Updates 2020-04-30

We just had to get one last update cycle in for “the April that would never end.”

It’s not Patch Tuesday, but updates to OpenSSL have prompted security updates for almost every browser as well as application updates to many others have triggered an out-of-cycle update.

This Month/Week in Technology

If you can’t trust the CDC not to taint the tests, you can’t trust the SBA with your privacy in their loan process, you can’t trust Apple with your data, you can’t trust your “home automation” to not expose your entire home to hackers, you can’t trust the CIA not to abuse their authority in the mainstream media and academia, you can’t trust the FBI to follow their own rules when making requests of the secret FISA courts, you *really* can’t trust your antivirus software not to put you at even greater risk of exploitation, you can’t trust anyone not to reuse passwords, and you can’t trust advertising publishers to keep their ad platforms safe for their target audience, then why should you ever even consider giving Google and Apple 24/7, permanent, extensive monitoring of everywhere you go and everyone you ever have contact with? I don’t. Even if Apple and Google were above reproach (and they’re not), the inevitable abuse by any platform like this makes Orwell’s worst dreams look tame in comparison.

Now for the good news:

Intel has finally opened up their graphic drivers so you can use them on OEM hardware.

Let’s Get Busy

Apple released iOS 13.4.1 for iPhone SE (2nd generation) and watchOS 6.2.1 for Apple Watch Series 1 and 2. These are security updates. Use Settings, General, Software Update to install the most current version.

Fedora 32-1.6 provides several new features, now uses nftables by default, improves regular maintenance routines, and updates libraries. This is a security update.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.2.4 adds ability to remove only NVCP and resolves several bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver and Support Assistant 20.4.17 resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.8.86 is a security update. Use Menu, Help, About to install the most current version.

Google Chrome 81.0.4044.129 is a security update. Use Menu, Help, About to install the most current version.

Microsoft Edge 81.0.416.68 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 3.0.1874.33 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.7.6 resolves several bugs. This is not a security update.
https://getmailspring.com/

OutlookAttachView 3.35 adds option to control Enter Key Action. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

FileZilla Client 3.48.0 is a security update.
https://filezilla-project.org/

FreeFileSync 10.23 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Earth 7.3.3 improves Street View, plus code support, and resolves several bugs. This is a security update.
https://earth.google.com/

WinSCP 5.17.5 is a security update.
https://winscp.net/eng/index.php

Zoom 5.0.23502.0430 improves encryption, abuse reporting, privacy controls, and resolves several bugs. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

VLC Media Player 3.0.10 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.04.28 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

LibreOffice 6.3.6 resolves 80 bugs. This is not a security update.
https://www.libreoffice.org/

Notepad++ 7.8.6 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Illustrator 24.1.2 is a security update.
https://www.adobe.com/creativecloud/catalog/desktop.html

Adobe Bridge 10.0.4 is a security update.
https://www.adobe.com/products/bridge.html

Security Software Updates

One or more of these is likely to be of interest to most people.

OpenSSL 1.1.1g is a security update.

RogueKiller 14.4.1 is a security update.
https://www.adlice.com/download/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.23.2 resolves a couple minor bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.0.8.6 adds support for new encodings, improves upscaling and enlarger. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

Dell Command Update 3.1.2 is a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

RoboForm 8.7.0 resolves several bugs. This is not a security update.
https://12pd.com/click?rf

1Password for Windows 7.4.767 resolves several bugs. This is a security update.
https://1password.com/downloads/windows/

DesktopOK 7.01 adds command-line support, mapping support for alt-drag, and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Easy2Boot 2.02 updates libraries, dependencies, and resolves a bug in Make USB. This is not a security update.
https://www.fosshub.com/Easy2Boot.html

Etcher 1.5.83 adds workflows to Flash from URL and improves the cosmetics. This is not a security update.
https://www.balena.io/etcher/

GoodSync 11.1.6 adds RDC tunneling support, explorer actions, account management improvements, and resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

MS ISO Downloader 8.35 adds support for new Windows, Office, and Dell images. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

PSAppDeploy 3.8.1 adds Repair as action type, execute-process-as-user, several new features, compatibility improvements and bug fixes. This is not a security update.
https://psappdeploytoolkit.com/

Rufus 3.10 improves compatibility, device detection, updates drivers, and resolves several bugs. This is not a security update.
https://rufus.ie/en_IE.html

TeamViewer 15.5.3 adds message search, conditional access servers for fallback options, and resolves several bugs. This is not a security update.
https://www.teamviewer.com/en/download/windows/

WinScan2PDF 5.31 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

CPU-Z 1.92 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

NTLite 1.9.0.7455 adds new controls and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Coreinfo 3.5 doesn’t provide a changelog so should be treated as a security update.
https://live.sysinternals.com/

LiveKD 5.63 doesn’t provide a changelog so should be treated as a security update.
https://live.sysinternals.com/

Process Explorer 16.32 doesn’t provide a changelog so should be treated as a security update.
https://live.sysinternals.com/

Sysmon 11.0 adds file delete and archive monitoring, additional options to control behavior, improved log support and reliability improvements. This is not a security update.
https://live.sysinternals.com/

Developer Updates

These are unlikely to be of interest to most people.

Node.js 14.1.0 is a new major version adding several new features, libraries and bug fixes. Unfortunately, the previous build (14.0.0) broke stream support for many packages. This version resolves that bug. This is a security update.
https://nodejs.org/en/

Node.js 13.14.0 resolves several bugs. This is a security update.
https://nodejs.org/en/

Node.js 12.16.3 updates libraries. This is a security update.
https://nodejs.org/en/

Redemption 5.23.0.5664 adds support for in-memory objects, several new objects, collection-level assignments, and resolves several bugs. This is not a security update.
http://www.dimastr.com/redemption/

MySQL ConnectorNet 8.0.20 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Web Package Updates

These are likely to be of interest only to web developers.

WordPress 5.4.1 is a security update.
https://wordpress.org/

ScreenConnect 20.3.28091.7419 improves relay action scheduling, resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Magento 2.3.4-p2, 2.3.5-p1, 1.14.4.5, 1.9.4.5 are security updates.
https://helpx.adobe.com/security/products/magento/apsb20-22.html#solution

Joomla 3.9.18 is a security update.
https://www.joomla.org/

HumHub 1.5.1 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

MailEnable 10.30 resolves several bugs. This is not a security update.
https://www.mailenable.com/

Nextcloud Server 18.0.4 resolves dozens of bugs and updates libraries. This should be treated as a security update.
https://nextcloud.com/

phpList 3.5.3 is a security update.
https://www.phplist.org/

YOURLS 1.7.9 improves compatibility, API signature algorithm, accessibility, and resolves several bugs. This is not a security update.
https://yourls.org/

Akismet 4.1.5 disables the notice and updates WP requirements. This is not a security update.

Antispam Bee 2.9.2 improves compatibility, and resolves several bugs. This is not a security update.

BuddyPress 5.2.0 is a security update.

Custom Facebook Feed 2.14 resolves several bugs. This is not a security update.

myStickymenu 2.4 resolves several bugs and adds font color control. This is not a security update.

Postie 1.9.50 improves diagnostics. This is not a security update.

W3 Total Cache 0.13.3 resolves a minification bug. This is not a security update.

WP Mail SMTP 2.0.0 changes PHP requirements (7+) and resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-02-11

Welcome back, Folks!

Today is Patch Tuesday for February 2020.

Microsoft blinked and released three updates to Windows 7 this month, however two of the issues that were resolved were actually caused by their EOL updates released last month. It’s no longer trustworthy, so do not let Windows 7 touch the Internet!

Windows 7 is officially end-of-life (EOL). If you’re still running it, shame on you, and if you are running a licensed version of Windows 7 or 8 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Don’t want to do it yourself? Call me!
https://saferpc.info/contact/

The Windows Update engine relies upon a file called “wsusscn2.cab” which is currently choking on download. While there are several Windows updates available today, it looks like the time just to check for updates will be over 2 hours for most devices today. Have patience or wait to start patching until later when they resolve this issue. There’s plenty of other stuff to patch anyway.

This Month in Technology

macOS finally fixes the Sudo bug (after 9 years), but this pales in comparison to the ease at which Mac users are infected through social engineering tactics. If you still think Mac’s are more secure than Windows, you need to see the numbers from MalwareBytes which show the typical Mac is targeted by nearly double the malware that Windows devices are. One special note here is that the users trusted the names of the websites that were involved, mostly a result of allowing domains to expire (a common concept within the broad scheme of domain hijacking).

While we’re on the subject of renewing domains, don’t forget your certificates! TLS/SSL certificates are often an enterprise’s weakest point of failure, especially when they’re not renewed on time. This will become even more important as TLS 1.0 and 1.1 are deprecated over the next couple months, which will prevent most older devices from being able to safely use the Internet at all. How important is certificate trust? Last months certificate hijacking bug allowed a researcher to replicate NSA and Github certificates in less than 24 hours which could be used immediately in MitM and DNS cache poisoning attacks with no effort from the attacker and as little as 10 lines of browser-based code.

Microsoft has decided to end it’s own ad platform within UWP apps, which will seriously hurt the entire UWP ecosystem and likely their users, by encouraging less security- and privacy-concerned third-party platforms to take their place.

This month we’ve seen data dumps from Twitter user details (shortly before a Twitter outage), Trello, Google, half a million servers, routers, and IoT devices, a major cannabis dispensary POS vendor, THSuite, WhatsApp had a major vulnerability (since patched), a Zoom vulnerability allowed hackers to eavesdrop on your calls, Mitsubishi was hacked via their enterprise security software, Trend Micro OfficeScan, and the United Nations was hacked through an unpatched server.

Is your privacy important? Apple bowed to the FBI to prevent fully-encrypted backups, ICE is using cellphone location data to track immigrants, but Avast has decided to stop selling it’s user data and they’re “sorry”, so at least there’s some good news.

Of course, any account can be hacked, even Facebook’s Twitter and Instagram accounts, and the NFL, and this month the City of Oshkosh (WI) and Duplin County (NC) join the “yet another government network hijacked” club.

It’s one thing to be incompetent when it comes to security, but Blizzard doesn’t even understand their users. This month they’re asserting total copyright ownership of any mods their users create and they released Warcraft: Reforged, which is the first game to ever be reviewed this poorly by the userbase. You might give Blizzard some credit for this – after all, they did build the engine that allowed the third-party “Dota” to flourish. LastPass, however, built their own system but accidentally removed their own extension from the Chrome Web Store!

In IoT news, more than 2/3rds of corporate and government entities were compromised with endpoint attacks in 2019, the weakest link might be the building itself or any of tens of millions of devices on a typical corporate or government network, though, as expected, many Huawei IoT devices have a backdoor. A serious public key exposure in Fortinet SIEM allows evildoers to kill your security appliance, and a critial zero-day in SolarWinds RMM allows attackers to hijack your network. Supply chain attacks targeting EOL Windows 7 devices remind us why we should avoid EOL hardware and software, and Phillips Hue lightbulbs are still proving that they weren’t well though-out security-wise. Thousand of WordPress-based websites have been hijacked to redirect visitors to evil sites, and there is always more to security than patching.

Let’s end my soapbox on a happy note: The best news this month might just be that Netflix finally offers an option to disable those #@$& autoplay previews. It’s about time.

Let’s Get Busy

Now back to our regularly scheduled program. The typical computer should see roughly 2.2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Internet Explorer, .NET, Flash, Servicing Stack, and MSRT (~1.2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra, iCloud for Windows 10.9.2, iCloud for Windows 7.17, iOS 13.3.1, iPadOS 13.3.1, iTunes for Windows 12.10.4, Safari 13.0.5, tvOS 13.3.1, and watchOS 6.1.2. These are security updates. Use Apple Software Update to install the most current versions.

iOS 13.3.1 and 12.4.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 13.3.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 6.1.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 13.3.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 79.0.3945.123 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 32.0.0.330 is a security update. Take comfort knowing that Flash will be EOL in only 10 months.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (1909) is a pretty small update so will install quickly. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.2.2 resolves several issues and improves removal procedure. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

BullZip PDF Printer 11.12.0.2816 improves compatibility with Chrome 80+. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Intel Driver and Support Assistant 20.1.5 improves user interface, performance, uninstall, and resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 442.19 adds framerate capping, performance improvements for certain games, VRSS controls, and support for newer hardware. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Garmin Express 6.20 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 80.0.3987.100 is a security update. This version is also the predecessor to the new samesite cookie handling behavior that will cause problems for various industries, including ad-services. Use Menu, Help, About to install the most current version.

Firefox 73.0 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 68.5.0 is a security update. Use Menu, Help, About to install the most current version.

Iridium 2019.11.78 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.10.1745.27 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 68.5.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

MaxMind GeoLite: Due to their interpretation of the CCPA (California Consumer Privacy Act), MaxMind has opted to no longer provide direct downloads of their IP information databases. An account and agreement to perform updates immediately upon publishing new releases and removal of all existing copies is now required. Due to this we will no longer be listing MaxMind on SaferPC. I suggest you integrate their automatic update service into your existing platform to ensure that you can comply with their new usage agreement.

Prosody 0.11.4 improves performance and resolves several bugs. This is not a security update.
https://prosody.im/download/start

BrowsingHistoryView 2.36 adds option to delete Chrome and Firefox history records. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

FreeNAS 11.3 is a major update offering improved performance, security controls, community plugin integration, improved granularity of alerts and more. This is not a security update.
https://www.freenas.org/download-freenas-release/

Npcap 0.9987 is a security update.
https://nmap.org/npcap/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.10.4 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.01.20 resolves several bugs and improves reliability of Remote Play. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 20.006.20034 is a security update. Use Help, Check for Updates to get the most current version.

Adobe DNG 12.2 adds support for new hardware. This is not a security update.
Mac: https://supportdownloads.adobe.com/detail.jsp?ftpID=6879
Win: https://supportdownloads.adobe.com/detail.jsp?ftpID=6881

Adobe Experience Manager 6.5.0-31870 and 6.4.0-31868 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb20-08.html

Adobe Digital Editions 4.5.11 is a security update.
https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html

Adobe Framemaker 2019.0.5 is a security update.
https://helpx.adobe.com/security/products/framemaker/apsb20-04.html

Adobe Illustrator CC 24.0.2 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb20-03.html

Artweaver 7.0.4 resolves several bugs and improves performance with impasto and PSD text layers. This is not a security update.
https://www.artweaver.de/

Atom 1.44.0 resolves several bugs. This is not a security update.
https://atom.io/

LibreOffice Still 6.3.4 is a major update adding a wide variety of new features and performance improvements. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 6.4.0 resolves almost 500 bugs, including security issues. The typical user should run LibreOffice Still (stable), not Fresh (beta).
https://www.libreoffice.org/

Lightworks NLE 14.5 adds dozens of new features, export options, media codecs, and over a hundred bugs. This should be treated as a security update.
https://www.lwks.com/

Notepad++ 7.8.4 adds JSON and Workspace improvements, and resolves a crash bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.2.9 resolves several bugs and improves performance. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

QubesOS 4.0.3 is a security update.
https://www.qubes-os.org/downloads/

elementaryOS 5.1.2 is a security update.
https://elementary.io/

RogueKiller 14.1.1 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.0 improves reliability, user interface, exception controls, and resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.20.2 resolves several bugs. This is not a security update.
https://www.fosshub.com/ScreenToGif.html

Converter Updates

These are unlikely to be of interest to most people.

MKVToolnix 43.0.0 resolves several bugs and improves user interface defaults options from command line. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

DVDFab 11.0.7.1 resolves several bugs and adds support for newer encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.6.6 improves compatibility and resolves several bugs. This is not a security update.
https://www.roboform.com/

Easy2Boot 1.B8A improves compatibility and user-interface. This is not a security update.
https://www.fosshub.com/Easy2Boot.html

1Password for Mac 7.4.2 improves compatibility and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

ControlMyMonitor 1.25 adds option to put icon in tray. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

DesktopOK 6.84 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.66 adds Class GUID column. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Etcher 1.5.76 updates libraries and resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything CLI 1.1.0.18 doesn’t provide a changelog, so should be treated as a security update.
https://www.voidtools.com/

FileLocator Pro 8.5.2944 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 8.8.2 improves user interaction and resolves several bugs. This is not a security update.
https://community.fing.com/

GoodSync 10.10.21 improves performance and reliability, resolves several bugs. This is not a security update.
https://www.goodsync.com/

MS ISO Downloader 8.31 adds support for new media. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

OSFMount 3.0.1005 adds command-line options to load physical or logical emulation only, and resolves a permissions bug. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

SetDefaultBrowser 1.4 adds support for Chromium-based Edge. This is not a security update.
https://kolbi.cz/blog/2017/11/10/setdefaultbrowser-set-the-default-browser-per-user-on-windows-10-and-server-2016-build-1607/

TaskSchedulerView 1.54 adds options to select/deselect all to column chooser. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

USBDeview 2.86 adds mode option for Regedit call, to support opening with or without elevation.
https://www.nirsoft.net/utils/usb_devices_view.html

WinScan2PDF 5.21 improves WIA compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.32 resolves several bugs, adds options to export file types to CSV, filterexclude, and command-line supporter activation. This is not a security update. On the note of Supporters – this software is amazing. Use it. And donate.
https://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.2 improves reliability, performance, stability and resolves almost 2,000 bugs. This should be treated as a security update.
https://godotengine.org/

Node.js 13.8.0 is a security update.
https://nodejs.org/en/

SQLite 3.31.1 adds generated columns, hard heap limits, improved pragma, dbstat aggregated mode support, open nofollow, and resolves an internal schema compatibility issue. This compatibility fix is temporary, so fix your applications if you currently rely on parsing the data structure via internal schema. This is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.42 resolves several bugs, improves user interface, additional preference controls, task management, and more. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.2-135663 resolves several bugs and improves compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.7.6 resolves several bugs. This is not a security update.
https://www.adminer.org/en/

Drupal 8.8.2 resolves dozens of bugs. This is not a security update.
https://drupal.org/download

HumHub 1.4.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 3.9.15 is a security update.
https://www.joomla.org/

Magento 2.3.4, 2.2.11, 1.14.4.4, 1.9.4.4 are security updates.
https://helpx.adobe.com/security/products/magento/apsb20-02.html

Nextcloud Hub 18.0.0 is a major update adding improved file, flow, photos, calendar, mail, and talk integration, and ONLYOFFICE support. This is not a security update.
https://nextcloud.com/

ScreenConnect 19.6.26659.7340 is a security update.
https://www.connectwise.com/software/control/download

SpamAssassin 3.4.4 is a security update.
http://spamassassin.apache.org/downloads.cgi

YOURLS 1.7.6 is a security update.
https://yourls.org/

bbPress 2.6.4 is a security update.

Interactive World Map 3.1.4 is a major update that resolves several issues. This is not a security update.

myStickymenu 2.3.4 resolves several bugs. This is not a security update.

Postie 1.9.41 resolves regex bug and now attempts to process only 1 email at a time. This is not a security update.

Sucuri Security 1.8.23 updates key updater and improves user interface. This is not a security update.

W3 Total Cache 0.13.1 resolves several bugs. This is not a security update.

WooCommerce 3.9.1 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-01-14

Happy new year, Folks!

Today is Patch Tuesday for January 2020.

Windows 7 is now officially EOL

Windows 7 is officially end-of-life (EOL). If you’re still running it, shame on you, and if you are running a licensed version of Windows 7 or 8 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Don’t want to do it yourself? Call me!
https://saferpc.info/contact/
With any luck there won’t be a zeroday vulnerability in Windows 7 that’s actively exploited only days after it becomes EOL. Please don’t let your Win7 machines online.

Now back to our regularly scheduled program. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Internet Explorer, .NET, Servicing Stack, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Catalina 10.15.2.2 Combo Update, iCloud 10.9.1, iCloud 7.16, and iTunes 12.10.3. These are security updates. Use Apple Software Update to install the most current versions.

Google Chrome OS 79.0.3945.86 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 32.0.0.314 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (1909) is a pretty small update so will install quickly. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.2.1 adds support for newer hardware. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver and Support Assistant 19.12.50 resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 441.87 adds maximum framerate option, VRSS, performance and reliability improvements. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Daemon Tools Lite 10.12 adds mobile media support. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Browser Updates

One or more of these are likely to be of interest to everyone.

Vivaldi 2.10.1745.26 is a security update. Use Menu, Help, About to install the most current version.

Google Chrome 79.0.3945.117 is a security update. Use Menu, Help, About to install the most current version.

Google Chrome Dictionary 9-0 updates dictionary words for English and Farsi.

Firefox 72.0.1 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 68.4.1 is a security update. Use Menu, Help, About to install the most current version.

Iridium 2019.11.78 is a security update. Use Menu, Help, About to install the most current version.
https://iridiumbrowser.de/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 68.4.1 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.35 adds option to remove certain history records. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

FileZilla Client 3.46.3 is a security update.
https://filezilla-project.org/

Technitium DNS Server 4.1 updates libraries, improves installer, and adds several new features to the web interface.
https://technitium.com/dns/

FreeFileSync 10.19 improves consistency, adds context menu macros, and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

IPNetInfo 1.90 adds option to open an address within Google Maps. This is not a security update.
https://www.nirsoft.net/utils/ipnetinfo.html

Npcap 0.9986 improves compatibility. This is not a security update.
https://nmap.org/npcap/

Pocketnet-GUI 0.0.55 resolves several bugs. This is not a security update.
https://github.com/pocketnetteam/pocketnet.gui/releases/latest

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.10.3 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Epic Games 6.12.0 adds reviews and resolves bugs. This is not a security update.
https://www.epicgames.com/

Steam 2020.12.16 resolves several bugs. This is not a security update.

PlayStation PS4 7.02 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 19.021.20061 is a security update. Use Help, Check for Updates to install the most current version.

Atom 1.43.0 improves syntax highlighting and resolves several bugs. This is not a security update.
https://atom.io/

LibreOffice Fresh 6.3.4 (beta) fixes over 120 bugs. This is a security update.
https://www.libreoffice.org/

Illustrator CC 2019 24.0.2 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb20-03.html

Adobe Experience Manager 6.5.3, 6.4.7, and 6.3.3.7 are security updates.
https://helpx.adobe.com/experience-manager/aem-releases-updates.html

Security Software Updates

One or more of these is likely to be of interest to most people.

elementary OS 5.1 resolves several bugs, updates libraries, and improves compatibility and versatility. This is a security update.
https://elementary.io/

Gpg4win 3.1.11 resolves several bugs. This is a security update.
https://www.gpg4win.org/download.html

IISCrypto 3.1 improves compatibility. This is not a security update.
https://www.nartac.com/Products/IISCrypto/Default.aspx

OpenSSL 1.0.2u is a security update.

RogueKiller 14.0.4 updates engine, resolves several bugs, and improves performance. This is a security update.
https://www.adlice.com/softwares/roguekiller/

TinyWall 2.1.14 resolves a stability bug. This is not a security update.
https://tinywall.pados.hu/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2020.1.0 adds several new features, improves performance and reliability, and resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.0.6.6 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 4.2.2 doesn’t provide a changelog so should be treated as a security update.
https://ffmpeg.org/ffmpeg.html

IsoBuster 4.5 improves scan capabilities, adds support for newer hardware and formats, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MKVToolnix 42.0.0 resolves several bugs, improves consistency, and adds several features. This is a security update.
https://www.fosshub.com/MKVToolNix.html

Utility Updates

These are unlikely to be of interest to most people.

Cygwin 3.1.2 resolves several bugs. This is a security update.
https://cygwin.com/

DesktopOK 6.81 improves screenshot feature. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.5.71 updates library. This is not a security update.
https://www.balena.io/etcher/

Everything CLI 1.1.0.16 resolves several bugs. This is not a security update.
https://www.voidtools.com/

GoodSync 10.10.19 resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

IsMyHdOK 2.01 improves benchmarking. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 1.8.0.7261 improves compatibility. This is not a security update.
https://www.ntlite.com/download/

OSForensics 7.1.1004 improves search and index, and resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

ProcessMonitor 3.53 doesn’t provide a changelog, so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Process Explorer 16.31 doesn’t provide a changelog, so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

SearchMyFiles 3.10 adds action controls. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Sysmon 10.42 resolves several bugs and adds filtering conditions. This is a security update.

Zoomit 4.52 resolves several dual-monitor bugs. This is not a security update.

Whois 1.21 resolves several bugs. This is not a security update.

WifiInfoView 2.60 adds AP shortcut controls. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 5.15 improves TWAIN support and PDF optimization. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Java 8u241 is a security update. If you do not know that you require Java, it’s safest to remove it.
https://www.java.com/en/download/manual.jsp

MySQL ConnectorNet 8.0.19 is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 13.6.0 resolves several bugs, adds error monitoring and PSK support. This is not a security update.
https://nodejs.org/en/

Redemption 5.22.0.5498 adds DL expansion, and resolves several bugs. This is not a security update.
http://www.dimastr.com/redemption/

Visual Studio Code 1.41.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.0-135406 adds support for several new features, 3D support, and resolves dozens of bugs. This is a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 8.8.1 is a security update.
https://drupal.org/download

Joomla 3.9.14 is a security update.
https://www.joomla.org/

MailEnable 10.29 resolves several bugs. This is not a security update.
https://www.mailenable.com/

ModSecurity 3.0.4 resolves dozens of bugs and adds support or new rule types. This is a security update.
https://github.com/SpiderLabs/ModSecurity/releases

Nextcloud Server 17.0.2 resolves several bugs and improves compatibility. This is a security update.
https://nextcloud.com/

phpList 3.5.0 doesn’t provide a changelog so should be treated as a security update.
https://nextcloud.com/

phpMyAdmin 4.9.4 and 5.0.1 are security updates.
https://www.phpmyadmin.net/

ScreenConnect 19.5.26194.7292 improves compatibility and installation. This is not a security update.
https://www.connectwise.com/software/control/download

SMF 2.0.17 is a security update.
https://www.simplemachines.org/

WordPress 5.3.2 is a security update.
https://wordpress.org/

Autoptimize 2.6.1 resolves several bugs. This is not a security update.

bbPress 2.6.3 resolves several bugs. This is not a security update.

BuddyPress 5.1.2 is a security update.

Custom Facebook Feed 2.12.3 resolves several bugs and adds new features. This is not a security update.

myStickymenu 2.3.2 resolves several bugs. This is not a security update.

Redirection 4.6.2 improves compatibility. This is not a security update.

Simple Lightbox 2.8.0 resolves several bugs and updates minimum requirements. This is not a security update.

W3 Total Cache 0.12.0 improves compabiilty and performance, resolves several bugs. This is not a security update.

WP Mail SMTP 1.8.1 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2014-07-08

Hi, Folks!

It’s Patch Tuesday!

Microsoft released 6 updates for Windows and Internet Explorer. This includes security updates (~70mb). A reboot is required.
http://update.microsoft.com/

Apple released updates for OS X, iOS 7, ProApps, MacBook Air, Apple TV, and Safari. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Adobe Flash Player 14.0.0.145 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

iOS 7.1.2 is a security update. The easiest way to install it is through your Apple mobile device “OTA” or over-the-air. Make sure you’re online with Wifi, then go to Settings, General, Software Update, and follow the prompts.

Browser Updates

One or more of these are likely to be of interest to everyone.

SeaMonkey 2.26.1 is a security update. Use Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 2.94 adds secondary sorting and fixes a bug merging MAPIPDL records. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Adobe Shockwave 12.1.3.153 is a security update.
https://12pd.com/click?shockwave

Mumble 1.2.7 is a security update.
http://mumble.sourceforge.net/

Evernote 5.4.1.3962 corrects several minor bugs. This is not a security update.
http://www.evernote.com/

Dropbox 2.8.4 improves proxy tolerance and fixes several bugs. This is not a security update.
https://12pd.com/click?dropbox

IPInfoOffline 1.34 updates the internal IP to country database. This is not a security update.
http://www.nirsoft.net/utils/ip_country_info_offline.html

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codecs Advanced 4.6.7 updates included codecs. To install the update, you must uninstall and reinstall the application.
http://shark007.net/win7codecs.html

Media Updates

These are unlikely to be of interest to most people.

MPC HC x64 1.7.6 updates libraries and fixes a number of bugs. This is not a security update.
https://12pd.com/click?mpchc

Game Updates

These are unlikely to be of interest to most people.

EA Origin 9.4.10.297 improves updates, installation, Twitch streaming and fixes several bugs. This is not a security update.

Minecraft 1.7.10 is primarily a Realms featureset update. This is not a security update.

PS3 4.60 fixes a non-security stability bug.

PS4 1.72 fixes a non-security stability bug.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat 10.1.10 Pro and Standard is a security update.

Adobe Illustrator CC 2014 is a new major release of Illustrator. This is not a security update.

Adobe InCopy CC 2014 is a new major release of InCopy. This is not a security update.

Adobe InDesign CC 2014 is a new major release of InDesign. This is not a security update.

Adobe Photoshop CC 2014 is a new major release of Photoshop. This is not a security update.

Adobe Photoshop Lightroom 5.5 fixes several bugs, adds newer hardware support, adds support for star ratings and custom sort. This is not a security update.

Paint.net 4.0 is a major update, improving performance and memory usage, adding hardware acceleration, fine-grained history, including the ability to tune settings live to see the results (such as selection wand or paint bucket), antialiasing and more. This is not a security update.
http://www.getpaint.net/

Artweaver 4.5.4 increases maximum grid size and fixes several bugs. This is not a security update.
http://www.artweaver.de/

Notepad++ 6.6.7 adds OneDrive settings storage and fixes a crash bug. This is not a security update.
https://12pd.com/click?npp

IrfanView 4.38 adds image tiling, improved command line options, adds drag & drop and several other improvements. This is not a security update.
http://www.irfanview.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Avast! Home Edition 9.0.2021 is a security update.
http://www.avast.com/free-antivirus-download

Wireshark 1.10.8 does not provide a changelog, so should be treated as a security update.
http://www.wireshark.org/

Wireless Network Watcher 1.71 adds always-on-top behavior. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

AVG Anti-Virus Free 2014.4716 is a security update.
http://www.avg.com/us-en/download

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 0.625 Beta corrects several non-security bugs and updates libraries. This is not a security update.
http://obsproject.com/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 9 9.1.5.6 adds support for new DVDs, bug fixes, improvements to crop & trim, and adds watermark support. This is not a security update.
http://www.dvdfab.cn/download.htm

MakeMKV 1.8.11 adds support for newer media, improved error correction, and bug fixes. This is not a security update.
https://12pd.com/click?makemkv

Utility Updates

These are unlikely to be of interest to most people.

TeamViewer 9.0.29947 provides several non-security bug fixes. This is not a security update.
http://www.teamviewer.com/en/download/

FolderChangesView 1.64 adds always-on-top support. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html

MyEventViewer 2.12 fixes a command compatibility bug. This is not a security update.
http://www.nirsoft.net/utils/my_event_viewer.html

USBDeview 2.35 adds the ability to reload an individual USB hub. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

WifiChannelMonitor 1.01 improves bit-detection and stability. This is not a security update.
http://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 1.61 adds secondary column sorting. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

CCleaner 4.15.4725 adds Chrome x64 support, improves performance and memory usage, improves wipe algorithm, bug fixes and other application support. This should be treated as a security update.
https://12pd.com/click?ccleaner

Agent Ransack 2014.822 improves search behavior and fixes 64-bit installer. This is not a security update.
http://mythicsoft.com/agentransack/download

Bitcoin 0.9.2.1 is a security update. All Bitcoin clients should be updated.
http://bitcoin.org/en/download

RoboForm 7.9.8 adds two-factor authentication, fixes bugs in sync and autoupdate. This should be treated as a security update.
https://12pd.com/click?rf

GoodSync 9.8.9 improves scheduling, installation, limited user support, and other bug fixes. This should be treated as a security update.
https://12pd.com/click?goodsync

Hamachi 2.2.0.214 is a stability fix. This is not a security update.
http://help.logmein.com/SelfServiceDownloads

LogMeIn Mac 4.1.4405 improves performance. This is not a security update.
http://help.logmein.com/SelfServiceDownloads

Developer Updates

These are unlikely to be of interest to most people.

SQLite Database Browser 3.2.0 adds project notation support, many bug fixes and improvements. This is not a security update.
http://sqlitebrowser.org/

Redemption 5.7.0.3868 adds several new features and a few dozen bug fixes primarily relating to import/export. This is not a security update.
http://www.dimastr.com/redemption/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 6.0.3 is a security update.
http://www.vmware.com/products/player/

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 7.0.5 improves installer behavior, bounce handling, UTF-8 encoding support and several bug fixes. This is not a security update.
http://dadamailproject.com/download/

phpMyAdmin 4.2.5 and 4.1.14.1 are security updates.
http://www.phpmyadmin.net/home_page/news.php

SMF 2.0.8 is a performance and bug fix release. This is not a security update.
http://download.simplemachines.org/

Coppermine Gallery 1.5.30 corrects several bugs, improves defaults and installation process. This is not a security update.
http://coppermine-gallery.net/

Anti-Splog 2.1.2 fixes a bug relating to super-admin spamming. This is not a security update.

BuddyStream 3.2.6 updates API. This is not a security update.

Easy Bootstrap Shortcode 4.3.2 corrects a bug in image upload. This is not a security update.

Register IP – Multisite 1.6.1 cleanup, fixes typo. This is not a security update.

Smart YouTube 4.2.5 fixes Vimeo compatibility. This is not a security update.

Theme My Login 6.3.10 is a security update.

WooCommerce 2.1.12 corrects several bugs. This is not a security update.

WP Edit 2.0 corrects several bugs. This is not a security update.

WPtouch 3.4.2 corrects a date/time bug in Bauhaus. This is not a security update.

Zemanta 1.2.5 adds SSL compatibility, and consolidates plugin configuration. This is not a security update.
That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2014-05-13

Hi, Folks!

It’s Patch Tuesday! Or should I say, it’s Heartbleed Fix Day!?

Over the last month, the world has made quite the news out of a popular open source security library, OpenSSL. SSL is the underlying framework for nearly all secure communication and encryption in the world, and OpenSSL is the library which powers over 2/3rds of this. This isn’t the first time that a security issue has been discovered in OpenSSL, and it surely won’t be the last. But this particular bug enables attackers to collect information from the memory of affected services and applications, effectively creating such a significant weakness that hundreds of vendors scrambled to patch the bug, while millions of accounts from thousands of sites and services were potentially compromised.

One of the worst aspects of a popular bug like this is that everyone and their mother has their own opinion of it’s ramifications, with some dismissing it entirely and others currently shaping a second (or third) layer of tinfoil. The truth is somewhere in between. This bug has dramatic significance to the security world. Cisco routers are affected (most with no fix in sight or anticipated), as are many ATM’s, many applications for every operating system platform, including email clients & servers, browsers, web servers, financial applications, routers, modems, middleware and dedicated security hardware. Some of these the individual vendors have said will never be updated. Many others require manual installation of the current OpenSSL libraries or recompiling.

As a rule, any application that touches the Internet or network should be treated as vulnerable until patched or verified to be secure. Over the course of the last month almost every affected vendor has released updates to address the vulnerability. Unfortunately, nothing short of a complete hardware and software audit can determine if you are vulnerable.

If you run a website or other web-accessible service, then before *and* after patching your software, hardware and devices, you should take the time to re-key your SSL certificates.

The important thing to understand about this vulnerability is that it first introduced over 2 years ago and only publicly disclosed last month. This means that all “secure” traffic over the entire last two years should be treated as suspect.

Change all your passwords. All of them. Really.

Re-key your SSL certificates.

Ensure that all your browsers and mobile devices are configured to check for certificate revocation.

Meanwhile, the first major exploit for now-defunct Windows XP was discovered in use the day after support for XP ended. In a move that surprised many in the security industry (myself included), Microsoft released an update to address this vulnerability to all current versions of Windows, and included a patch for XP, as well. This was a fantastic stop-gap for those still running XP, but is likely only an act of good faith, and will be the very last one you’ll see for XP.

And now, back to our regularly scheduled update series…

Microsoft released 10 updates for Windows, Office, Internet Explorer, .NET, Visual Studio and MSRT. This includes security updates (~95mb). A reboot is required. Approximately half of these patch vulnerabilities that are either actively being exploited or were publicly disclosed.
http://update.microsoft.com/

Apple released updates for iOS, Apple TV, AirPort, OS X and printer drivers. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Adobe Flash Player 13.0.0.214 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Adobe AIR 13.0.0.111 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Java 7u55 is a security update. DO NOT INSTALL Java if you do not already have it installed! Remove it if you have any doubt whatsoever that you might need it. You can always install it again if you need it. If you do have it installed, make sure you update all versions that are installed, including both the 32-bit and 64-bit versions for your operating system, if both are installed.
http://www.java.com/en/download/manual.jsp

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Catalyst x64 14.4 corrects a device compatibility bug. This is not a security update.
https://12pd.com/click?atidriver

BullZip PDF Printer 10.5.0.2262 is now FIPS compliant, improves encryption, adds share installation, and improved troubleshooting. This is not a security update.
https://12pd.com/click?bullzippdf

Browser Updates

One or more of these are likely to be of interest to everyone.

Firefox 29.0.1 is a security update. Use Help, About to install the most current version.

Google Chrome 34.0.1847.131 is a security update. Use Menu, About to install the most current version.

SeaMonkey 2.26 is a security update. Use Help, About to install the most current version.

HTTrack 3.48.6 fixes several bugs. This is not a security update.
http://www.httrack.com/page/2/en/index.html

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 24.5.0 is a security update. Use Help, About to get the most current version.

NK2Edit 2.92 corrects a cosmetic bug. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Adobe Shockwave 12.1.1.151 is a security update.
https://12pd.com/click?shockwave

Silverlight 5.1.30214 is a security update.
http://www.microsoft.com/silverlight/

Nmap 6.46 adds Heartbleed detection and fixes several crash bugs. This is not a security udpate.
http://nmap.org/

WinSCP 5.5.3 is a security update.
http://winscp.net/eng/index.php

Dropbox 2.6.33 fixes several reliability bugs. This is not a security update.
https://12pd.com/click?dropbox

DynDNS Updater 5.0.2 improves reliability with IPv6 and a service bug. This is not a security update.
https://www.dyndns.com/

Evernote 5.3.1.3363 fixes a reliability bug. This is not a security update.
http://www.evernote.com/

Google Drive 1.11 improves setup, adds service shortcuts and improves performance. This is not a security update.
https://drive.google.com/start

BrowsingHistoryView 1.51 corrects a search bug. This is not a security update.
http://www.nirsoft.net/utils/browsing_history_view.html

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.5.3.4746 updates included libraries and fixes an audio compilation bug. This is not a security update.
http://cdburnerxp.se/

MPC HC 1.7.5 updates closed captioning, fixes CC-related crash bugs. This is not a security update.
http://sourceforge.net/projects/mpc-hc/

XBMC 13.0 is a major update that adds Android hardware decoding, performance improvements to Raspberry Pi and Android, stereoscopic 3D rendering, improved touchscreen support, UPnP, subtitles, and much more.
http://xbmc.org/

Game Updates

These are unlikely to be of interest to most people.

Minecraft 1.7.9 is a security update.
http://www.minecraft.net/

EA Origin 9.4.7.2799 does not provide a detailed change log so should be treated as a security update.

PS4 1.70 adds a number of new features and fixes. This is not a security update.
http://us.playstation.com/support/systemupdates/ps4/index.htm

SteamOS 07-May-2014 is a security update.
http://store.steampowered.com/steamos/download/?ver=custom

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader 11.0.07 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Acrobat 11.0.07 is a security update. Use Help, Check for Updates to install the most current version.

OpenOffice 4.1.0 corrects over 300 bugs and improves reliability and several features. This is not a security update.
http://www.openoffice.org/download/

Adobe Illustrator 16.2.2 is a security update. Use the Adobe Updater to install the most current version.

Adobe FrameMaker 12.0.2 is a security update. Use the Adobe Updater to install the most current version.

Adobe Premiere Pro CC 7.2.2 is a bug fix release. Use the Adobe Updater to install the most current version.

Notepad++ 6.6.2 improves session handling, reliability, stability, and corrects several bugs. This is not a security update.
https://12pd.com/click?npp

Artweaver 4.5.3 fixes several bugs including a crash. This is not a security update.
http://www.artweaver.de/

Security Software Updates

One or more of these is likely to be of interest to most people.

Avast! Home Edition 9.0.2018 improves stability and reliability, especially within the stream filtering capability. This should be treated as a security update.
http://www.avast.com/free-antivirus-download

AVG Anti-Virus 2014.4577 corrects a handful of bugs including several performance improvements. This should be treated as a security update.
http://free.avg.com/us-en/download-free-antivirus

OpenSSL 1.0.1g is a security update.
https://www.openssl.org/

DNSQuerySniffer 1.25 adds cosmetic improvements and can now optionally add itself to the Windows firewall allow list. This is not a security update.
http://www.nirsoft.net/utils/dns_query_sniffer.html

RouterPassView 1.53 adds support for more hardware. This is not a security update.
http://www.nirsoft.net/utils/router_password_recovery.html

SmartSniff 2.10 can now optionally add itself to the Windows firewall allow list. This is not a security update.
http://www.nirsoft.net/utils/smsniff.html

Wireshark 1.10.7 corrects several bugs, improves protocol handling. This is not a security update.
http://www.wireshark.org/

Capture Updates

These are unlikely to be of interest to most people.

Greenshot 1.1.9.13 corrects several bugs and adds string replacement for output and color scaling. This is not a security update.
https://12pd.com/click?greenshot

Open Broadcaster Software 0.622 Beta corrects a reliability bug. This is not a security update.
http://obsproject.com/

SnagIt 12.0.0 is a major update including a dozen new features, removing text capture, improved editor, and video trimming. This and newer versions no longer support Windows XP or Vista. This is not a security update.
http://download.techsmith.com/snagit/enu/snagit.exe

VideoCacheView 2.67 corrects a cosmetic bug. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 9.1.4.2 adds rotation, mp4 and mkv support, several crash bugs, and adds multiple source support. This is not a security update.
http://www.dvdfab.cn/download.htm

MakeMKV 1.8.10 improves reliability for discs with errors, improves performance, and several bug fixes. This is not a security update.
http://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

CintaNotes 2.6 adds search and replace, improved export and editor, and a dozen bugfixes. This is not a security update.
http://cintanotes.com/download

Bitcoin 0.9.1 is a security update.
http://bitcoin.org/en/download

BFGMiner 3.10.0 is a security update.
https://github.com/luke-jr/bfgminer/

CGMiner 4.3.1 is a security update.
https://github.com/ckolivas/cgminer

MultiBit 0.5.18 is a security update.
https://multibit.org/

FileLocator Pro 7.2.2042 fixes a NEAR bug. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

GoodSync 9.8.4 is a security update.
https://12pd.com/click?goodsync

GPU-Z 0.7.8 improves reliability and adds support for newer hardware. This is not a security update.
http://www.techpowerup.com/downloads/SysInfo/GPU-Z/

Intel CPU Diagnostic 2.10.0.0 adds newer hardware support. This is not a security update.
https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=19792

LogMeIn 4.1.438x is a security update.
http://help.logmein.com/SelfServiceDownloads

Hamachi 2.2.0.188 corrects a stability bug. This is not a security update.
http://help.logmein.com/SelfServiceDownloads

NetworkTrafficView 1.85 adds cosmetic improvements and can now optionally add itself to the Windows firewall allow list. This is not a security update.
http://www.nirsoft.net/utils/network_traffic_view.html

WifiInfoView 1.55 improves cosmetic layout, adds more information about security mechanisms and updates internal MAC addresses file. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

FolderChangesView 1.63 adds quick access to File Properties. This is not a security update
http://www.nirsoft.net/utils/folder_changes_view.html

ProduKey 1.66 adds a command-line option to suppress error messages. This is not a security update.
http://www.nirsoft.net/utils/product_cd_key_viewer.html

Acronis True Image (WDC) 16.0.0.5962 updates improves Windows 8.1 support. This is not a security update.
http://support.wdc.com/product/downloaddetail.asp?swid=119&wdc_lang=en

CCleaner 4.13.4693 improves compatibility with Windows 8.1.1, Chrome, Opera, unmounted disks and various other fixes. This is not a security update.
https://12pd.com/click?ccleaner

Defraggler 2.18.945 adds performance reporting, Quick Optimize for SSD, improved health reporting, and other fixes. This is not a security update.
https://12pd.com/click?defraggler

Speccy 1.26.698 improves SMART support, Windows 8.1 compatibility, hardware detection and other fixes. This is not a security update.
https://12pd.com/click?speccy

Recover Keys 8.0.3.109 does not provide a changelog, so should be treated as a security update.
http://recover-keys.com/en/download.html

AccessChk 5.2 adds support for file and printer shares, adds filtering options for viewing accesses related to specified accounts and now includes the System Access Control List (SACL) when it dumps security descriptors. This is a security update.
http://sysinternals.com/

PsExec 2.11 fixes a bug in the implementation of the execute as local system option on Windows Server 2003. This is a security update.
http://sysinternals.com/

Sigcheck 2.1 now reports a file’s entropy, can dump information about catalog files, and can list the certificates installed in the per-user and machine certificate store. This is a security update.
http://sysinternals.com/

VMMap 3.12 fixes several reliability bugs. This is a security update.
http://sysinternals.com/

Developer Updates

These are unlikely to be of interest to most people.

TortoiseSVN 1.8.6 is a security update.
http://tortoisesvn.net/downloads.html

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 6.0.2 is a security update.
http://www.vmware.com/products/player/

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 4.2.1 corrects several bugs. This is not a security update.
http://www.phpmyadmin.net/home_page/news.php

Adminer 4.1.0 adds brute-force detection and fixes several bugs. This is not a security update.
http://www.adminer.org/en/

Drupal 7.28 is a bugfix following shortly after another security update. Treat this as a security update.
http://drupal.org/download

phpList 3.0.6 is a security update.
http://www.phplist.com/download

Dada Mail 7.0.3 fixes several bugs. This is not a security update.
http://dadamailproject.com/download/

MailEnable 8.50 adds global search and TinyMCE support to webmail, improved indexing engine, reduced bandwidth requirements, improved ActiveSync and Autodiscovery support. This is not a security update.
http://www.mailenable.com/

ScreenConnect 4.3.6563.5232 corrects a handful of bugs, including improved clickonce behavior and search/filter sorting. This is not a security update.
http://www.screenconnect.com/Download

WordPress 3.9.1 fixes 34 bugs in the recent 3.9 release. This is not a security update.
http://wordpress.org/

Activate Update Services 1.0.7 provides no changes. This is not a security update.

Anti-Splog 2.1.1 fixes a reliability update with IP blocking. This is not a security update.

Autoptimize 1.8.4 corrects a comment storage bug. This is not a security update.

bbPress 2.5.3 fixes several bugs. This is not a security update.

BuddyPress 2.0.1 fixes a couple dozen bugs with the new 2.0 release. This is not a security update.

BuddyStream 3.2.5 is a compatibility update. This is not a security update.

Conditional Widgets 1.7 is a cosmetic update. This is not a security update.

Contact Form 7 3.8.1 is a security update.

Cookies For Comments 0.5.5 is a security update.

Easy Bootstrap Shortcode 4.2.1 corrects a missing file bug. This is not a security update.

Email Log 1.7.2 fixes a bug in registration. This is not a security update.

Multisite Enhancements 1.0.4 fixes a couple bugs. This is not a security update.

Multisite Plugin Manager 3.1.4 fixes a major stability bug. This is not a security update.

Raw HTML 1.4.12 updated for WP 3.9 compatibility. This is not a security update.

Smart YouTube 4.2.3 corrects Facebook sharing. This is not a security update.

Theme Authenticity Checker 1.5.2 updated for WP 3.9 compatibility. This is not a security update.

Top Commentators Widget 1.4.2 is a compatibility update. This version WILL NOT work with WP 3.9+! This is not a security update.

Ultimate TinyMCE 5.3 is a compatibility update. This version WILL NOT work with WP 3.9+! This is not a security update.

WooCommerce 2.1.8 corrects a couple dozen bugs, improves reliability and consistency. This is not a security update.

WP Update Server 20140421 improves logging consistency. This is not a security update.

WP Edit 1.8 adds font px support, updates TinyMCE and corrects a path bug. This is not a security update.

WPtouch 3.2.4.1 corrects WPML behavior, adds Windows Phone support and updates output, languages and product links. This is not a security update.

Zemanta 1.2.4 fixes an upload filename bug. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/