Happy Valentine’s Day, Folks!
Today is Patch Tuesday for February, 2026.
If your Windows 10 computer can not be upgraded to Windows 11 then you should either replace your device or use the Windows 10 ESU program to get another year 8 months out of it.
There were 1530+ major hacks, and over 530 application updates this month. It’s a large month, with about 4.5 GB of updates for most users.
Happy New Year!
Today is Patch Tuesday for January, 2026.
If your Windows 10 computer can not be upgraded to Windows 11 then you should either replace your device or use the Windows 10 ESU program to get another year out of it.
Windows 11 25H2 is now available and Windows 11 23H2 and older are no longer supported. Treat Windows 11 25H2 as beta software and wait a few months before upgrading.
macOS 26 Tahoe is now available and macOS 13 Ventura and older are no longer supported. macOS 26 is now stable and it’s important to update to 26.2 to resolve a critical security vulnerability.
There were 1325+ major hacks, and over 305 application updates this month. It’s a relatively small month, with about 3.0 GB of updates for most users.
1Cube, 3gh Informatica Integral, 47Club, 700Credit, A. Uzzo, A.S.A.P. Restoration, Aarong, Abacus Employment Services, ABECO Zumtech Drucklufttechnik AG Müliweg, About Women Ob Gyn, Abri Credit Union, acarlar.com.tr, Accela, Acme Electric, ACME Industrial, Ada Technologies, Adamson Ahdoot LLP, Adelman & Gettleman, Adnan Sundra & Low, AdonisJS, Advance Dent Denver, Advanced ENT & Allergy Center, Advanced Family Surgery Center, Advanced Technology Group, Aero Fabrications, Aflac, Aforeserve, AgeRight, Agfri, Agralite Electric Cooperative, Agrícola Cerro Prieto, Agrícola Don Ricardo, AH Group, AIPAC, AIRCOND SRL, Alex Rubbish & Recycling, ALGO 8180, All Rush, Allen Printing, AllerVie Health, Alliance Vape, AllRush Print & Apparel, Allure Home Creation, Alpha Alternatives, Alpha Systems, Alpine Lumber, Alt Alpha, Amazon Kindle, Ambiente e Sistemas de Informação Geográfica, ambisig.com, American Health, American Trust, American Vanguard, Ameriprise, Amla Commerce, AMW Treuhand & Immobilien, Anderson Engineering, Andover Eye Associates, Android (DroidLock), Android Dolby library, ANG BROTHERS (M&E) PTE LTD, Angstrom USA, Anritsu VectorStar, Anteriad, Anwalt Aktuell, Apache StreamPipes, APC Home Health Service, Apex Legends, Apex Spine and Neurosurgery, Appalachian Community Federal, Apple Safari, all Apple devices (iPhone, iPad, Apple Watch, Mac), Applied LNG, Apro, LLC, Arab Falcons, Arabian Desert Safari, ARC Community Services, Arcom Digital, Ariel Clinical Services, Armenian Government, ARO, Art City Dental, Artemis Healthcare, Artisans’ Bank, Ashton Thomas, Asiana Airlines, Askul Corporation, ASML, Aspen View Academy, Associated Radiologists of the Finger Lakes, PC, Associated Thermoforming, Assolim, Atalian, ATG, Atlantic Coast Life Insurance, Auforum, Aultman Health System, Aurora College, Austin Associates, Autodesk AutoCAD, Autohaus Elstermann, Autohaus Paschke, Autohaus Pichel GmbH, Autohaus Willy Ernst, autohaus-paschke.de, Automation One Business Systems, AUTOSUR, Avenira, Awakenings Center, AWS Auto Scaling, Axion50plus, Axxel Business Solutions, Ayelet Shaked Contact List, AySA, AzeoTech DAQFactory, B&J Transportation, baja.gob.mx, Baker University, Banco Vimenca, Bangchak, Barnes and Jones, Basecamp, Bauerfeind, BD Morning, Beausejour Co-op, Behr Enterprises, Behran Lift, Bell Lifestyle Products, Bengineered, Benise Dowling and Associates, Berkmann Wine Cellars, Bernaillio County, Besco Electrical, Best Hotels Spain, Best Insurance Agency, Betterment, beycelik, Beyer Law Group, Beyçelik Gestamp, BildungsWerk in Kreuzberg, Bina Darulaman Berhad, BioNet Asia, Black Dog Salvage, BLACKSTORE, Blaze Credit Union, blockchain contracts, BMW Guatemala, BNZ Materials, Boathouse on the Bay, BOC Oncology Center, Bolttech, Bonfilet, Boring Business Systems, BORING.COM, Bosch Choice Welfare Benefit Plan, Bouygues Energies and Services, Bowman Trailer Leasing, Box Elder County, Braemac, Brave, BreachForums (again), Brevard Skin and Cancer Center, Bridgewater Law Group, PC, Brightspeed, British Holiday & Home Parks Association, Brockhaus, Buhlmann Group, Building Trades, Burdette Dental Lab, Burnex, Burnham Brown, Busbusbus, bwk-berlin.de, Bäckerei Sipl, Bär Cargolift, C&R Electric, Cabinets 2000, LLC, Cal Spas, Callipo Group, CANCER, Canopy Health, Cape Fear Country Club, Capital + Safi, Capsum, Capuano Distribuzione Fresco, Caramel, Carbis Loadtec Group, Cardiovascular Medical Group of Southern California (CVMG), CareOregon, Carseo, Casa Botas, casabotas.es, cc-estuaire, CE-Edinger Medical Group BA, Cedar Valley Services Inc, CEIVA Logic, Center for Life Resources, Centro Médico Palafox, Centurion Security & Investigations, Cerenade, Charles Leonard Steel Services, charoenchai.com, Chastain & Associates, Chatham Asset Management, Chema Ballester, Chemirol, Chemstress Consultant, Chiesi USA, Chipotle, Choate’s HVAC, Chrome, all chromium-browsers, Chrysler, Church’s Chicken, CIDEF Argentina, CIIF Oil Mills Group, Cinema Concepts, Circuitronix, Cisco AsyncOS, Cisco ISE, Cisneros, Citizens Bank, City of Midway, City of Milton FL, City of Signal Hill, CJ Global, CKM Kondring Montagen, Clackamas College, Clarinda Health, Clarinda Regional Health Center, Clarksville ISD, Clemar Assessoria e Logística em Comércio Internacional, Clever Power, clipan.co.id, Cloudflare MCP Server Portal, Club Atlético River Plate, Clínica Dávila, CMAC LLC, cmc.com.br, Collins Computing, Colonial Metals, Colorado Powerline, Colégio Miguel de Cervantes, Comcast, Comercializadora Construtodo, Commercial Paving, Committee to Protect Journalists, Commonwealth Business Bank, Communauté de communes de l’Estuaire, CompactInd, Complexul Energetic Oltenia, Computing Dynamics, Conduent, Conifer Value-Based Care, LLC, consigaz.com.br, Construction Management and Consulting, Coolify, CoreHQ, Coupang, Covenant Health, Inc, CPJ.ORG, CPS, Cranford, Buckley, Schultze, Tomchin, Allen & Buie, Crawford Orthodontics, Crawford Software, Cressi, CSA Tax & Advisory, CSD Drancy, CSS Services, CSV Group, Culinary Jet Concierge, curl, CVK Hotels & Resorts, CVMG, CyberVector, Cyma Systems, Cytek Biosciences, D-Link DSL gateways, DABA Finance, Dacon Networks, daispa.it, Dan Technologies Group, David M. Schwarz Architects, David Rosen Bakery Supply, Debra L. Morrison Coaching & Consulting, Deerfield, Deibel Laboratories, Dekoyap, DELKO, Dem İlaç, Denk & Roche Builders, Denny’s 5th Avenue Bakery, Dentistry.One, Denton County MHMR Center, Depth, Dermatology Associates, Desjardins, DESY, Deutsches Elektronen Synchrotron, Devereux Foundation, DFC Systems, DGM, DGP Commercialisti, Dhow Cruise Dubai Harbour, Diaz Gill Medicina Laboratorial, DIF Guadalajara, Dill Dill, Dillon Yarn, Discord, Distribuciones Notariales, Distribuzione Automatica Italiana, Distron, Docs Medical Group, Inc, Dolan Construction, Dom Development, Donaghy Sales LLC, Dot Foods, Dr. Busso Peus, drako.com.mx, Drivestream, Inc, Drogaria Drogales, DSM Bilişim Teknolojileri, DSM Information Technology Trade Ltd, Dublin Medical Center, Due Doyle Fanning and Alderfer, DXS International, D’Klima, E-apostille, EAG Realty International, Eagle Stores, Eanes Independent School District, East Bay Regional Park District, Eastern Townships School Board, Eastman Cooke, EazyTick, Eco Green Group, Edge, Edward J Kone, EGP Comunicaciones Sac, EI Connect, Elad, ELC Electroconsult, Electricidad Panamericana, Electronic Interconnect, Elford, Inc. Construction, Elite Auto, Ellison Educational Equipment, EM Resorts, EmEditor, EMP Closures, Empire Screen Printing, Empresas Maggi, Endesa, Enel X, Energogroup, Energy Capital Credit Union, Enerparc AG, Entreprise Menuiserie Bâtiment, Envases Group, EPI du Rouergue, Epport Richman & Robbins, Equans, Ericher, Erie Molded Plastics, Ernst Auto, Eros Elevators and Escalators, Escuela Técnica Roberto Rocca, ESOP Direct, Esquire Brands, ESSPL, estrumar.es, Ets Puzio, Eurofret Transports Et Logistique, European Space Agency (ESA), European Vegetarian, Eurostar, Event Rental Systems, Ever Green Industria e Comercio, Evercover, Evergreen Printing, Evoke Wellness at Hilliard, ExamRoom.AI, Excellent Home Care Services, Exms Expertise Mobsign, Expert MRI, Facebook, Fairgrove Oil & Propane, Falk, Waas, Hernandez, Cortina, Solomon & Bonner Overview Metrics, Farmacia San Pablo, Farwest Fabrication, FASSIC, FCL Components, fecrwy.com, Fedcap, Federal University of Sergipe, FedEx, Feldman and Lopez, Felix Gonzalez Law Firm, Ferreteria Scopazzo, Fest Group, FHIABA, Fieldtex, FilmRise, Firmengruppe Hoffmann, First Federal Savings & Loan Association of Pascagoula Moss Point, First Rate Financial, Fit-Line Global, Fitzpatrick Hotel Group, Flavor Producers, Flock cameras, Florida East Coast Railway, Florida Orthopaedic Associates, Flowty, FontForge, FortiCloud, Fortinet firewalls, Fortinet FortiSandbox, Fortrex, Foshee Architecture, Foundation Agents, FOX Architects, Foxit PDF Reader, FPMCM LLC, Framelink Figma, Freedom Chat, FreePBX, French Interior Ministry, French postal service, Fresh2You, Friends of Family Health Center, Friis & Moltke Architects, Fuji Electric Monitouch V-SFT, Fujitsu Component (Malaysia) SDN, Fundação do Câncer, Fyzical Therapy & Balance Centers, Fürth, G & L Mechanical Systems, G-WAY Microwave, G5 Enterprises, Galine, Frye, Fitting & Frangos, LLP, Gardner Health Services, Garner Foods, Garrett Leather, Gateway Fiber, Gaviota, GCC Services, GDEV, GearGrid, Gebrüder Bagusat, Gemini MCP, Gemotest, Genoa Lakes Golf Club, Gentex Optics, Geometrics, Georgia Dermatology & Skin Cancer Center, GeoServer, GES Elektrik, GIMP, github-kanban-mcp-server, GIV SRL, Gladinet CentreStack, Glassers TV, Global Miami JV, Global-e, Gobierno de Baja California, Gogs, GoldenLine, Goldman Sachs Investments, Golf Manor, Good Plus Foundation, Goodwin University, Google Chrome, Gordon Clifford Properties, Gordon Companies, GPC Industries, GPT Academic, Grade Results, Grafana, Grandes Vinos, Granos y Cereales de Colombia, Granville Inn, Grassroot DICOM, Greater St. Louis Oral & Maxillofacial Surgery, GreenBills, Greene Metal Products, GreenValley International, Group Echo, GROUPE ETMB, Grupo Amanus, Grupo Construtodo, Grupo Drako, Grupo Hafesa, Grupo Logistics, Grupo Olé, Grupo Panamá, Grupo Puma, Grupo Ruiz, Guan Chong Berhad, Gulshan Management Services, gumustasmaden.com.tr, Guttenberg Industries, Gümüştaş Madencilik ve Ticaret, Hale Makua Health Services, Hama Film, Hanlon Electric, Happy Telecom, Harbour Town Doctors, Hardesty & Hanover, Harmony Health Medical Clinic and Family Resource Center, Harris Consulting Engineers, Harrison Design, Hart, Hartford, Harvey & Martin, Hatta Heritage Village, Hauken Engineering, HAXcms, Hayden Safe & Lock, Health Bridge Chiropractic, Health Management Systems of America, Health Share of Oregon, Healthbridge MultiSpecialty Group, Healthcare Interactive, Heart of Texas Behavioral Health Network, heatcel.co.uk, Heating Components & Equipment, Henry Ford Health, Heritage Engineering, Hermes Medical Solutions, Hernando County, Hexacon Construction, Higham Lane School, Hikvision, hilden.in, Hintenberger Dächer, HKR Architects, HMPC CPA, Hodgins Devereaux, Hodgins Law Group, Hog Sla, Holiday Tours, Home Depot, Homestead Electrical Contracting, Hometech Window, Hongfa America, Hood River Dentist, Hope Cooperative, Hopital La Rabta, Hopper Developments, Household & Commercial Products Association, HPE OneView, Hr Björkmans Entrémattor, HSR Specialist, Huebsch Services, Hugging Face smolagents, Hugging Face Transformers, Hunneman Real Estate, Hydraulic Technologies, Hydrodiseño, Hyfresh, Hytec South Africa, Häussermann Stauden Gehölze GMBH, IAPMO, IATTC, IBM API Connect, IceWarp, IDeaS Revenue Solutions, Illinois Department of Human Services (IDHS), Illumina, Imperial Beach Community Clinic, Infinite Computing Systems, Ingomar Church, Inha University, Inotiv, Inc, inpipeproducts.com, Insight Enterprises, Inspired Universal McCann, Instagram, Institut Teccart, Institute for Biology of Inland Waters IBIW, Institute for Design Problems in Microelectronics, Integrated Technology Group, Inter-American Tropical Tuna Commission (IATTC), International Association of Plumbing and Mechanical Officials, International Door, International Freight & Commerce, International Pipeline Products, International Standard Valve, Intonu, IntraCare, InTTrust, Investigaciones Medicas, InvivoGen, Ireland Ombudsman’s office, Italgrafica Sistemi, Italian ferry, ITG Electronics, ITG Solutions, J. Grennan & Sons, Jabezco Industrial Group, Jaf Gifts, James Free Jewelers, JBS Foods, JBS Mental Health Authority, Jefar, Jeff D’Ambrosio Auto Group, Jennings School District, Jewish Family and Community Services, Jing Cheng Enterprise, JJ White, John Buck Company, Josh Steel, jsPDF, JumpCloud Windows Agent, JVDB Assoc, JZ Russell Industries, Kalamazoo Valley Community College, Kamunikat, Kasetsart University, Katana Network, kavi.fi, Keio University, Kelsey School Division, Kenalex Construction, Keycodes Inspection Agency, Keylogistics Chile, Keys to Literacy, Kidd’s Services, Kier & Wright, Kirby Agri, Kirloskar Oil Engines, Klax Gruppe, KLH Industries, Klingele Paper & Packaging Group, Knight Group, KOEL.CO.IN, Konig Print, Kontigo, Kopaş Kozmetik, Korean Air, Korean Air Catering & Duty-Free, Korean Association for Public Administration, kraslice.cz, Krenzer Marine Overview Metrics, KSL Ingenieure, KTL Group, Kuaishou, Kucera International, Kumpulan Prasarana Rakyat Johor, Kwik Ledgers, L Pollock PR, La Banque Postale, La Papelera, La Rosa Del Monte Express, Labayen y Laborde, Labeltex Group, Laidley Family Doctors, Lakeside Title Company, Lampire Biological Laboratories, lampus.com, Langflow, Lanmark Group, LAOC Building and Construction Trades, Lares, larosadelmonte.com, Larry Pitt & Associates, Lasercomb, Latitude 33 Planning & Engineering, Launie & Marino, Laurenzano Logistica, Laurysen Kitchens, Laval Virtual, Lawrence Family Jewish Community Center, LawSoft, Inc, Leadway Assurance, Leandri & Associés, Leco Switchgear, Ledger, Leduc County, Leger & Shaw, Leidos QTC Health First Rehabilitation Resources, lfval.net, Libya Telecommunications Company, LiftPRO International, Line, Linemaster Switch, Linux kernel, LiteConn Technology, LKQ, LO Trading, LogicVein, loginport, Lonich Patton Ehrlich Policastri, Louisiana Office of Student Financial Assistance, LPL, LS GRIM, Lugiano Medical, Luminex Software, Luxshare Precision Industry, Lycée Français International de Valence, Lynn Community Health Center, Lynn Electrical, L’Orange Bleu, L’Épi du Rouergue, M&M Auto Parts, maasa.com.ar, macOS, Madera County Superintendent of Schools, Madison Area YMCA Association, Madison Healthcare Services, Mailpit, Maison Law, ManageMyHealth, NZ, Manuaco, MariaDB, Marine Systems, Markham Stouffville Hospital, Marquis Software Solutions (700 banks and credit unions), Marshfield Clinic, Masarykova základní škola a mateřská škola Železnice, Massapequa Fire District, Mastermedia International, MAT 4Site Engineers, Maven Solutions, maxdream.tur.ar, Maypay Farms Inc, MC Squared, McAfee Trellix, McCraw Oil, McElroy & Associates, McIntosh Laboratory, Inc, McKee-Pownall Equine Services, McKenzie SewOn, MCP Manager for Claude Desktop, McPhillamys Gold Project, mdm NT, Med Atlantic, MedHelp Clinics, Medical Asset Management, MedStar Health, Mega Alfalfa Argentina, Melsing Engineering & Consulting, Mercadien PC, Mercury Wire Products, Merko Ehitus, Methodist Homes, MetroWest Community Federal Credit Union, Metálicas Estrumar, Meyer Lift, MG Chartered Professional Accountant, Microf, Microsoft Edge Mark-Of-The-Web, Microsoft Edge, Microsoft Visual Studio, Midkiff Muncie and Ross, Milhench Supply, Mill Brothers, Millcreek Pediatrics, Milton FL, MindsDB, Minersville Schools, Mission Neighborhood Health Center, Mohammad Omar Bin Haider Holding Group, Molecular Testing Labs, Money Mart, MongoDB, Moonachie Borough, Moore Lumber, Morgan Records Management, Morning Desert Safari, Morningstar Properties, Morton Buildings, Morton Drug Company, Mosty Katowice, MP Filtri, MS Corp, Mt. Spokane Pediatrics, Murray Irrigation Limited, Mutti Parma, MyTunes, MyVete, Město Kraslice, n8n, Naftali Bennett Chats, NAHGA Claim Services, Nartis Plant, Nashua Botswana, National Audiovisual Institute, National Biscuit Industries, National Credit Regulator, National Equipment, National Guard website, National Water Authority, Native American Health Center, NBS Canada, NCH Corporation Employee Benefits Plan, NECO Equipment, Neighbourly, Nepes, Net-SNMP, Netanyahu’s Cabinet Awaits Handala’s Next Move, Netstar Australia, Network of Biblical Storytellers, Canada, Neurological Associates of Washington, New High Pack, New Obscura 2.0!, News-Press & Gazette Company, Next Capital, Next.js servers, Nextclode, nhpsa.com.ar, Niradia Enterprises, Nissan Motor Co, NK Technologies, NLFX Professional, NordVPN, North Atlantic States Carpenters Health Benefits Fund, North Perth, North Star Asset Management, Northern Air Systems, NorthStar Asset Management, Notariat Gerresheim, Notepad++, Notin, NovaBio, Novelty Technology Care Espana, npm, NS Pharma, NS Support LLC, NSE Insurance Agencies, NSF Unidata, NT Tool Thai, NTC Pharma, NTH Consultants, Nura Clinics, NZ ManageMyHealth patient portal, Oakland Smile Dental, OCC Marketing Communication & Technologies, Ochsner LSU Health System, Office of Public Sector Anti-Corruption Commission, oFono, OGI Groupe, Ohio Public Safety, Oklahoma Spine Hospital, Ollama MCP, Oltenia Energy Complex, Oman Football Association, OMF International, Omnibus Japan, Omrania, One Community Health, Open Door Community Health Centers, Open WebUI, Optimum Window Manufacturing, Options Community Services Society, Optral, OPTUM-IES, Oracle Health, Oregon Department of Environmental Quality, Ortho Mattress, OSI Systems, OSSE San Juan, Outdoor Smart! Inc, ownCloud, Oxford Rehabilitation Center, Pacific Railway Enterprises, Pacific Rim Mechanical, Paizo GPS Solutions, Parexel International, LLC, Partido Revolucionario Institucional, PAUAT Architekten, pdfforge PDF Architect, PDFsam, Peaker Services, Pearlman Aesthetic Surgery and Associated Radiologists, Pecan Tree Dental, Pediatric Dentistry of Oklahoma, Pell City Schools, Pensam Capital, Pensam Residential, Pentadiet, Pernec, Pernel Media, Petco, Petróleos de Venezuela (PDVSA), Peugeot Motocycles, peus-muenzen.de, Pewarchuk, Phillipine Department of Trade and Industry, Phillips Scales, Physicians to Children & Adolescents, Pickett USA, Pierce County Library System, Pilot automotive, Pin Hwa High School, PJSC Quadra Power Generation, Planned Parenthood Northern California, PlayStation, Plonter Technologies, Podovia, POL-HUN, Polaris Parks, polhun.pl, Pollock Communications, Pools by Bradley, Pornhub, PortSwigger Web Security, Posillico, PostgreSQL, Power Curbers, Powerscourt, Precise Benefits Group, Precision Aluminum, Premier Auto Credit, Prime Label Consultants, Print-O-Tape, Productos Lácteos Flor de Aragua CA, Progressive Laboratories, Promm Group, Prosura, Proton System, PT Clipan Finance Indonesia Tbk, PTS Goldkist Industries Sdn Bhd, Publicidad Sarmiento, Pueblo West Colorado, Pueblo West Metropolitan District, Pulse Urgent Care, Purcell Architects, puzio-saunierduval.fr, Quasar Data Center, Questica, Quezon Power, Q‑Ads, R.I. Lampus, Rafael Construction, Ragland Law Firm, Rain Bird Corporation, Rainbow Communications, Rameder, Ramside Hall, Ranger Investigation Guard, Raritan Yacht Club, Rconcept, RD Metals, React Server, Real Tech, Red Star Studio Ltd, Redis, REDtone, Reger Zahntechnik, Region of Istria, Rene Industries, Republica Federative do Brasil, Resecurity, Resource Corporation of America, Retrofit Service, Revere Health, Revoil, RGD Consulting Engineers, Richmond Behavioral Health Authority, Right Power Technology, Rio Farms, LLC, Rio supermarket, RJ Enterprise, RJS Logistics, RK Centers, RM Medics, Rockport Technology Group, Rockrose Development LLC, Rod Danielson, Rodenburg Law Firm, Rodney’s Sign Company, Roebbelen Contracting, Inc, Rogitz & Associates, Romanian Waters, Roose Ressler & Green, Ruhrpumpen, Rusk County, WI, Rust on Linux, RustCrypto, RYC, Röben Tonbaustoffe, S.Med Handels, Saar Engineering, Sai Oral Surgery, Saint Petersburg State University of Economics, Salcom, Salvation Army, Samkee America, Sampoerna Agro, San Francisco Community Health Center, San Silvestre School, Sanchez Vadillo, Sanko Gosei UK, Santa Casa de Assis, Santa Rosa Community Health Centers, Sante PACS Server, Sanyang Motor, SapLog Italia, Sapphire Health, Sarl Alliance, Saudi Icon, SAV Antivibranti, Sax LLP, sbws.org.sg, Scenic Solutions, Schneider Prototyping, Scipioni, SEAC SUB, Seac, Seal Beach, CA, Seal Beach CA Police Department, Secorp Industries, Security ONE Alarm Systems, Sedgwick Government Solutions, Seeberger Appel, Seguridad Las Americas, SEIMITSU THAI COMPANY LIMITED, Self-Help Addiction Rehabilitation, SELP, Sem Plastik, SEM Val de Bourgogne, Sense Eletronica, Senstar Symphony, Sentinel Security, Sentry Advisors, SETEX Textil, Shah Law Office, Shamrock Technologies, Share Ourselves, sharinc.org, Shinhan Card, Shinsegae, Shlansky Law Group, SHOFCO, Shore Gardens Rehabilitation & Nursing Center, Shout Factory, Shwapno, Siemens Simcenter, Silverline Group, SINBON Electronics, Sindicato dos Professores da Zona Centro, Singapore Buddhist Welfare Services, Singing River Health System, Singular Genomics, Sintac Recycling, Sipl, SIRH Mexico, Sirio Pharma, sje.vic.edu.au, smallstep Step-CA, SMC Global Securities, smed.at, Smile Center Utah, Smith Hawks, Smith Roberts Baldischwiler, Snapchat, SNCC Automatisme Solutions Process, SOA People, Soapy Joe’s Car Wash, Société Tunisienne de Radiologie, Soda PDF Desktop, soeuae.ae, Softlab SpA, Solarpro Holding, Solumek SAS, Solus Tecnologia em Sistemas, SonicWall SMA1000, Sortimage Communications, SoundCloud, South Shore Tool & Die, South West Development Commission, Southern Oregon Neurosurgical and Spine Associates, Spartan Carbide, Spitzer Auto Group, Sponseller Group, Spring Grove Area School District, Springer’s Jewelers, SproutNet, SPZC, SSL and ACL, St Charles Preparatory School, St Ignatiusi Jamsville, St Josephs College Echuca, St Anthony Regional Hospital, St John’s Riverside Hospital, Stadt Fürth, Stadtwerke Clausthal-Zellerfeld, Stanley Co Malaysia, Startek Engineering Inc, STC Concrete Products, Steel Corners Industrial, Steel Dynamics, Inc, Steelworks Inc, Stesad, Stewart Engenharia, STIC Investments, stimgroup, Stipe Law Firm, Stoughton Steel, Strategic Technology, strtn.org, Studio DGP Dottori Commercialisti, studioelad.it, Sudamerica, Sugawara Laboratories, Sunair Electronics, Sunshine Group, Sunzen Biotech Berhad, SUPERAntiSpyware, Superior Water Conditioning, Surfish Trade, Susquehanna Glass, SV-Büro Ing. Schulz GmbH, SVA y Tecnología Móvil de España, svlawus.com, SW Automation, SW WireTerminal, SW/WC Service Cooperative, Swartz Campbell, Swavelle Group, swdc.wa, Swift Institute, Syrstone, Systherm Grupa, Sönmezler Metal, TACK Electronics, TaLachaim, Talarico, Taminsho, TapestryHealth, Target, TEALCA, teccart.qc.ca, Technicare Instrumental Cirúrgico, tecnicarobertorocca.edu.ar, Tecno Electric, Tein, Teknequip, Tele-Fonika Cable Americas, Telechaim, Telegram, Telstar Hommel, Temple Shalom, Tencent FaceDetection, Terminales Portuarias, Terport, Teruya Brothers, Texas Pete, Thai Pet Food Group, The Araneta Group, The Biosig Project, The Boathouse on the Bay, The Botting Network, The Carlson Law Firm, The Center of Association Management, The Cressi, The Day of Reckoning Awaits the Child-Killers, The Genesis Group, The Lewis Bear, The Outdoor Recreation Group, The Parkes, The Salarpuria Sattva Group, The Sonnenschein Groupe, The Structures Group, The Wardlaw + Hartridge School, ThermoEx Company Limited, Thrings Solicitors and Lawyers, THT Bio-Science, Thunder Bay Counselling, Titan Motor Group, Tlechaim, Tokyo FM, Tommotek, Top Dest, Topstep, TorHoerman Law, LLC, Total Wireless, Towell International Holding, TradingView Desktop, Transpedrosa, Transport Scolaire, Transrocamar, Trend Import Export, Trend Micro Apex Central, Trend Micro Cleaner One, Tri-State Metal Roofing Supply, Triad Packaging Inc, Trimble SketchUp, Trine Access Technology, Triple Eight Transport, TriVector Services, TriZetto Provider Solutions, Trubee Wealth Advisors, TrustWallet, Tucson Independent Physicians and Surgeons, TUPI, Turing & EDU Arena, Turnamics, Tuscon Physicans, Twinsoft, Typhoo Tea, Ubisoft’s Rainbow Six Siege, UBS Office, Udall Law Firm, UEFI, UK Foreign Office, UK Free Speech Union, UK Home Office, Unified Assessment Platform ExamRoom.AI, Union Home Mortgage Corp, Union of Shop, Distributive and Allied Workers, uniplaclages.edu.br, Unipres Alabama Inc, United Keetoowah Band of Cherokee Indians in Oklahoma, United Pacific, Universidad Nacional Autónoma de México, Universidade do Planalto Catarinense, Universiti Sains Islam Malaysia, University of Hawaii Cancer Center, University of Phoenix, University of Sydney, Unleash Protocol, UNRE AI, UPC Precision Castings, Upsonic, Urban Remedy, Urban VPN, urfishtrade.com, uro.com, US Art, US Dept Of Defense (hundreds!), US Equal Employment Opportunity Commission (EEOC), usdaw.org.uk, Usina Sao Jose do Pinheiro, Utair, Valle Redondo, Van Venrooy, Varimed Medikal, Veeam Backup, Veplastic, VeraBank, Veradigm LLC, Vereinigte Stadtwerke, Vernon Sales, Vestil Manufacturing, Vetco, VFM Systems & Services, Victoria Benelux, Victorian Catholic College, Victory Disability, Vida Y Salud, Viga Eatery, Village of Franklin, Ville de Dunkerque, Vim for Windows, Virginia Mental Health Authority, Virginia Records, Virginia Urology, Vishnick McGovern Milizio, Vision Wheel, VisionPoint Eye Center, Vitatrac, Vivaldi, VLP Hellas, VMware ESXi, Voltech Rebuilders, Voltras International, VroomVroomVroom, Váhostav, Wadzeck-Stiftung, Wall Street English, Walltopia, Walters Group Inc, Wamtechnik, Wardell Builders, Warka Bank for Investment and Finance, Warren County Treasurer’s Office, Warrior Crane Service, WatchGuard Firebox, WatchYourLan, Watermark Beach Resort, Watertech of America, Wavenet, Wavlink routers, Wearbest Sil Terhar, Web Hosting Talk, Wedbush Securities Inc, Wellcare, Wellpoint, Wesley Heating and Cooling, Westlake Christian Academy, Westminster City Council, Westquay, WhiteDate, Wilbarger General Hospital, Wild Bunch Distribution, Willowdale Steeplechase, Wilmington Community Clinic, Wilson Smith Cochran Dickerson, Windows Remote Access Connection Manager (RasMan), Windscribe, Windward Life Care, WIRED, Wisanka Indonesia, Wizix Technology, WJ Professional, Wood Personnel Services, Woodard, Emhardt, Henry, Reeves & Wagner, LLP, Woodglen Medical Group, WordPress Motors theme, Workers Compensation Insurance Rating Bureau of California, WorldPoint, Wright Architectural Millwork, WSI, XSpeeder, Yalidine Express, Yavne Educational Center, Yokosuka Gakuin, YoPipe, York Hospital, Young Wealth Management, Youngblood Tyler and Associates, Youngstown Pipe & Steel, Z-Tronix, Zenflow, Zimeda, Zoom, and zszeleznice.cz have reported hacking or compromises this month.
Microsoft Exchange Online, Microsoft Teams, and X/Twitter have suffered from outages this month.
Internet access throughout Congo-Brazzaville, Finland, Guinea, Iran, Montana, San Francisco, CA, Ukraine, and Venezuela has been blocked our down for extended periods.
Last months updates broke Classic Outlook, VPN access, and Windows Message Queuing (MSMQ).
Microsoft is going to start blocking older, insecure and unsupported hardware from accessing their email platform, Exchange Online.
For all their blather, Apple will be using Google Gemini to power Siri.
Crucial is ending consumer sales. This is going to be bad for computer pricing.
It’s insanely easy to map out human movement within your home (or someone else’s) using your existing Wi-Fi routers.
Let’s Encrypt (the service behind most current website secure certificates) is shortening the expiration term for their certificates. By a lot. It’s almost completely automated so probably not going to be a bit deal.
California has added a privacy tool to request that data brokers remove your information. It uses a third-party precheck service responsible for breaking the Internet several times last year (CloudFlare) and one of the worst privacy violating services out there (login.gov), then requires you to give the California government all of the information about you (name, SSN, date of birth, email address, phone numbers, addresses and so much more) for the state to store so that participating data brokers know what to remove. My opinion: government is the worst of the worst when it comes to getting hacked and exploited, so if you’re concerned about dubious storage of your data, giving it to the state is literally the worst possible option. It might be more work, but it’s better to do it yourself.
Google is finally adding an option to remove information about you.
Now back to our regularly scheduled program.
Patch Tuesday is relatively small this month. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.
Microsoft released 60 updates to address 115 vulnerabilities in Agere Windows Modem Driver, Azure Connected Machine Agent, Azure Core shared client library for Python, Capability Access Management Service (camsvc), Connected Devices Platform Service (Cdpsvc), Desktop Window Manager, Dynamic Root of Trust for Measurement (DRTM), Graphics Kernel, Host Process for Windows Tasks, Inbox COM Objects, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Printer Association Object, SQL Server, Tablet Windows User Interface (TWINUI) Subsystem, Windows Admin Center, Windows Ancillary Function Driver for WinSock, Windows Client-Side Caching (CSC) Service, Windows Clipboard Server, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Deployment Services, Windows DWM, Windows Error Reporting, Windows File Explorer, Windows Hello, Windows HTTP.sys, Windows Hyper-V, Windows Installer, Windows Internet Connection Sharing (ICS), Windows Kerberos, Windows Kernel, Windows Kernel Memory, Windows Kernel-Mode Drivers, Windows LDAP – Lightweight Directory Access Protocol, Windows Local Security Authority Subsystem Service (LSASS), Windows Local Session Manager (LSM), Windows Management Services, Windows Media, Windows Motorola Soft Modem Driver, Windows NDIS, Windows NTFS, Windows NTLM, Windows Remote Assistance, Windows Remote Procedure Call, Windows Remote Procedure Call Interface Definition Language (IDL), Windows Routing and Remote Access Service (RRAS), Windows Secure Boot, Windows Server Update Service, Windows Shell, Windows SMB Server, Windows Telephony Service, Windows TPM, Windows Virtualization-Based Security (VBS) Enclave, Windows WalletService, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.
Apple released updates for iOS 26.2, iPadOS 26.2, macOS Sonoma 14.8.3, macOS Sequoia 15.7.3, macOS Tahoe 26.2, Safari 26.2, tvOS 26.2, visionOS 26.2, and watchOS 26.2. This includes security updates. Use Apple Software Update to install the most current versions.
iOS 26.2 is a security update. Use Settings, General, Software Update to install the most current update.
iPadOS 26.2 is a security update. Use Settings, General, Software Update to install the most current update.
watchOS 26.2 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 26.2 is a security update. Use System, Software Update to install the most current version.
visionOS 26.2 is a security update. Use System, Software Update to install the most current version.
Google ChromeOS 143.0.7499.196 and ChromeOS LTS 138.0.7204.300 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Fedora 45 is a major update. This is a security update.
https://getfedora.org/en/workstation/download/
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Tahoe (26.x) means that macOS Ventura (13.x) and older are no longer supported. If you can not install at least macOS Sonoma (14) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
Windows 10 (all consumer versions) is end of life (EOL). All non-LTS versions of Windows 10 without ESU are now out of support, with the sole alternatives being to upgrade to Windows 11 or enable Extended Service Updates (ESU). If you aren’t sure whether you are using LTS, you aren’t. Enable the ESU now.
The current release of the Windows 11 (v25H2) is very large (30% larger than any previous release) so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, drivers for hardware you’re not using (like old printers), and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
Logitech Options 10.26.14 fixes a MS Office compatibility issue. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025297893
MTPdrive 5.1.202 improves compatibility. This is not a security update.
https://www.mtpdrive.com/
RICOH IM C4510 1.5.0.0 adds new languages. This is not a security update.
https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/imc4510/imc4510.htm
Stream Deck 7.2.0 adds support for new hardware.
https://help.elgato.com/hc/en-us/categories/360001636492-Stream-Deck
TP-Link Archer AX55 v1 251119 is a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware
TP-Link Archer AX73 v2.0 250717 is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware
UniFi airMAX NanoStation 5AC Loco 8.7.21 is a security update.
https://www.ui.com/download/software/loco5ac
VIISAN OfficeCam 7.2.15 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html
Xerox Smart Start 2.1.24.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617
One or more of these are likely to be of interest to everyone.
Brave 1.85.120 is a security update.
https://brave.com/
Firefox 147.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 140.7.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Google Chrome 143.0.7499.192 is a security update.
https://www.google.com/chrome/
Microsoft Edge 143.0.3650.139 is a security update.
https://www.microsoft.com/en-us/edge/business/download
SeaMonkey 2.53.23 is a security update.
https://www.seamonkey-project.org/
Vivaldi 7.7.3851.67 is a security update.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
Spark 3.27.5.126936 improves layout and adds sharing controls, recent activity folder and new display options. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.27.5.126935 improves layout and adds sharing controls, recent activity folder and new display options. This is not a security update.
https://sparkmailapp.com/
Thunderbird 146.0.1 is a security update.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
AnyDesk 9.6.7 resolves dozens of bugs, improves stability and cosmetics. This is a security update.
https://anydesk.com/en/downloads
AnyDesk (macOS) 9.6.1 improves reliability. This is not a security update.
https://anydesk.com/en/downloads
curl 8.18.0 updates libraries, removes support for older technology, and resolves over a hundred bugs. This is a security update.
https://curl.haxx.se/windows/
Dropbox 238.4.6305 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/
FileZilla Server 1.12.1 resolves a stability bug. This is not a security update.
https://filezilla-project.org/
Google Drive 119.0 resolves several bugs. This is not a security update.
https://drive.google.com/start
MeshCentral 1.1.55 resolves over a dozen bugs. This is not a security update.
https://meshcentral.com/info/downloads.html
Nextcloud Server 31.0.2 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/
Npcap 1.86 is a security update.
https://nmap.org/npcap/
OneDrive 25.222.1112.0002 resolves several bugs and increases AI integration with Copilot. This is not a security update.
https://support.microsoft.com/en-us/onedrive
Rclone 1.72.1 is a security update.
https://rclone.org/
Signal 7.84.0 resolves a cosmetic bug. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.68.4 adds polls and resolves a cosmetic bug. This is not a security update.
https://signal.org/android/apk/
Syncthing 2.0.13 resolves several bugs. This is not a security update.
https://syncthing.net/
Technitium DNS Server 14.3 resolves several bugs and updates included apps. This is not a security update.
https://technitium.com/dns/
Telegram 6.4.2 resolves several bugs. This is not a security update.
https://telegram.org/
These are unlikely to be of interest to most people.
3tene 4.0.24 resolves several cosmetic bugs. This is not a security update.
https://en.3tene.com/
darktable 5.4.0 resolves many bugs, and improves user interface and performance. This is not a security update.
https://www.darktable.org/
Grayjay 363 improves DASH & UMP support and improves language filters. This is not a security update.
https://grayjay.app/index.html
KaraFun Player 3.10.6 resolves an updater bug, improves cosmetics for currently playing item, and resolves several other bugs. This is not a security update.
https://www.karafun.com/karaoke-windows/
VLC Media Player 3.0.23 is a security update.
https://www.videolan.org/vlc/
These are unlikely to be of interest to most people.
Minecraft Server (Bedrock) 1.21.132.3 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
Nintendo Switch 21.2.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
Steam 2025.12.19 is the last build with 32-bit support, resolves stability bugs with controllers and resolves over a dozen bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
SteamOS SteamDeck Update 3.7.19 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/
One or more of these are likely to be of interest to most people.
Adobe Bridge 15.1.3 and 16.0.1 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb26-07.html
Adobe ColdFusion 2025 Update 6 and 2023 Update 18 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb26-12.html
Adobe DreamWeaver 21.7 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html
Adobe Illustrator 29.8.4 and 30.1 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb26-03.html
Adobe InCopy 21.1 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb26-04.html
Adobe InCopy 20.5.1 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb26-04.html
Adobe InDesign ID21.1 and ID20.5.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb26-02.html
Adobe Substance 3D Designer 15.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb26-13.html
Adobe Substance 3D Modeler 1.22.5 is a security update.
https://helpx.adobe.com/security/products/substance3d-modeler/apsb26-08.html
Adobe Substance 3D Painter 11.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb26-10.html
Adobe Substance 3D Sampler 5.1.3 is a security update.
https://helpx.adobe.com/security/products/substance3d-sampler/apsb26-11.html
Adobe Substance 3D Stager 3.1.6 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb26-09.html
Artweaver 8.1.2 resolves several bugs. This is not a security update.
https://www.artweaver.de/
Audiate 2026.1.0 improves cosmetics and resolves several bugs. This is a security update.
https://www.techsmith.com/camtasia/audiate/
GnuCash 5.14 resolves several bugs. This is not a security update.
https://www.gnucash.org/
ImageMagick 7.1.2-12 resolves several bugs. This is not a security update.
https://imagemagick.org/
Inkscape 1.4.3 resolves dozens of bugs. This is not a security update.
https://inkscape.org/release/
Krita 5.2.14 resolves over a dozen bugs. This is not a security update.
https://krita.org/en/download/
LibreOffice 25.8.4 and LibreOffice Fresh 25.8.4 resolves over 70 bugs. This is not a security update.
https://www.libreoffice.org/
Nextcloud Desktop 4.0.4 resolves several bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.9 is a security update.
https://notepad-plus-plus.org/
PDF-XChange Editor 10.8.2.407 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
Scribus 1.6.5 is a security update.
https://www.scribus.net/
These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.
ChromeOS 143.0.7499.196 is a security update.
https://chromereleases.googleblog.com/search/label/Stable%20updates+ChromeOS
Fedora 43.0 updates apps and libraries, upgrading many services and systems to new current builds. This is a security update.
https://getfedora.org/en/workstation/download/
iOS 26.2 is a security update.
https://support.apple.com/kb/HT204204
iPadOS 26.2 is a security update.
https://support.apple.com/kb/HT204204
Linux Mint 22.3 adds support for newer hardware and removes support for some older hardware, updates drivers and changes defaults. This should be treated as a security update.
https://www.linuxmint.com/download.php
macOS 26.2 is a security update.
https://support.apple.com/kb/HT201541
Tails 7.3.1 is a security update.
https://tails.net/install/download/index.en.html
TOS 6 6.0.794 resolves several bugs. This should be treated as a security update.
https://support.terra-master.com/posts/TOS6_Release_Notes
tvOS 26.2 is a security update.
https://support.apple.com/kb/HT202716
watchOS 26.2 is a security update.
https://support.apple.com/kb/HT204641
One or more of these is likely to be of interest to most people.
.NET Runtime 10.0.1 improves stability and reliability. This is not a security update.
https://dotnet.microsoft.com/en-us/download/dotnet
HTTP Toolkit 1.24.2 doesn’t provide a change log so should be treated as a security update.
https://httptoolkit.tech/
ProtonVPN 4.3.9 improves stability and resolves several bugs. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest
RogueKiller 16.5.4 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/
Stinger 13.0.0.588 adds new detections
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
These are unlikely to be of interest to most people.
Greenshot 1.3.312 is a security update.
https://github.com/greenshot/greenshot/releases
Open Broadcaster Software 32.0.4 resolves three minor bugs. This is not a security update.
https://obsproject.com/
These are unlikely to be of interest to most people.
BookFab 1.2.1.8 improves TTS (text to speech), conversion, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/kindle-converter.htm
DVDFab 13.0.5.4 resolves a stability bug. This is not a security update.
https://www.dvdfab.cn/download.htm
StreamFab 7.0.0.6 resolves dozens of bugs and improves reliability and consistency. This is not a security update.
https://streamfab.dvdfab.cn/downloader.htm
UniFab 4.0.0.0 is a major update adding new upscaling and conversion abilities. This is not a security update.
https://www.dvdfab.cn/unifab.htm
One or more of these are likely to be of interest to most people.
Zotero 7.0.31 adds several new fields and creator types and resolves several bugs. This is not a security update.
https://www.zotero.org/
These are unlikely to be of interest to most people.
1Password 8.11.23 resolves a stability bug when using passkeys. This is not a security update.
https://1password.com/downloads/windows/
AOMEI Partition Assistant 10.10.0 adds a disk space analyzer and resolves partition alignment bug. This is not a security update.
https://www.diskpart.com/
Beyond Compare 5.1.7.31736 improves stability and updates signing. This is not a security update.
https://www.scootersoftware.com/download
Bitwarden 2025.12.2 resolves several bugs. This is not a security update.
https://bitwarden.com/
CCleaner 7.03.1120 updates cleaning and improves analysis. This is not a security update.
https://www.ccleaner.com/
Coreinfo 4.0 adds a GUI version and newer CPU checks. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/coreinfo
CPU-Z Installer 2.18 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html
DesktopOK 12.26 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.6.63.0 adds ability to search within office documents that are already open and updates libraries. This should be treated as a security update.
https://dngrep.github.io/
GoodSync 12.9.22 updates libraries and cleans up cosmetics. This is not a security update.
https://www.goodsync.com/
HWMonitor 1.61 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html
LessMSI 2.11.6 updates table layout display and translations. This is not a security update.
https://lessmsi.activescott.com/
NConvert 7.230 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/
NotMyFault 4.30 adds Arm64 support and new crash types. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/notmyfault
NTLite 2025.12.10736 splits downloads for older versions of Windows and updates components. This is not a security update.
https://www.ntlite.com/download/
OSForensics 11.1.1014 resolves two crash bugs. This is not a security update.
https://www.osforensics.com/download.html
osquery 5.21.0 improves macOS integration, adds several new tables and sources, and resolves a couple bugs. This is not a security update.
https://osquery.io/downloads
Password Security Scanner 1.65 improves compatibility with newer browsers. This is not a security update.
https://www.nirsoft.net/utils/password_security_scanner.html
PointerStick 6.88 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick
Process Explorer 17.09 fixes an image detection bug and adds details for .NET processes. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
Raspberry PI Imager 2.0.3 improves performance, networking, device and drive handling, and adds a custom URI scheme for custom distributions. This is not a security update.
https://www.raspberrypi.com/software/
Remotly 1.37.0 adds support for newer hardware and improves stability. This is not a security update.
https://remotly.com/
RoboForm 9.9.1 updates the icon and adds a caps lock indicator. This is not a security update.
https://www.roboform.com/
SetUserFTA 2.7.3 removes the DLL dependency for UCPD support. This is not a security update.
https://setuserfta.com/download-setuserfta/
Ventoy 1.1.10 resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html
WinGet 1.12.440 adds font support, MCP server, and resolves several bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest
WinScan2PDF 9.51 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
These are unlikely to be of interest to most people.
ADB 36.0.2 improves reliability and resolves a few bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools
Android Studio 2025.2.2.8 resolves several bugs. This is a security update.
https://developer.android.com/studio
GameMaker Studio 2024.14.2.213 improves stability and resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker
GDevelop 5.6.251 improves performance, history, and resolves several bugs. This is not a security update.
https://gdevelop.io/download
Inno Setup 6.7.0 adds new cosmetics and compiling improvements, various scripting and control improvements, and a security change to add RedirectionGuard support. This should be treated as a security update.
https://www.jrsoftware.org/isdl.php
Node.js 20.20.0 is a security update.
https://nodejs.org/en/
Node.js 22.22.0 is a security update.
https://nodejs.org/en/
Node.js 24.13.0 is a security update.
https://nodejs.org/en/
Node.js 25.3.0 is a security update.
https://nodejs.org/en/
SQLite 3.51.2 resolves a couple stability bugs. This is not a security update.
https://www.sqlite.org/download.html
Visual Studio Code 1.108 resolves thousands of bugs and updates cosmetics, AI integration, and more. This is not a security update.
https://code.visualstudio.com/
These are likely to be of interest only to web developers.
HumHub 1.17.5 resolves several bugs. This is not a security update.
https://www.humhub.com/en
Joomla 6.0.2 & 5.4.2 are security updates.
https://www.joomla.org/
OpenPetra 2025.12 resolves several bugs and improves performance. This is not a security update.
https://www.openpetra.org/
Piwigo 16.2.0 resolves several bugs. This is not a security update.
https://piwigo.org/
My Sticky Bar 2.8.6 resolves a stability bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/
Postie 1.9.74 is a security update.
https://wordpress.org/extend/plugins/postie/
Redirection 5.6.0 reduces size. This is not a security update.
https://wordpress.org/extend/plugins/redirection/
Sucuri Security 2.6 adds a new permissions library and resolves a cache bug. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/
Top Commentators Widget 1.7 doesn’t provide a change log so should be treated as a security update.
https://wordpress.org/extend/plugins/top-commentators-widget/
WP Cerber Security 9.6.11 improves browser detection, translation, and DoS hardening. This should be treated as a security update.
https://wpcerber.com/
YOURLS 1.10.3 resolves over a dozen bugs. This is not a security update.
https://yourls.org/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/
Merry Christmas, Folks!
Today is Patch Tuesday for December, 2025.
If your Windows 10 computer can not be upgraded to Windows 11 then you should either replace your device or use the Windows 10 ESU program to get another year out of it.
Windows 11 25H2 is now available and Windows 11 23H2 and older are no longer supported. Treat Windows 11 25H2 as beta software and wait a few months before upgrading.
macOS 26 Tahoe is now available and macOS 13 Ventura and older are no longer supported. Treat macOS 26 as beta software and wait a few months before upgrading.
There were 975+ major hacks, and over 525 application updates this month. It’s an average month, with about 3.5 GB of updates for most users.
1Panel, 3S Group, 3S Software, 7-Zip, 700Credit, A-B Communications, A10 Networks, Abbott, ABC Home & Commercial Services, Abdulhadi Hospital, Abhe & Svoboda, Access Search, ACE Forwarding, Acoustical Control, Acroni, Acu Trans Solutions, ADC Aerospace, ADDA, ADEPT, Advanced Power, Advantage 360, Aero Precision, Afternic, AG Displays, AGS, Ahome, Ahtna, Inc, Air Design Systems, Air Miles España, AJ Jersey, Akehurst Landscape Service, AkroStar Technology, Al Quraishi Marketing, Al-Ettifag Academy, Aljomaih Automotive, AllerVie Health, Alma Realty, Almaviva, Alpha Omega Winery, Alshaya Group, Amcore, American Associated Pharmacies, American Israel Public Affairs Committee (AIPAC), American Pools & Spas, American Public Television, American Soccer Company Inc, American Trust Administrators, AMH Philippines, Anchorage Neighborhood Health Center, Anderson Bancshares, Android, Ansible Community, Anthem, Inc, Anywhere RE, Anywhere Real Estate, Apache Struts, Apache Syncope, Apache Tika, Appalachian Community Federal Credit Union, Apple macOS, Apple Safari, Appleton UPSMON-Pro, Applied Energy Systems, Arabia Holding, Arabian Escapes, Archer Health, ARH Associates, Arista NG Firewall, ARKo, Armis Group, Array AG Series VPN, Artesian Insurance, Artists & Clients, Asahi Kasei Microdevices, Asia Condominium Association, ASL HR Solutions, Aspen Distribution, Astrofein, over 50,000 ASUS routers, ASUS AiCloud routers, ASUS DSL routers, ASUS MyASUS, ATIC TS, Atrium Living Centers, AudioCodes Fax/IVR Appliance, Avery Dennison, AVR Industries, AvtechTyee, B&J Rocket Sales, B2BE, Badan Pengelola Keuangan Haji, Badr Airlines, Bais Yaakov Elementary School, Balkrishna Paper Mills, Baltimore City Fire and Police Employees’ Retirement System, BanBan Play, Bangkok Eagle Wings, Bank of Cyprus Oncology Centre, Barbizon Lighting, Barnhart, Barts Health NHS Trust, Basecamp, Basin Harbor, Basra Transports, Battaglioli, Baxter Life 2000 Ventilation System, BayFirst, Bechtel, Beckett Collectibles, Becks Group Australia, Bel Fuse, Bellwether Community Credit Union, Benchmark Connector, Bergeson, Berjaya Air, BestAdsOnTV, Betterhomes, Big Lar, Bilsam, BioPharma Services, Bison Family Medical Clinics, BK Precision, Bleyl Engineering, Blossom Cloud, Blue Projects, BMS HS, Bo Beuckman Ford, Bodegas San Huberto, Bodhi Media Corp, BOLD Furniture, Bomchil, Bosch Choice Welfare Benefit Plan, Boutin Jones, Brahma Kumaris Columbia, Brenda Richardson Memorial Care Home, Brian-Kyles Construction, Broadcom, Brodosplit, Brsk, Brumfield Construction, Burnham Brown, Byzfunder NY LLC, Cabify, Cache Valley ENT, Cadman Power Equipment, Cal-Comp Electronics de México, Caldwell & Company Accounting, California Casualty Indemnity Exchange, Calmec, Camomilla Italia, Canno Design, Canon, Canvas Church, Capital Star Oil & Gas Inc, Capo Brothers, Capp Shupak, Carbon Graphics Group, Cardinal Services, CareTracker, Cargus, Carlton Fields, Caros, Cartones Villa Marina, Castel, Casting House, Cayuga Milk Ingredients, CC Johnson & Malhotra, CDU Beauty Medical Center, Center for Urologic Care, Cera Stribley, Chairmans Foods, Changepond Technologies, Charles Rutenberg Realty, Checkout, Chenango Valley Technologies, China Software Developer Network (CSDN), Chinese Military, ChristianaCare, Christofle, Church of the Ascension, Cimertex, Citi, City of Attleboro, MA, City of La Vergne, TN, City of Leavenworth, KS, City of Nuenen, NL, City of Urbana, IL, CJW, Clark & Sullivan Constructors, Claude AI, Clayco Solar, Clemar Assessoria e Logística em Comércio Internacional, Cleveland County Sheriff’s Office, Clipim, Cloudeka, Cloudflare, Clínica Villa Zaita, CodeStepByStep, Coldwell Banker UAE, Columbia Medical Practice, Comansco, Community 1st, Companjon, Complexo Hospitalar Municipal de Sao Bernardo do Campo, Comune di Balmuccia, Conasems, Concord Academy, Conduent Business Services, LLC, ConfortChem, Consero Global Solutions, LLC, Consolidated Sterilizer Systems, Copper Steel Fabricators, Coral, Cornerstone Staffing Solutions, Cottage Hospital, Country Club Enterprises, Coupang, CoVantage Credit Union, Cox Enterprises, Crisis24, Croft, CrowdStrike, Crucible Industries, Cryo Pur, CST Coal, CT Dent, Curtis Investment Group, Custom Engineered Wheels, Cytiva, D-Link DIR-878 routers, Dartmouth College, Dartmouth, Data Enterprises of the Northwest, Datenlotsen, David M. Schwarz Architects, Davies, McFarland & Carroll LLC, Davis Kitchens, DealMed Medical Supplies, Dell ControlVault3, Delta Coast Consultants, Delta Dental of Virginia, Demi Group, Dentsu, Dermatology Associates of Concord, Design Team Sign Company, Devereux Advanced Behavioral Health, DeWalch Technologies, DHK Architects, DIE, Diesel Electric, Discord Inc, Disston, Division 10, Django, Dobco, Doctor Alliance, Doka, Dooney & Bourke, DoorDash, Dover Area School District, Dr Isaac Gertz, DreamFactory, Drivestream, DTG Consulting Solutions, Dubois Wood, Dubroff, Easley, & Lovell, LLP, Duhabex, Dulay & Dulay, Eagle Oil & Gas, Eakas, Eastek International, Echo Design Group, ECI, EDIS, Edmunds, Eggelhof, Egovframe, Eighteen, Electricidad Panamericana, Electronic Products Shop, Elite Flower, Elundini Local Municipality, Elysian Real Estate, Emby Server, Emerson Movicon, Emond Publishing, ENEA, Enerre Pharma Lda, Ennoble Care & Circa Health, Enovis, EnQuest, Entrust, Envirotech Services, Episource, LLC, Ermat Grup, Ernest Käslin, ERR Raumplaner, ES Synergy, ESH7Enly, Espaço Casa, Eurofiber France, Eurofiber, Everbiz Industrial, Evytra, Exegy, ExeVision, F-W-S Countertops, Family Farm and Home, Fargo Park District, Farmers Insurance Exchange, Farmers Group, Inc, Fayette County, FDC Interiors, Felixvet, Fianzas Avanza, Fieldtex Products, FiinGate, Fineline Architectural Millwork, First Fruits Farms, Fishbowl Solutions, FIT, Fix Tecnologia, Fleet Management, Flock license readers, FloorHeat, Florida District 1 Medical Examiner, Forbes Marshall, Force Brokerage, Forensic Medical Management Services, Form Energy, Inc, Fortinet FortiWeb, Foster & Eldridge, Four Points by Sheraton, Foxconn Interconnect Technology, FR Express, France terre d’asile, Franklin County Engineer, OH, FreedL Group, Freedom Mobile, French Football Federation, Frontrol, Fruit of the Loom, FS Italiane Group, Fueling Solutions, Fuji Vegetable Oil, Fulgar, Fulkocha College, FullBeauty Brands, Fun For Less Tours, Fundidora de Cananea, Futureal, Gainesville Regional Airport, Galesi Group, Gana Payment, Garden of Life, Garland ISD Schools, Garrett Taylor, DDS, Gemeinde Untereisesheim, General Distributing, Genrose Stone + Tile, GeoHealthResearch, Gershow Recycling, Gl Veneer, Inc, GL0Inet GL-AXT1800, Gladinet’s Triofox, Glendale Obstetrics and Gynecology, GlobalLogic, GlobalProtect VPN portals, Globatech, Gmarket, Gold Coast Health Plan, Golden Artist Colors, Goldenrod, Goldhorse Capital, Goodman Air Conditioning & Heating, Google Chrome, Gopher Industrial, Government of Argentina, Government of Bangladesh, Government of Bolivia, Government of Brazil, Government of Columbia, Government of Ecuador, Government of Ethiopia, Government of Honduras, Government of India, Government of Indonesia, Government of Iran, Government of Jordan, Government of Kenya, Government of Malaysia, Government of Mexico, Government of Nigeria, Government of Pakistan, Government of Peru, Government of Philippines, Government of South Africa, Government of Syria, Government of Thailand, Government of Timor Leste, Government of Viet Nam, Goyal Books, Grafana, Granjas 4 Irmãos, Greater Cleveland Regional Transit Authority, Greenball, GreenBest, Grinding & Dicing Services, Gruenberg Kelly Della, Grupo Via Argentina, GSCCCA, GuestTek, GV Service, Habib Bank AG Zurich, Hall Aluminum Products, Hamilton Construction, Harbor Real Estate, Harbor Regional Center, Harvard Alumni Affairs, Harvard University, HASCO Hasenclever, Hazel Mercantile, HCMS Partners, Healthcare Interactive, Inc, Healthcare Retroactive Audits, Helix Energy Solutions, Heritage Communities, Herman & Chamow, HESCO Foodservice, HG Reynolds, Highmark, Hitech, Holiday Palace, HollySys Asia Pacific, Homes 4 Life, Homestead Museum, Horst Realty, HostingFest, House of Hope, Humana Inc, Hunt & Harris Real Estate, Hydroscand, Hyperdome Medical Centre, HYTORC, Hyundai AutoEver America, Hyundai Nishat Motor, Iberia, iBizSoft, IBM AIX, ILCA Targhe, ILM College, Ilustre Colegio de la Abogacia de Barcelona, Immling Festival, ImunifyAV, Incentive Concepts, Incolease, Information Communication Board of the Sarawak Chinese Annual Conference (ICBSCAC), Ingenieurbüro Laudi, Innomotive Solutions Group, Innovex International, Inotiv, Inspire Communities, Institutional & Supermarket Equipment, Integra Life, Intellexa, IntelliVIX, Interlink Trade Services, International Kiteboarding Organization, Interoil, Inventive IT, 120,000 Korean IP cameras, Irwin Car, Iscot Italia, Issaqueena Pediatric Dentistry & Orthodontics, Istituto Comprensivo di Cavaglià, ITL Systemhaus, Jack Levine, Japan Exchange Group, Japan Financial Investment Education Association, JASCO Applied Sciences, Jason Finch & Associates, Jefferson Enterprises, LLC, Jeffrey W. Krol & Associates, Jewell Engineering, JingHang Network Technology, Jobbers Moving & Storage, JPMorgan Chase, JR Engineering, Julius Koch, multiple jury systems across the US and Canada, K3G Solutions LTDA, Kaan Cronenberg & Partners Law, Kaener Personal, Kajima Europe, Kana Pipeline, Kane’s Furniture, Kansas City Behavioral Health Center, Kasapreko, Kaslin, Katch Kan, Kaufman County, KDR Real Estate Services, Kelly Wearstler Gallery, Kensington and Chelsea, Kensington Court, Kern Oil & Refining Co, Kettle, Sánchez & Co, Kewaunee Scientific, Keystone Fabricating, Khazzan Logistics Management Services, Kids & Company, Killingly Public Schools, Kimber Manufacturing, King City Lumber, Kingsford Group, KinoKong, Klüber Elektroanlagenbau, Knex Technology, Koha Foods, KohaFoods Hawaii, Korean Air C&D Service, KorPath, Kröger, Rehmann & Partner, Kudun & Partners, Kulturrådet, L&L Products, La Costa Dental Excellence, LA Injury Attorneys, Lake Superior State University, LAMAICA, Egypt, Landis, LatamLex, Law Office of Ronald W Hillberg, Lawyers’ Mutual Insurance Company of California, Legacy Classic, lemlist, Leroy Merlin, Lesker, LG, LG Energy Solution, Liat Gallery, Liberty Gold Fruit, Liberty Resources, Liberty Shoes, Life Fitness, Lincoln IT, Lithographix, Live Auctioneers, LL Products, LMG Holdings, Logitech, Lone Rock Timber, Lotus Powergear, Lows Orkney, LSA, Lynx+ Gateway, M&BM, Inc, M&Y Personal Injury Lawyers, MacTavish, Macy’s, Madison Square Garden, Mae Krathing Power Company, Mae Krating Power, MAG Aerospace, MagicSeller, Maheu & Maheu, Mainetti UK, Makro, Manusos General Contracting, Maresa Logística, MariaDB, Marlex Human Capital, Marquis Software Solutions, Maset, McKay Empire, McManes Law, MD Manouel Insurance Agency, Mechanical Systems, Medidores Industriales, Medisend College, Medsi Group, Meena Health, Mehri & Skalet, PLLC, Memorial Hospital and Manor, Metrocare Services, Metropolitan Adjustment Bureau, MFE Formwork Technology, Michelin Group, Microsoft’s Visual Studio Code Marketplace, Milano Ristorazione, Millicom, Miromar Development, Mishan, Mister Guns, MITACHI, Mitchell Silberberg & Knupp, MMC Studios, MOBI Technologies, Mobilelink USA, Modern Display, Money Mart, Morgan Stanley, Morton LTC, Motors City Center, Motorsportmarkt, Moyes, Mqd, Mr Christmas, MSP360 Free Backup, mToilet, MultistateTax Inc, Murphy, Pearson, Bradley & Feeney, APC, Muskoka Brewery, N15 Technology, Nadel Architects, Naffco, Nahant, Nasajon, National Health Insurance Management Authority, National University of Natural Medicine, Nationwide Legal LLC, NC Machinery, NetScaler ADC and Gateway, NETTTS, New England Tractor Trailer Training School, New Haven Public Schools, New Horizons Medical, Newgen Digital Works, Newline Cloud, Next Generation Logistics, Nickman’s Drug, Ninas Jewellery, Nita Transfert, NKC Health, Noment, NONC, North Kansas City Hospital, Northcroft, Norway Savings Bank, Nottingham Village, NovAtel, Nugent Supply, Numalliance, NVIDIA AIStore, NVIDIA Isaac-GROOT, NVIDIA Megatron, Oakland Museum of California, Omega Tool, Omnium International, OncoHealth, One Broker Group, One Source Associates, OnSolve CodeRED, OpenAI ChatGPT API, Optima Tax Relief, LLC, Orchid Island Golf and Beach Club, Oriental Castle Group, Oscars Group, Outback Pharmacies, Paal, Paccar, Pajemploi, Pan-O-Gold Baking, Panini Kabob Grill, Parallels Toolbox, Parrish Tire, Parsirang, Pathmaker Group, PDF-XChange, Pearl River Valley Electric Power Association, Pennsylvania Attorney General, PEPE, Perry Brothers Oil, Persante Health Care, Persianas Canet, Personic, Petco Animal Supplies Stores, Inc (“Petco”), Peter Meijer Architect, Petra, Petro Environmental, Petrobras Campos, PFMI, PH Molds, PHA Body Systems, Phillipine Department of the Interior and Local Government, Physiothletics, Pilgrim Packaging, Pioneer Ocean Freight Co, Pipeline Inc, Pixtura, PJSI Consultants, Platinum Healthcare Staffing, PlatinumOne Business Services, Playroll, PM Plastics, Poe’s Accounting Services, Point Construction Advisory Group, Poland’s military, Polidano Group, Poliserv, Portal Emploi, Portland’s Living Room Theater, Poyntell, Precision Compounding Pharmacy, Princeton University, Prismier, Privia Medical Group, Pro Medicus, ProAgro Seguros, ProCure Proton Therapy, Profondia, Propeller Industries, Protei, Providence Academy, Puerto Rico government agencies, Puerto Rico Warehousing, QPrint Digital, QuaLex Manufacturing, Quality Companies, Quality Engineered Homes, Quasar Inc, Quinn Jay Patent, Radio Sound, RaidForums, Ralph McKay Industries, Rama Judicial de Colombia, Rasen Insaat Ve Yatirim Ticaret, Ravand Cybertech, Ray Clusters, React Server (at least 30 organizations), Reading Elevator Service, Redi Carpet, Reed Pope Law, Refer Life, Regional Business Systems, Reliable Van & Storage, Remarket Space, Rempe Construction, Renesas Electronics, Repka, Reporters Without Borders, Revive Adserver, Revnomix, Rhodes Young Black & Duncan, Ripley Academy, Risk & Insurance Education Alliance, Riyadh Airports, RJ Walker, Roblox Developers Conference, Rochester Philharmonic Orchestra, Rockhill Women’s Care, Roebbelen Contracting, Inc, Rogitex, Rollingertec, Rose Displays, Roseburrough Tool, Rosland Capital, Rossit, Rouse Frets White Goss Gentile Rhodes, RR Lalan College, RUEZ, Running Aces, Saca Industrie SpA, SAExploration, Sakol Energy Public, Salesforce, Samsung, San Miguel, Sanko Air Plant, Sansala, Santa Paula, Sarmap, Savills Middle East, SBLM Architects, Scalextric, Schlenker & Cantwell, Schmidt’s, Scientology, Scrap Market, Search, Inc, Secure Network Solutions, SecureTeen, Security First Bank, Seipi, SEKISUI Aerospace, Sellers Publishing, SEPE-USET, Serratelli Hat, SES Société Energies Services, SEV-CI, SGK INC, Shelbra International, Shumate Mechanical, Sieger Design, Siemens SINEC NMS, Simmons Electrical, Simsekas, Singapore City Development, SitusAMC, SLA, Slimsoft, SmartTube YouTube client for Android TV, Smith Fire Systems, Smith Gardner, Smoll & Banning, Snyder Cohn, Socomec DIRIS Digiware, Soderstrom Architects, Sodise, SOKOL, Sol Trading, Soleol, SomnoSleep Consultants, SonicWall SonicOS, Sorbonne Université, Sotheby’s International Realty, South Island Public Service District, Southern Lion, Spark Innovation, Spark Power, Spoleta Construction, SSA Holdings, LLC, Stacey L Tokunaga, Standing Chapter 13 Trustee, Stark Shipping, StatMedPlus LLC, Sterling Biotech, Stoss Landscape Urbanism, SuKarne, Sumitomo Chemical, Summit Hotel Properties, SUNAFIL, Sunny Go, Svenska kraftnät, Swan Bitcoin, Swift Filters, Synergy (no public disclosure), Synnovis, Söllner, TAJMAC-ZPS, Takeuchi, Talarico, Talbot & Associates, Tami J. Dunham, CPA, Tawasol Solution & Services, TBC Consoles, TCG, TEAM Companies, Tencent Hunyuan3D, Tencent HunyuanDiT, Tencent HunyuanVideo, Tencent MedicalNet, Tencent NeuralNLP, Tencent PatrickStar, Tencent TFace, TFC Poultry, The American School Foundation, The Foot Doctors, The Hunnicutt Law Group, The InterTech Group, The Landreau Group, The Minor Firm, The Smith Companies, The TEAM Companies, LLC, The University of Pennsylvania, The Westin San Diego, ThinkMarkets, Thob Al Aseel, Thomas Davies, DPM, Thomas Safran & Associates, Tlusty & Kennedy, TMC Transformers, TOC Building, Toledo Transducers, Towerstream, TPI Composites, Tracsa Cat, Trane Technologies, Tranimpex, Transpedrosa, Treet, Treetop, Tri-Century Eye Care, Trigg Laboratories, Trolec, Tru Universe, Truenorth Corporation, Trumbull County, Tuan Le Construction, Tulane University, Turknet, Turkstra Trusses, Twonky, TypeCase Marketing Resource, UAM, UNDER ARMOUR, UniqueTech Engineering, United Food & Commercial Workers Local No. 7, United Volleyball Supply, Universidade Municipal de São Caetano, University Loft, University of Gävle, University of Pennsylvania, University of Phoenix, University of St. Thomas, UNOde50, Upbit, multiple US government agencies, Valley Banks, Valley Eye Associates, Valley Plains Equipment, Vanguard Business Information & Risk Management, Vantec Europe, Vennerhus Weine, VENZI & PAGANINI AG, Veton Ai, Viabizzuno, Victor Insulators, Vikor Scientific, VIP Apps Consulting, VIPRE Advanced Security, Virtualware Solutions, Visage Imaging, Vitamix, VITAS Hospice Services, LLC, VoiceTeam Call, Volkswagen Mandi, VS Gandía Palace Hotel, Vultr, Wachtmann Rohstoffhandel, Wachusett Regional School District, Wakefield & Associates, Walgreens Boots Alliance, Washington Post, Watson Clinic, Waukegan Steel, Webseeds, Wedge Holdings, Weiss, WEL Companies, Inc, West Donegal Credit Union, WhatsApp, Whitinger Strategic Services, Wibu-Systems WibuKey, Williams & Sparages, Williamson County, TX, Wiltshire Police, UK, Windows CLFS, Wisconsin Knife Works, WLR Precision Engineering, Woom GmbH, WordPress King Addons for Elementor plugin, WordPress W3 Total Cache plugin, Workflow Concepts, World Liberty Financial, WR Comercial, Wright Architectural Millwork, Wyandot Center, Wynn & Wynn, XOX Mobile, XWiki, Yearn Finance, Yellow Cab of Columbus, Yutong electric buses, Zadro, Zecher, Ziglin Signs, Zilvia, ZITADEL, Znojma Czechia, Zoetis, Zoya, Zuber Aussenwelten, and Şimşek have reported hacking or compromises this month.
ChatGPT, City of Leavenworth, Kansas, Cloudflare (quite a few times), Microsoft Defender portal, Microsoft Exchange Online, Royal Borough of Kensington and Chelsea, Westminster City Council, and X (repeatedly) have suffered from outages this month.
Internet access throughout Darwin, Australia, Dominican Republic, Donetsk Oblast, Ukraine, Russia, Sri Lanka, Sumy, Ukraine, Thailand, Ukraine (many times), Wyoming and South Dakota has been blocked our down for extended periods.
Last months updates broke Dell video packages, Microsoft 365 desktop, Microsoft Outlook desktop, “new” Outlook, Nvidia drivers, Windows 10 ESU enrollment, Windows 11 login button, Windows 11 Start Menu & File Explorer, Windows File Explorer, and X.
The Germans are now silencing US-based first-amendment protected content across the world through Cloudflare.
Code “beautifiers” (and other anonymous free services) have been publicly sharing secrets of unwitting users for years.
Sigh. The FCC has rolled back their new security requirements for US telecommunications operators that were imposed after they fell victim to the Salt Typhoon attack that exploited a weakness that has been in use for over 20 years.
Google has changed course on their draconian requirements that would have prevented all non-corporate developers from releasing software for Android.
Now back to our regularly scheduled program.
Patch Tuesday is average this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.
Microsoft released 34 updates to address 69 vulnerabilities in Application Information Services, Azure Monitor Agent, Copilot, Microsoft Brokering File System, Microsoft Edge, Microsoft Edge for iOS, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Word, Storvsp.sys Driver, Windows Camera Frame Server Monitor, Windows Client-Side Caching (CSC) Service, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Defender Firewall Service, Windows DirectX, Windows DWM Core Library, Windows Hyper-V, Windows Installer, Windows Message Queuing, Windows PowerShell, Windows Projected File System, Windows Projected File System Filter Driver, Windows Remote Access Connection Manager, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Shell, Windows Storage VSP Driver, Windows Win32K – GRFX, and MSRT. This includes security updates. A reboot is required.
Apple released updates for Compressor 4.11.1. This is a security update. Use Apple Software Update to install the most current versions.
Google ChromeOS 142.0.7444.220 and ChromeOS LTS 138.0.7204.298 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Tahoe (26.x) means that macOS Ventura (13.x) and older are no longer supported. If you can not install at least macOS Sonoma (14) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The current — and final — release of the Windows 10 (v22H2) is end of life (EOL). All non-LTS versions of Windows 10 without ESU are now out of support, with the sole alternatives being to upgrade to Windows 11 or enable Extended Service Updates (ESU). If you aren’t sure whether you are using LTS, you aren’t. Enable the ESU now.
The current release of the Windows 11 (v25H2) is very large (30% larger than any previous release) so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, drivers for hardware you’re not using (like old printers), and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
AMD Adrenalin 25.11.1 resolves several bugs and improves stability. This is not a security update.
https://www.amd.com/en/support
Crucial Storage Executive 11.11 does not provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive
Epson ET-2750 2.100.00 does not provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2750/s/SPT_C11CG22201
Epson ET-2760 2.100.00 does not provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2760/s/SPT_C11CG22203
Epson ET-4760 2.100.00 does not provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4760/s/SPT_C11CG19203
Epson WF-4730 2.100.00 does not provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/WorkForce-Series/Epson-WorkForce-Pro-WF-4730/s/SPT_C11CG01201
MTPdrive 5.0.200 updates driver. This is not a security update.
https://www.mtpdrive.com/
Stream Deck 7.1 adds in-app marketplace search, NodeJS sideloading, improved profile management and storage, cosmetic improvements and resolves several bugs. This is not a security update.
https://help.elgato.com/hc/en-us/categories/360001636492-Stream-Deck
TP-Link Archer A6 v3 250716 is a security update.
https://www.tp-link.com/us/support/download/archer-a6/v3/#Firmware
UniFi AC Professional 6.7.35 improves stability and resolves over a dozen bugs. This is not a security update.
https://www.ui.com/download/software/uap-ac-pro
UniFi airMAX NanoStation 5AC Loco 8.7.19 is a security update.
https://www.ui.com/download/software/loco5ac
UniFi Network Server 10.0.160 resolves over a dozen bugs and offers improvements in controls, filters, and reporting. This is a security update.
https://www.ui.com/download/releases/network-server
UniFi U6 Professional 6.7.35 improves stability and resolves over a dozen bugs. This is not a security update.
https://www.ui.com/download/software/u6-pro
VIISAN OfficeCam 7.2.14 does not provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html
One or more of these are likely to be of interest to everyone.
Brave 1.85.111 is a security update.
https://brave.com/
Firefox 146.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 140.6.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Google Chrome 143.0.7499.40 is a security update.
https://www.google.com/chrome/
Microsoft Edge 143.0.3650.75 is a security update.
https://www.microsoft.com/en-us/edge/business/download
Vivaldi 7.7.3851.58 is a security update.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
OutlookAttachView 3.55 resolves a minor cosmetic bug. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html
Spark 3.27.4.124849 resolves several stability bugs. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.27.4.124850 resolves several stability bugs. This is not a security update.
https://sparkmailapp.com/
Thunderbird 145.0.0 is a security update.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
AnyDesk 9.6.6 resolves several stability and reliability bugs and improves compatibility. This is a security update.
https://anydesk.com/en/downloads
AnyDesk (macOS) 9.6.0 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads
Discord December 8, 2025 is a security update.
https://discord.com/download
FileZilla Client 3.69.5 updates libraries and resolves a cosmetic bug. This is not a security update.
https://filezilla-project.org/
FileZilla Server 1.12.0 resolves several bugs. This is not a security update.
https://filezilla-project.org/
FreeFileSync 14.6 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php
Google Drive 118.0 improves performance. This is not a security update.
https://drive.google.com/start
MeshCentral 1.1.54 updates libraries, resolves dozens of bugs, and improves compatibility and reliability. This is not a security update.
https://meshcentral.com/info/downloads.html
Nextcloud Server 32.0.2 updates libraries and resolves dozens of bugs. This is a security update.
https://nextcloud.com/
Npcap 1.85 is a security update.
https://nmap.org/npcap/
Rclone 1.72.0 updates libraries and resolves dozens of bugs. This is a security update.
https://rclone.org/
Signal 7.81.0 updates gallery previews. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.66.5 adds polling. This is not a security update.
https://signal.org/android/apk/
Syncthing 2.0.12 updates libraries. This is not a security update.
https://syncthing.net/
Technitium DNS Server 14.2 resolves several bugs and improves cluster support. This is not a security update.
https://technitium.com/dns/
Telegram 6.3.6 resolves a couple crash bugs. This is not a security update.
https://telegram.org/
WinSCP 6.5.5 resolves three bugs. This is not a security update.
https://winscp.net/eng/index.php
Zoom 6.6.11.23272 is a security update.
https://zoom.us/
These are unlikely to be of interest to most people.
3tene 4.0.23 resolves several bugs, improves integration and default behaviors. This is not a security update.
https://en.3tene.com/
Grayjay 355 adds casting, playlist looping, improves update process and resolves several bugs. This is not a security update.
https://grayjay.app/index.html
KaraFun Player 3.10.3 improves performance and responsiveness, audio sync over Bluetooth and resolves several bugs. This is not a security update.
https://www.karafun.com/karaoke-windows/
Plex Desktop 1.112.0.359 updates libraries. Be aware that Plex recently changed their licensing terms to now require subscriptions for anyone viewing shared media.
https://www.plex.tv/media-server-downloads/#plex-app
These are unlikely to be of interest to most people.
Minecraft Server (Bedrock) 1.21.130.42 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
Minecraft Server (Java) 1.21.11 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server
Nintendo Switch 21.1.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
PS5 2025.111 improves performance and stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
Steam 2025.11.18 resolves over a dozen bugs. This is a security update.
https://store.steampowered.com/news/app/593110
One or more of these are likely to be of interest to most people.
Adobe Acrobat Reader 25.001.20997, 24.001.30307, 24.001.30308, and 20.005.30838 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb25-119.html
Adobe ColdFusion 2025u5, 2023u17, and 2021u23 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb25-105.html
Adobe Creative Cloud Desktop 6.8.0.821 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb25-120.html
Adobe DNG SDK 1.7.1 build 2140 is a security update.
https://helpx.adobe.com/security/products/dng-sdk/apsb25-118.html
Adobe Experience Manager 2025.12, 6.5 LTS SP1 61551, and 6.5.24 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb25-115.html
Artweaver 8.1 improves cosmetics and resolves several bugs. This is not a security update.
https://www.artweaver.de/
Audiate 2026.0.0 improves avatar generation. This is not a security update.
https://www.techsmith.com/camtasia/audiate/
Calibre 8.16.2 adds AI integration to your library and resolves several bugs. This is not a security update.
https://calibre-ebook.com/
LibreOffice Fresh 25.8.3 resolves over 65 bugs. This is not a security update.
https://www.libreoffice.org/
Nextcloud Desktop 4.0.3 resolves several bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.8.9 is a security update.
https://notepad-plus-plus.org/
PDF-XChange Editor 10.7.6.404 resolves several bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
Xspouse 2025-2 implements compatibility with recent federal legislative changes. This is not a security update.
https://www.xspouse.com/
These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.
Tails 7.2 updates apps and libraries and improves security. This is a security update.
https://tails.net/install/download/index.en.html
One or more of these is likely to be of interest to most people.
HTTP Toolkit 1.24.1 doesn’t provide a change log so should be treated as a security update.
https://httptoolkit.tech/
MalwareBytes Anti-Malware Mac 5.19 reduces resource abuse and resolves several bugs. This is not a security update.
https://www.malwarebytes.com/mac/
RogueKiller 16.5.3 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/
Stinger 13.0.0.571 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
uBlock Origin 1.68.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
These are unlikely to be of interest to most people.
Camtasia 2026.0.0 improves integration with Audiate and resolves several bugs. This is not a security update.
https://www.techsmith.com/video-editor.html
SnagIt 2025.4.0 updates libraries and resolves several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html
These are unlikely to be of interest to most people.
BookFab 1.2.1.5 adds Audible conversion, Calibre integration, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/kindle-converter.htm
DVDFab 13.0.5.2 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm
IsoBuster 5.7 adds support for several new media formats and improves hardware and file type detection. This is not a security update.
https://www.isobuster.com/download.php
PDF Creator 6.2.0 adds HotFolder integration and resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator
StreamFab 7.0.0.0 is a major update, adding multithreading support, bookmarks, improved interface and controls. This is not a security update.
https://streamfab.dvdfab.cn/downloader.htm
UniFab 3.0.3.3 adds AI translation, improves stability and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm
One or more of these are likely to be of interest to most people.
Zotero 7.0.30 improves compatibility and resolves several bugs. This is not a security update.
https://www.zotero.org/
These are unlikely to be of interest to most people.
1Password 8.11.22 improves duplicate detection, adds support for new browsers, and resolves several bugs. This is not a security update.
https://1password.com/downloads/
Agent Ransack 2022.3544 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/
AOMEI Partition Assistant 10.9.2 adds support for active diagnostics. This is not a security update.
https://www.diskpart.com/
Bitwarden 2025.11.5 resolves several bugs. This is not a security update.
https://bitwarden.com/
CCleaner 7.02.1080 improves settings user interface, adds scheduling, and resolves several bugs. This is not a security update.
https://www.ccleaner.com/
ControlMyMonitor 1.40 improves performance and stability, and adds a column to display supported VCP value range if the monitor provides it. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html
Dell Command Update 5.6 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en
DesktopOK 12.24 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.6.52.0 adds search/replace swap, string replacements, updates libraries and resolves several bugs. This is not a security update.
https://dngrep.github.io/
FileLocator Pro 2022.3544 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download
Fing 3.9.3 improves stability and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows
FoneTool 3.3.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html
Free Virtual Serial Ports 7.07.00.1636 resolves a protocol bug. This is not a security update.
https://freevirtualserialports.com/
GoodSync 12.9.18 resolves several bugs. This is not a security update.
https://www.goodsync.com/
Inkchip WIC 1.18 doesn’t provide a change log so should be treated as a security update. This is not a security update.
https://inkchip.net/wic/
Kingston SSD Manager 1.5.6.1 doesn’t provide a change log so should be treated as a security update. This is not a security update.
https://www.kingston.com/us/support/technical/ssdmanager
LessMSI 2.11.2 improves language support. This is not a security update.
https://lessmsi.activescott.com/
Memtest86+ 8.00 adds support for new hardware, improves performance and stability, and resolves several bugs. This is not a security update.
https://www.memtest.org/
NTLite 2025.11.10675 resolves a couple bugs. This is not a security update.
https://www.ntlite.com/download/
OSForensics 11.1.1013 improves stability and resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html
osquery 5.20.0 updates libraries and resolves several bugs. This is not a security update.
https://osquery.io/downloads
PowerToys 0.96.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
Process Explorer 17.08 reenables the Image field in the process Properties dialog. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
Remotly 1.36.2 resolves a couple bugs. This is not a security update.
https://remotly.com/
Remotly Android 2.2 resolves a couple bugs. This is not a security update.
https://remotly.com/
RoboForm 9.8.4 updates logo and resolves stability bugs. This is not a security update.
https://www.roboform.com/
SetUserFTA 2.7.2 improves UCPD handling. This is not a security update.
https://setuserfta.com/download-setuserfta/
Synergy 1.20.0 resolves several stability and reliability bugs. This is not a security update.
https://symless.com/synergy/
Ventoy 1.1.08 adds support for FreeBSD v15 and iVentoy. This is not a security update.
https://www.ventoy.net/en/index.html
WakeMeOnLan 1.95 adds annotation in custom columns with caption controls. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html
WinScan2PDF 9.46 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
WizTree 4.28 improves performance and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/
ZoomIt 9.21 resolves several bugs. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit
These are unlikely to be of interest to most people.
Android Studio 2025.2.2 us a security update.
https://developer.android.com/studio
cx_Freeze 8.5 updates libraries and resolves dozens of bugs. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html
GameMaker Studio 2024.14.1.210 resolves dozens of bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker
GDevelop 5.6.249 adds real-time 3D editing and resolves a couple bugs. This is not a security update.
https://gdevelop.io/download
Go 1.25.5 is a security update.
https://go.dev/
Inno Setup 6.6.1 improves storage and improves workflow. This is not a security update.
https://www.jrsoftware.org/isdl.php
Node.js 20.19.6 updates libraries and resolves several bugs. This is a security update.
https://nodejs.org/en/
Node.js 24.11.1 updates libraries and resolves several bugs. This is a security update.
https://nodejs.org/en/
Node.js 25.2.1 updates libraries and resolves several bugs. This is a security update.
https://nodejs.org/en/
Python 3.14.2 is a security update.
https://www.python.org/downloads/macos/
SQLite 3.51.1 resolves a reliability bug. This is not a security update.
https://www.sqlite.org/download.html
Unreal Engine 5.7 is a major update offering many new features and improvements. This is not a security update.
https://unrealengine.com/en-US/
Visual Studio Code 1.106.3 is a security update.
https://code.visualstudio.com/
WinMerge 2.16.52.2 resolves several bugs. This is not a security update.
https://winmerge.org/
These are likely to be of interest only to web developers.
Joomla 6.0.1 & 5.4.1 resolves several bugs. These are not a security updates.
https://www.joomla.org/
Piwigo 16.1.0 is a major update adding new controls and features. This is a security update.
https://piwigo.org/
WordPress 6.9 adds visibility controls, datasets, and resolves several bugs. This is not a security update.
https://wordpress.org/
Autoptimize 3.1.14 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/
Contact Form 7 6.1.4 improves internationalization. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/
My Sticky Bar 2.8.5 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/
WP Mail SMTP 4.7.1 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/
Happy Veteran’s Day, Folks!
Today is Patch Tuesday for November, 2025.
If your Windows 10 computer can not be upgraded to Windows 11 then you should either replace your device or use the Windows 10 ESU program to get another year out of it.
Windows 11 25H2 is now available and Windows 11 23H2 and older are no longer supported. Treat Windows 11 25H2 as beta software and wait a few months before upgrading.
macOS 26 Tahoe is now available and macOS 13 Ventura and older are no longer supported. Treat macOS 26 as beta software and wait a few months before upgrading.
There were 750+ major hacks, and over 650 application updates this month. It’s a relatively small month, with about 4.0 GB of updates for most users.
5CA, Abilene Family Medical Associates, Accord Carton, Adichunchanagiri Institute Of Technology, Adobe Commerce, Adobe Experience Manager, Adore Children and Family Services, Advanced Delivery Services, Advanced Installer, Afghan Ministry of Defence, AGFA, Agri-Food and Biosciences Institute (AFBI), (at least) 2/3rds of AI companies, Air Arabia, Al Ahly Leasing & Factoring Company, Al Rimal Group, Albanese Physical Therapy, Albert Heijn, Alibaba Cloud Workspace Client, Alight Solutions, Alios Finance Group, Alissa Group, Alitech, Alpha Omega Winery, LLC, Altimedia, Amazon Smart plugs, AMD CPU VM (RMPocalypse), AMD CPUs (TEE.fail), American Airlines, American PowerNet, Ami Bearings, Anderson-Moore Construction, Android, ANIA KRUK, Ansell, Antigo Construction, Apache OpenOffice, Aphase II, ApleNet, Applied Technology Resources, Aptura Group & Central Indiana Hardware, ArcGIS, Armed Forces of the Philippines, Artistica Rubens, Asahi Group Holdings, Ashlar-Vellum Cobalt, Askul, ASP.NET Core, Assemblée Nationale, Astra Nova, AT&T Careers, Athol Hospital, ATIRG, Atrium Living Centers, Auckland City, Aunt Martha’s Health and Wellness, Aussie Fluid Power, Autodesk AutoCAD, Autodesk On-Demand Install Services, Automated Logistics Systems, Autorotor, Avast, AVG, Axelson, Williamowsky, Bender & Fishman, Badger Popcorn and Concession Supply, BAE Systems SOCET, Balancer, Bank3, BARCO Rent-A-Truck, Batta Fulkerson Law Group, Bay West, Bayu Buana Travel, Beijing Time Systems, Bell Engineering, Bellflower Unified School District, Benda Grace Stulz, Benefitelect, Benworth Capital Partners, Bergman Dacey Goldsmith, Berkeley Research Group, LLC, Bestlog Logistic Solutions, Beta Dyne, Beverly Hills Oncology Medical Group, Bicing, BIND DNS, BK Technologies, Black Hills Bentonite, Blavity Inc, blockchain smart contracts (EtherHiding), Blue Cross Blue Shield of Montana, BMP Worldwide, Boilersource, Bolt Electricity, Oil & Gas, Bovavet, Boyer, BRDSoft, Bridgehead IT, Brihta, Bristol Student Union, Buffalo Games, Edaron, Ceaco, Cabinets 2000, LLC, Canada water and energy facilities, Canadian Tire, Canon imageCLASS MF654Cdw, Cape Dara Resort Pattaya, CapitalPlus Exchange, Castilla, Cavalry Consulting, CCI Tax Pros, CDS, CentOS Web Panel, Central Jersey Medical Center, Central Plate Services Limited, CESO, CEVA Logistics, CHDFS, Chi Rho Chiropractic, Chiapas Health Secretariat, Christina Development, Cisco ASA firewalls, Cisco FTD firewalls, Cisco IOS XE, Cisco networking devices (SNMP), Cisco Snort, Cisco Unified Contact Center Express (UCCX), City of Gloversville, NY, City of Houston Fire Department, TX, City of La Vergne, TN, City of Ottawa, Canada, City of Riviera Beach, FL, City of Sugar Land, TX, Clackamas Community College, Claimlinx, Clarion Safety Systems, Claude Desktop, ClearCare Periodontal & Implant Centre, Co-op Credit Union, Cocamar Cooperativa Agroindustrial, Cohen’s Fashion Optical, Coilplus, Cole Huber, LLP, Collins Aerospace, Colombia’s CNSC, Comcast, Community Unit School District 201, Computer World WLL, Conduent Business Services, LLC, ConnectWise Automate, Consolidated Restaurant Operations, ConvExx, Cooperativa Esercenti Farmacia Scrl, Core Resources Inc, Crave Management, Crenshaw Community Hospital, Crown Automotive Sales, Cursor, CyPark, D Magazine Partners, Dairy Farmers of America, Dakota Dostavka, Darvin Furniture, DataChain, Dayal Metal Containers Factory LLC, DCS Technologies Inc, Deco Dental, Defensoría del Pueblo de Colombia, Dekalb County, GA, Dell BSAFE Crypto-C, Dell CloudLink, Delmia Apriso, Delta Electronics ASDA-Soft, Delta Electronics CNCSoft-G2, Delta Electronics DIAScreen, Delta, Dental Society of La Plata, Dentsu Merkle, Dermatology Associates, Designs for Vision, Desjardin Bank Group, Desjardins, Devolutions, Dilosa Food Companies, Dimarco Group LLC, Disseny Dental, Django, dmwapp, Docker runC, Doctor Alliance, Docurail, Dodo, Doha British School, DomeWatch, Domy, Double Oak Construction, Dublin Airport, DUC App, Dulcich, Dundee City Council, Durvet, E-First Aid Supplies, East Jefferson General Hospital, Eastern Cape Department of Human Settlements, South Africa, Easterseals Arc of Northeast Indiana, Echo Lake Foods, Econo-Pak, Eligibility Tracking Calculators, Elliott Tax Service, Elmcrest Children’s Center, Encore Repair Services, ENEA, Enem Nostrum Remedies, Enessance Holdings, Engineered Profiles, Entr’ouvert Lasso, Envoy Air, Episource, LLC, Ernst & Young, Essential Cabinetry Group, Essilor of America, Eticex Hosting, evernote-mcp-server, Evogence, Evolve Mortgage Services, over 266,000 F5 BIG-IP instances, FA Servers, Fast Freight, Fatih Turizm, Fellou browser, Fidelity Pension Managers, Nigeria, Figment POS, FinWise, Fleet Landing, Flegenheimer International, Flock, Florida Marking Products, Florida-Spectrum Environmental Services, Form Energy, Inc, Fort Wayne Medical Education Program, Fouad Alghanim & Sons Group of Companies Holding, Fountains Condominium Operations, Framework Secure Boot, Francehopital, Fujifilm Biotechnologies, Fédération Internationale de l’Automobile (FIA), G & H Distributing, G-Plans, G-Xchange, Inc, G. Hauswirth Architects, Galine, Frye, Fitting & Frangos, LLP, Gardiners Solicitors, Garvin Promotion Group, Gas Generator Solutions, Gateworks Corporation, GB Mail, GCC Productions Inc. Fade In, GeBePro, Gemini Group, General Micro Systems (GMS), George E. Weems Memorial Hospital, Gerar, Gericke AG, Gerson & Schwartz Accident & Injury Lawyers, GIMP, Gittens Healthcare, Gladinet CentreStack, Gladinet Triofox, Global Go, GlobalLogic Inc, Goglia Nutrition LLC, Goodfellow & Schuettlaw, Google Chrome, Google’s Find Hub, Grande Prairie Public Library, Greater Mental Health of New York, Gulf Warranties LLC, Gullco International, Gun Accessory Supply, Habib Bank AG Zurich, Hall Estill, Harmony Brands, Harvard University, Health and Vitality Center, Health Dimensions Group, Healthy Living Market and Café, Heart South Cardiovascular Group, Heartland Health Center, Heimbrock, Heimdall Data, HeiTech Padu Berhad, Hello Cake, Hematology Oncology Consultants, Henrietta Ezeoke Law Firm, Henry Raymond & Thompson, Heywood Hospital, Hikvision iSecure Center, Hitzinger, HMP Global, Holtz Office Support, Home Assistant Green, Hometown Credit Union, Hongji Metal, Hosteur, HSBC USA, Huber, Erickson & Bowman, Huddle01, Hyundai AutoEver America, I-Tek Medical Technologies, IBEW Local 697, iCare Software, ICET Studios, ICTBroadcast, IKAD, Il Manifesto, Imagicle, Indian Spring Country Club, ING Bank, Instituto Nacional de Oftalmologia, Peru, Integrated Silicon Solution, Inc, Intel CPUs (TEE.fail), International Social Survey Programme (ISSP), International.com, Invacare, Ioxo & Stream Computers, IPrimus, Iran’s Ravin Academy, Iraqi Electoral Commission, IREM companies, Irwin Car, Izaki Group Investments, J & S Electrical And Lighting Supply, JA Jennings, Jack’s Family Restaurants, JavaScript expr-eval, Jazeera Airways, JC Auto Accident Law Firm, Jean-Georges, Jewett-Cameron, JFS Wealth Advisors, Kansas City Police Department, KS, Karnes Electric Cooperative, Kasmawi, Kaufman & Stigger, Kaufman County, Texas (twice), Kearney Public Schools, NE, Kelowna airport, BC, Kettering Health, Khan and Associates CPA, Khatami Law, KHL Printing, Kipp & Christian, Kirby Corporation, KIS Asset Evaluation, KISS FM, Kitchen Design Concepts, KLA Instruments, Klae Construction, Kobayashi, Koch & Co, Koch & White Heating & Cooling, Koncise Company, Kottster Server, Krita, KT Corp, Kubernetes runC, Kudela & Weinheimer, Kumwell, Kwik Mix Materials, LaBonne, Land Title Guaranty, Lanscope Endpoint Manager, LaRosa’s Pizzeria, Latona Trucking, 42 Latvian municipalities, Laxmi Niwas Palace, Legacy Health, Legacy Manufacturing, Legal Aid Agency, Lexmark CX532adwe, LG U+, LGAA LLC, Lidera Network, LifeBridge Health, Limocar, Lincoln University, LMHT Associates, LNER, Logitech, Long Island Weight Loss Institute, Lorber, Greenfield & Polito, LLP, Louvre Museum, LP Insurance, LuBian, Ludwigshafen, Germany, Luis Garratón, Lumma Stealer, Luxury Escapes, Lüks Artvin Seyahat, M-TIBA, Mack Energy, Magna Hospitality Group, Mailing.com, Maine Course Hospitality Group, Mainetti UK, Maki Building Centers, Malibu Boats Australia, Manassas City Public Schools, Mango, Mango’s Tropical Cafe, Manko Window Systems, Marine Turbine Technologies, Marmotech, Matlusky, Max.ru, Mayco International, McDonald Building, McIntosh Labs, Mciver Engineering & Controls, Mecanex USA, MedImpact, Meinhardt Group, Meritage Hospitality, Metal Pros, Methodist Homes of Alabama & Northwest Florida, MetroWest Community FCU, Mexican Bank Debtor, Michael R. Schwartz, MD, FACS, Microbix Biosystems, Microsoft SharePoint, Microsoft Teams, Microsoft Windows, Middlesex Appraisal Associates, Middlesex Endodontics, Miljödata, Mission City Community Network, Inc, Modernizing Medicine (ModMed), Mold In Graphic Systems, Monsta FTP, Montage Marketing Services, Moonlight Basin, More Than Gourmet, Morris Communications Company LLC, Motex Lanscope Endpoint Manager, Mountain West, Moxa security appliances, MS Metal Solutions, MSC-Wireless, Mt. Baker Imaging, Muji, MusikComputer GmbH, MyCardiologist, MyVidster, NAHGA Claims Services, NasDem Party, National Coatings, National Informatics Centre (NIC) Kavach, National Institute of Administration, Navigator Business Solutions, Nelligan White Architects, NetcoreCloud, Netgate pfSense CE, New Toyo International Holdings Ltd, Newk, Newmark Healthcare Services, Nikkei, Nintendo, NJ Lenders Corp, Noble Compaña de Seguros, Nobu Restaurants, Noroaco, Northern Light Technologies, Northern Montana Health Care (NMHC), Northwest Radiologists, NurseSpring, NVIDIA CPUs (TEE.fail), OB-GYN Associates, OCI International Holdings, Oglethorpe, OMS, One Agency Eastlakes, oobabooga, OpenAI Assistants API, OpenAI Atlas browser, OpenEyes Technologies, Opera Neon, Oracle E-Business Suite, Oracle VirtualBox, Origin Energy, Origin, Oscars Group, Ouranos, Outcomes One, Inc, OYO Hotel & Casino Las Vegas, Palacios Marine Industrial (PMI), Palomar Health Medical Group, Pan-American, Pangea, Paris Rétina Vision, Paterson & Dowding, Patron Insurance, Patterson-Schwartz & Associates, Inc, PCB Uitvaartzorg, People’s Postcode Lottery, PeopleGuru Holdings, Inc, Peppermint Properties, Peraso, Perplexity Comet, Phia Group, Phillips Hue Bridge, Phillips Printing Company, Phoenix Village Dental, PHP CGI, PHPUnit, Pine Pharmaceuticals, Pinto Coates Kyre & Bowers, Pittsburgh Gastroenterology Associates, Pixar OpenUSD, Plastics Extrusion Machinery, Platinum Wines & Spirits, PLP SoCal, Pocatello Ready Mix, Polymarket, Ponzini SPA, Post Ranch Inn, PQCNC Hospitals, Precision Machined Products, Prime Dental, Pritchard Brown & Chillicothe Metal, Productive Tool Products, Professional’s Choice Sports, Propertyfinder / PropSpace CRM, Prosper, Prova, Provincial Department of Health Services Sri Lanka, Pruksa Holding, PT Kalimantan Prima Persada, Pulse Urgent Care Center, Punjab Forensic Science Agency, Qatar Gas and Tar Company, Iran, QNAP Qhora-322, QNAP TS-453E, Radiant Capital, Ravin Academy, React Native CLI, Real Estate Specialists, Reese Group, Regency Specialist Hospital, Resana, Revive Adserver, Rex-Hide, Ribbon Communications, Richmond Behavioral Health Authority, Riddell Law Group, Right at Home, Ringmor, Rios Espinosa, Ritz, Clark & Ben-Asher, River City Eye Care, RKA Consulting Group, Roblox, Rockhill Women’s Care, Rockstar, Rogers Mechanical, Romanian National Penitentiary Association (ANP), Ronemus & Vilensky, Royal Thai, RPI Roofing, Sai Mai Hospital, Saigon Industrial Service, Samera Health, Samsung Android, Samsung Galaxy S25, San Benito County, CA, San Bernard Electric Cooperative, San Diego Automotive Museum, Santander Bank, SAP Solution Manager, Sarulla Operation, Saturday Spotlight, Saturn Machine, Sauter Modulo, Saxun, Scales Sales & Service, Scouts Canada, Seasons Federal Credit Union, Sedgebrook, Selig Enterprises, Sellars Absorbent Materials, Sensational Teeth, Sensory, Servicios del Valle del Fuerte, Mexico, Seward County, KS, Shadrix & Parmer, Shands Elbert, Shaparak, Shelbyville Police Department, Shollenberger Januzzi & Wolfe, SHRM New Mexico, SIAD, Sierra Vista Hospital & Clinics, Signet Armorlite, Silverado Contractors, Inc, Silverlake Axis, Simon Property Group, Sincros Lab, SK Shieldus, SK-Telecom, Snipe-IT, Soapy Joe’s Car Wash, Soft Serve, Software Unlimited Corp, Sold Real Estate, SonicWall, Sonos Era 300, Sotheby’s, SourceOne Corporation, South African Revenue Service (SARS), South Alabama Regional Planning Commission, South Atlanta Medical Clinic, Speedmais, Spijkermat, Spindletop Center, Sports Medicine and Orthopaedics, Sprague & Jackson, St Stephen’s International, Stephenson’s Rental Services, Stowaway Storage, Studio Corvo Parma, Sullivan Interests, Summit Golf Brands, Summit Hotel Properties, Sunnyvale Elementary School District, Super Quik, Super Value, SuperGrosz, Superior Air Parts, Superior Court of California for the County of San Joaquin, Superior Linen Service, Svenska Kraftnät, Sydney Centre for Ear, Nose & Throat, Sylvester Roofing, SymbolTransport, Synnovis, Synology ActiveProtect Appliance DP320, Synology BeeStation Plus, Synology CC400W, Synology DiskStation DS925+, Systems Integrated, Tass Meister Patent Firm, Tavo Packaging Inc, TBM Service Group, TELACU Property Management, Inc, TENAX Law Group PC, Tenryu America, Tex-Tube, Thailand’s Department of Agricultural Extension (DOAE), The Blood and Marrow Transplant Group of Georgia, The Fence People, The Gerson, The Job Shop, The Laxmi Niwas Palace, The Phia Group, The Thayer Hotel, The Union League of Philadelphia, ThinkPHP, Thompson Dorfman Sweatman, Time Equities, TISZA Világ, TMF Logistics, Toys R Us Canada, TP-Link Festa routers, TP-Link Omada gateways, Trans7, Travere Therapeutics, Tri City Foods, Tri-Century Eye Care, Trojan Construction & Holding Group, Truffle Security Co. TruffleHog, Truro Cannabis, Tryon Distributing, Ubiquiti AI Pro, 8 UK Ministry of Defence bases, UK National Health Service (NHS), UniCursos, Unigym Gatineau, UnitedLayer, University of Cádiz, University of Pennsylvania, UrbanX, US Attorneys Office (USAO), US Congressional Budget Office (CBO), US Department of Homeland Security (DHS), US Department of Justice (DOJ/FBI), US Federal Aviation Authority (FAA), US Immigration and Customs Enforcement (ICE), US National Security Administration (NSA), USB Memory Direct, UScraft, Vanan Online Services, Vascara, Vietnam, Veeam Agent, Verdugo Hills Dental, Verisure, Vertikal Systems, Vexels, Vibra Hospital, Victorian Chemical, Victory Christian Center, Village of New Lenox, Ville de MontLaurier, Vinomofo, Vitalmex, VIZ Media, Volkswagen, Vrata Tech, VZW Avalon, Wakefield & Associates, WarmBlue, Washington Post, WatchGuard Firebox, WatchGuard Fireware, Watsonville Community Hospital, Waveny LifeCare, We R Family Foundation, Weber, Weintraub Traub Tracy & Virk Cra’s LLP, West Welch Reed Engineers, Western Sydney University, WhatsApp, Wheale Law Firm, Windows Server Update Service (WSUS), Windsurf, Winholt Equipment Group, Wisconsin Department Of Corrections, Wits University, Wood PLC, WordPress Anti-Malware Security and Brute-Force Firewall plugin, WordPress Gravity Forms plugin, WordPress GutenKit plugin, WordPress Hunk Companion plugin, WordPress JobMonster theme, WordPress King Addons for Elementor plugin, WordPress Post SMTP plugin, WordPress Slider Revolution plugin, Workers Compensation Insurance Rating Bureau of California, Wright Tool, Wright-Gardner Insurance, X.Org Server, Xortec, Xubuntu website, XWiki, Yaesu, Yas Takaful Dubai Insurance, Zacho-Lind, Zierick Manufacturing Corporation, Zoho ManageEngine, Zoom Workplace, and ZZ Dats have reported hacking or compromises this month.
Amazon Web Services (AWS US-EAST-1), Microsoft 365, Microsoft Azure (more than once), Microsoft Security Response Center, and YouTube have suffered from outages this month.
Internet access throughout Bermuda, Cameroon, Dominican Republic, Italy, Jamaica, Kenya, Pakistan, Philippines, Tanzania, and Ukraine has been blocked our down for extended periods.
Last months updates broke Cisco Duo, HP OneAgent / Microsoft Entra ID, Microsoft Internet Information Server (IIS), Microsoft Outlook, smart card authentication, sprotect.sys compatibility, USB mouse and keyboard in WinRE, wallpaper managers, Windows 11 Media Creation Tool, Windows Task Manager and Start menu, and the Windows Update Hotpatch service.
There’s a new type of worm out there. GlassWorm uses a combination of Solana, UTF-concealed code, and remote access trojans to ensure that it’s impossible to shut down or kill from the top-down while still being fully manageable by the people behind it. In addition, it uses compromised developer accounts to propagate by uploading itself to their repositories in order to grow the botnet to new audiences. This signals the first major use of these three aspects in combination and the first software of its kind to operate with no centralized command-and-control server. This evolution is going to cause a massive change in how we deal with security incidents and how we protect our devices.
Half of all the satellites in orbit are exposing your information in clear text.
Nearly 2 billion accounts from hundreds of thousands of different platforms have been disclosed in a credential stuffing database (Synthient). While this appears to mostly be the result of stealer logs (the result of hacked devices), there is a lot of duplication in the data which demonstrates a lot of password re-use and thus a high chance of other accounts being abused as a result.
The boss of a defense contractor, Trenchant, has been selling exploits to foreign governments.
The Louvre Museum security system was “hacked” in order to enable thieves to steal the crown jewels. It’s hardly hacking when the password was so stupid.
“Beware that, when fighting monsters,
you yourself do not become a monster.”
— Friedrich Nietzsche
SpaceX disabled 2,500 Starlink terminals in Asia to curb their use by scammers.
Now back to our regularly scheduled program.
Patch Tuesday is relatively small this month. The typical computer should see roughly 4.0 GB in updates today. Let’s get started.
Microsoft released 41 updates to address 68 vulnerabilities in Azure Monitor Agent, Customer Experience Improvement Program (CEIP), Dynamics 365 Field Service (online), GitHub Copilot and Visual Studio Code, Host Process for Windows Tasks, Microsoft Configuration Manager, Microsoft Dynamics 365 (on-premises), Microsoft Edge, Microsoft Graphics Component, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Streaming Service, Microsoft Wireless Provisioning System, Multimedia Class Scheduler Service (MMCSS), Nuance PowerScribe, OneDrive for Android, SQL Server, Storvsp.sys Driver, Visual Studio, Visual Studio Code CoPilot Chat Extension, Windows Administrator Protection, Windows Ancillary Function Driver for WinSock, Windows Bluetooth RFCOM Protocol Driver, Windows Broadcast DVR User Service, Windows Client-Side Caching (CSC) Service, Windows Common Log File System Driver, Windows DirectX, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows License Manager, Windows OLE, Windows Remote Desktop, Windows Routing and Remote Access Service (RRAS), Windows Smart Card, Windows Speech, Windows Subsystem for Linux GUI, Windows TDX.sys, Windows WLAN Service, and MSRT. This includes security updates. A reboot is required.
Oracle released 374 security updates this quarter to address 170 vulnerabilities in 29 product lines.
Apple released updates for iOS 18.7.2, iOS 26.1, iPadOS 18.7.2, iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, Safari 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1, and Xcode 26.1. This includes security updates. Use Apple Software Update to install the most current versions.
iOS 18.7.2 and 26.1 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 18.7.2 and 26.1 are security updates. Use Settings, General, Software Update to install the most current update.
watchOS 26.1 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 26.1 is a security update. Use System, Software Update to install the most current version.
visionOS 26.1 is a security update. Use System, Software Update to install the most current version.
Google ChromeOS 141.0.7390.115 and ChromeOS LTS 138.0.7204.296 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Fedora 43 updates libraries, adds Hare support, changes UEFI+MBR requirements, and enables automatic updates. This is not a security update.
https://getfedora.org/en/workstation/download/
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Tahoe (26.x) means that macOS Ventura (13.x) and older are no longer supported. If you can not install at least macOS Sonoma (14) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The current — and final — release of the Windows 10 (v22H2) is end of life (EOL). All non-LTS versions of Windows 10 without ESU are now out of support, with the sole alternatives being to upgrade to Windows 11 or enable Extended Service Updates (ESU). If you aren’t sure whether you are using LTS, you aren’t. Enable the ESU now.
The current release of the Windows 11 (v25H2) is very large (30% larger than any previous release) so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, drivers for hardware you’re not using (like old printers), and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
AMD Adrenalin 25.10.2 is a security update.
https://www.amd.com/en/support
BullZip PDF Printer 2025.2.0.2990 is a security update.
https://www.bullzip.com/products/pdf/info.php#download
Epson ET-2720 2.100.00 is a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2720/s/SPT_C11CH42201?review-filter=Windows+10+64-bit
Epson ET-2988 3.60.00 is a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2988/s/SPT_C11CL41203?review-filter=Windows+11
Epson ET-15000 3.60.00 is a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-15000/s/SPT_C11CH96201?review-filter=Windows%2010%2064-bit
MTPdrive 4.5.179 resolves a stability bug. This is not a security update.
https://www.mtpdrive.com/
Plustek ePhoto Z300 6.7.0.5 resolves a couple bugs. This is not a security update.
https://plustek.com/us/products/film-photo-scanners/ephoto-z300/support.php
TP-Link Archer A6 v3 250718 improves stability and PPPoE support. This is not a security update.
https://www.tp-link.com/us/support/download/archer-a6/v3/#Firmware
TP-Link Archer AX72 v1.60 250814 is a security update.
https://www.tp-link.com/us/support/download/archer-ax72-pro/#Firmware
UniFi U6 Professional 6.7.33 adds packet capture, Roaming Assistant, 5GHz channel selection, mesh improvements, and resolves a dozen bugs. This is not a security update.
https://www.ui.com/download/software/u6-pro
One or more of these are likely to be of interest to everyone.
Brave 1.84.132 is a security update.
https://brave.com/
Firefox 145.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 140.5.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Google Chrome 142.0.7444.134 is a security update.
https://www.google.com/chrome/
Microsoft Edge 142.0.3595.69 is a security update.
https://www.microsoft.com/en-us/edge/business/download
SeaMonkey 2.53.22 is a security update.
https://www.seamonkey-project.org/
One or more of these are likely to be of interest to everyone.
DavMail Gateway 6.5.1 resolves several bugs. This is not a security update.
https://davmail.sourceforge.net/
Spark 3.27.2.122708 ramps up the AI integration. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.27.2.122707 ramps up the AI integration. This is not a security update.
https://sparkmailapp.com/
Thunderbird 144.0.1 is a security update.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
AnyDesk 9.6.4 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads
AnyDesk (macOS) 9.5.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads
curl 8.17.0 resolves dozens of bugs. This is a security update.
https://curl.haxx.se/windows/
Discord November 4, 2025 resolves dozens of bugs. This is not a security update.
https://discord.com/download
Dropbox 236.4.5918 resolves several bugs and improves stability. This is not a security update.
https://www.dropbox.com/
Google Drive 117.0 is a security update.
https://drive.google.com/start
MeshCentral 1.1.53 resolves a couple bugs and improves UI controls. This is not a security update.
https://meshcentral.com/info/downloads.html
Mumble 1.5.857 is a security update.
https://www.mumble.info/
Nextcloud Server 32.0.1 updates libraries and resolves dozens of bugs. This is a security update.
https://nextcloud.com/
OneDrive 25.184.0921.0004 adds Copilot actions, improves offline mode, renames binaries, and adds the ability to cleanly opt out of the OneDrive Backup service. This is not a security update.
https://support.microsoft.com/en-us/onedrive
Rclone 1.71.2 updates libraries and resolves several bugs. This is a security update.
https://rclone.org/
Signal 7.78.0 resolves a couple bugs. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.63.3 adds split-screen support, improves performance and resolves many bugs. This is not a security update.
https://signal.org/android/apk/
Syncthing 2.0.11 migrates database to SQLite, improves log structure, changes CLI syntax, and resolves several bugs. This is not a security update.
https://syncthing.net/
Technitium DNS Server 14.0.1 is a security update.
https://technitium.com/dns/
Telegram 6.2.4 makes a couple minor changes in the UI and resolves crash bugs. This is not a security update.
https://telegram.org/
WinSCP 6.5.4 is a security update.
https://winscp.net/eng/index.php
Zoom 6.6.6.19875 resolves several bugs. This is not a security update.
https://zoom.us/
These are unlikely to be of interest to most people.
3tene 4.0.22 resolves several bugs related to facial tracking. This is not a security update.
https://en.3tene.com/
Grayjay 342 resolves a couple bugs. This is not a security update.
https://grayjay.app/index.html
iTunes 12.13.9.1 is a security update.
https://www.apple.com/itunes/download/
These are unlikely to be of interest to most people.
Minecraft Server (Bedrock) 1.21.122.2 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
Nintendo Switch 21.0.0 updates cosmetics and cloud settings, and resolves a couple bugs. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
PS5 2025.101 displays more hardware details and messaging. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
SteamOS SteamDeck Update 2025.11.06 improves UI and resolves a couple bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/
One or more of these are likely to be of interest to most people.
Adobe Format Plugins 1.1.2 is a security update.
https://helpx.adobe.com/security/products/formatplugins/apsb25-114.html
Adobe Illustrator 29.8.3 and 30.0 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb25-109.html
Adobe Illustrator Mobile 3.0.10 is a security update.
https://helpx.adobe.com/security/products/illustrator-mobile-ios/apsb25-111.html
Adobe InCopy 21.0 and 20.5.1 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb25-107.html
Adobe InDesign ID21.0 and ID20.5.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-106.html
Adobe Pass 3.8.0 is a security update.
https://helpx.adobe.com/security/products/pass/apsb25-112.html
Adobe Photoshop 26.9 is a security update.
https://helpx.adobe.com/security/products/photoshop/apsb25-108.html
Adobe Reader DC 25.001.20844 resolves stability bugs. This is not a security update.
https://get.adobe.com/reader
Adobe Substance 3D Stager 3.1.6 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-113.html
Calibre 8.14.0 resolves several bugs. This is a security update.
https://calibre-ebook.com/
Columns++ 1.3 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus
LibreOffice 25.2.7 resolves over 40 bugs. This is not a security update.
https://www.libreoffice.org/
Nextcloud Desktop 4.0.1 resolves several bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.8.7 adds a publisher certificate for the installation packages and resolves several bugs. This is a security update.
https://notepad-plus-plus.org/
OpenOffice 4.1.16 is a security update.
https://www.openoffice.org/download/
Paint.net 5.1.11 resolves several bugs. This is not a security update.
https://www.getpaint.net/
PDF-XChange Editor 10.7.5.403 updates libraries and resolves several bugs. This is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.
Fedora 43 updates libraries, adds Hare support, changes UEFI+MBR requirements, and enables automatic updates. This is not a security update.
https://getfedora.org/en/workstation/download/
Google ChromeOS 141.0.7390.115 is a security update. Use Help, About to install this update.
Google ChromeOS LTS 138.0.7204.296 is a security update. Use Help, About to install this update.
iOS 18.7.2 and 26.1 are security updates.
https://support.apple.com/en-us/100100
iPadOS 18.7.2 and 26.1 are security updates.
https://support.apple.com/en-us/100100
macOS Tahoe 26.1 is a security update.
https://support.apple.com/en-us/100100
macOS Sequoia 15.7.2 is a security update.
https://support.apple.com/en-us/100100
macOS Sonoma 14.8.2 is a security update.
https://support.apple.com/en-us/100100
tvOS 26.1 is a security update.
https://support.apple.com/en-us/100100
visionOS 26.1 is a security update.
https://support.apple.com/en-us/100100
watchOS 26.1 is a security update.
https://support.apple.com/en-us/100100
One or more of these is likely to be of interest to most people.
KeePass 2.60 adds group path search, consistent shortcuts and hot keys, improved import options, and improves several other UI and integration features. This is not a security update.
https://keepass.info/
ProtonVPN 4.3.5 resolves several bugs and adds FIDO2 security key support. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest
RogueKiller 16.5.1 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/
SanDisk PrivateAccess 6.4.14.0 adds messaging signaling that the software is now end of life and should be removed as soon as possible. Migrate your data out of PrivateAccess and remove it.
https://support-en.wd.com/app/answers/detailweb/a_id/48025
Stinger 13.0.0.562 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
uBlock Origin 1.67.0 resolves a couple bugs and improves various features. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
WebBrowserPassView 2.18 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html
YARA 4.5.5 resolves several bugs. This is not a security update.
https://github.com/VirusTotal/yara/
These are unlikely to be of interest to most people.
Open Broadcaster Software 32.0.2 resolves a couple crash bugs. This is not a security update.
https://obsproject.com/
These are unlikely to be of interest to most people.
DVDFab 13.0.5.1 adds support for new encodings and improves menu editing. This is not a security update.
https://www.dvdfab.cn/download.htm
StreamFab 6.2.6.2 adds multithreading, improves compatibility, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm
UniFab 3.0.3.1 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm
One or more of these are likely to be of interest to most people.
Zotero 7.0.27 resolves several bugs. This is not a security update.
https://www.zotero.org/
Zotero (macOS) 7.0.29 resolves Safari and Word clipboard issues. This is not a security update.
https://www.zotero.org/
These are unlikely to be of interest to most people.
1Password 8.11.18 resolves several bugs. This is not a security update.
https://1password.com/downloads/
Beyond Compare 5.1.6.31527 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download
Bitwarden 2025.10.0 improves observation of data ownership policies, adds direct importer for Chromium browser accounts, and resolves several bugs. This is not a security update.
https://bitwarden.com/
BulkFileChanger 1.74 resolves a field copy bug. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html
CCleaner 7.01.1042 resolves several bugs and renames several features. This is not a security update.
https://www.ccleaner.com/
Cygwin 3.6.5 resolves several bugs. This is a security update.
https://cygwin.com/
DesktopOK 12.21 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.6.39.0 resolves several bugs. This is a security update.
https://dngrep.github.io/
Everything 1.4.1.1030 is a security update.
https://www.voidtools.com/
Everything SDK 1.4.1.1030 is a security update.
https://www.voidtools.com/support/everything/sdk/
Everything Toolbar 2.1.1 resolves a couple bugs. This is a security update.
https://github.com/stnkl/EverythingToolbar/
ExplorerPatcher 26100.4946.69.6 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/
Fing 3.9.2 adds PDF reporting and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows
Git SCM 2.51.2 resolves several bugs. This is not a security update.
https://git-scm.com/
GoodSync 12.9.14 resolves several bugs. This is not a security update.
https://www.goodsync.com/
Homedale 2.22 improves filtering. This is not a security update.
https://www.the-sz.com/products/homedale/
LessMSI 2.10.4 resolves a selection bug. This is not a security update.
https://lessmsi.activescott.com/
MPAM 1.441.121.0 adds support for new detections. This is not a security update.
https://www.microsoft.com/en-us/wdsi/defenderupdates
MultiMonitorTool 2.21 resolves a stability bug. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html
NTLite 2025.11.10669 adds support for Windows 24H1 and updates component support. This is not a security update.
https://www.ntlite.com/download/
PolicyPlus October 2025 updates included policies. This is not a security update.
https://github.com/Fleex255/PolicyPlus/releases
PowerToys 0.95.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
Process Explorer 17.07 adds strings for Arm64 binaries and fixes a notification bug. This is not a security update.
https://learn.microsoft.com/sysinternals/downloads/process-explorer
PSAppDeploy 4.1.7 resolves several bugs and improves compatibility. This is not a security update.
https://psappdeploytoolkit.com/
Remotly 1.35.0 adds UPnP port forwarding. This is not a security update.
https://remotly.com/
RDCMan 3.11 enables Entra ID login. This is not a security update.
https://learn.microsoft.com/sysinternals/downloads/rdcman
ripgrep 15.1.0 resolves a bug with line buffering. This is not a security update.
https://github.com/BurntSushi/ripgrep/releases/latest
RoboForm 9.8.3 resolves a security bug. This is a security update.
https://www.roboform.com/
WinGet 1.12.350 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest
WinScan2PDF 9.44 adds support for newer hardware. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
ZoomIt 9.20 adds ability to export to MP4 and GIF. This is not a security update.
https://learn.microsoft.com/sysinternals/downloads/zoomit
These are unlikely to be of interest to most people.
.NET Runtime 9.0.10 and 10.0.0 are security updates.
https://dotnet.microsoft.com/en-us/download/dotnet
Android Studio 2025.2.1.7 resolves several bugs. This is not a security update.
https://developer.android.com/studio
DB Browser for SQLite 3.13.1 resolves several bugs and improves compatibility. This is not a security update.
https://sqlitebrowser.org/
GameMaker Studio 2024.14.0.207 is a security update.
https://www.yoyogames.com/en/gamemaker
GDevelop 5.5.245 adds new templates and resolves several bugs. This is not a security update.
https://gdevelop.io/download
GitHub Desktop 3.5.4 is a security update.
https://desktop.github.com/
Go 1.25.4 resolves several bugs. This is not a security update.
https://go.dev/
Inno Setup 6.6.0 improves dark mode, custom styling support, and pascal scripting. This is a security update.
https://www.jrsoftware.org/isdl.php
Java 8u471 is a security update.
https://www.java.com/en/download/manual.jsp
Node.js 22.21.1 resolves several bugs. This is not a security update.
https://nodejs.org/en/
Node.js 24.11.0 marks the transition to LTS. This is not a security update.
https://nodejs.org/en/
Node.js 25.1.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/
SQLite 3.51.0 adds a couple new macros, improves JSON support and CLI capabilities, and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html
TortoiseGit 2.18.0 updates libraries and resolves several bugs. This is not a security update.
https://tortoisegit.org/
Visual Studio Code 1.105.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/
WinMerge 2.16.52 resolves several bugs. This is not a security update.
https://winmerge.org/
These are unlikely to be of interest to most people.
VirtualBox 7.2.4 resolves several bugs and improves compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads
These are likely to be of interest only to web developers.
HumHub 1.17.4 adds a nonce for OEmbeds and resolves several bugs. This is a security update.
https://www.humhub.com/en
MailEnable 10.54 resolves several bugs and improves logging. This is a security update.
https://www.mailenable.com/
ownCloud Client 6.0.2.17506 is a security update.
https://owncloud.com/desktop-app/
Piwigo 15.7.0 is a security update.
https://piwigo.org/
Contact Form 7 6.1.3 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/
Email Log 2.62 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/email-log/
WordPress Importer 0.9.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/
Welcome back, Folks!
Today is Patch Tuesday for October, 2025.
If your Windows 10 computer can not be upgraded to Windows 11 then you should either replace your device or use the Windows 10 ESU program to get another year out of it.
Windows 11 25H2 is now available and Windows 11 23H2 and older are no longer supported. Treat Windows 11 25H2 as beta software and wait a few months before upgrading.
macOS 26 Tahoe is now available and macOS 13 Ventura and older are no longer supported. Treat macOS 26 as beta software and wait a few months before upgrading.
There were 560+ major hacks, and over 390 application updates this month. It’s a very large month, with about 4.5 GB of updates for most users.
2GO Group, 7-Zip, Action Property Management, Inc, Acuna Fombona, Adobe Acrobat Reader, Adobe Analytics, Adpost, AES Clean Technology, AGETIC Bolivia, AIP Asset Management, Airspan Networks, Akulaku, Albany Gastroenterology Consultants, Alexander McQueen, Allegra DatabaseBackupBL, Allgäu Stern Hotel, Allianz Life Insurance Company of North America, Allied Services Division Welfare Fund, Altos, AMD SEV-SNP, Amelia Overhead Doors, American Archive of Public Broadcasting, American First Finance, American Income Life Insurance, Amos Space, AMS Fulfillment, Anchorage Neighborhood Health Center, Animeify, Ansell, António Belém & António Gonçalve, AOS, Inc, ApolloMD Business Services, AppFolio, Inc, Apple, Apple macOS, Aquarium of the Pacific, Archer Health, Archway Cookies, ARINC, Armalife, Artists&Clients, Asahi, Assaf Harofeh Medical Center, Asserson, Assisted Living Pharmacy Service, Astra Otoparts, AT&T, Atlas Pressed Metals, Aurora Emergency Physicians, Australia NSW Reconstruction Authority, Autodesk AutoCAD, Autodesk Revit, AutohausMalin, AV Services Barcelona, Avalara, Inc, Avira Prime, Avnet, AZpro Group, Bader Gruppe, Balenciaga, BAM, BancoCapital Ecuador, Batesky Law Office, BBOT, BCR Recouvrement, Belkorp Ag, LLC, Benworth Capital Partners, Bignault & Carter, BK Technologies, Black Hills Regional Eye Institute, BMW Group, BNB Chain, Bortolazzo Group, Bouygues Telecom, Boyd Gaming Corporation, Brancosoft, Braun Electric Company, Inc, Brightstar Lottery, Brunei Postal Services Department, Burlingame School District, Business Integra, BW-RF, Bykea, California Golf Club of San Francisco, California International Bank, NA, Cancel the Hate, Cardinal Machinery, Cascade Pacific Pulp LLC, Cayetano Heredia National Hospital of Peru, CCI Financial, Inc, CCleaner, CCMC, Cell Journal, Centers Laboratory, Central Valley Regional Center, Cesanta Mongoose, Chapter 13 Texas, ChatGPT Deep Research, Chess.com, Chicago Botanic, China’s Great Firewall, Chroma ATE, CIC Vietnam, Cineplanet, Circle K, Cisco Adaptive Security Appliance, City of Pittsburg, California, City of St Joseph, MO Health Department, City of Sugar Land, Texas, ClaimPix, Clarins, Clifford Paper Inc, CNH Industrial, Cobra Rolamentos, Cofiex Asesoría de Empresas, Coinbase, College Hometown Pharmacy, College Parkside Pharmacy, Collins Aerospace, Collins Systems, Comcast, Community Health Network, ComTec Systems, Conduent Business Services, LLC, Cookeville Regional Medical Center, Corban OneSource, Cornwall Council, Cornwell Quality Tools, County of Orange Office of Care Coordination, County of Stanislaus, CA, Credera, Crenshaw Community Hospital, occupied Crimea, Crypto.com, Cultura, Cyprus Post, Daily Printing, Dana-Farber Cancer Institute, Dassault Systèmes eDrawings Viewer, Dataforth, DDR5 Memory (Phoenix RowHammer), Decisely Insurance, Delek Group, Delta Electronics COMMGR, Delta Electronics DIALink, Department of Information and Communications Technology, Derriford Hospital, Digilent WaveForms, Digital Charging Solutions, Dimensional Control Systems, Discord, Django, DNC, Doctors Imaging Group, Dorset Council, DraftKings, DrayTek Vigor routers, E3 Site Supervisor, Earthadelic, EBA Engineering, eCapital Corp, Eckerd Connects, Edro Real Estate, Electoral Court of Uruguay, ELS Surveying, Emergency Responders Health Center, EMPIRE Distribution Inc, Episource, LLC, European airports, FAI Aviation Group, Fairmont Federal Credit Union, Falco Electronics, Family & Community Services, Fast Track, Feathers.ae, Ferus Smit, Field and Goldberg, FinWise Bank, Five Star Mechanical Inc, Flowise, Fort Wayne Medical Education Program, Fortra GoAnywhere MFT, Franklin Dermatology Group, PLC, FreeOnes, FreshRSS, Friedrich-Alexander-Universität, Friends of National Rifle Association of America (NRA), FTCS Forage, Fuji Electric FRENIC-Loader, Fundline Finance Corporation of the Philippines, Future Generali, FysioRoadmap, Gaylord Specialty Healthcare, General Directorate of Taxes and Estates, Generali Central Life Insurance, GIMP, GitHub Copilot, GitHub, GITSIT Solutions, LLC, Gladinet CentreStack and Triofox, Glenwood Management, Global Sumud Flotilla, GloboTech Communications, Google Chrome, Google Gemini, Google Law Enforcement Request System (LERS), Goosehead Insurance Agency, LLC, Goshen Medical Center, Grupo Serex, Gucci, Hacienda La Puente Unified School District, Hamdard Pakistan, Hampton Regional Medical Center, Hana Financial Inc, Harbor Diesel & Equipment, Harris Health, Harrods, Harvard University, Hathijobs, Hauts-de-France, HE Parks, Healthcare Interactive, Helity Copter Airlines, Hello Cake, Inc, HIEC, Hillside Library, Hitachi HTA, HomeRefill, Huawei Technologies, Hub Asset Management, Ideal Bathrooms, IMSS, Indian government’s tax authority, Indonesia Ministry of Education, Indonesian National Police, Insight Partners, Insightin Health, Insightly, Institute of Culinary Education, Integrity Testing & Safety Administrators, Intelliloan, Invoicely, IONODES, Israeli Nuclear Program, Ivanti Endpoint Manager, J E Stacey & Co, J Lorber, JASCO Applied Sciences, Jaspersoft Jasper Reports, K Shipbuilding, Kanal ZERO, Kering, Kevmor Trade Supplies, Key 4 Energy, Keys Pathology Associates, KFC Venezuela, Khan Academy, Kido nurseries, KillSec, Kiple, Kitevuc, Kronospan, Kstati, KT Corp, Kubernetes elections.k8s.io, a major Kuwaiti Construction Firm, La Perouse Medical Billing, Lake Haven, LAMMCO, Latest Pilot Jobs, Lautrec, Law Offices of James Scott Farrin, Lawrence Berkeley National Laboratory, Legacy 5, Legal Practice Board of Western Australia, Leprohon, LGB, Liberty Dental Town, Libraesva, LIC India, Linux Kernel, Linxx Global Solutions, Lipapromet, LiteLLM, Liverpool City Council, LNER, Lorain Emergency Physicians, Loteria de Medellin, Lotte Card, Ludlow Construction, Lux Actuaries & Consultants, LWG Inc, Maida.health, Main Electric Supply Company, Marshall County Schools, Maruji & Raines, Maryland Transit Administration, Mavis Tire Supply, MCBS, LLC, McDonald’s, Mecklenburg County Public Schools, Medical Associates of Brevard, Medicare Compare, Medkar, Medstar Health, Melis Platform CMS, Memphis Millwork, Meridian Valley Laboratories, MetalSoft, Methodist University, MFO ITALIA, Michael Strain Builders, Michigan City, Indiana, Microsoft, Microsoft .NET, Microsoft Entra ID, Microsoft IE mode, Mid South Rehab Services, Migración Colombia, Milesight Industrial Cellular Routers, Miljödata, Mill Bay Marine Group, Milliman Financial Risk Management LLC, MindManager, Mission City Community Network, MLflow, Mobydick Asset Management, Monero, Monterey Mushrooms, LLC, Motility Software Solutions, MPM Imports, MSB, MyHomemadePorn, Naftali Group, Namibia Student Financial Assistance Fund, Natoli Engineering, Neon, New York Blood Center Enterprises, News-Press & Gazette, Nintendo, Normandy, North America Construction (NAC), North Oaks Health System, Northern Rivers Resilient Homes Program, Northwest Medical Specialties, NP3 Benefícios, Nurture Care, Nvidia Merlin, OC Maine, Olive Branch Emergency Physicians, Omise, OneBlood, OneLogin, OnePlus OxygenOS, Open Practice Solutions, LTD, OpenPLC, Oracle E-Business Suite, Organon, Orion Engineering, Orwell Housing Association, OutcomesOne, Panama’s Ministry of Economy and Finance, Pangborn, Parivesh, Passaic Hospitalist Services, Passaic River Physicians, Paul Rossi Law Offices, Payactiv, Inc, Pays de la Loire, Peavey Electronics Corporation, Pediatric Otolaryngology Head & Neck Surgery Associates, Pennsylvania Attorney General’s Office, Pennsylvania Hospitalist Group, Pensacola Hospitalist, People Encouraging People, Perennial, Perplexity’s Comet AI browser, Perth Operationnal Technology, Pestbusters, Petro-Diamond, PGA Development, Inc, Pharmacie.ma, PHI Centre, Philippine Department of the Interior and Local Government, Philippine Land Transportation Office, Planet WGR-500, Plex, Podo Asset Management, PortSwigger Burp Suite MCP, PowerSchool, Preccs, Print Media Association, Professional Trust Company, Promchimexport, Prospect, Prosper, PS&KP Motor, PTR Asset Management, Pulkovo Airport, Pyramid Global Hospitality, R3 Consulting, Radiology Associates of San Luis Obispo, Razer Synapse 3, Red Coats Inc, Red Hat, Redis, Regal Mold, RemoteCOM, Renault, Reportage Empire Properties, Retina Group, River Learning Trust, Rocket TRUfusion Enterprise, Rockhill Women’s Care, Rockstar Games, Rogue Valley Door, Rosco Vision Systems, Roush Fenway Keselowski Racing, LLC, RTX Corporation, S&P Global, Sacada, Salesforce AgentForce, SalesLoft, Salud Consultorios, Samsung devices, Sanatorio Esperanza, Sanatorio Privado Punilla, Sapp Bros, SD Soluciones Digitales, Shamir Medical Center, Sharp Community Medical Group (SCMG), Sheheen, Hancock & Godwin, LLP, Sher Tremonte LLP, Shibarium, Shondeck, Shuffle, SI-Bone, Inc, Siemens Simcenter, SimonMed, Singburi Hospital, Sky Airline, SMP Europe, Software Unlimited Corp, SolarWinds Web Help Desk, SonicWall Firewalls, SonicWall SSLVPN, South Lyon Schools, Sri Lanka Ministry of Finance, SSA Group, St. John Ambulance Canada, Standard Fiber, State Bank of Vietnam, State of California, Department of Industrial Relations, Statewide Enterprises, Inc, Stellantis, Steve Basso Plumbing Heating, STMicroelectronics, Studio Legale Tisot Iuris, Study Gate, Sturgis Hospital, Suffolk County Council, Sunnyvale Elementary School District, SuperEd, Superior Vision Benefit Provider, Superior Vision Service, Survival Flight, Systeme AG, T Choithram And Sons, T-Mobile, Teamsters Union 25 Health Services & Insurance Plan, Tekni-Plex, Inc, Telstra, Texas Center for Infectious Disease Associates, Thai Future, The Daily Sentinel, The Institute of Culinary Education, The Job Shop, The Methodist Church of Southern Africa, The Moinian Group, The Property Business Australia, The Science Fiction Forum, Thomas M Hughes, Tiffany & Co, TLD Law, TOTOLINK X6000R, TransUnion, TraxNYC, Treasure Coast Hospice, Trinity Emergency Physicians, True World Group, Trustar Capital Management, Trusteed Plans Service Corporation, Tucows, Twin Cities Pain Clinic, UAE Society of Engineers, UHL, UNC Hospitals, Union County, Ohio, Unity game engine, University of North Carolina at Chapel Hill – School of Medicine, Uruguayan Government, US Air Force, US Customs and Border Protection (CBP), US Defense Advanced Research Projects Agency (DARPA), US Department of Homeland Security (DHS), US Federal Emergency Management Agency (FEMA), US Firms Heritage Growth Partners, US GeoServer, US HealthConnect, Uvalde Consolidated Independent School District, Valparaiso University, Vantage Finance, Vastaamo psychotherapy, Veradigm, Verily, Victor A. Campanile Insurance Agency, Viessmann Vitogate, Vietnam Airlines, VIM Technologies, VIR, Virtual Projects, VIVA Health, VMware NSX, Volvo Group North America, Vtenext, Vurbis Interactive, WagnerTech UG, Washington Prime Group, WatchGuard Firebox firewalls, Waterborne Environmental, Watsonville Community Hospital, Wayne Memorial Hospital, Webville, WEST Inc, Western Digital My Cloud NAS, Western Orthopaedics, Western Skies Wellness LLC, WestJet, WhatsApp, Williams & Connolly, win-cli-mcp-server, Wondershare Repairit, WordPress bbPress plugin, WordPress Community Events plugin, WordPress Ovatheme Events Manager plugin, WordPress RestroPress plugin, WordPress Service Finder theme, WordPress WooCommerce Designer Pro plugin, WordPress WP Freeio plugin, WordPress WP Travel Engine plugin, X (Twitter), XCAssociates, XChief, Yooshin Engineering Corporation and Zimbra Collaboration Suite have reported hacking or compromises this month.
Azure, Belgorod, Russia, Bermuda, Gaza, Palestine, Guinea, Kandahar, Afghanistan, Kyiv, Ukraine, Mexico, Microsoft 365 (more than once), Oblast, Ukraine, Odessa, Ukraine, Outlook encrypted messages, Spectrum, Starlink, Truth Social, Uttar Pradesh, India and Vodafone UK have suffered from outages this month.
Last months updates broke DRM video playback, Windows 11 Media Creation Tool, Windows Server 2025 Active Directory trust relationships, Windows SMVv1 shares (a good thing).
Michigan is trying to make it illegal for people to kiss on television.
Microsoft will be force-installing Microsoft 365 Copilot this month. Microsoft will be providing the ESU to everyone in the EU without requiring action on their part. Microsoft has confirmed that running multiple Office applications will cause problems with Copilot. Microsoft Office 2016 and 2019 are now end of life. Microsoft Exchange 2016 and 2019 are also now end of life.
Steam is going to end support for 32-bit hardware in January 2026.
A company refuses to do what their techs and consultants recommend (blaming costs, labor and training), then they get hacked, and ultimately the insurance company sues the techs instead of the executives? Dude. Just…dude.
Brave now has over 100 million active users. If you haven’t switched yet, you should.
Now back to our regularly scheduled program.
Patch Tuesday is very large this month. The typical computer should see roughly
GB in updates today. Let’s get started.
Microsoft released 101 updates to address 196 vulnerabilities in .NET, .NET Framework, Visual Studio, Active Directory Federation Services, Agere Windows Modem Driver, AMD Restricted Memory Page, ASP.NET Core, Azure Connected Machine Agent, Azure Entra ID, Azure Local, Azure Monitor, Azure Monitor Agent, Azure PlayFab, Confidential Azure Container Instances, Connected Devices Platform Service (Cdpsvc), Copilot, Data Sharing Service Client, Games, GitHub, Inbox COM Objects, Internet Explorer, JDBC Driver for SQL Server, Microsoft Brokering File System, Microsoft Configuration Manager, Microsoft Defender for Linux, Microsoft Edge, Microsoft Exchange Server, Microsoft Failover Cluster Virtual Driver, Microsoft Graphics Component, Microsoft Office, Microsoft Office Excel, Microsoft Office PowerPoint, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office Word, Microsoft PowerShell, Microsoft Windows, Microsoft Windows Codecs Library, Microsoft Windows Search Component, Microsoft Windows Speech, Network Connection Status Indicator (NCSI), NtQueryInformation Token function (ntifs.h), Redis Enterprise, Remote Desktop Client, Software Protection Platform (SPP), Storport.sys Driver, TCG TPM2.0, Virtual Secure Mode, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows Authentication Methods, Windows BitLocker, Windows Bluetooth Service, Windows Cloud Files Mini Filter Driver, Windows COM, Windows Connected Devices Platform Service, Windows Core Shell, Windows Cryptographic Services, Windows Device Association Broker service, Windows Digital Media, Windows DirectX, Windows DWM, Windows DWM Core Library, Windows Error Reporting, Windows ETL Channel, Windows Failover Cluster, Windows File Explorer, Windows Health and Optimized Experiences Service, Windows Hello, Windows High Availability Services, Windows Hyper-V, Windows Kernel, Windows Local Session Manager (LSM), Windows Management Services, Windows MapUrlToZone, Windows NDIS, Windows NTFS, Windows NTLM, Windows PrintWorkflowUserSvc, Windows Push Notification Core, Windows Remote Access Connection Manager, Windows Remote Desktop, Windows Remote Desktop Protocol, Windows Remote Desktop Services, Windows Remote Procedure Call, Windows Resilient File System (ReFS), Windows Resilient File System (ReFS) Deduplication Service, Windows Routing and Remote Access Service (RRAS), Windows Secure Boot, Windows Server Update Service, Windows SMB Client, Windows SMB Server, Windows SSDP Service, Windows StateRepository API, Windows Storage Management Provider, Windows Taskbar Live, Windows USB Video Driver, Windows Virtualization-Based Security (VBS) Enclave, Windows WLAN Auto Config Service, Xbox, XBox Gaming Services, and MSRT. This includes security updates. A reboot is required.
Apple released updates for iTunes 12.13.8.3, iOS 15.8.5, iOS 16.7.12, iOS 18.7.1, iOS 26.0.1, iPadOS 15.8.5, iPadOS 16.7.12, iPadOS 18.7.1, iPadOS 26.0.1, macOS Sequoia 15.7.1, macOS Sonoma 14.8.1, macOS Tahoe 26.0.1, Safari 26, tvOS 26.0.1, visionOS 26.0.1, watchOS 26.0.2, and Xcode 26. This includes security updates. Use Apple Software Update to install the most current versions.
iOS 15.8.5, 16.7.12, 18.7.1, and 26.0.1 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 15.8.5, 16.7.12, 18.7.1, and 26.0.1 are security updates. Use Settings, General, Software Update to install the most current update.
watchOS 26.0.2 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 26.0.1 is a security update. Use System, Software Update to install the most current version.
visionOS 26.0.1 is a security update. Use System, Software Update to install the most current version.
Google ChromeOS 140.0.7339.242, ChromeOS LTC 138.0.7204.293, and ChromeOS LTS 132.0.6834.245 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Tahoe (26.x) means that macOS Ventura (13.x) and older are no longer supported. If you can not install at least macOS Sonoma (14) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The current — and final — release of the Windows 10 (v22H2) is end of life (EOL). All non-LTS versions of Windows 10 without ESU are now out of support, with the sole alternatives being to upgrade to Windows 11 or enable Extended Service Updates (ESU). If you aren’t sure whether you are using LTS, you aren’t. Enable the ESU now.
https://12pd.com/s/win10esu
The current release of the Windows 11 (v25H2) is very large (30% larger than any previous release) so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, drivers for hardware you’re not using (like old printers), and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
GoXLR Utility 1.2.3 resolves several bugs and improves sampling and hardware support. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/
Plustek ePhoto Z300 6.7.0.4 resolves a Google Drive upload bug. This is not a security update.
https://plustek.com/us/products/film-photo-scanners/ephoto-z300/support.php
RICOH IM C4510 1.4.0.0 resolves a minor bug. This is not a security update.
https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/imc4510/imc4510.htm
TP-Link Archer AX21 v1.20 250424 is a security update.
https://www.tp-link.com/us/support/download/archer-ax21/v1.20/#Firmware
UniFi Network Server 9.5.21 adds channel AI, multicast filtering, VLAN bridging, improved port management, and resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server
Xerox Smart Start 2.1.23.0 doesn’t provide a change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617
One or more of these are likely to be of interest to everyone.
Brave 1.83.112 is a security update.
https://brave.com/
Firefox 144.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 140.4.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Google Chrome 141.0.7390.76 is a security update.
https://www.google.com/chrome/
Microsoft Edge 141.0.3537.71 is a security update.
https://www.microsoft.com/en-us/edge/business/download
Vivaldi 7.6.3797.63 is a security update.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
Spark 3.26.0.117234 adds Slack, Outlook, and Microsoft 365 integration, resolves several bugs. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.26.0.117233 adds Slack, Outlook, and Microsoft 365 integration, resolves several bugs. This is not a security update.
https://sparkmailapp.com/
Thunderbird 143.0.1 is a security update.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
AnyDesk 9.6.2 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads
curl 8.16.0 adds a couple new features, updates libraries and dependencies, and resolves over 250 bugs. This is a security update.
https://curl.haxx.se/windows/
Discord October 7, 2025 slows the forced update cycle and resolves dozens of bugs. This is not a security update.
https://discord.com/download
Dropbox 234.4.5591 resolves several stability bugs. This is not a security update.
https://www.dropbox.com/
FileZilla Server 1.11.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/
FreeFileSync 14.5 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php
Google Drive 115.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start
MeshCentral 1.1.51 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html
Microsoft Teams 1.8.00.27654 adds slide controls, threading improvements and rich query for search. This is not a security update.
https://teams.microsoft.com/downloads
Nextcloud Server 32.0.0 is a major update that makes almost 3,000 changes to the server, including new features, improved responsiveness, and updating libraries and dependencies. This is a security update.
https://nextcloud.com/
Npcap 1.84 resolves several bugs. This is not a security update.
https://nmap.org/npcap/
OneDrive 25.159.0817.0003 improves reliability and performance, and renames the offline mode process. This is not a security update.
https://support.microsoft.com/en-us/onedrive
Rclone 1.71.1 resolves several bugs and improves stability. This is not a security update.
https://rclone.org/
Signal 7.74.0 improves performance and resolves several bugs. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.58.2 improves performance. This is not a security update.
https://signal.org/android/apk/
Syncthing 2.0.10 resolves several bugs. This is not a security update.
https://syncthing.net/
Telegram 6.2.3 resolves over a dozen bugs including stability issues. This is not a security update.
https://telegram.org/
Zoom 6.6.1.15968 resolves several bugs. This is not a security update.
https://zoom.us/
These are unlikely to be of interest to most people.
Grayjay 340 resolves several reliability bugs. This is not a security update.
https://grayjay.app/index.html
iTunes 12.13.8.3 doesn’t provide a change log so should be treated as a security update.
https://www.apple.com/itunes/download/
Plex Media Server 1.42.2.10156 resolves several bugs (including credit detection) and improves transcoding options. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
These are unlikely to be of interest to most people.
Minecraft Server (Bedrock) 1.21.113.1 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
Minecraft Server (Java) 1.21.10 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server
Nintendo Switch 20.5.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
PS5 2025.924 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
Steam 2025.10.03 is a security update.
https://store.steampowered.com/news/app/593110
SteamOS SteamDeck Update 2025.10.01 is a security update.
https://store.steampowered.com/news/app/1675200/
One or more of these are likely to be of interest to most people.
Adobe Reader DC 25.001.20756 resolves integration bugs. This is a security update.
https://get.adobe.com/reader
Calibre 8.12.0 adds support for newer hardware, resolves several bugs, and adds optional AI integration. This is not a security update.
https://calibre-ebook.com/
GIMP 3.0.6 resolves over a dozen bugs. This is a security update.
https://www.gimp.org/
GnuCash 5.13 resolves several bugs. This is not a security update.
https://www.gnucash.org/
Kindle for PC 2.8.70980 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc
Krita 5.2.13 resolves several bugs. This is a security update.
https://krita.org/en/download/
LibreOffice Fresh 25.8.2 resolves 70 bugs. This is a security update.
https://www.libreoffice.org/
Nextcloud Desktop 3.17.3 resolves over a dozen bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.8.6 resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/
PDF-XChange Editor 10.7.3.401 resolves several bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.
ChromeOS 140.0.7339.242 is a security update.
https://chromereleases.googleblog.com/search/label/Stable%20updates+ChromeOS
iOS 15.8.5, 16.7.12, 18.7.1, and 26.0.1 are security updates. Use Settings, General, Software Update to install the most current version.
iPadOS 15.8.5, 16.7.12, 18.7.1, and 26.0.1 are security updates. Use Settings, General, Software Update to install the most current version.
macOS Sequoia 15.7.1 is a security update. Use Settings, General, Software Update to install the most current version.
macOS Sonoma 14.8.1 is a security update. Use Settings, General, Software Update to install the most current version.
macOS Tahoe 26.0.1 is a security update. Use Settings, General, Software Update to install the most current version.
Tails 7.1 is a major update. This version improves startup and performance, and updates all included software and libraries. Hardware requirements have also changed. This is a security update.
https://tails.net/install/download/index.en.html
tvOS 26.0.1 is a security update. Use Settings, General, Software Update to install the most current version.
visionOS 26.0.1 is a security update. Use Settings, General, Software Update to install the most current version.
watchOS 26.0.2 is a security update. Use Settings, General, Software Update to install the most current version.
Zorin OS 18.0 is a major update offering cosmetic improvements, window arrangement and tiling options, web app support, M365 and OneDrive support (yuck!), and more. This is not a security update.
https://zorin.com/os/mirrors/
One or more of these is likely to be of interest to most people.
Chainsaw 2.13.1 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw
OpenSSL 3.6.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html
ProtonVPN 4.3.1 improves compatibility and reliability. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest
Radmin VPN 2.0.4899.9 doesn’t provide a change log so should be treated as a security update.
https://www.radmin-vpn.com/
RogueKiller 16.4.1 is a security update.
https://www.adlice.com/download/roguekiller/
Stinger 13.0.0.547 improves detection. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
uBlock Origin 1.66.4 resolves a resource bug. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
VT-CLI 1.2.0 adds “–private” syntax option. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest
These are unlikely to be of interest to most people.
Open Broadcaster Software 32.0.1 resolves several bugs and improves performance. This is not a security update.
https://obsproject.com/
These are unlikely to be of interest to most people.
DVDFab 13.0.4.9 adds support for new encodings and improves UHD Creator design. This is not a security update.
https://www.dvdfab.cn/download.htm
MakeMKV 1.18.2 improves reliability and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/
StreamFab 6.2.5.7 improves reliability and compatibility, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm
UniFab 3.0.2.9 improves performance and hardware compatibility. This is not a security update.
https://www.dvdfab.cn/unifab.htm
One or more of these are likely to be of interest to most people.
Zotero 7.0.26 resolves a bug in plugin installation. This is not a security update.
https://www.zotero.org/
These are unlikely to be of interest to most people.
1Password 8.11.14 resolves several bugs and improves biometrics, QR code scanning and JSON parsing. This is not a security update.
https://1password.com/downloads/
Agent Ransack 2022.3536 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/
AOMEI Partition Assistant 10.9.1 adds virtual disk support and resolves several bugs. This is not a security update.
https://www.diskpart.com/
Bitwarden 2025.9.0 improves performance, adds support for organization keys, and biometrics improvements. This is a security update.
https://bitwarden.com/
CCleaner 7.00.984 adds package uninstaller support, ARM64 support and improved duplicate identification. This is not a security update.
https://www.ccleaner.com/
CPU-Z Installer 2.17 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html
DesktopOK 12.14 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.6.7.0 improves CLI and search result copy. This is a security update.
https://dngrep.github.io/
email-oauth2-proxy 2025-10-04 resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy
ESEDatabaseView 1.79 adds option to perform case sensitive searches. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html
Everything 1.4.1.1029 improves msi installation, shell extension compatibility and localization. This is not a security update.
https://www.voidtools.com/
Everything SDK 1.4.1.1029 improves shell extension compatibility. This is not a security update.
https://www.voidtools.com/support/everything/sdk/
Everything Toolbar 2.1.0 adds ARM64 support and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/
ExplorerPatcher 26100.4946.69.4 resolves over a dozen bugs and improves compatibility. This is not a security update.
https://github.com/valinet/ExplorerPatcher/
Fido 1.66 adds support for Windows 11 25H2. This is not a security update.
https://github.com/pbatard/Fido/releases
FileLocator Pro 2022.3536 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download
Free Virtual Serial Ports 7.05.00.1623 adds the CLI app the distribution and improves stability. This is not a security update.
https://freevirtualserialports.com/
GadgetPack 39.0 updated outdated gadgets and resolves several bugs. This is not a security update.
https://8gadgetpack.net/
Git SCM 2.51 improves compatibility and resolves a dozen bugs. This is not a security update.
https://git-scm.com/
GoodSync 12.9.11 resolves several bugs. This is not a security update.
https://www.goodsync.com/
grepWin 2.1.12 resolves context menu bug. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest
Homedale 2.21 improves user interface. This is not a security update.
https://www.the-sz.com/products/homedale/
HWMonitor 1.60 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html
IsMyHdOK 4.44 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK
Kingston SSD Manager 1.5.6.0
https://www.kingston.com/us/support/technical/ssdmanager
LessMSI 2.10.3 improves help, layout, and adds Japanese translation. This is not a security update.
https://lessmsi.activescott.com/
NTLite 2025.10.10631 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/
OSForensics 11.1.1011 enables forensic image creation, password collection, and resolves a couple bugs. This is not a security update.
https://www.osforensics.com/download.html
PowerToys 0.94.2 resolves stability issues. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
Remotly Android 2.0 improves connectivity and controls, adds hardware support, and adds Multi-Join support. This is not a security update.
https://remotly.com/
RoboForm 9.8.2 resolves several bugs and improves import. This is not a security update.
https://www.roboform.com/
Rufus 4.11 adds support for Windows 11 25H2, adds dark mode support, drive conversion, UEFI improvements and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/
SpaceSniffer 2.0.5.18 improves cosmetics and Hi-DPI support, improved OS integration, and resolves several bugs. This is not a security update.
https://www.uderzo.it/main_products/space_sniffer/
WhyNotWin11 2.7.0 improves hardware detection and resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11
WinGet 1.11.510 removes 32-bit ARM support, adds Microsoft DSC v3 support, and resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest
WinScan2PDF 9.41 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
XnConvert 1.106.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/
ZoomIt 9.10 adds image smoothing. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit
These are unlikely to be of interest to most people.
Android 2025.1.4.8 resolves large APK redeployment and resolves several bugs. This is not a security update.
https://developer.android.com/studio
Docker Desktop 4.48.0 updates libraries and resolves several bugs. This is a security update.
https://www.docker.com/products/docker-desktop
GDevelop 5.5.243 resolves several bugs. This is not a security update.
https://gdevelop.io/download
GitHub Desktop 3.5.3 adds support for Ptyxis shell, upgrades libraries and resolves several bugs. This is not a security update.
https://desktop.github.com/
Go 1.25.3 is a security update.
https://go.dev/
Godot 4.5 improves accessibility, precomposition, backtracing, logging and more. This is not a security update.
https://godotengine.org/
Inno Setup 6.5.4 resolves several bugs. This is not a security update.
https://www.jrsoftware.org/isdl.php
NASM 3.01 is a major update adding support for APX, preprocessing and resolves more than a dozen bugs. This is not a security update.
https://www.nasm.us/index.php
Node.js 22.20.0 updates libraries and resolves dozens of bugs. This is a security update.
https://nodejs.org/en/
Node.js 24.10.0 updates libraries and resolves dozens of bugs. This is a security update.
https://nodejs.org/en/
Python 3.14.0 is a security update.
https://www.python.org/downloads/macos/
Visual Studio Code 1.105 resolves several bugs. This is not a security update.
https://code.visualstudio.com/
These are unlikely to be of interest to most people.
VirtualBox 7.2.2 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads
These are likely to be of interest only to web developers.
Adminer 5.4.1 resolves several bugs. This is not a security update.
https://www.adminer.org/en/
Joomla 5.4 is a security update.
https://www.joomla.org/
Joomla 6.0.0 is a new major release with many new features, options and controls. This is not a security update.
https://www.joomla.org/
phpMyAdmin 5.2.3 resolves several bugs. This is not a security update.
https://www.phpmyadmin.net/
WordPress 6.8.3 is a security update.
https://wordpress.org/
BuddyPress 14.4.0 is a security update.
https://wordpress.org/extend/plugins/buddypress/
Contact Form 7 6.1.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/
Duplicator 1.5.14 improves settings layout. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers
My Sticky Bar 2.8.3 resolves a cosmetic bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/
Postie 1.9.73 improves error handling. This is not a security update.
https://wordpress.org/extend/plugins/postie/
Sucuri Security 2.5 adds support for 2FA, QR code generation, and updates ignore list. This should be treated as a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/
Theme My Login 7.1.14 resolves a bug. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/
WordPress Importer 0.9.4 resolves a coupls bugs. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/
WP Cerber Security 9.6.10 resolves a couple bugs. This is not a security update.
https://wpcerber.com/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/