson & Johnson Services, Inc, Jordano’s Inc, Jumbo Group, Kaiser Permanente, Keytronic, Klein ISD, Knowmad Mood, Kyber Post-Quantum Key Encapsulation Mechanism (KEM), Lactanet, Lane Gorman Trubitt, Lash Group, Laxmi Capital, Lee Shau Kee School of Creativity, LEMKEN, LenelS2 NetBox, Les Miroirs St Antoine Inc, Levin Porter Associates, Lintas Nusa, LivaNova, Live Nation, London Drugs, London Hospitals, Los Angeles Department of Mental Health (LACDMH), Los Angeles Unified School District (LAUSD), M2EConsulting Engineers, MagicLand, MAH Machine, Mainline Health Systems, Malaysia’s Railway Assets Corporation (RAC), Malone & Co, Malouf Companies, Manurewa Marae, NZ census, Marathon Pharmaceuticals, LLC, Marigin, Mariposa Landscapes Inc, Matusima, McLean Hospital, MediSecure, medQ, Inc, MF Group, Microsoft Exchange Server, Microsoft India, Microsoft Quick Assist, Midwest Covenant Home, Morton Williams, My Daily Choice, Inc, Myersville, Maryland, Mālama I Ke Ola Health Center, National Records of Scotland, Native American Health Center, NATO, Natsume Tax Accountant Corporation, Navvis & Company, LLC, Neovia Company, Netflix Genie, New Boston Dental Care, New Hampshire Public Radio, New York Times, Newfoundland Broadcasting Company Limited, Newman Ferrara, Nidec Motor Corporation, Nissan North America, Inc, Normie Meme Coin, North Texas Municipal Water District, Northeast Rehabilitation Hospital Network, Northern Minerals, Novartis Pharmaceuticals Corporation, Ntv, OakBend Medical, OmniVision, OneVue, OpenSea, Oracle WebLogic Server, Osaka Motorcycle Business Cooperative, OTR, Otsuka America Pharmaceutical, Inc, Oxford Global Resources, LLC, PAN-OS, Panasonic Australia, PandaBuy, Panorama Eyecare, Pantana CPA, Patriot Mobile, Patties Foods, pcTattletale, Peak Design, Pendle Token, PepsiCo, Pezesha, Pfizer Inc, Philippine National Police (PNP), Philips Respironics, PHP, Pope & Conner Consulting, Inc, Providence Hospital, PSG Banatski Dvor, Pulse Connect Secure VPN, QNAP NAS, QNAP QTS, Qualitas, QuoteWizard, R3 Education Inc, Rayner Surgical Inc, RDI-USA, Real Madrid CF, Red Bull, Red Cross, Regeneron Pharmaceuticals, Inc, Regional Obstetrical Consultants, Rex Signature Services, LLC, Richland, Washington, Rio Technology, Riyadh Airport, Robinsons Land, Robson, Rockford Public Schools, Rockwell Automation ICS, Royal Star & Garter, Räddningstjänsten Vä stra Blekinge, Samco, Sandoz Inc, Sanok Rubber Company Spólka Akcyjna, Santa Barbara Systems, Santander, Sav-Rx, Scanda, Schuette Metals, Science Po Paris, Seattle Public Library, Semicore Equipment, Service public de Wallonie, Servicio Móvil, Shirasaki, Shore Regional High School District, Sigmund Espeland AS, SLB Transit Inc, Smith and Caughey’s, Snchez-Betances Sifre & Muñoz-Noya, Snowflake, Solana Meme Coin, SonicWALL SSL-VPN, Sonne Finance, Southwark hospitals, Specialty Market Managers, Sree Hotels, SSI World, St. Landry Parish School, State Grid Corporation of China (SGCC), Sterling Transportation Services, Sumitomo Pharma America, Inc, Sumo, Superior Air-Ground Ambulance Service, Sysmex America, Takeda Pharmaceuticals USA, Inc, Talalay Global, Talley Group, Tamil Nadu, Tech in Asia, Telangana Police, Telefónica, Tesla’s Ultra-Wideband, Thayer Academy, The Egyptian-Sudanese Company, The Kelly Group, ThinkPHP, Ticketek Australia, Ticketmaster, Tietoevry, TikTok, Tinyproxy, Tobii Dynavox, Toshiba America, Town of Westlock, Toyota Philippines, TP-Link Archer C5400X, TRC Talent Solutions, Trib Total Media, TriLiteral, Trionfo Solutions, TruGreen, TSCOP App, UAE Ministry of Education, UK Armed Forces, United Urology Group, Universidad Nacional de Entre Ríos, University of Chicago Medical Center, University of Delhi, University of Hyderabad, University of Siena, US Environmental Protection Agency (EPA), Vannguard Utility Partners, Vasitam, Veeam Backup Enterprise Manager, Velocore, Victoria Eye Center, Victorian Freight Specialists, Vietnam Post, Visa Lighting, VIT Bhopal University, VWholesaleTour, Walmart pension plan, Walser Automotive Group, Walton County, Watt Carmicheal, WD Associates, Wealth Depot LLC, WebTPA, Welsh Rugby Union, Western Dovetail, Western Saw Inc, Western Sydney University, William S Hein & Co, Windows Defender, WIS Sicherheit, WordPress, WP Copymatic, WP Country State City Dropdown CF7 Plugin, WP Dessky Snippets, WP Easy Listing Directories, WP Fluent Forms Contact Form, WP Hash Form Drag & Drop Form Builder, WP LiteSpeed Cache, WP Meta SEO, WP Pie Register, WP Slider Revolution, WP Statistics, WP UserPro Plugin, WP Web Directory Free, WP WooCommerce, WPZOOM, XLink Bitcoin Bridge, Zuber Gardner CPA, and Zyxel NAS have reported hacking or compromises this month.

ARRL, TRAM Barcelona, Internet Archive, Queen Alia International Airport, LastPass, and Copilot have suffered from outages this month.

According to a recent study from Kaspersky, 59% of multi-site business experience monthly outages.

Last months updates broke Windows Taskbar, File Explorer, Windows Server 2019 updates, and Microsoft Outlook again, of course.

AI bots are ridiculously easy to convince to share sensitive information.

Apple is releasing a new password manager for macOS, iOS and iPadOS. But…to get an idea of how concerned Apple is about security, they’ve recently exposed that Wi-Fi on their devices can be used to geolocate any device around the globe.

Google is making it harder and harder to get help.

ICQ, my favorite messaging app from the 90s, has shut down after 28 years.

VBscript is on its deathbed.

FTX paid off whistleblowers.

Now for the good news:

Microsoft has reversed course on Windows Recall and is now making it “optional” even though it isn’t actually resolving most of the security issues or privacy risks.

Let’s Get Busy

Patch Tuesday is about average this month. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates to address 58 vulnerabilities in Azure Data Science Virtual Machines, Azure File Sync, Azure Monitor, Azure SDK, Azure Storage Library, Chrome, Dynamics Business Central, GitHub, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Streaming Service, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows, Microsoft Windows Speech, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows Container Manager Service, Windows Cryptographic Services, Windows DHCP Server, Windows Distributed File System (DFS), Windows Event Logging Service, Windows Kernel, Windows Kernel-Mode Drivers, Windows Link Layer Topology Discovery Protocol, Windows NT OS Kernel, Windows Perception Service, Windows Remote Access Connection Manager, Windows Routing and Remote Access Service (RRAS), Windows Server Service, Windows Standards-Based Storage Management Service, Windows Storage, Windows Themes, Windows Wi-Fi Driver, Windows Win32 Kernel Subsystem, Windows Win32K – GRFX, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for tvOS 17.5.1, iOS 17.5.1, iPadOS 17.5.1, and visionOS 1.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 17.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 17.5.1 is a security update. Use System, Software Update to install the most current version.

visionOS 1.2 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 125.0.6422.169 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.5.1 improves stability and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Nvidia Driver 475.06 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Samsung DeX 2.4.1.23 doesn’t provide a change log so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

UniFi airMAX NanoStation 5AC Loco 8.7.13 resolves several bugs. This is not a security update.
https://www.ui.com/download/software/loco5ac

UniFi Network Server 8.2.93 adds ACL rules, DNS records, MLO, BGP and Inspection support. This is not a security update.
https://www.ui.com/download/releases/network-server

Wacom Driver 6.4.6-2 adds support for newer hardware, improved reliability, and resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.66.118 is a security update.
https://brave.com/

Firefox 127.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.12.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 125.0.6422.141 is a security update.
https://www.google.com/chrome/

Microsoft Edge 125.0.2535.92 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.7.3329.39 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.16.2.75403 adds calendar support. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.16.2.75440 adds calendar support. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.11.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 8.1.0 improves performance and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Facebook Messenger 213.0.0.22.228 is a security update.
https://www.messenger.com/download

Microsoft Teams 1.7.00.13456 resolves several bugs and improves user controls. This is not a security update.
https://teams.microsoft.com/downloads

Mumble 1.5.634 adds over a dozen new features and resolves several bugs. This should be treated as a security update.
https://www.mumble.info/

Signal 7.11.1 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.8.1 doesn’t provide a detailed change log so should be treated as a security update.
https://signal.org/android/apk/

Telegram 5.1.5 improves stability and resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.13.1 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

Tigase Server 8.4.0 adds RBL support, portable export format, improved user management and resolves dozens of bugs. This should be treated as a security update.
https://github.com/tigase/tigase-server/releases/latest

curl 8.8.0 resolves over 200 bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 200.4.7134 resolves several bugs. This is not a security update.
https://www.dropbox.com/

MeshCentral 1.1.23 resolves dozens of bugs. This should be treated as a security update.
https://meshcentral.com/info/downloads.html

Nextcloud Server 29.0.2 resolves over a dozen bugs. This should be treated as a security update.
https://nextcloud.com/

Omada Software Controller 5.14.20.9 adds several new filters, features and controls. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Syncthing 1.27.8 resolves a couple bugs. This is not a security update.
https://syncthing.net/

Zoom 6.0.11.39959 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.5 improves cosmetics and resolves several bugs. This is not a security update.
https://en.3tene.com/

Grayjay 244 improves compatibility and resolves several bugs.
https://grayjay.app/index.html

Plex Desktop 1.94.1.155 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.62.1.152 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

VLC Media Player 3.0.21 improves hardware compatibility and resolves several bugs. This is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Java) 1.20.6 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 18.1.0 removes X/Twitter and social media integration and improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.522 improves performance and stability and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-05-21 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat Android 24.5.0.33694 is a security update.
https://helpx.adobe.com/security/products/acrobat-android/apsb24-50.html

Adobe Audition 23.6.6 and 24.4.1 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-32.html

Adobe ColdFusion 2021.14 and 2023.8 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-41.html

Adobe Commerce 2.4.0-ext-8, 2.4.1-ext-8, 2.4.2-ext-8, 2.4.3-ext-8, 2.4.4-p9, 2.4.5-p8, 2.4.6-p6 and 2.4.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Adobe Commerce Webhooks Plugin 1.5.0 is a security update.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Adobe Creative Cloud Desktop 6.2.0.554 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb24-44.html

Adobe Experience Manager 2024.5 and 6.5.21 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-28.html

Adobe FrameMaker Publishing Server 2022.3 is a security update.
https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-38.html

Adobe Media Encoder 23.6.6 and 24.4.1 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb24-34.html

Adobe Photoshop 24.7.4 and 25.9 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-27.html

Adobe Substance 3D Stager 3.0.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-43.html

Calibre 7.12.0 improves conversion, media support and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.1.2 improves performance, stability, and reliability, and adds a Timestamps and resolves a couple bugs. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Ghostscript 10.03.1 doesn’t provide a change log so should be treated as a security update.
https://www.ghostscript.com/releases/gsdnld.html

Kdenlive 24.05.0 reimplements audio capture, adds group effects and automatic subtitle translation, performance improvements and resolves several bugs. This is not a security update.
https://kdenlive.org/

LibreOffice Fresh 24.2.4 resolves over 70 bugs. This is not a security update.
https://www.libreoffice.org/

Magento Open Source 2.3.7-p4-ext-8, 2.4.4-p9, 2.4.5-p8, 2.4.6-p6 and 2.4.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Manager 24.6.11.1637 resolves several bugs but does not have current release notes so should be treated as a security update.
https://www.manager.io/

Notepad++ 8.6.8 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

QuickBooks Pro 2022 20240529-R16_8 resolves several bugs. This should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240529-R13_6 doesn’t provide a detailted change log. This should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

KeePass 2.57 improves privacy and security or
https://keepass.info/

OpenSSL 3.3.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.3.0 improves stability and resolves several bugs. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.17.0 improves detection and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.127 adds new detections and improves others. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.3 is a security update.
https://tails.net/install/download/index.en.html

uBlock Origin 1.58.0 resolves over a dozen bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

YARA 4.5.1 resolves several bugs. This is not a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.4 improves compression, video combine, and resolves several bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.9 improves subtitle support and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.8.0 updates libraries and resolves dozens of bugs. This is a security update.
https://handbrake.fr/

IsoBuster 5.4.1 adds support for new formats and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.17.7 updates license date. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 5.2.2 updates libraries. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.8.2 improves reliability, compatibility, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.3 improves performance, quality, and AI integration. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.34 resolves over a dozen bugs. This is not a security update.
https://1password.com/downloads/

7-Zip 24.06 improves reliability and resolves several bugs. This is not a security update.
https://www.7-zip.org/

Agent Ransack 2022.3435 resolves a crash bug. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitcoin 27.0 resolves several bugs and improves performance. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 2024.5.0 adds organization item cloning and begins the manifest v3 compatibility roll-out. This is not a security update.
https://bitwarden.com/

CCleaner 6.24.11060 improves cleanup and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

DesktopOK 11.24 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.6.0 adds several new features and updates libraries. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-05-25 adds JWT and resolves a python compatibility bug. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Etcher 1.19.21 resolves dependency bugs. This is not a security update.
https://www.balena.io/etcher/

Fido 1.56 adds 24H1 ISO UEFI support. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3435 resolves a crash bug. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.6.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.7.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Free Virtual Serial Ports 6.01.00.1309 adds several more controls. This is not a security update.
https://freevirtualserialports.com/

Git SCM 2.45.2 is a security update.
https://git-scm.com/

Go 1.22.4 is a security update.
https://go.dev/

GoodSync 12.6.9 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.1 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

GUIPropView 1.30 adds two new action commands. This is not a security update.
https://www.nirsoft.net/utils/gui_prop_view.html

NTLite 2024.5.9946 resolves several bugs and improves compatibility. This is not a security update.
https://www.ntlite.com/download/

osquery 5.12.2 is a security update.
https://osquery.io/downloads

PowerToys 0.81.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcDump 3.3 for Linux improves container support. This is not a security update.
https://github.com/Sysinternals/ProcDump-for-Linux

Process Explorer 17.06 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

RoboForm 9.6.1 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 4.5 updates libraries, adds UEFI validation, and resolves several bugs. This is a security update.
https://rufus.ie/en_US/

ScreenConnect 24.1.9.8915 improves compatibility, reliability, and stability, and resolves several bugs. This should be treated as a security update.
https://screenconnect.connectwise.com/download

SetUserFTA 1.8.1 implements a workaround for the new UCPD “security feature”. This is not a security update.
https://kolbi.cz/blog/2017/10/25/setuserfta-userchoice-hash-defeated-set-file-type-associations-per-user/

Ventoy 1.0.99 updates EFI binaries and resolves a couple bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WinRAR 7.01 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WizFile 3.10 adds include and exclude filters, adds more feature controls, and resolves several bugs. This is not a security update.
https://antibody-software.com/wizfile/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.6 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.3.1.20 is a security update.
https://developer.android.com/studio

AutoHotkey 2.0.17 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

cx_Freeze 7.1 updates libraries and resolves dozens of bugs. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GitHub Desktop 3.4.1 resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.3.1 improves compatibility and resolves dozens of bugs. This version also removes support for older operating systems. This is not a security update.
https://www.jrsoftware.org/isdl.php

Microsoft Visual C++ 2022 Redistributable 14.40.33810.0 doesn’t provide a change log so should be treated as a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Node.js 18.20.3 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.14.0 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 22.2.0 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.12.4 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.46.0 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.90 adds several new features. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.6 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Invision Community 4.7.17 resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

Joomla 5.1.1 resolves dozens of bugs. This is not a security update.
https://www.joomla.org/

ownCloud Client 5.3.0.13987 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

WordPress 6.5.4 resolves several bugs. This is not a security update.
https://wordpress.org/

BuddyPress 12.5.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.5 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Multisite Enhancements 1.7.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/multisite-enhancements/

Social Post Feed 4.2.5 resolves a couple menu bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

WooCommerce 8.9.2 is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.7 resolves several bugs. This is a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/