Happy Valentine’s Day, Folks!
Today is Patch Tuesday for February, 2026.
If your Windows 10 computer can not be upgraded to Windows 11 then you should either replace your device or use the Windows 10 ESU program to get another year 8 months out of it.
There were 1530+ major hacks, and over 530 application updates this month. It’s a large month, with about 4.5 GB of updates for most users.
Happy New Year!
Today is Patch Tuesday for January, 2026.
If your Windows 10 computer can not be upgraded to Windows 11 then you should either replace your device or use the Windows 10 ESU program to get another year out of it.
Windows 11 25H2 is now available and Windows 11 23H2 and older are no longer supported. Treat Windows 11 25H2 as beta software and wait a few months before upgrading.
macOS 26 Tahoe is now available and macOS 13 Ventura and older are no longer supported. macOS 26 is now stable and it’s important to update to 26.2 to resolve a critical security vulnerability.
There were 1325+ major hacks, and over 305 application updates this month. It’s a relatively small month, with about 3.0 GB of updates for most users.
1Cube, 3gh Informatica Integral, 47Club, 700Credit, A. Uzzo, A.S.A.P. Restoration, Aarong, Abacus Employment Services, ABECO Zumtech Drucklufttechnik AG Müliweg, About Women Ob Gyn, Abri Credit Union, acarlar.com.tr, Accela, Acme Electric, ACME Industrial, Ada Technologies, Adamson Ahdoot LLP, Adelman & Gettleman, Adnan Sundra & Low, AdonisJS, Advance Dent Denver, Advanced ENT & Allergy Center, Advanced Family Surgery Center, Advanced Technology Group, Aero Fabrications, Aflac, Aforeserve, AgeRight, Agfri, Agralite Electric Cooperative, Agrícola Cerro Prieto, Agrícola Don Ricardo, AH Group, AIPAC, AIRCOND SRL, Alex Rubbish & Recycling, ALGO 8180, All Rush, Allen Printing, AllerVie Health, Alliance Vape, AllRush Print & Apparel, Allure Home Creation, Alpha Alternatives, Alpha Systems, Alpine Lumber, Alt Alpha, Amazon Kindle, Ambiente e Sistemas de Informação Geográfica, ambisig.com, American Health, American Trust, American Vanguard, Ameriprise, Amla Commerce, AMW Treuhand & Immobilien, Anderson Engineering, Andover Eye Associates, Android (DroidLock), Android Dolby library, ANG BROTHERS (M&E) PTE LTD, Angstrom USA, Anritsu VectorStar, Anteriad, Anwalt Aktuell, Apache StreamPipes, APC Home Health Service, Apex Legends, Apex Spine and Neurosurgery, Appalachian Community Federal, Apple Safari, all Apple devices (iPhone, iPad, Apple Watch, Mac), Applied LNG, Apro, LLC, Arab Falcons, Arabian Desert Safari, ARC Community Services, Arcom Digital, Ariel Clinical Services, Armenian Government, ARO, Art City Dental, Artemis Healthcare, Artisans’ Bank, Ashton Thomas, Asiana Airlines, Askul Corporation, ASML, Aspen View Academy, Associated Radiologists of the Finger Lakes, PC, Associated Thermoforming, Assolim, Atalian, ATG, Atlantic Coast Life Insurance, Auforum, Aultman Health System, Aurora College, Austin Associates, Autodesk AutoCAD, Autohaus Elstermann, Autohaus Paschke, Autohaus Pichel GmbH, Autohaus Willy Ernst, autohaus-paschke.de, Automation One Business Systems, AUTOSUR, Avenira, Awakenings Center, AWS Auto Scaling, Axion50plus, Axxel Business Solutions, Ayelet Shaked Contact List, AySA, AzeoTech DAQFactory, B&J Transportation, baja.gob.mx, Baker University, Banco Vimenca, Bangchak, Barnes and Jones, Basecamp, Bauerfeind, BD Morning, Beausejour Co-op, Behr Enterprises, Behran Lift, Bell Lifestyle Products, Bengineered, Benise Dowling and Associates, Berkmann Wine Cellars, Bernaillio County, Besco Electrical, Best Hotels Spain, Best Insurance Agency, Betterment, beycelik, Beyer Law Group, Beyçelik Gestamp, BildungsWerk in Kreuzberg, Bina Darulaman Berhad, BioNet Asia, Black Dog Salvage, BLACKSTORE, Blaze Credit Union, blockchain contracts, BMW Guatemala, BNZ Materials, Boathouse on the Bay, BOC Oncology Center, Bolttech, Bonfilet, Boring Business Systems, BORING.COM, Bosch Choice Welfare Benefit Plan, Bouygues Energies and Services, Bowman Trailer Leasing, Box Elder County, Braemac, Brave, BreachForums (again), Brevard Skin and Cancer Center, Bridgewater Law Group, PC, Brightspeed, British Holiday & Home Parks Association, Brockhaus, Buhlmann Group, Building Trades, Burdette Dental Lab, Burnex, Burnham Brown, Busbusbus, bwk-berlin.de, Bäckerei Sipl, Bär Cargolift, C&R Electric, Cabinets 2000, LLC, Cal Spas, Callipo Group, CANCER, Canopy Health, Cape Fear Country Club, Capital + Safi, Capsum, Capuano Distribuzione Fresco, Caramel, Carbis Loadtec Group, Cardiovascular Medical Group of Southern California (CVMG), CareOregon, Carseo, Casa Botas, casabotas.es, cc-estuaire, CE-Edinger Medical Group BA, Cedar Valley Services Inc, CEIVA Logic, Center for Life Resources, Centro Médico Palafox, Centurion Security & Investigations, Cerenade, Charles Leonard Steel Services, charoenchai.com, Chastain & Associates, Chatham Asset Management, Chema Ballester, Chemirol, Chemstress Consultant, Chiesi USA, Chipotle, Choate’s HVAC, Chrome, all chromium-browsers, Chrysler, Church’s Chicken, CIDEF Argentina, CIIF Oil Mills Group, Cinema Concepts, Circuitronix, Cisco AsyncOS, Cisco ISE, Cisneros, Citizens Bank, City of Midway, City of Milton FL, City of Signal Hill, CJ Global, CKM Kondring Montagen, Clackamas College, Clarinda Health, Clarinda Regional Health Center, Clarksville ISD, Clemar Assessoria e Logística em Comércio Internacional, Clever Power, clipan.co.id, Cloudflare MCP Server Portal, Club Atlético River Plate, Clínica Dávila, CMAC LLC, cmc.com.br, Collins Computing, Colonial Metals, Colorado Powerline, Colégio Miguel de Cervantes, Comcast, Comercializadora Construtodo, Commercial Paving, Committee to Protect Journalists, Commonwealth Business Bank, Communauté de communes de l’Estuaire, CompactInd, Complexul Energetic Oltenia, Computing Dynamics, Conduent, Conifer Value-Based Care, LLC, consigaz.com.br, Construction Management and Consulting, Coolify, CoreHQ, Coupang, Covenant Health, Inc, CPJ.ORG, CPS, Cranford, Buckley, Schultze, Tomchin, Allen & Buie, Crawford Orthodontics, Crawford Software, Cressi, CSA Tax & Advisory, CSD Drancy, CSS Services, CSV Group, Culinary Jet Concierge, curl, CVK Hotels & Resorts, CVMG, CyberVector, Cyma Systems, Cytek Biosciences, D-Link DSL gateways, DABA Finance, Dacon Networks, daispa.it, Dan Technologies Group, David M. Schwarz Architects, David Rosen Bakery Supply, Debra L. Morrison Coaching & Consulting, Deerfield, Deibel Laboratories, Dekoyap, DELKO, Dem İlaç, Denk & Roche Builders, Denny’s 5th Avenue Bakery, Dentistry.One, Denton County MHMR Center, Depth, Dermatology Associates, Desjardins, DESY, Deutsches Elektronen Synchrotron, Devereux Foundation, DFC Systems, DGM, DGP Commercialisti, Dhow Cruise Dubai Harbour, Diaz Gill Medicina Laboratorial, DIF Guadalajara, Dill Dill, Dillon Yarn, Discord, Distribuciones Notariales, Distribuzione Automatica Italiana, Distron, Docs Medical Group, Inc, Dolan Construction, Dom Development, Donaghy Sales LLC, Dot Foods, Dr. Busso Peus, drako.com.mx, Drivestream, Inc, Drogaria Drogales, DSM Bilişim Teknolojileri, DSM Information Technology Trade Ltd, Dublin Medical Center, Due Doyle Fanning and Alderfer, DXS International, D’Klima, E-apostille, EAG Realty International, Eagle Stores, Eanes Independent School District, East Bay Regional Park District, Eastern Townships School Board, Eastman Cooke, EazyTick, Eco Green Group, Edge, Edward J Kone, EGP Comunicaciones Sac, EI Connect, Elad, ELC Electroconsult, Electricidad Panamericana, Electronic Interconnect, Elford, Inc. Construction, Elite Auto, Ellison Educational Equipment, EM Resorts, EmEditor, EMP Closures, Empire Screen Printing, Empresas Maggi, Endesa, Enel X, Energogroup, Energy Capital Credit Union, Enerparc AG, Entreprise Menuiserie Bâtiment, Envases Group, EPI du Rouergue, Epport Richman & Robbins, Equans, Ericher, Erie Molded Plastics, Ernst Auto, Eros Elevators and Escalators, Escuela Técnica Roberto Rocca, ESOP Direct, Esquire Brands, ESSPL, estrumar.es, Ets Puzio, Eurofret Transports Et Logistique, European Space Agency (ESA), European Vegetarian, Eurostar, Event Rental Systems, Ever Green Industria e Comercio, Evercover, Evergreen Printing, Evoke Wellness at Hilliard, ExamRoom.AI, Excellent Home Care Services, Exms Expertise Mobsign, Expert MRI, Facebook, Fairgrove Oil & Propane, Falk, Waas, Hernandez, Cortina, Solomon & Bonner Overview Metrics, Farmacia San Pablo, Farwest Fabrication, FASSIC, FCL Components, fecrwy.com, Fedcap, Federal University of Sergipe, FedEx, Feldman and Lopez, Felix Gonzalez Law Firm, Ferreteria Scopazzo, Fest Group, FHIABA, Fieldtex, FilmRise, Firmengruppe Hoffmann, First Federal Savings & Loan Association of Pascagoula Moss Point, First Rate Financial, Fit-Line Global, Fitzpatrick Hotel Group, Flavor Producers, Flock cameras, Florida East Coast Railway, Florida Orthopaedic Associates, Flowty, FontForge, FortiCloud, Fortinet firewalls, Fortinet FortiSandbox, Fortrex, Foshee Architecture, Foundation Agents, FOX Architects, Foxit PDF Reader, FPMCM LLC, Framelink Figma, Freedom Chat, FreePBX, French Interior Ministry, French postal service, Fresh2You, Friends of Family Health Center, Friis & Moltke Architects, Fuji Electric Monitouch V-SFT, Fujitsu Component (Malaysia) SDN, Fundação do Câncer, Fyzical Therapy & Balance Centers, Fürth, G & L Mechanical Systems, G-WAY Microwave, G5 Enterprises, Galine, Frye, Fitting & Frangos, LLP, Gardner Health Services, Garner Foods, Garrett Leather, Gateway Fiber, Gaviota, GCC Services, GDEV, GearGrid, Gebrüder Bagusat, Gemini MCP, Gemotest, Genoa Lakes Golf Club, Gentex Optics, Geometrics, Georgia Dermatology & Skin Cancer Center, GeoServer, GES Elektrik, GIMP, github-kanban-mcp-server, GIV SRL, Gladinet CentreStack, Glassers TV, Global Miami JV, Global-e, Gobierno de Baja California, Gogs, GoldenLine, Goldman Sachs Investments, Golf Manor, Good Plus Foundation, Goodwin University, Google Chrome, Gordon Clifford Properties, Gordon Companies, GPC Industries, GPT Academic, Grade Results, Grafana, Grandes Vinos, Granos y Cereales de Colombia, Granville Inn, Grassroot DICOM, Greater St. Louis Oral & Maxillofacial Surgery, GreenBills, Greene Metal Products, GreenValley International, Group Echo, GROUPE ETMB, Grupo Amanus, Grupo Construtodo, Grupo Drako, Grupo Hafesa, Grupo Logistics, Grupo Olé, Grupo Panamá, Grupo Puma, Grupo Ruiz, Guan Chong Berhad, Gulshan Management Services, gumustasmaden.com.tr, Guttenberg Industries, Gümüştaş Madencilik ve Ticaret, Hale Makua Health Services, Hama Film, Hanlon Electric, Happy Telecom, Harbour Town Doctors, Hardesty & Hanover, Harmony Health Medical Clinic and Family Resource Center, Harris Consulting Engineers, Harrison Design, Hart, Hartford, Harvey & Martin, Hatta Heritage Village, Hauken Engineering, HAXcms, Hayden Safe & Lock, Health Bridge Chiropractic, Health Management Systems of America, Health Share of Oregon, Healthbridge MultiSpecialty Group, Healthcare Interactive, Heart of Texas Behavioral Health Network, heatcel.co.uk, Heating Components & Equipment, Henry Ford Health, Heritage Engineering, Hermes Medical Solutions, Hernando County, Hexacon Construction, Higham Lane School, Hikvision, hilden.in, Hintenberger Dächer, HKR Architects, HMPC CPA, Hodgins Devereaux, Hodgins Law Group, Hog Sla, Holiday Tours, Home Depot, Homestead Electrical Contracting, Hometech Window, Hongfa America, Hood River Dentist, Hope Cooperative, Hopital La Rabta, Hopper Developments, Household & Commercial Products Association, HPE OneView, Hr Björkmans Entrémattor, HSR Specialist, Huebsch Services, Hugging Face smolagents, Hugging Face Transformers, Hunneman Real Estate, Hydraulic Technologies, Hydrodiseño, Hyfresh, Hytec South Africa, Häussermann Stauden Gehölze GMBH, IAPMO, IATTC, IBM API Connect, IceWarp, IDeaS Revenue Solutions, Illinois Department of Human Services (IDHS), Illumina, Imperial Beach Community Clinic, Infinite Computing Systems, Ingomar Church, Inha University, Inotiv, Inc, inpipeproducts.com, Insight Enterprises, Inspired Universal McCann, Instagram, Institut Teccart, Institute for Biology of Inland Waters IBIW, Institute for Design Problems in Microelectronics, Integrated Technology Group, Inter-American Tropical Tuna Commission (IATTC), International Association of Plumbing and Mechanical Officials, International Door, International Freight & Commerce, International Pipeline Products, International Standard Valve, Intonu, IntraCare, InTTrust, Investigaciones Medicas, InvivoGen, Ireland Ombudsman’s office, Italgrafica Sistemi, Italian ferry, ITG Electronics, ITG Solutions, J. Grennan & Sons, Jabezco Industrial Group, Jaf Gifts, James Free Jewelers, JBS Foods, JBS Mental Health Authority, Jefar, Jeff D’Ambrosio Auto Group, Jennings School District, Jewish Family and Community Services, Jing Cheng Enterprise, JJ White, John Buck Company, Josh Steel, jsPDF, JumpCloud Windows Agent, JVDB Assoc, JZ Russell Industries, Kalamazoo Valley Community College, Kamunikat, Kasetsart University, Katana Network, kavi.fi, Keio University, Kelsey School Division, Kenalex Construction, Keycodes Inspection Agency, Keylogistics Chile, Keys to Literacy, Kidd’s Services, Kier & Wright, Kirby Agri, Kirloskar Oil Engines, Klax Gruppe, KLH Industries, Klingele Paper & Packaging Group, Knight Group, KOEL.CO.IN, Konig Print, Kontigo, Kopaş Kozmetik, Korean Air, Korean Air Catering & Duty-Free, Korean Association for Public Administration, kraslice.cz, Krenzer Marine Overview Metrics, KSL Ingenieure, KTL Group, Kuaishou, Kucera International, Kumpulan Prasarana Rakyat Johor, Kwik Ledgers, L Pollock PR, La Banque Postale, La Papelera, La Rosa Del Monte Express, Labayen y Laborde, Labeltex Group, Laidley Family Doctors, Lakeside Title Company, Lampire Biological Laboratories, lampus.com, Langflow, Lanmark Group, LAOC Building and Construction Trades, Lares, larosadelmonte.com, Larry Pitt & Associates, Lasercomb, Latitude 33 Planning & Engineering, Launie & Marino, Laurenzano Logistica, Laurysen Kitchens, Laval Virtual, Lawrence Family Jewish Community Center, LawSoft, Inc, Leadway Assurance, Leandri & Associés, Leco Switchgear, Ledger, Leduc County, Leger & Shaw, Leidos QTC Health First Rehabilitation Resources, lfval.net, Libya Telecommunications Company, LiftPRO International, Line, Linemaster Switch, Linux kernel, LiteConn Technology, LKQ, LO Trading, LogicVein, loginport, Lonich Patton Ehrlich Policastri, Louisiana Office of Student Financial Assistance, LPL, LS GRIM, Lugiano Medical, Luminex Software, Luxshare Precision Industry, Lycée Français International de Valence, Lynn Community Health Center, Lynn Electrical, L’Orange Bleu, L’Épi du Rouergue, M&M Auto Parts, maasa.com.ar, macOS, Madera County Superintendent of Schools, Madison Area YMCA Association, Madison Healthcare Services, Mailpit, Maison Law, ManageMyHealth, NZ, Manuaco, MariaDB, Marine Systems, Markham Stouffville Hospital, Marquis Software Solutions (700 banks and credit unions), Marshfield Clinic, Masarykova základní škola a mateřská škola Železnice, Massapequa Fire District, Mastermedia International, MAT 4Site Engineers, Maven Solutions, maxdream.tur.ar, Maypay Farms Inc, MC Squared, McAfee Trellix, McCraw Oil, McElroy & Associates, McIntosh Laboratory, Inc, McKee-Pownall Equine Services, McKenzie SewOn, MCP Manager for Claude Desktop, McPhillamys Gold Project, mdm NT, Med Atlantic, MedHelp Clinics, Medical Asset Management, MedStar Health, Mega Alfalfa Argentina, Melsing Engineering & Consulting, Mercadien PC, Mercury Wire Products, Merko Ehitus, Methodist Homes, MetroWest Community Federal Credit Union, Metálicas Estrumar, Meyer Lift, MG Chartered Professional Accountant, Microf, Microsoft Edge Mark-Of-The-Web, Microsoft Edge, Microsoft Visual Studio, Midkiff Muncie and Ross, Milhench Supply, Mill Brothers, Millcreek Pediatrics, Milton FL, MindsDB, Minersville Schools, Mission Neighborhood Health Center, Mohammad Omar Bin Haider Holding Group, Molecular Testing Labs, Money Mart, MongoDB, Moonachie Borough, Moore Lumber, Morgan Records Management, Morning Desert Safari, Morningstar Properties, Morton Buildings, Morton Drug Company, Mosty Katowice, MP Filtri, MS Corp, Mt. Spokane Pediatrics, Murray Irrigation Limited, Mutti Parma, MyTunes, MyVete, Město Kraslice, n8n, Naftali Bennett Chats, NAHGA Claim Services, Nartis Plant, Nashua Botswana, National Audiovisual Institute, National Biscuit Industries, National Credit Regulator, National Equipment, National Guard website, National Water Authority, Native American Health Center, NBS Canada, NCH Corporation Employee Benefits Plan, NECO Equipment, Neighbourly, Nepes, Net-SNMP, Netanyahu’s Cabinet Awaits Handala’s Next Move, Netstar Australia, Network of Biblical Storytellers, Canada, Neurological Associates of Washington, New High Pack, New Obscura 2.0!, News-Press & Gazette Company, Next Capital, Next.js servers, Nextclode, nhpsa.com.ar, Niradia Enterprises, Nissan Motor Co, NK Technologies, NLFX Professional, NordVPN, North Atlantic States Carpenters Health Benefits Fund, North Perth, North Star Asset Management, Northern Air Systems, NorthStar Asset Management, Notariat Gerresheim, Notepad++, Notin, NovaBio, Novelty Technology Care Espana, npm, NS Pharma, NS Support LLC, NSE Insurance Agencies, NSF Unidata, NT Tool Thai, NTC Pharma, NTH Consultants, Nura Clinics, NZ ManageMyHealth patient portal, Oakland Smile Dental, OCC Marketing Communication & Technologies, Ochsner LSU Health System, Office of Public Sector Anti-Corruption Commission, oFono, OGI Groupe, Ohio Public Safety, Oklahoma Spine Hospital, Ollama MCP, Oltenia Energy Complex, Oman Football Association, OMF International, Omnibus Japan, Omrania, One Community Health, Open Door Community Health Centers, Open WebUI, Optimum Window Manufacturing, Options Community Services Society, Optral, OPTUM-IES, Oracle Health, Oregon Department of Environmental Quality, Ortho Mattress, OSI Systems, OSSE San Juan, Outdoor Smart! Inc, ownCloud, Oxford Rehabilitation Center, Pacific Railway Enterprises, Pacific Rim Mechanical, Paizo GPS Solutions, Parexel International, LLC, Partido Revolucionario Institucional, PAUAT Architekten, pdfforge PDF Architect, PDFsam, Peaker Services, Pearlman Aesthetic Surgery and Associated Radiologists, Pecan Tree Dental, Pediatric Dentistry of Oklahoma, Pell City Schools, Pensam Capital, Pensam Residential, Pentadiet, Pernec, Pernel Media, Petco, Petróleos de Venezuela (PDVSA), Peugeot Motocycles, peus-muenzen.de, Pewarchuk, Phillipine Department of Trade and Industry, Phillips Scales, Physicians to Children & Adolescents, Pickett USA, Pierce County Library System, Pilot automotive, Pin Hwa High School, PJSC Quadra Power Generation, Planned Parenthood Northern California, PlayStation, Plonter Technologies, Podovia, POL-HUN, Polaris Parks, polhun.pl, Pollock Communications, Pools by Bradley, Pornhub, PortSwigger Web Security, Posillico, PostgreSQL, Power Curbers, Powerscourt, Precise Benefits Group, Precision Aluminum, Premier Auto Credit, Prime Label Consultants, Print-O-Tape, Productos Lácteos Flor de Aragua CA, Progressive Laboratories, Promm Group, Prosura, Proton System, PT Clipan Finance Indonesia Tbk, PTS Goldkist Industries Sdn Bhd, Publicidad Sarmiento, Pueblo West Colorado, Pueblo West Metropolitan District, Pulse Urgent Care, Purcell Architects, puzio-saunierduval.fr, Quasar Data Center, Questica, Quezon Power, Q‑Ads, R.I. Lampus, Rafael Construction, Ragland Law Firm, Rain Bird Corporation, Rainbow Communications, Rameder, Ramside Hall, Ranger Investigation Guard, Raritan Yacht Club, Rconcept, RD Metals, React Server, Real Tech, Red Star Studio Ltd, Redis, REDtone, Reger Zahntechnik, Region of Istria, Rene Industries, Republica Federative do Brasil, Resecurity, Resource Corporation of America, Retrofit Service, Revere Health, Revoil, RGD Consulting Engineers, Richmond Behavioral Health Authority, Right Power Technology, Rio Farms, LLC, Rio supermarket, RJ Enterprise, RJS Logistics, RK Centers, RM Medics, Rockport Technology Group, Rockrose Development LLC, Rod Danielson, Rodenburg Law Firm, Rodney’s Sign Company, Roebbelen Contracting, Inc, Rogitz & Associates, Romanian Waters, Roose Ressler & Green, Ruhrpumpen, Rusk County, WI, Rust on Linux, RustCrypto, RYC, Röben Tonbaustoffe, S.Med Handels, Saar Engineering, Sai Oral Surgery, Saint Petersburg State University of Economics, Salcom, Salvation Army, Samkee America, Sampoerna Agro, San Francisco Community Health Center, San Silvestre School, Sanchez Vadillo, Sanko Gosei UK, Santa Casa de Assis, Santa Rosa Community Health Centers, Sante PACS Server, Sanyang Motor, SapLog Italia, Sapphire Health, Sarl Alliance, Saudi Icon, SAV Antivibranti, Sax LLP, sbws.org.sg, Scenic Solutions, Schneider Prototyping, Scipioni, SEAC SUB, Seac, Seal Beach, CA, Seal Beach CA Police Department, Secorp Industries, Security ONE Alarm Systems, Sedgwick Government Solutions, Seeberger Appel, Seguridad Las Americas, SEIMITSU THAI COMPANY LIMITED, Self-Help Addiction Rehabilitation, SELP, Sem Plastik, SEM Val de Bourgogne, Sense Eletronica, Senstar Symphony, Sentinel Security, Sentry Advisors, SETEX Textil, Shah Law Office, Shamrock Technologies, Share Ourselves, sharinc.org, Shinhan Card, Shinsegae, Shlansky Law Group, SHOFCO, Shore Gardens Rehabilitation & Nursing Center, Shout Factory, Shwapno, Siemens Simcenter, Silverline Group, SINBON Electronics, Sindicato dos Professores da Zona Centro, Singapore Buddhist Welfare Services, Singing River Health System, Singular Genomics, Sintac Recycling, Sipl, SIRH Mexico, Sirio Pharma, sje.vic.edu.au, smallstep Step-CA, SMC Global Securities, smed.at, Smile Center Utah, Smith Hawks, Smith Roberts Baldischwiler, Snapchat, SNCC Automatisme Solutions Process, SOA People, Soapy Joe’s Car Wash, Société Tunisienne de Radiologie, Soda PDF Desktop, soeuae.ae, Softlab SpA, Solarpro Holding, Solumek SAS, Solus Tecnologia em Sistemas, SonicWall SMA1000, Sortimage Communications, SoundCloud, South Shore Tool & Die, South West Development Commission, Southern Oregon Neurosurgical and Spine Associates, Spartan Carbide, Spitzer Auto Group, Sponseller Group, Spring Grove Area School District, Springer’s Jewelers, SproutNet, SPZC, SSL and ACL, St Charles Preparatory School, St Ignatiusi Jamsville, St Josephs College Echuca, St Anthony Regional Hospital, St John’s Riverside Hospital, Stadt Fürth, Stadtwerke Clausthal-Zellerfeld, Stanley Co Malaysia, Startek Engineering Inc, STC Concrete Products, Steel Corners Industrial, Steel Dynamics, Inc, Steelworks Inc, Stesad, Stewart Engenharia, STIC Investments, stimgroup, Stipe Law Firm, Stoughton Steel, Strategic Technology, strtn.org, Studio DGP Dottori Commercialisti, studioelad.it, Sudamerica, Sugawara Laboratories, Sunair Electronics, Sunshine Group, Sunzen Biotech Berhad, SUPERAntiSpyware, Superior Water Conditioning, Surfish Trade, Susquehanna Glass, SV-Büro Ing. Schulz GmbH, SVA y Tecnología Móvil de España, svlawus.com, SW Automation, SW WireTerminal, SW/WC Service Cooperative, Swartz Campbell, Swavelle Group, swdc.wa, Swift Institute, Syrstone, Systherm Grupa, Sönmezler Metal, TACK Electronics, TaLachaim, Talarico, Taminsho, TapestryHealth, Target, TEALCA, teccart.qc.ca, Technicare Instrumental Cirúrgico, tecnicarobertorocca.edu.ar, Tecno Electric, Tein, Teknequip, Tele-Fonika Cable Americas, Telechaim, Telegram, Telstar Hommel, Temple Shalom, Tencent FaceDetection, Terminales Portuarias, Terport, Teruya Brothers, Texas Pete, Thai Pet Food Group, The Araneta Group, The Biosig Project, The Boathouse on the Bay, The Botting Network, The Carlson Law Firm, The Center of Association Management, The Cressi, The Day of Reckoning Awaits the Child-Killers, The Genesis Group, The Lewis Bear, The Outdoor Recreation Group, The Parkes, The Salarpuria Sattva Group, The Sonnenschein Groupe, The Structures Group, The Wardlaw + Hartridge School, ThermoEx Company Limited, Thrings Solicitors and Lawyers, THT Bio-Science, Thunder Bay Counselling, Titan Motor Group, Tlechaim, Tokyo FM, Tommotek, Top Dest, Topstep, TorHoerman Law, LLC, Total Wireless, Towell International Holding, TradingView Desktop, Transpedrosa, Transport Scolaire, Transrocamar, Trend Import Export, Trend Micro Apex Central, Trend Micro Cleaner One, Tri-State Metal Roofing Supply, Triad Packaging Inc, Trimble SketchUp, Trine Access Technology, Triple Eight Transport, TriVector Services, TriZetto Provider Solutions, Trubee Wealth Advisors, TrustWallet, Tucson Independent Physicians and Surgeons, TUPI, Turing & EDU Arena, Turnamics, Tuscon Physicans, Twinsoft, Typhoo Tea, Ubisoft’s Rainbow Six Siege, UBS Office, Udall Law Firm, UEFI, UK Foreign Office, UK Free Speech Union, UK Home Office, Unified Assessment Platform ExamRoom.AI, Union Home Mortgage Corp, Union of Shop, Distributive and Allied Workers, uniplaclages.edu.br, Unipres Alabama Inc, United Keetoowah Band of Cherokee Indians in Oklahoma, United Pacific, Universidad Nacional Autónoma de México, Universidade do Planalto Catarinense, Universiti Sains Islam Malaysia, University of Hawaii Cancer Center, University of Phoenix, University of Sydney, Unleash Protocol, UNRE AI, UPC Precision Castings, Upsonic, Urban Remedy, Urban VPN, urfishtrade.com, uro.com, US Art, US Dept Of Defense (hundreds!), US Equal Employment Opportunity Commission (EEOC), usdaw.org.uk, Usina Sao Jose do Pinheiro, Utair, Valle Redondo, Van Venrooy, Varimed Medikal, Veeam Backup, Veplastic, VeraBank, Veradigm LLC, Vereinigte Stadtwerke, Vernon Sales, Vestil Manufacturing, Vetco, VFM Systems & Services, Victoria Benelux, Victorian Catholic College, Victory Disability, Vida Y Salud, Viga Eatery, Village of Franklin, Ville de Dunkerque, Vim for Windows, Virginia Mental Health Authority, Virginia Records, Virginia Urology, Vishnick McGovern Milizio, Vision Wheel, VisionPoint Eye Center, Vitatrac, Vivaldi, VLP Hellas, VMware ESXi, Voltech Rebuilders, Voltras International, VroomVroomVroom, Váhostav, Wadzeck-Stiftung, Wall Street English, Walltopia, Walters Group Inc, Wamtechnik, Wardell Builders, Warka Bank for Investment and Finance, Warren County Treasurer’s Office, Warrior Crane Service, WatchGuard Firebox, WatchYourLan, Watermark Beach Resort, Watertech of America, Wavenet, Wavlink routers, Wearbest Sil Terhar, Web Hosting Talk, Wedbush Securities Inc, Wellcare, Wellpoint, Wesley Heating and Cooling, Westlake Christian Academy, Westminster City Council, Westquay, WhiteDate, Wilbarger General Hospital, Wild Bunch Distribution, Willowdale Steeplechase, Wilmington Community Clinic, Wilson Smith Cochran Dickerson, Windows Remote Access Connection Manager (RasMan), Windscribe, Windward Life Care, WIRED, Wisanka Indonesia, Wizix Technology, WJ Professional, Wood Personnel Services, Woodard, Emhardt, Henry, Reeves & Wagner, LLP, Woodglen Medical Group, WordPress Motors theme, Workers Compensation Insurance Rating Bureau of California, WorldPoint, Wright Architectural Millwork, WSI, XSpeeder, Yalidine Express, Yavne Educational Center, Yokosuka Gakuin, YoPipe, York Hospital, Young Wealth Management, Youngblood Tyler and Associates, Youngstown Pipe & Steel, Z-Tronix, Zenflow, Zimeda, Zoom, and zszeleznice.cz have reported hacking or compromises this month.
Microsoft Exchange Online, Microsoft Teams, and X/Twitter have suffered from outages this month.
Internet access throughout Congo-Brazzaville, Finland, Guinea, Iran, Montana, San Francisco, CA, Ukraine, and Venezuela has been blocked our down for extended periods.
Last months updates broke Classic Outlook, VPN access, and Windows Message Queuing (MSMQ).
Microsoft is going to start blocking older, insecure and unsupported hardware from accessing their email platform, Exchange Online.
For all their blather, Apple will be using Google Gemini to power Siri.
Crucial is ending consumer sales. This is going to be bad for computer pricing.
It’s insanely easy to map out human movement within your home (or someone else’s) using your existing Wi-Fi routers.
Let’s Encrypt (the service behind most current website secure certificates) is shortening the expiration term for their certificates. By a lot. It’s almost completely automated so probably not going to be a bit deal.
California has added a privacy tool to request that data brokers remove your information. It uses a third-party precheck service responsible for breaking the Internet several times last year (CloudFlare) and one of the worst privacy violating services out there (login.gov), then requires you to give the California government all of the information about you (name, SSN, date of birth, email address, phone numbers, addresses and so much more) for the state to store so that participating data brokers know what to remove. My opinion: government is the worst of the worst when it comes to getting hacked and exploited, so if you’re concerned about dubious storage of your data, giving it to the state is literally the worst possible option. It might be more work, but it’s better to do it yourself.
Google is finally adding an option to remove information about you.
Now back to our regularly scheduled program.
Patch Tuesday is relatively small this month. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.
Microsoft released 60 updates to address 115 vulnerabilities in Agere Windows Modem Driver, Azure Connected Machine Agent, Azure Core shared client library for Python, Capability Access Management Service (camsvc), Connected Devices Platform Service (Cdpsvc), Desktop Window Manager, Dynamic Root of Trust for Measurement (DRTM), Graphics Kernel, Host Process for Windows Tasks, Inbox COM Objects, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Printer Association Object, SQL Server, Tablet Windows User Interface (TWINUI) Subsystem, Windows Admin Center, Windows Ancillary Function Driver for WinSock, Windows Client-Side Caching (CSC) Service, Windows Clipboard Server, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Deployment Services, Windows DWM, Windows Error Reporting, Windows File Explorer, Windows Hello, Windows HTTP.sys, Windows Hyper-V, Windows Installer, Windows Internet Connection Sharing (ICS), Windows Kerberos, Windows Kernel, Windows Kernel Memory, Windows Kernel-Mode Drivers, Windows LDAP – Lightweight Directory Access Protocol, Windows Local Security Authority Subsystem Service (LSASS), Windows Local Session Manager (LSM), Windows Management Services, Windows Media, Windows Motorola Soft Modem Driver, Windows NDIS, Windows NTFS, Windows NTLM, Windows Remote Assistance, Windows Remote Procedure Call, Windows Remote Procedure Call Interface Definition Language (IDL), Windows Routing and Remote Access Service (RRAS), Windows Secure Boot, Windows Server Update Service, Windows Shell, Windows SMB Server, Windows Telephony Service, Windows TPM, Windows Virtualization-Based Security (VBS) Enclave, Windows WalletService, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.
Apple released updates for iOS 26.2, iPadOS 26.2, macOS Sonoma 14.8.3, macOS Sequoia 15.7.3, macOS Tahoe 26.2, Safari 26.2, tvOS 26.2, visionOS 26.2, and watchOS 26.2. This includes security updates. Use Apple Software Update to install the most current versions.
iOS 26.2 is a security update. Use Settings, General, Software Update to install the most current update.
iPadOS 26.2 is a security update. Use Settings, General, Software Update to install the most current update.
watchOS 26.2 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 26.2 is a security update. Use System, Software Update to install the most current version.
visionOS 26.2 is a security update. Use System, Software Update to install the most current version.
Google ChromeOS 143.0.7499.196 and ChromeOS LTS 138.0.7204.300 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Fedora 45 is a major update. This is a security update.
https://getfedora.org/en/workstation/download/
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Tahoe (26.x) means that macOS Ventura (13.x) and older are no longer supported. If you can not install at least macOS Sonoma (14) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
Windows 10 (all consumer versions) is end of life (EOL). All non-LTS versions of Windows 10 without ESU are now out of support, with the sole alternatives being to upgrade to Windows 11 or enable Extended Service Updates (ESU). If you aren’t sure whether you are using LTS, you aren’t. Enable the ESU now.
The current release of the Windows 11 (v25H2) is very large (30% larger than any previous release) so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, drivers for hardware you’re not using (like old printers), and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
Logitech Options 10.26.14 fixes a MS Office compatibility issue. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025297893
MTPdrive 5.1.202 improves compatibility. This is not a security update.
https://www.mtpdrive.com/
RICOH IM C4510 1.5.0.0 adds new languages. This is not a security update.
https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/imc4510/imc4510.htm
Stream Deck 7.2.0 adds support for new hardware.
https://help.elgato.com/hc/en-us/categories/360001636492-Stream-Deck
TP-Link Archer AX55 v1 251119 is a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware
TP-Link Archer AX73 v2.0 250717 is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware
UniFi airMAX NanoStation 5AC Loco 8.7.21 is a security update.
https://www.ui.com/download/software/loco5ac
VIISAN OfficeCam 7.2.15 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html
Xerox Smart Start 2.1.24.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617
One or more of these are likely to be of interest to everyone.
Brave 1.85.120 is a security update.
https://brave.com/
Firefox 147.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 140.7.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Google Chrome 143.0.7499.192 is a security update.
https://www.google.com/chrome/
Microsoft Edge 143.0.3650.139 is a security update.
https://www.microsoft.com/en-us/edge/business/download
SeaMonkey 2.53.23 is a security update.
https://www.seamonkey-project.org/
Vivaldi 7.7.3851.67 is a security update.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
Spark 3.27.5.126936 improves layout and adds sharing controls, recent activity folder and new display options. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.27.5.126935 improves layout and adds sharing controls, recent activity folder and new display options. This is not a security update.
https://sparkmailapp.com/
Thunderbird 146.0.1 is a security update.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
AnyDesk 9.6.7 resolves dozens of bugs, improves stability and cosmetics. This is a security update.
https://anydesk.com/en/downloads
AnyDesk (macOS) 9.6.1 improves reliability. This is not a security update.
https://anydesk.com/en/downloads
curl 8.18.0 updates libraries, removes support for older technology, and resolves over a hundred bugs. This is a security update.
https://curl.haxx.se/windows/
Dropbox 238.4.6305 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/
FileZilla Server 1.12.1 resolves a stability bug. This is not a security update.
https://filezilla-project.org/
Google Drive 119.0 resolves several bugs. This is not a security update.
https://drive.google.com/start
MeshCentral 1.1.55 resolves over a dozen bugs. This is not a security update.
https://meshcentral.com/info/downloads.html
Nextcloud Server 31.0.2 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/
Npcap 1.86 is a security update.
https://nmap.org/npcap/
OneDrive 25.222.1112.0002 resolves several bugs and increases AI integration with Copilot. This is not a security update.
https://support.microsoft.com/en-us/onedrive
Rclone 1.72.1 is a security update.
https://rclone.org/
Signal 7.84.0 resolves a cosmetic bug. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.68.4 adds polls and resolves a cosmetic bug. This is not a security update.
https://signal.org/android/apk/
Syncthing 2.0.13 resolves several bugs. This is not a security update.
https://syncthing.net/
Technitium DNS Server 14.3 resolves several bugs and updates included apps. This is not a security update.
https://technitium.com/dns/
Telegram 6.4.2 resolves several bugs. This is not a security update.
https://telegram.org/
These are unlikely to be of interest to most people.
3tene 4.0.24 resolves several cosmetic bugs. This is not a security update.
https://en.3tene.com/
darktable 5.4.0 resolves many bugs, and improves user interface and performance. This is not a security update.
https://www.darktable.org/
Grayjay 363 improves DASH & UMP support and improves language filters. This is not a security update.
https://grayjay.app/index.html
KaraFun Player 3.10.6 resolves an updater bug, improves cosmetics for currently playing item, and resolves several other bugs. This is not a security update.
https://www.karafun.com/karaoke-windows/
VLC Media Player 3.0.23 is a security update.
https://www.videolan.org/vlc/
These are unlikely to be of interest to most people.
Minecraft Server (Bedrock) 1.21.132.3 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
Nintendo Switch 21.2.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
Steam 2025.12.19 is the last build with 32-bit support, resolves stability bugs with controllers and resolves over a dozen bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
SteamOS SteamDeck Update 3.7.19 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/
One or more of these are likely to be of interest to most people.
Adobe Bridge 15.1.3 and 16.0.1 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb26-07.html
Adobe ColdFusion 2025 Update 6 and 2023 Update 18 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb26-12.html
Adobe DreamWeaver 21.7 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html
Adobe Illustrator 29.8.4 and 30.1 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb26-03.html
Adobe InCopy 21.1 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb26-04.html
Adobe InCopy 20.5.1 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb26-04.html
Adobe InDesign ID21.1 and ID20.5.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb26-02.html
Adobe Substance 3D Designer 15.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb26-13.html
Adobe Substance 3D Modeler 1.22.5 is a security update.
https://helpx.adobe.com/security/products/substance3d-modeler/apsb26-08.html
Adobe Substance 3D Painter 11.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb26-10.html
Adobe Substance 3D Sampler 5.1.3 is a security update.
https://helpx.adobe.com/security/products/substance3d-sampler/apsb26-11.html
Adobe Substance 3D Stager 3.1.6 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb26-09.html
Artweaver 8.1.2 resolves several bugs. This is not a security update.
https://www.artweaver.de/
Audiate 2026.1.0 improves cosmetics and resolves several bugs. This is a security update.
https://www.techsmith.com/camtasia/audiate/
GnuCash 5.14 resolves several bugs. This is not a security update.
https://www.gnucash.org/
ImageMagick 7.1.2-12 resolves several bugs. This is not a security update.
https://imagemagick.org/
Inkscape 1.4.3 resolves dozens of bugs. This is not a security update.
https://inkscape.org/release/
Krita 5.2.14 resolves over a dozen bugs. This is not a security update.
https://krita.org/en/download/
LibreOffice 25.8.4 and LibreOffice Fresh 25.8.4 resolves over 70 bugs. This is not a security update.
https://www.libreoffice.org/
Nextcloud Desktop 4.0.4 resolves several bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.9 is a security update.
https://notepad-plus-plus.org/
PDF-XChange Editor 10.8.2.407 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
Scribus 1.6.5 is a security update.
https://www.scribus.net/
These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.
ChromeOS 143.0.7499.196 is a security update.
https://chromereleases.googleblog.com/search/label/Stable%20updates+ChromeOS
Fedora 43.0 updates apps and libraries, upgrading many services and systems to new current builds. This is a security update.
https://getfedora.org/en/workstation/download/
iOS 26.2 is a security update.
https://support.apple.com/kb/HT204204
iPadOS 26.2 is a security update.
https://support.apple.com/kb/HT204204
Linux Mint 22.3 adds support for newer hardware and removes support for some older hardware, updates drivers and changes defaults. This should be treated as a security update.
https://www.linuxmint.com/download.php
macOS 26.2 is a security update.
https://support.apple.com/kb/HT201541
Tails 7.3.1 is a security update.
https://tails.net/install/download/index.en.html
TOS 6 6.0.794 resolves several bugs. This should be treated as a security update.
https://support.terra-master.com/posts/TOS6_Release_Notes
tvOS 26.2 is a security update.
https://support.apple.com/kb/HT202716
watchOS 26.2 is a security update.
https://support.apple.com/kb/HT204641
One or more of these is likely to be of interest to most people.
.NET Runtime 10.0.1 improves stability and reliability. This is not a security update.
https://dotnet.microsoft.com/en-us/download/dotnet
HTTP Toolkit 1.24.2 doesn’t provide a change log so should be treated as a security update.
https://httptoolkit.tech/
ProtonVPN 4.3.9 improves stability and resolves several bugs. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest
RogueKiller 16.5.4 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/
Stinger 13.0.0.588 adds new detections
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
These are unlikely to be of interest to most people.
Greenshot 1.3.312 is a security update.
https://github.com/greenshot/greenshot/releases
Open Broadcaster Software 32.0.4 resolves three minor bugs. This is not a security update.
https://obsproject.com/
These are unlikely to be of interest to most people.
BookFab 1.2.1.8 improves TTS (text to speech), conversion, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/kindle-converter.htm
DVDFab 13.0.5.4 resolves a stability bug. This is not a security update.
https://www.dvdfab.cn/download.htm
StreamFab 7.0.0.6 resolves dozens of bugs and improves reliability and consistency. This is not a security update.
https://streamfab.dvdfab.cn/downloader.htm
UniFab 4.0.0.0 is a major update adding new upscaling and conversion abilities. This is not a security update.
https://www.dvdfab.cn/unifab.htm
One or more of these are likely to be of interest to most people.
Zotero 7.0.31 adds several new fields and creator types and resolves several bugs. This is not a security update.
https://www.zotero.org/
These are unlikely to be of interest to most people.
1Password 8.11.23 resolves a stability bug when using passkeys. This is not a security update.
https://1password.com/downloads/windows/
AOMEI Partition Assistant 10.10.0 adds a disk space analyzer and resolves partition alignment bug. This is not a security update.
https://www.diskpart.com/
Beyond Compare 5.1.7.31736 improves stability and updates signing. This is not a security update.
https://www.scootersoftware.com/download
Bitwarden 2025.12.2 resolves several bugs. This is not a security update.
https://bitwarden.com/
CCleaner 7.03.1120 updates cleaning and improves analysis. This is not a security update.
https://www.ccleaner.com/
Coreinfo 4.0 adds a GUI version and newer CPU checks. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/coreinfo
CPU-Z Installer 2.18 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html
DesktopOK 12.26 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.6.63.0 adds ability to search within office documents that are already open and updates libraries. This should be treated as a security update.
https://dngrep.github.io/
GoodSync 12.9.22 updates libraries and cleans up cosmetics. This is not a security update.
https://www.goodsync.com/
HWMonitor 1.61 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html
LessMSI 2.11.6 updates table layout display and translations. This is not a security update.
https://lessmsi.activescott.com/
NConvert 7.230 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/
NotMyFault 4.30 adds Arm64 support and new crash types. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/notmyfault
NTLite 2025.12.10736 splits downloads for older versions of Windows and updates components. This is not a security update.
https://www.ntlite.com/download/
OSForensics 11.1.1014 resolves two crash bugs. This is not a security update.
https://www.osforensics.com/download.html
osquery 5.21.0 improves macOS integration, adds several new tables and sources, and resolves a couple bugs. This is not a security update.
https://osquery.io/downloads
Password Security Scanner 1.65 improves compatibility with newer browsers. This is not a security update.
https://www.nirsoft.net/utils/password_security_scanner.html
PointerStick 6.88 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick
Process Explorer 17.09 fixes an image detection bug and adds details for .NET processes. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
Raspberry PI Imager 2.0.3 improves performance, networking, device and drive handling, and adds a custom URI scheme for custom distributions. This is not a security update.
https://www.raspberrypi.com/software/
Remotly 1.37.0 adds support for newer hardware and improves stability. This is not a security update.
https://remotly.com/
RoboForm 9.9.1 updates the icon and adds a caps lock indicator. This is not a security update.
https://www.roboform.com/
SetUserFTA 2.7.3 removes the DLL dependency for UCPD support. This is not a security update.
https://setuserfta.com/download-setuserfta/
Ventoy 1.1.10 resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html
WinGet 1.12.440 adds font support, MCP server, and resolves several bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest
WinScan2PDF 9.51 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
These are unlikely to be of interest to most people.
ADB 36.0.2 improves reliability and resolves a few bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools
Android Studio 2025.2.2.8 resolves several bugs. This is a security update.
https://developer.android.com/studio
GameMaker Studio 2024.14.2.213 improves stability and resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker
GDevelop 5.6.251 improves performance, history, and resolves several bugs. This is not a security update.
https://gdevelop.io/download
Inno Setup 6.7.0 adds new cosmetics and compiling improvements, various scripting and control improvements, and a security change to add RedirectionGuard support. This should be treated as a security update.
https://www.jrsoftware.org/isdl.php
Node.js 20.20.0 is a security update.
https://nodejs.org/en/
Node.js 22.22.0 is a security update.
https://nodejs.org/en/
Node.js 24.13.0 is a security update.
https://nodejs.org/en/
Node.js 25.3.0 is a security update.
https://nodejs.org/en/
SQLite 3.51.2 resolves a couple stability bugs. This is not a security update.
https://www.sqlite.org/download.html
Visual Studio Code 1.108 resolves thousands of bugs and updates cosmetics, AI integration, and more. This is not a security update.
https://code.visualstudio.com/
These are likely to be of interest only to web developers.
HumHub 1.17.5 resolves several bugs. This is not a security update.
https://www.humhub.com/en
Joomla 6.0.2 & 5.4.2 are security updates.
https://www.joomla.org/
OpenPetra 2025.12 resolves several bugs and improves performance. This is not a security update.
https://www.openpetra.org/
Piwigo 16.2.0 resolves several bugs. This is not a security update.
https://piwigo.org/
My Sticky Bar 2.8.6 resolves a stability bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/
Postie 1.9.74 is a security update.
https://wordpress.org/extend/plugins/postie/
Redirection 5.6.0 reduces size. This is not a security update.
https://wordpress.org/extend/plugins/redirection/
Sucuri Security 2.6 adds a new permissions library and resolves a cache bug. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/
Top Commentators Widget 1.7 doesn’t provide a change log so should be treated as a security update.
https://wordpress.org/extend/plugins/top-commentators-widget/
WP Cerber Security 9.6.11 improves browser detection, translation, and DoS hardening. This should be treated as a security update.
https://wpcerber.com/
YOURLS 1.10.3 resolves over a dozen bugs. This is not a security update.
https://yourls.org/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/
Welcome back, Folks!
Today is Patch Tuesday for March, 2024.
There were 300+ major hacks, and over 175 application updates this month. It’s a small month, with about 2.3 GB of updates for most users.
Ace Air Cargo, Air Methods, Aleo, AlgoSec, Alliance Solutions Group, American Express, American Vision Partners, Android and iOS biometric information (GoldPickaxe), AnyCubic Kobra 3D printers, APK.TW, Apple Shortcuts, Assurance IQ, Auxo, Azure AD/Entra ID (Silver SAML), Baesman Group, Inc., Bangalore One, Bank of America, 61 Brazilian Banks, Bay Area Anesthesia, LLC, Benefit Design Group, Inc., Biomedical Research Institute, BlueCare Plus Tennessee, Booking.com, Bradford-Scott Data, Bright Wires, Capita, CareFirst BlueCross BlueShield Community Health Plan – District of Columbia, CareTree, Inc., Carnet-AMM, Casino Del Sol, Cencora, Centre Hospitalier D’Armentieres, CGM, Inc., Change Healthcare, Cheat-Database, Chunghwa Telecom, CIPC, CISA, Citrus Diagnostic Center, City of Dubuque Fire Department, City of Hamilton, Ontario, City of Oakley, CA, City of Pleasant Hill, CA, Coffee Beyers, Cogdell Memorial Hospital, Coinsquare, Colorado Department of Health Care Policy & Financing, Concord Music Group, Inc., ConnectWise Control/ScreenConnect, Continental Aerospace Technologies, Crossroads Equipment Lease & Finance, LLC, CUSO Financial Services, Cutout.Pro, CVS Pharmacy, Inc., David’s Bridal, Davlyn Investments, Denninger’s, Department of State Hospitals (DSH), DGA-Producer Pension & Health Plans, Dignity Health Welfare Benefits Plan, DiVal Safety Equipment, Inc, DJI, 8,000 major brands’ DNS, Duvel Moortgat Brewery, Eagers Automotive, East Carolina University’s Brody School of Medicine, Eastern Radiologists, Inc, EasyPark, EdisonLearning, Inc., Egyptian Health Department, EKEN cameras, El Al Airline, Election Commission of India, Elemetal, LLC, Empire Fidelity Investments Life Insurance Company, Employee Benefits Corporation of America, ETISALAT, Ewig Group, Facebook Marketplace, Fairway Independent Mortgage, FBI, FBinsure, fckeditor, Federal Communications Commission, Fidelity Investments Life Insurance, Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), FixedFloat, Fortinet FortiOS, Fortinet FortiProxy, Framwellgate School, FullPress, Future Generations Foundation, GCA Nederland, Gilroy Gardens, Gixen, Global Tel*Link, Golden Corral, Grace Lutheran Communities, Group Health Cooperative, Grupo Bimbo, Habib’s, Haivision MCS, Hampton County School District, Harvard Pilgrim Health Care, Hathway Cable & Datacom Limited, HAWITA Group, Health NZ, Hessen Consumer Center, Highland Health Systems, Hochschule Kempten, Hospice of Huntington, Houser LLP, Human Affairs International of California, HWL Ebsworth, Imaging Data Commons libdicom, InfoSys McCamish, Infraestructura Portuaria Mexicana, Insomniac Games, Institute of Food Technologists, Insurance ACE/Humana Inc., INTEGRIS Health, Interventional Pain and Regenerative Medicine, iSoon, Ivanti Pulse Secure, Jaypee University, Jersey’s Financial Services Commission, JFSC, Joomla, Jovani Fashions, Juniper Support Portal, JVC Kenwood, Kick, Kids Care Dental & Orthodontics, KNS Bank, La Bonne Alternance, LDLC, Leicester City Council, Lena Pope Home Inc., LenDenClub, Lindsey Municipal Hospital, Liquid Environmental Solutions, Littleton Regional Healthcare, llama.cpp GGUF library, Llamaya, loanDepot.com, LLC, Loghman Pharmaceuticals, Los Angeles International Airport (LAX), Malawi’s passport system, Maranhao Military Police, Maryville Addiction Treatment Centers, Maryville, Inc., McKenzie County Healthcare System, Inc., MedQ, Inc., Mental Health Center of North Central Alabama, Inc., Merchant.ID, Microsoft (yet again!), Microsoft .NET Framework, Microsoft Azure, 97,000 Microsoft Exchange servers, Microsoft Outlook, Microsoft Streaming Service, MicroStrategy, Ministry of Planning, Minnesota State University-Moorhead, Mirtylla, Motilal Oswal Financial Services, Mr. Green Gaming, NALS Apartment Homes LLC, National Police of Peru, Netgear RAX30, NewGen Administrative Services, LLC, North Hill Employee Dental Plan, North Hill Home Health Care, Inc., North Hill Needham, Inc., Northeast Orthopedics and Sports Medicine, PLLC, Northwestern Mutual Life Insurance, NVIDIA drivers, Oculus Meta, Odette, Online Trade (Онлайн Трейд), Opensea, Orlando VA Medical Center, P-Fleet, Pakistan National Bank, Paragon Technology and Innovation, Paul Davis Restoration, Paysign, Pennsylvania’s State Courts, PetSmart, Philips Respironics, PlayDapp, PowerRail, Prague Regional Memorial Hospital, Prince George’s County Public Schools, Procopio, Cory, Hargreaves & Savitch LLP, Prudential Financial, PSI Software SE, QEMU, QNAP NAS devices, Qualcomm Incorporated, RCI, LLC, Redis servers, Redwood Coast RC, Revolut, Richland Community College, Rio Hondo Community College, RMH Franchise, Robert Half, Roblox, Roku, Inc., Romanian medical facilities (approximately 100), Roswell Park Comprehensive Cancer Center, Royal Canadian Mounted Police (RCMP), Russian Ministry of Defense (Minoborony), SAFE Credit Union, Saint Joseph’s College of Maine, Samsung Electronics, Santa Clarita Community College District, Santa Monica-Malibu Unified School District, SCEVN, Schneider Electric, Seminole County Public Schools, Seneca, Seven Seas Group, Shein, SK Hynix, smartphone voice assistants (VoltSchemer), SolarWinds Access Rights Manager, Sony’s Insomniac Games, South Korean President, Southern Water, Spectrum Vision, SPMundi, Superior Communications, Tangerine, TeamCity, Tehachapi Unified School District, Tesla Phone Key, Texx Offroad, Thai Summit, The Biosig Project, The Northwestern Mutual Life Insurance Company (twice), ThyssenKrupp, Toner-dumping, Tornado Cash, Tracy Unified School District, Trans-Northern Pipelines, Tshwane University Of Technology, TTM Technologies, U-Haul, U.S. Department of the Interior, UAE’s IEMS, Ubiquiti Edge OS routers, UC San Diego Health Hillcrest – Hillcrest Medical Center, Ukraine’s State Environmental Inspector, UniCredit, Unisys, UNITE HERE, University of Cambridge’s Clinical School Computing Service, University of Machester, University of Wolverhampton, US Citizenship and Immigration Services, US Customs Enforcement, Valorem Reply, VARTA AG, Veeco, Vi Senior Living, Victor Valley Union High School District, Victoria Police, Virgin Hotels, Virginia Farm Bureau, VMware Cloud Foundation, VMware ESXi, VMware Fusion, VMware Workstation, VSexShop, Ward Transport & Logistics, Washington County Hospital and Nursing Home, Watson Clinic, WayForward, Webber International University, WebMarketPoint, Welltok, Inc., Western National Group, Western Union, Weston Embedded, Williamson County, TX, Windows AppLocker, Windows Defender SmartScreen, WordPress Brick Builder Theme, WordPress LiteSpeed Cache, WordPress Popup Builder, WordPress Ultimate Member, WoTLabs, Wyze, Yakima Valley Radiology, PC, YX International (2FA provider for Facebook and WhatsApp, Google, TikTok, and others), Zenlayer, Zoom, Zyxel firewalls, and Harvard Pilgrim Health Care have reported hacking or compromises this month.
AT&T, Change Healthcare, Facebook, Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Instagram, LinkedIn, Microsoft Outlook Exchange via ActiveSync, Minnesota State University-Moorhead, Royal Canadian Mounted Police (RCMP), US military pharmacies, WhatsApp, and Wyze have suffered from outages this month.
Citrix and Sophos (both companies over 29 years old) suffered from leap year bugs this year.
Microsoft has announced they’re throwing support behind the “privacy-preserving ads API” which is designed to “less uniquely” identify users. The new system is still designed to collect and share all your interests and internet activity (in fact, the one that will be used in Edge will share your desktop/mobile experience as well as activity in other applications, as Edge does now), but it will not be used to “uniquely” identify you, rather it will collect all this information about your activities and assign your profile to various collections through a process known as meta tagging, and these tags will be used to market to you.
In this way, they’ll be able to tell you’re a divorced Christian 40-something year old female with 2 children, dark hair, wears a size 3, prefers red wine, lives within a 2-block radius of Bank of America in Modesto, orders from Papa Johns once per month and only votes every other election cycle, but they won’t know it’s “you.” Please use an ad-blocker and disable all these metric and ad-measurement features.
The “new Outlook” by Microsoft is collecting logins from third-party accounts and storing them in the Microsoft Cloud without telling their users. Email, contacts and other information from third-party accounts, as well.
While I’m on the topic of Microsoft email…after pushing for better validation and spam controls among their industry partners, Microsoft Exchange is still responsible for a large amount of spam.
Microsoft is also making another push to upgrade those still on Windows 10 to Windows 11. For some devices this means they will be aggressively force-upgraded as happened to Windows 7 users win Windows 10 was released and to some Windows 10 users when Windows 11 was released.
Apple has disabled the Epic developer account, again, claiming that they can’t be trusted. Pot, kettle?
Google Pay is shutting down in the US. If you’ve stored money within this platform you need to move it out before early June. They couldn’t keep their own payment platform alive, but Google believes their AI should be trusted with direct access to information about all hacking incidents so it can be used “for defense.” Somehow I’m just not buying it.
The first publicly known AI prompt injection worm has been created and shown to self-propagate by telling the AI to send a copy of itself through to other AI nodes.
Troy Hunt has a great write-up that demonstrates why it is so easy for scammers to get away with text scams. The vendors suck.
Bitcoin broke $73,000 yesterday for the first time, which is $30,000 more than it was at the beginning of the year and $50,000 more than it was a year ago. If you’re looking to sell, don’t. But if you must, we still have about a month of growth yet before the bull run is over. I would be surprised if it doesn’t break at least $82,000 by the first week of April.
Now back to our regularly scheduled program.
Patch Tuesday is small this month. The typical computer should see roughly 2.3 GB in updates today. Let’s get started.
Microsoft released updates to address 69 vulnerabilities in .NET, Azure Data Studio, Azure SDK, Microsoft Authenticator, Microsoft Azure Kubernetes Service, Microsoft Django Backend for SQL Server, Microsoft Dynamics, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Intune, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft QUIC, Microsoft SharePoint Server, Microsoft Teams, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Open Management Infrastructure, Outlook for Android, Role: Windows Hyper-V, Servicing Stack Update, Servicing Stack Updates, Skype for Consumer, Software for Open Networking in the Cloud (SONiC), Visual Studio Code, Windows AllJoyn API, Windows Cloud Files Mini Filter Driver, Windows Composite Image File System, Windows Compressed Folder, Windows Defender, Windows Error Reporting, Windows Installer, Windows Kerberos, Windows Kernel, Windows NTFS, Windows ODBC Driver, Windows OLE, Windows Print Spooler Components, Windows Standards-Based Storage Management Service, Windows Telephony Server, Windows Update Stack, Windows USB Hub Driver, Windows USB Print Driver, Windows USB Serial Driver, and MSRT. This includes security updates. A reboot is required.
Apple released updates for iOS 15.8.2, iOS 16.7.6, iOS 17.4, iPadOS 16.7.6, iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, Safari 17.4, tvOS 17.4, visionOS 1.1, and watchOS 10.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.
iOS 15.8.2, 16.7.6 and 17.4 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 16.7.6 and 17.4 are security updates. Use Settings, General, Software Update to install the most current update.
watchOS 10.4 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 17.4 is a security update. Use System, Software Update to install the most current version.
visionOS 1.1 is a security update. Use Settings, General, Software Update to install the most current version.
Google Chrome OS 120.0.6099.301, 121.0.6167.188 and 122.0.6045.214 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
AMD Adrenalin 24.2.1 improves stability and resolves more than a dozen bugs. This is not a security update.
https://www.amd.com/en/support
Display Driver Uninstaller 18.0.7.3 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu
Nvidia Driver 474.89 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us
One or more of these are likely to be of interest to everyone.
Brave 1.63.169 is a security update.
https://brave.com/
Google Chrome 122.0.6261.111 is a security update.
https://www.google.com/chrome/
Microsoft Edge 122.0.2365.80 is a security update.
https://www.microsoft.com/en-us/edge/business/download
Firefox 123.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 115.8.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Opera 108.0.5067.24 is a security update.
https://www.opera.com/browsers/opera
Opera GX 107.0.5045.60 is a security update.
https://www.opera.com/gx
Vivaldi 6.6.3271.48 is a security update.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
Spark 3.14.3.67453 improves AI training process. This is not a security update.
https://sparkmailapp.com/
Thunderbird 115.8.1 is a security update.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
Dropbox 193.4.5594 resolves stability bugs. This is not a security update.
https://www.dropbox.com/
Facebook Messenger 206.0.0.8.218 is a security update.
https://www.messenger.com/download
FreeFileSync 13.4 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php
Google Drive 88.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start
MeshCentral 1.1.21 resolves dozens of bugs. This is a security update.
https://meshcentral.com/info/downloads.html
Microsoft Teams 1.7.00.6058 adds several new features. This is not a security update.
https://teams.microsoft.com/downloads
Nextcloud Server 28.0.3 resolves dozens of bugs. This is a security update.
https://nextcloud.com/
Omada Software Controller 5.13.30.8 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/
Rclone 1.66.0 resolves dozens of bugs. This is not a security update.
https://rclone.org/
Signal 7.1.1 is a major update, adding username support, improved privacy controls, new emoji, and resolves several bugs. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.0.2 is a major update, adding username support, improved privacy controls, new emoji and resolves several bugs. This is not a security update.
https://signal.org/android/apk/
Skype 8.113.0.210 improves stability. This is not a security update.
https://www.skype.com/
Syncthing 1.27.4 resolves several bugs. This is not a security update.
https://syncthing.net/
Telegram 4.15.1 adds Telegram Business features and adds emoji. This is not a security update.
https://telegram.org/
Telegram (Android) 10.9.1 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps
WinSCP 6.3.2 updates libraries and resolves several bugs. This is a security update.
https://winscp.net/eng/index.php
Zoom 5.17.11.34827 improves AI and resolves several bugs. This is a security update.
https://zoom.us/
These are unlikely to be of interest to most people.
3tene 4.0.2 improves face detection, lip sync, and resolves several bugs. This is not a security update.
https://en.3tene.com/
darktable 4.6.1 improves performance and resolves dozens of bugs. This is a security update.
https://www.darktable.org/
Grayjay 236 adds cache support, improved performance, adds watch filters, and resolves several cosmetic bugs. This is not a security update. They also announced that Grayjay Desktop will be available in the coming months. Yay! 🙂
https://grayjay.app/index.html
Kodi 20.5 updates libraries and resolves several bugs. This is a security update.
https://kodi.tv/
Plex Desktop 1.88.1.96 improves stability and resolves a cosmetic bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Home Theater 1.57.1.100 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app
TuneIn 1.28.0 doesn’t provide a change log so should be treated as a security update.
https://tunein.com/radio/home/
These are unlikely to be of interest to most people.
GameMaker Studio 2024.2.0.132 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker
GDevelop 5.3.194 adds notification support, QRCode support, one-click iOS export, resolves several bugs. This is not a security update.
https://gdevelop.io/download
Minecraft Server (Bedrock) 1.20.71.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
PS3 4.91 adds support for the latest BluRay encodings and improves perofrmance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/
PS5 24.01-08.60.00 improves Parties, hardware support, and performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
Steam 2024-03-07 resolves dozens of bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
SteamOS 3.5.17 resolves dozens of bugs and improves compatibility and stability. This is not a security update.
https://store.steampowered.com/news/app/1675200/
One or more of these are likely to be of interest to most people.
Adobe Animate 23.0.4 and 24.0.1 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-19.html
Adobe Bridge 13.0.6 and 14.0.2 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-15.html
Adobe ColdFusion 2021.13 and 2023.7 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html
Adobe Experience Manager 2024.03 and 6.5.20.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html
Adobe Lightroom 7.2 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb24-17.html
Adobe Premiere Pro 23.6.4 and 24.2.1 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb24-12.html
Calibre 7.6.0 adds profile support, merge support, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/
Columns++ 1.0.5 resolves a tab-to-spaces bug and adds support for notifications coming in the next version of Notepad++. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus
Ghostscript 10.03.0 resolves several bugs and improves OCR support. This is not a security update.
https://www.ghostscript.com/releases/gsdnld.html
ImageMagick 7.1.1-29 resolves several bugs. This is not a security update.
https://imagemagick.org/
Kdenlive 24.02.0 is a major update, adding native support for DirectX, Metal and Vulkan, Apple Silicon support, and resolves several bugs. This is not a security update.
https://kdenlive.org/
LibreOffice 7.6.5 resolves over 90 bugs. This is a security update.
https://www.libreoffice.org/
LibreOffice Fresh 24.2.1 resolves almost 100 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/
Manager 24.3.10.1347 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/
Nextcloud Desktop 3.12.1 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/
Notepad++ 8.6.4 resolves a focus bug. This is not a security update.
https://notepad-plus-plus.org/
Paint.net 5.0.13 resolves a couple bugs and updates libraries. This is a security update.
https://www.getpaint.net/
QuickBooks Pro 2022 20231120-R13_69 no longer provides a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products
QuickBooks Pro 2023 20231107-R9_133 does not provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products
One or more of these is likely to be of interest to most people.
Gpg4win 4.3.1 adds support for new smart cards, Windows root CAs, and resolves several bugs. This is a security update.
https://www.gpg4win.org/download.html
iOS 17.4 is a security update.
https://support.apple.com/kb/HT204204
iPadOS 17.4 is a security update.
https://support.apple.com/kb/HT204204
macOS 14.4 is a security update.
https://support.apple.com/kb/HT201541
MalwareBytes Anti-Malware 4.6.9 prepares the software for the v5 release. This is not a security update.
https://www.malwarebytes.org/antimalware/
OnionShare 2.6.1 updates dependencies, updates release process, resolves several bugs. This is not a security update.
https://onionshare.org/
ProtonVPN (macOS) 4.1.7 improves stability and resolves several bugs. This is not a security update.
https://protonvpn.com/download
RogueKiller 15.15.3 updates engine, improves exclusion and configuration controls, adds support for multiple threat names and multiple schedules. This is not a security update.
https://www.adlice.com/download/roguekiller/
SanDisk PrivateAccess 6.4.10.0 does not provide a change log so should be treated as a security update.
https://support-en.wd.com/app/answers/detailweb/a_id/48025
Stinger 13.0.0.72 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
Symantec Norton Removal Tool 20240303
https://support.norton.com/sp/en/us/home/current/solutions/v60392881
Tails 6.0 is a major update, improving persistent storage support, external mounting, session resumption, and application and library updates. This is a security update.
https://tails.net/install/download/index.en.html
tvOS 17.4 is a security update.
https://support.apple.com/kb/HT202716
uBlock Origin 1.56.0 resolves dozens of bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
watchOS 10.4 is a security update.
https://support.apple.com/kb/HT204641
Wireless Network Watcher 2.41 adds option to scan IPv6 addresses. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html
These are unlikely to be of interest to most people.
SnagIt 24.1.1 updates libraries, improves mute detection, camera mode swapping, and resolves several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html
These are unlikely to be of interest to most people.
DVDFab 13.0.1.3 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm
StreamFab 6.1.6.8 improves compabitility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm
UniFab 2.0.1.2 improves enlarger and upscaling, improves performance for deinterlacer and denoiser, and resolve several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm
One or more of these are likely to be of interest to most people.
Zotero 6.0.35 resolves several bugs, improves compatibility, and updates signature. This should be treated as a security update.
https://www.zotero.org/
These are unlikely to be of interest to most people.
1Password 8.10.27 improves compatibility and resolves several bugs. This is not a security update.
https://1password.com/downloads/
Agent Ransack 2022.3425 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/
Bitwarden 2024.3.0 adds passkey support to self-hosted version, improved 2FA, redesigned interface. This is a security update.
https://bitwarden.com/
CalyxOS Device Flasher 1.0.9 doesn’t provide a change log so should be treated as a security update.
https://calyxos.org/install/
CCleaner 6.21.10918 resolves several bugs and improves software udpater. This is not a security update.
https://www.ccleaner.com/
Cygwin 3.5.1-1 resolves several bugs. This should be treated as a security update.
https://cygwin.com/
DesktopOK 11.17 resovles several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.1.27.0 improves plugin support, adds sticky scrolling, extends date filters, improves installer and resolves several bugs. This is a security update.
https://dngrep.github.io/
ExplorerPatcher 22621.3007.63.2 improves compatibility, resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/
FileLocator Pro 2022.3425 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download
FileTypesMan 2.00 adds option to exclude loading of icons which might cause it to hang or crash. This is not a security update.
https://www.nirsoft.net/utils/file_types_manager.html
Fing 3.6.2 updates signature, improves service not found page, and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows
Git SCM 2.44.0 resolves several bugs and improves syntax. This is not a security update.
https://git-scm.com/
Go 1.22.1 is a security update.
https://go.dev/
GoodSync 12.5.8 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/
Hiren’s BootCD PE 1.0.8 updates drivers. This is not a security update.
https://www.hirensbootcd.org/download/
Homedale 2.11 improves channel width display. This is not a security update.
https://www.the-sz.com/products/homedale/
HWMonitor 1.53 adds hardware support. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html
MobileFileSearch 1.48 resolves a bug in export content. This is not a security update.
https://www.nirsoft.net/utils/mobile_device_file_search.html
NConvert 7.172 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/
NetworkOpenedFiles 1.62 adds sort button to toolbar. This is not a security update.
https://www.nirsoft.net/utils/network_opened_files.html
OSFMount 3.1.1003 improves compatibility. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html
OSForensics 11.0.1006 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html
PowerToys 0.79.0 rsolves dozens of bugs and updates libraries. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest
ScreenConnect 23.9.10.8817 is a security update.
https://www.connectwise.com/software/control/download
Starwind V2V Converter 9.413 adds support for converting VMs to and from VirtualBox. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter
Sysmon 15.14 resolves crash bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
Unity 2023.2.12 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive
WifiInfoView 2.93 adds support for 8.2.11be. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html
Windows Migration Assistant 3.0.0.0 doesn’t provide a detailed change log so should be treated as a security update.
https://support.apple.com/en-us/118595
WinGet 1.7.10582 is now officially stable, updating libraries and resolve dozens of bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest
WinRAR 7.00 is a major version, increasing the maximum dictionary size, maximum path length, improved security tagging (MotW), and resolves dozens of bugs. This is not a security update.
https://www.rarlab.com/
WinScan2PDF 8.72 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
WizTree 4.19 adds quick and dirty duplicate detection (name patterns only!) and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/
XnConvert 1.100.1 improves batch operation. This is not a security update.
https://www.xnview.com/en/xnconvert/
ZoomText 2022.2402.1.400 improves tracking, compatibility, and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText
ZoomText 2023.2402.1.400 improves tracking, compatibility and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText
These are unlikely to be of interest to most people.
.NET Runtime 8.0.3 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet
ADB 35.0.0 resolves compatibility bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools
Android Studio 2023.2.1.23 updates libraries and resolves several bugs. This is not a security update.
https://developer.android.com/studio
GitHub Desktop 3.3.11 resolves several bugs. This is not a security update.
https://desktop.github.com/
Node.js 18.19.1 is a security update.
https://nodejs.org/en/
Node.js 20.11.1 is a security update.
https://nodejs.org/en/
Node.js 21.7.1 is a security update.
https://nodejs.org/en/
Rustup 1.27.0 improves compatibility, updates libraries, and resolves several bugs. This is not a security update.
https://www.rust-lang.org/
SQLite 3.45.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html
Visual Studio Code 1.87.2 is a security update.
https://code.visualstudio.com/
These are unlikely to be of interest to most people.
VMware Workstation Player 17.5.1 is a security update.
https://customerconnect.vmware.com/downloads/#all_products
These are likely to be of interest only to web developers.
Invision Community 4.7.16 is a security update.
https://invisioncommunity.com/
Joomla 5.0.3 and 4.4.3 are security updates.
https://www.joomla.org/
Piwigo 14.3.0 is a security update.
https://piwigo.org/
Autoptimize 3.1.11 resolves several bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/autoptimize/
BuddyPress 12.3.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/
Contact Form 7 5.9.2 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/
My Sticky Bar 2.6.8 is a security update.
https://wordpress.org/extend/plugins/mystickymenu/
Theme My Login 7.1.7 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/
W3 Total Cache 2.7.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/
WooCommerce 8.6.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/
WPBakery 7.5 resolves several bugs. This is not a security update.
https://wpbakery.com/
WP Mail SMTP 4.0.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/
WP Plugin Update Checker 5.4 improves detection and resolves a couple bugs. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/
Happy Valentine’s Day, Folks!
Today is Patch Tuesday for February, 2024. There were 230+ major hacks and over 200 application updates this month. It’s a big month, with about 3.5 GB of updates for most users.
23andMe, Inc., Academy Mortgage Corporation, AHS Management Company, Inc., Air Methods, LLC, Alkem Laboratories, Almerys, Alpine Halo9 iLX-F509, American Meat Companies, Android TV and eCos set-top boxes, Android, Ann & Robert H. Lurie Children’s Hospital, AnyDesk, Apple iPhone, Apple Mac, Apple Vision Pro, Apple Watch, AppleTV, Ashford, Inc., Autel MaxiCharger AC Wallbox Commercial, Automotive Grade Linux, Azura Vascular Care, Azusa Unified School District, Bake ‘N Joy Foods, Inc., Bank of America, Bankers Life and Casualty Company, Blink Mobility, Bosch Thermostats, Brady Martz & Associates PC, 3 million Breathless toothbrushes, BrightStar Care, Buildkit, Burr & Forman LLP, Cadence Bank, California Public Employees Retirement System (CalPERS), Calvià City Council, Canterbury County Council, Carnegie Mellon University, Catholic Charities of the Archdiocese of Miami, Inc., ChargePoint Home Flex, a China-based financial MNC, Chuze Fitness, Citrix Netscaler, Cloudflare, CNO ACE, Coastal Hospice & Palliative Care, Coastal Plains Community Mental Health Mental Retardation Center, Colorado Ophthalmology Associates, PC, Columbus Life Insurance Company, Columbus Regional Healthcare System, Concentra Health Services, Concord Music Group, Inc., Connecticut College, Coppola Physical Therapy and Fitness Gyms, Covenant Care California, LLC, Coventry school, Crace Medical Centre, Des Moines Orthopaedic Surgeons, P.C., Dickinson County Health Department, Docker, Dover District Council, Dutch Ministry of Defence, ElGuindy, Meyer & Koegel, APC, Emmanuel College, EMPORIA EV Charger Level 2, EquiLend Holdings, Europcar, ExpressVPN, Family Healthcare Center, FedEx Corporation Group Health Plan, Fidelity National Financial, First Financial Security, Inc.,
Fortinet, FortiOS SSL VPN, FortiSIEM, Fortra GoAnywhere MFT, Framework Computer, Freehold Township schools, Fullerton Joint Union High School District, Gamma Strategies, GEICO Corporation, Georgia’s Fulton County, 5,300+ GitLab instances, Glendale Unified School District, Global Affairs Canada, Glow, Goledo Finance, Google Bazel, Google Chrome, Hair Club for Men, Ltd., Inc., Halara, Hampton-Newport News Community Services Board, Hanmi Bank, Hathway, Health Alliance Medical Plans, Hewlett Packard Enterprise (HPE), Hipocrate Information System, HMG Healthcare, HopSkipDrive, HORNE, LLP, HP ink cartridges, Hyundai Motor Europe, Infosys McCamish Systems LLC, InHealth Technologies, INTEGRIS Health, Islamic Charity in Saudi Arabia, ITITAN Hosting, Ivanti Avalanche, Ivanti Connect Secure VPN, Ivanti Policy Secure Gateway, J.D. Gilmour, Jason’s Deli, 45,000+ Jenkins instances, JetBrains TeamCity, 65 job listing sites, JuiceBox 40 Smart EV Charging Station, Juniper, Kansas City Area Transportation Authority, Kansas State University, Keenan & Associates, Kern Regional Center, Kyocera printers, Liberty Hospital, Lineage, Inc, Livall, LoanDepot, Lutheran World Federation, Marywood Nursing Care Center, Mastodon, McCarthy & Holthus, LLP, Medical Eye Services, Inc., Mercedes-Benz, Microbe & Lab, Microsoft (again!), Microsoft SharePoint, Microsoft SQL servers, Multi-Fineline Electronix, Inc., Musick, Peeler & Garrett LLP, MyPertamina, Nabholz Construction Company Employee Welfare Health Plan, NASCO, National Advisors Holdings, Inc., Nautic Partners, LLC, Navvis & Company, LLC, Naz.API, Oak View Group, Omaha Firefighters Healthcare Trust, Orange Spain, Orange Unified School District, OrthoArkansas, PA Employee Benefit Plan, Ozys, Parkovy, Payoneer, Pennsylvania Emergency Dispatch, Perry Johnson & Associates, Inc., Phoenix Contact CHARX SEC-3100, Pioneer DMH-WT7600NEX, Planet Home Lending, Planeta, PLUS FIVE FIVE, Prestige Care, Inc., Radiant Capital, Rajasthan government (India), Rebekah Children’s Services, Ripple, Romanian Chamber of Deputies, Roundcube email server, Saint Anthony Hospital, Schneider Electric Sustainability, SendGrid, Singing River Gulfport, Singing River Health System, SinglePoint Outsourcing, Inc., Socket, Somesing, SonicWall next-generation firewalls, Sony XAV-AX5500, Spoutible, Summit Medical Group, PLLC, Sun Pain Management, LLC, Tesla Infotainment System, Tesla Modem, Tesla, TGI Direct, Thanet District Council, The Burton Corporation, TIC Hosting, Tietoevry, Tigo, Torchbyte, TP-Link Omada, Trello, Trezor, Trinity Universal Insurance Company, TRISTAR Insurance Group, U.S. Renal Care, Inc., Ubiquiti Connect EV Station, UEFI Firmware, United Regional Health Care System, Unitronics PLCs, US Department of Health and Human Services, US GSA, US military, Ventura County Credit Union, Veolia North America, Verizon Communications Inc., Verizon, Viamedis, VMware vCenter Server, Walker Therapeutic & Educational Programs, Washington National Insurance Company, Webber Chiropractic Sports Clinic, Inc., Weslend Financial, Windows SmartScreen, WinStar, Wise Lending, and WPS Office have reported hacking or compromises this month.
Atlassian Jira, Microsoft Teams (twice), Parkovy, Tietoevry, and T-Mobile have suffered from outages this month.
Last months updates broke spellcheck in Microsoft Teams, the ability to install updates directly for Microsoft Teams without enabling Delivery Optimization, search in Outlook, Google Pixel phones, Outlook.com via Outlook, Windows Sysprep, Windows updates.
There is a new “flaw” in the Windows 11 installer, which allows incompatible hardware to be installed to and activated. The Microsoft ms-appinstaller protocol handler is being exploited again to install malware.
The German railway system still uses MS-DOS and Windows 3.11 to manage their displays. Wrenches and toothbrushes are the latest victims in hijacking efforts. A new study demonstrates that the new trend of using AI to write code generates less secure code. SIM swapping is still quite popular.
Google is resuming their migration to Manifest V3, which will result in many content and ad filters failing, as well as many other browser extensions, in only 5 short months.
Amazon AWS is now charging for IPv4 addresses.
While unlikely to make a difference, CA is now suing streaming media services for violating the CCPA. The UN is pushing for a “cybercrime” treaty designed to criminalize all efforts to research malware, security, and vulnerability testing, even when the target of the research has requested it. The treaty would also allow international courts to be used to target anyone using encryption for private communication channels, such as PGP, Telegram, or Signal.
Now back to our regularly scheduled program.
Patch Tuesday is a big one this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.
Microsoft released updates to address 79 vulnerabilities in .NET, .NET Framework, ASP.NET, Azure Active Directory, Azure Connected Machine Agent, Azure DevOps, Azure File Sync, Azure Site Recovery, Azure Stack, Internet Connection Sharing (ICS), Internet Shortcut Files, Microsoft ActiveX, Microsoft Azure Kubernetes Service, Microsoft Defender for Endpoint, Microsoft Dynamics 365, Microsoft Dynamics, Microsoft Edge, Microsoft Entra Jira, Microsoft Exchange Server, Microsoft Message Queuing (MSMQ), Microsoft ODBC Driver, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office Word, Microsoft Office, Microsoft Power Platform Connector, Microsoft SQL Data Provider, Microsoft Teams for Android, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Microsoft Windows, Servicing Stack Update, Skype for Business, SQL Server, Trusted Compute Base, Visual Studio, Win32k, Windows AppX, Windows DNS Client, Windows DNS Server, Windows Hyper-V, Windows Kernel, Windows LDAP, Windows Network Address Translation (NAT), Windows OLE, Windows Pragmatic General Multicast (PGM), Windows Printing Service, Windows SmartScreen, Windows USB Generic Parent Driver, Windows USB Serial Driver, and MSRT (~ 2.0 GB). This includes security updates. A reboot is required.
Apple released updates for iOS 15.8.1, iOS 16.7.5, iOS 17.3, iOS 17.3.1, iPadOS 15.8.1, iPadOS 16.7.5, iPadOS 17.3, iPadOS 17.3.1, macOS 14.3, macOS 14.3.1, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, Magic Keyboard Firmware 2.0.6, Safari 17.3.1, tvOS 17.3, visionOS 1.0.3, watchOS 10.3, and watchOS 10.3.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.
iOS 15.8.1, 16.7.5 and 17.3.1 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 15.8.1, 16.7.5 and 17.3.1 are security updates. Use Settings, General, Software Update to install the most current update.
watchOS 10.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 17.3 is a security update. Use System, Software Update to install the most current version.
visionOS 1.0.3 is a security update. Use Settings, General, Software Update to install the most current version.
Google Chrome OS 120.0.6099.235 and 121.0.6167.159 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
AMD Adrenalin 24.1.1 adds support for new hardware, AFMF and upscaling improvements, and resolves several bugs. AMD Link is being discontinued with this version. This is not a security update.
https://www.amd.com/en/support
Display Driver Uninstaller 18.0.7.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu
Wacom Driver 6.4.5-5 improves reliability. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers
One or more of these are likely to be of interest to everyone.
Brave 1.62.162 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/
Firefox 122.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 115.7.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/
Google Chrome 121.0.6167.160 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/
Microsoft Edge 121.0.2277.113 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download
SeaMonkey 2.53.18.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/
Vivaldi 6.5.3206.61 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
DavMail Gateway 6.2.1 is a security update.
https://davmail.sourceforge.net/
Spark 3.13.4.66391 adds deep link email sharing and resolves several bugs. This is not a security update.
https://sparkmailapp.com/
Spark for macOS 3.13.4.66401 adds deep link email sharing and resolves several bugs. This is not a security update.
https://sparkmailapp.com/
Thunderbird 115.7.0 is a security update.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
AnyDesk 8.0.8 is a security update.
https://anydesk.com/en/downloads
AnyDesk 8.0.0 for macOS is a security update.
https://anydesk.com/en/downloads
curl 8.6.0 resolves over 100 bugs. This is a security update.
https://curl.haxx.se/windows/
Dropbox 192.4.4605 resolves several bugs. This is not a security update.
https://www.dropbox.com/
Facebook Messenger 205.0.0.11.228 is a security update.
https://www.messenger.com/download
FileZilla Client 3.66.5 is a security update.
https://filezilla-project.org/
FileZilla Server 1.8.1 is a security update.
https://filezilla-project.org/
Google Drive 86.0 resolves several bugs. This is not a security update.
https://drive.google.com/start
Grocy Desktop 2.9.0 updates library and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy-desktop
MeshCentral 1.1.20 resolves over a dozen bugs. This is not a security update.
https://meshcentral.com/info/downloads.html
Microsoft Teams 1.7.00.1864 adds several new features, including improved domain & email integration. This is not a security update.
https://teams.microsoft.com/downloads
Nextcloud Server 28.0.2 resolves more than 100 bugs. This is a security update.
Npcap 1.79 resolves a couple reliability bugs. This is not a security update.
https://nmap.org/npcap/
Omada Software Controller 5.13.23 resolves several bugs. This is not a security udpate.
https://www.tp-link.com/us/support/download/omada-software-controller/
Pocketnet-Core 0.22.1 resolves over a dozen bugs. This is not a security update.
https://pocketnet.app/
Pocketnet-GUI 0.8.77 resolves several bugs. This is not a security update.
https://pocketnet.app/
Rclone 1.65.2 updates libraries and resolves a couple important reliability bugs. This should be treated as a security update.
https://rclone.org/
Signal 6.47.0 makes several improvements to emoji and emoticon support. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 6.46.7 doesn’t have a detailed changelog so should be treated as a security update.
https://signal.org/android/apk/
Skype 8.110.0.218 improves stability and resolves several bugs. This is not a security update.
https://www.skype.com/
Syncthing 1.27.3 resolves several bugs and improves CLI complettion. This is not a security update.
https://syncthing.net/
Technitium DNS Server 12.0.1 moves to .NET 8, resolves more than a dozen bugs. This is a security update.
https://technitium.com/dns/
Telegram 4.14.15 resolves several bugs. This is not a security update.
https://telegram.org/
Telegram (Android) 10.6.1 resolves several bugs. This is not a security update.
https://telegram.org/apps
Tigase Server 8.3.1 resolves several bugs. This is not a security update.
https://github.com/tigase/tigase-server/releases/latest
Trillian 6.5.0.38 resolves a mute bug. This should be treated as a security update.
https://www.trillian.im/
Zoom 5.17.7.31859 resolves several bugs. This is not a security update.
https://zoom.us/
These are unlikely to be of interest to most people.
3tene 4.0.1 improves tracking, compatibility, and resolves several bugs. This is not a security update.
https://en.3tene.com/
Bitwig Studio 5.1.3 adds a few new filters and modules, and resolves several bugs. This is not a security update.
https://www.bitwig.com/download/
Grayjay 233 resolves several crashes and improves stability. This is not a security update.
https://grayjay.app/index.html
Kodi 20.4 resolves dozens of bugs and improves compatibility. This is a security update.
https://kodi.tv/
MediaMonkey 5.2 resolves a cosmetic bug. This is not a security update.
https://www.mediamonkey.com/windows#download
Plex Desktop 1.86.1.4076 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Home Theater 1.55.1.4084 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Media Server 1.40.0.7998 improves native tagging, music filtering, resolves several bugs. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
These are unlikely to be of interest to most people.
GDevelop 5.3.189 resolves over 20 bugs. This is not a security update.
https://gdevelop.io/download
Minecraft Server (Bedrock) 1.20.61.01 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
PS5 2024.206 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
Steam 2024-01-13 resolves dozens of bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
One or more of these are likely to be of interest to most people.
Adobe Reader DC 23.008.20533 is a security update.
https://get.adobe.com/reader
Adobe Commerce 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.3-ext-6, 2.4.2-ext-6, 2.4.1-ext-6, 2.4.0-ext-6, and 2.3.7-p4-ext-6 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-03.html
Magento Open Source 2.4.6-p4, 2.4.5-p6, and 2.4.4-p7 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-03.html
Adobe Substance 3D Painter 9.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html
Adobe Acrobat 23.008.20533 and 20.005.30574 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-07.html
Adobe FrameMaker Publishing Server 2022.2 is a security update.
https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-10.html
Adobe Audition 24.2 and 23.6.4 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-11.html
Adobe Substance 3D Designer 13.1.1 iis a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-13.html
Calibre 7.5.1 resolves several bugs. This is not a security update.
https://calibre-ebook.com/
Columns++ 1.0.2 resolves a critical stability bug. This should be treated as a security update.
https://github.com/Coises/ColumnsPlusPlus
ImageMagick 7.1.1-28 updates libraries and resolves over a dozen bugs. This should be treated as a security update.
https://imagemagick.org/
Kindle for PC 2.3.70682 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc
LibreOffice Fresh 24.2.0 is the first version released with the new numbering scheme (year and month of release). This version resolves almost 300 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/
Manager 24.2.13.1295 doesn’t have any detailed changes in the changelog for the most recent several versions over the last month, so this should be treated as a security update.
https://www.manager.io/
Nextcloud Desktop 3.11.1 updates libraries and resolves over a dozen bugs. This is a security update.
Notepad++ 8.6.2 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/
PDF-XChange Editor 10.2.1.385 resolves over a dozen bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
QuickBooks Pro 2022 20231120-R13_63 doesn’t provide a detailed changelog so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products
QuickBooks Pro 2023 20231107-R9_121 doesn’t provide a detailed changelog so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products
uniCenta oPOS 5.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://unicenta.com/
One or more of these is likely to be of interest to most people.
Gpg4win 4.3.0 resolves dozens of bugs. This is a security update.
https://www.gpg4win.org/download.html
Java 8u401 is a security update.
https://www.java.com/en/download/manual.jsp
KeePass 2.56 improves integration and search feature, resolves more than a dozen bugs. This is not a security update.
https://keepass.info/
MalwareBytes Anti-Malware 4.6.8.311 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.malwarebytes.org/antimalware/
Microsoft Edge Policy 2024.02.06 adds blocklist for extension install types and the ability to preserve Manifest v2 availability. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md
OpenSSL 3.2.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html
ProtonVPN 3.3.5 improves stability. This is not a security update.
https://protonvpn.com/download
RogueKiller 15.14.0 is a security update.
https://www.adlice.com/download/roguekiller/
Stinger 13.0.0.64 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
Symantec Norton Removal Tool 20240206 improves removal. This is not a security update.
https://support.norton.com/sp/en/us/home/current/solutions/v60392881
Tails 5.22 updates libraries, included apps, and resolves several bugs. This is a security update.
https://tails.net/install/download/index.en.html
YARA 4.5.0 resolves a dozen bugs. This is not a security update.
https://github.com/VirusTotal/yara/
These are unlikely to be of interest to most people.
DVDFab 13.0.1.1 adds support for new encodings and resolves a couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm
HandBrake 1.7.3 resolves over a dozen bugs. This is not a security update.
https://handbrake.fr/
MakeMKV 1.17.6 improves tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/
StreamFab 6.1.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm
UniFab 2.0.1.1 adds support for denoise, improves upscaling performance, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm
These are unlikely to be of interest to most people.
1Password 8.10.24 resolves several bugs, improves idle behavior, and improves integration. This should be treated as a security update.
https://1password.com/downloads/mac/
https://1password.com/downloads/windows/
Agent Ransack 2022.3420 resolves several bugs. This is not a security update.
AMD Ryzen Master 2.13.0.2908 adds support for new hardware and improves Curve Optimizer settings. This is not a security update.
https://www.amd.com/en/technologies/ryzen-master
AOMEI Partition Assistant 10.3.0 adds Bitlocker support and resolves several bugs. This is not a security update.
https://www.diskpart.com/
Autoruns 14.11 fixes a parameter parsing bug. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns
balenaEtcher 1.18.11 resolves a couple bugs. This is not a security update.
https://etcher.balena.io/
Bitwarden 2024.2.0 improves self-hosting controls, TOTP capture and import. This is not a security update.
https://bitwarden.com/
CCleaner 6.20.10897 improves cleaning, adds bookmark backup removal, and improves compatibility. This is not a security update.
https://www.ccleaner.com/
CPU-Z Installer 2.09 adds support for new hardware and adds the ability to benchmark a single coreset/cluster. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html
Cygwin 3.5.0 drops support for older Windows versions, adds several new raw maps, API calls, and mixer control. This is not a security update.
https://cygwin.com/
Dell Command Update 5.2.0 improves controls and notifications. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en
DesktopOK 11.16 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.1.7.0 improves PDF search, date-time display, adds mutliple custom editor support, and resolves several bugs. This is not a security update.
https://dngrep.github.io/
email-oauth2-proxy 2024-01-20 adds support for GWS Cloud Service accounts, and resolves several bugs. This is a security update.
https://github.com/simonrob/email-oauth2-proxy
Everything CLI 1.1.0.27 improves performance and adds x64 build. This is not a security update.
https://www.voidtools.com/
Fido 1.55 improves compatibility. This is not a security update.
https://github.com/pbatard/Fido/releases
FileLocator Pro 2022.3420 resolves several bugs. This is not a security update.
Fing 3.6.1 resolves a couple bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows
Go 1.22.0 adds several new language constructs, improved auditing and performance, adds go/version, and enhanced routing. This is not a security update.
https://go.dev/
GoodSync 12.5.5 improves compatibility and resolves more than a dozen bugs. This is not a security update.
https://www.goodsync.com/
Hiren’s BootCD PE 1.0.4 adds several new utilities, updates libraries and applications, adds hundreds of new drives, and resolves several bugs. This is a security update.
Homedale 2.10 adds support for MU-MIMO detection. This is not a security update.
https://www.the-sz.com/products/homedale/
HWiNFO 7.72 doesn’t provide a detailed changelog so should be treated as a security update.
Inkchip WIC 1.17 doesn’t provide a changelog so should be treated as a security update.
https://inkchip.net/wic/
Kingston SSD Manager 1.5.3.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager
MS Printer Metadata Troubleshooter 1.0.0.1 is a security update.
https://support.microsoft.com/en-us/topic/kb5034510-microsoft-printer-metadata-troubleshooter-tool-december-2023-b3197f24-fd25-430d-96d2-70f2044ce6a1
OSForensics 11.0.1004 improves compatibility and resolves dozens of bugs. This is not a security update.
https://www.osforensics.com/download.html
osquery 5.11.0 updates libraries, adds support for new tables, and resolves several bugs. This is a security update.
https://osquery.io/downloads
PowerToys 0.78.0 updates libraries and resolves several bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest
Rufus 4.4 updates libraries and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/
ScreenConnect 23.9.7.8804 is a security update.
https://www.connectwise.com/software/control/download
SearchMyFiles 3.24 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html
Sysmon 15.12 resolves several stability and reliability bugs. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
Ventoy 1.0.97 adds support for FreeBSD 14.0 and resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html
WhyNotWin11 2.6.0.0 improves detection and resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11
WizTree 4.18 improves scan performance and filter behavior, improves Copy/Cut/Delete, progress bar and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/
ZoomIt 8.01 adds DemoType (autotyping) support and fixes a crash. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit
These are unlikely to be of interest to most people.
Android Studio 2023.1.1.28 resolves several bugs. This is not a security update.
https://developer.android.com/studio
GitHub Desktop 3.3.8 resolves more than a dozen bugs. This is not a security update.
https://desktop.github.com/
Microsoft Visual C++ 2022 Redistributable 14.38.33135.0 doesn’t provide a changelog so should be treated as a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist
MySQL ConnectorNet 8.3.0 is a security update.
https://dev.mysql.com/downloads/connector/net/
MySQL Server 8.0.36 is a security update.
https://dev.mysql.com/downloads/installer/
Node.js 21.6.1 updates libraries and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/
Node.js 20.11.0 is a security update.
https://nodejs.org/en/
Python 3.12.2 is a security update.
https://www.python.org/downloads/windows/
SQLite 3.45.1 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html
Visual Studio Code 1.86.1 resolves dozens of bugs. This is not a security update.
https://code.visualstudio.com/
WinMerge 2.16.38 improves BOM detection and resolves several bugs. This is not a security update.
https://winmerge.org/
These are unlikely to be of interest to most people.
PPSSPP 1.17.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.ppsspp.org/download/
VirtualBox 7.0.14 resolves more than a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads
These are likely to be of interest only to web developers.
Coppermine Gallery 1.6.26 improves compatibility. This is not a security update.
https://coppermine-gallery.net/
Grocy 4.1.0 updates library and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy
HumHub 1.15.3 resolves several bugs. This is not a security update.
Invision Community 4.7.15 resolves over 50 bugs. This is a security update.
https://invisioncommunity.com/
MailEnable 10.48 resolves more than a dozen bugs. This is not a security update.
https://www.mailenable.com/
ownCloud Client 5.2.1.13040 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/
Piwigo 14.2.0 resolves several bugs. This is not a security update.
https://piwigo.org/
WordPress 6.4.3 is a security update.
https://wordpress.org/
Akismet 5.3.1 resolves several bugs and improves reliability. This is not a security update.
https://wordpress.org/extend/plugins/akismet/
BuddyPress 12.2.0 is a minor security update.
https://wordpress.org/extend/plugins/buddypress/
Contact Form 7 5.8.7 improves compatibility and resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/
Duplicator 1.5.8.1 resolves a couple bugs. This is not a security update.
Email Log 2.4.9 adds controls to limit actions. This is a security update.
https://wordpress.org/extend/plugins/email-log/
Redirection 5.4.2 removes Geo IP and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/
Social Post Feed 4.2.2 is a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/
Sucuri Security 1.8.41 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/
WooCommerce 8.5.2 resolves a dozen bugs. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/
WordPress Importer 0.8.2 updates documentation and improves workflow. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/
WP Cerber Security 9.6.2 updates design, adds event insights, and resolves a couple bugs. This is not a security update.
https://wpcerber.com/
WP Mail SMTP 3.11.1 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/
WPBakery 7.4 adds built-in SEO toolkit and improves social media controls. This is not a security update.
https://wpbakery.com/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/
Happy New Year, Folks!
Today is Patch Tuesday for January, 2024.
There were over 200 major hacks, but only about 130 application updates this month. It’s a very light month, with about 1.3 GB of updates for most users.
360 Physical Therapy, LLC, 3CX, 70% of Iran’s gas stations, Academy Mortgage Corporation, AccessDx Laboratory, LLC, AccessOne Medcard, Inc., AI Engine plugin for WordPress, Air Albania, Albanian Parliament, Albanian telecom, Americold, Amerigroup Iowa, Inc, Amwins Group, Inc., Apache OFBiz, Apache RocketMQ, Apache Struts, Asper Biogene, Ateam, Austal USA, Barracuda ESG, Battelle Energy Alliance, LLC, Beirut Airport, BELLIN HEALTH, Bezeq, BlueCross BlueShield of Tennessee, Inc., Booking.com, Box.com, Brown & Streza LLP, Buckley King LPA, Bunker Hill Community College, California Northstate University, Capital Health, Cardiothoracic and Vascular Surgeons, P.A., CareTree, Inc., Cellcom, CertiK on X, Chilean Government, City of Hope, Clay County Social Services, Co-Founder of Nest Wallet, Coin Cloud, Comcast Cable Communications LLC, Comcast/Xfinity, ConsensioHealth, LLC, Cooper Aerobics Enterprises, Inc., Corewell Health, County of Los Angeles Department of Mental Health, Court Services Victoria, Australia, D.C. Board of Elections, defense contractors, Delta Dental of California, Downfall, Drug Emporium, Eagers Automotive, EasyPark, EMSI, Enstar (US) Inc, Erie Family Health Centers, ESO Solutions, ESSEMTEC, Estes Express Lines, Eye Physicians of Central Florida, PLLC, Eyefinity, Inc., Fallon Ambulance Services, Federal Tax Service of Russia, Fidelity National Financial, Fincantieri Marine Group, LLC, First American Financial Corporation, First Choice Dental, Flagstar Bank, N.A., Florida Water Products, Fred Hutchinson Cancer Center, French company, Fresno Regional Workforce Development Board, Fresno Surgical Hospital, Gallery Systems, German H-Hotels, Glendale Community College, Greater Cincinnati Behavioral Health Services, GTKWave, Healix Infusion Therapy, LLC, Health Diagnostic Management, LLC, Health Net Community Solutions, HealthEC LLP, Heart of Texas Behavioral Health Network, Housing Authority of the County of San Bernardino, HTC Global Service, Humana Inc, Hyundai on X, Idaho National Labs, Independent Vision Group, LTD, Insomniac Games, Insurance ACE/Humana Inc., Integris Health, Italian military gear shop, Ivanti Avalanche, Ivanti Endpoint Management, Jell-O, JetBrains TeamCity, Judiciary of Córdoba in Argentina, Katholische Hospitalvereinigung Ostwestfalen, Keenan & Associates, Kimco Staffing Services Inc., Knox Ricksen LLP, Kraft Heinz, Kyivstar, Ledger dApp, LegendasTV, LoanCare, loanDepot, Lone Peak Physical Therapy, Inc., Los Altos Food Products, LLC, Los Angeles County Department of Mental Health, ManageEngine OpManager, Mandiant, Maxco Supply, Inc., Maytronics, Mellow Massage Hollywood, Memorial University of Newfoundland, Merced City School District, Meridian Behavioral Healthcare, Inc., Merrick Bank, Mexican banks, Microsoft Xamarin, Mint Mobile, Molina Healthcare of Ohio, Inc., MongoDB, Mountain Dermatology Specialists, PC, Movistar, Mr. Cooper, Musick, Peeler & Garrett LLP, National Amusements, National Student Clearinghouse, Nationstar Mortgage LLC, Navvis & Company, LLC, Netgear on X, Network180, North Face, North Kansas City Hospital, Norton Healthcare, NYC Health + Hospitals, Ohio Lottery, Orange Spain, Orbit Chain, Orcutt Union School District, Orrick, Herrington & Sutcliffe, Oscar Mayer, Panasonic Avionics Corporation, Pandol Brothers, Inc., Perforce Helix Core Server, pfSense, Philippine credit services provider, Primary Health & Wellness Center, LLC, ProSmile Holdings, LLC, QNAP VioStor NVR, Recology Inc., Regional Family Medicine, Retina Group of Washington, PLLC, Riverside County Office Of Education, Riverside Unified School District, Rockstar Games (GTA5 + GTA6), Rush System for Health, Russian sushi restaurant, Senior Scripts, Shufersal, Sony, Southeastern Orthopaedic Specialists, PA, Supreme, Swedish fintech company, Talus Pay, TaxPlus, The Foleck Center, LTD, The Jacmar Companies, LLC, The Middlefield Banking Company, Thunder Terminal, Tigo Business, Timberland, Tipalti, Toronto Zoo, Toyota Financial Services, Transformative Healthcare, TRISTAR Insurance Group, TTM Technologies, Ubiquiti, Ubisoft, Ukrainian security cameras, University of Buenos Aires, Vans, Velveeta, VF Corp, Vi Living, Vietnamese fashion store, Viking Therapeutics, Wabtec Corporation, Wealth Network, Welltok, Inc. (and many more), WICR Waterproofing and Construction Inc., WordPress Backup Migration plugin, Xerox Business Solutions, Yakult Australia, Yorkshire Wellness Group, Corp., and ZOLL Medical Corporation have reported hacking or compromised this month.
Box.com, Kyivstar, loanDepot, and First American have suffered from outages this month.
Last months updates broke Avira Antivirus, NPS (Radius) servers, various Tesla functions, Windows Explorer & task bar, and Windows Wi-Fi.
Microsoft can’t convince Microsoft to use Microsoft services.
Central authentication services like OAuth and SSO still cause all sorts of problems. And ads are still very very bad for you.
23andMe is blaming their users for exposing the data of almost 7 million users.
LastPass now requires slightly less horrible passwords. (They’re still not good.)
You should assume that software setting-based security will always fail you. Hardware switches are the only reliable method.
The FTC has ordered X-Mode to stop selling and preserving cell phone location data, a surprising win for privacy. If this is obeyed, only government agencies, hardware vendors, and operating system vendors will be able to trade in your location information.
Now back to our regularly scheduled program.
Patch Tuesday is pretty small this month. The typical computer should see roughly 1.3 GB in updates today. Let’s get started.
Microsoft released updates to address 62 vulnerabilities in .NET, .NET Core, .NET Framework, Azure Storage Mover, Microsoft Bluetooth Driver, Microsoft Devices, Microsoft Edge, Microsoft Identity Services, Microsoft Office SharePoint, Microsoft Office, Microsoft Virtual Hard Drive, Remote Desktop Client, Servicing Stack Updates, SQL Server, SQLite, Unified Extensible Firmware Interface (UEFI), Visual Studio, Windows Active Directory, Windows AllJoyn API, Windows Authentication Methods, Windows BitLocker, Windows Cloud Files Mini Filter Driver, Windows Collaborative Translation Framework, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Group Policy, Windows Hyper-V, Windows Kernel, Windows Kernel-Mode Drivers, Windows Libarchive, Windows Local Security Authority Subsystem Service (LSASS), Windows Message Queuing, Windows Nearby Sharing, Windows ODBC Driver, Windows Online Certificate Status Protocol (OCSP) SnapIn, Windows Scripting, Windows Server Key Distribution Service, Windows Subsystem for Linux, Windows TCP/IP, Windows Themes, Windows Win32 Kernel Subsystem, Windows Win32K, and MSRT (~1 GB). This includes security updates. A reboot is required.
Apple released updates for iOS 16.7.4, iOS 17.2.1, iPadOS 16.7.4, Safari 17.2.1, and macOS Sonoma 14.2.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.
iOS 16.7.4 and 17.2.1 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 16.7.4 is a security update. Use Settings, General, Software Update to install the most current update.
Google Chrome OS 119.0.6045.214 and 120.0.6099.203 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Zorin OS 17.0 is a major update, with added hardware and software compatibility, improved design and reduced hardware requirements.
https://zorin.com/os/mirrors/
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
DS4Windows 3.3.3 resolves several bugs. This is the final version so you should consider removing it instead of updating.
https://github.com/Ryochan7/DS4Windows/releases/latest
Epson ET-5880 3.04.00 doesn’t provide a changelog so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-5880/s/SPT_C11CJ28201
One or more of these are likely to be of interest to everyone.
Brave 1.61.114 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/
Firefox 121.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 115.6.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/
Google Chrome 120.0.6099.200 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/
Microsoft Edge 120.0.2210.121 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download
Vivaldi 6.5.3206.50 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
Mailspring 1.13.3 resolves a couple bugs and adds a new security filter for HTML rendering. This is a security update.
https://getmailspring.com/
OutlookAttachView 3.51 improves warnings. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html
Spark 3.12.0.63910 adds Shared Drafts and Email Labels. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.12.0.63909 adds Shared Drafts and Email Labels. This is not a security update.
https://sparkmailapp.com/
Thunderbird 115.6.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
Dropbox 189.4.8427 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/
Facebook Messenger 202.0.0.15.225 is a security update.
https://www.messenger.com/download
FileZilla Client 3.66.4 is a security update.
https://filezilla-project.org/
FreeFileSync 13.3 resolves several compatibility issues. This is not a security update.
https://www.freefilesync.org/download.php
jq 1.7.1 is a security update.
https://jqlang.github.io/jq/
Nextcloud Server 28.0.1 is a security update.
https://nextcloud.com/
Pocketnet-GUI 0.8.76 adds support for new video servers and a Christmas theme. This is not a security update.
https://pocketnet.app/
PuTTY 0.80 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
Rclone 1.65.1 is a security update.
https://rclone.org/
Signal 6.43.2 resolves several bugs. This is not a security update.
https://signal.org/download/
Signal (Android) 6.42.3 updates buttons. This is not a security update.
https://signal.org/android/apk/
Syncthing 1.27.2 is a security update.
https://syncthing.net/
Telegram (Android) 10.5.0 doesn’t provide a change log so should be treated as a security update.
https://telegram.org/apps
Telegram 4.14.4 resolves several bugs. This is not a security update.
https://telegram.org/
Trillian 6.5.0.34 resolves several bugs. This is not a security update.
https://www.trillian.im/
Zoom 5.17.2 is a security update.
https://zoom.us/
These are unlikely to be of interest to most people.
3tene 4.0.0 adds several new tracking features. This is not a security update.
https://en.3tene.com/
darktable 4.6.0 improves performance and resolves dozens of bugs. This is not a security update.
https://www.darktable.org/
Grayjay 227 improves stability and resolves dozens of bugs. This is not a security update.
https://grayjay.app/index.html
iTunes 12.13.1.3 is a security update.
https://www.apple.com/itunes/download/
Plex Desktop 1.84.1.4069 doesn’t provide a change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Home Theater 1.53.0.4063 doesn’t provide a change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app
TuneIn 1.28.0 doesn’t provide a change log so should be treated as a security update.
https://tunein.com/radio/home/
These are unlikely to be of interest to most people.
GameMaker Studio 2023.11.1.129 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker
GDevelop 5.3.186 improves performance and resolves several bugs. This is not a security update.
https://gdevelop.io/download
Minecraft Server (Bedrock) 1.20.51.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
PS5 2024.104 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
Steam 2023-12-11 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
SteamOS SteamDeck Update 2024-01-03 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/
One or more of these are likely to be of interest to most people.
Adobe Experience Manager Forms 6.5.13.0+ and 6.5.19.1 are security updates.
https://helpx.adobe.com/security/products/aem-forms/apsb23-77.html
Adobe Reader DC Patch 23.008.20458 is a security update.
https://get.adobe.com/reader
Adobe Substance 3D Stager 2.1.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-06.html
Calibre 7.3.0 adds a tag browser, OpenType improvements, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/
GnuCash 5.5 resolves over two dozen bugs. This is not a security update.
https://www.gnucash.org/
ImageMagick 7.1.1-26 resolves dozens of bugs. This is not a security update.
https://imagemagick.org/
Kindle for PC 2.3.70673 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc
Manager 24.1.9.1264 adds the ability to use codes and reference numbers in batch operations. This is not a security update.
https://www.manager.io/
Notepad++ 8.6.1 updates libraries, adds a couple features, and resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/
OpenOffice 4.1.15 is a security update.
http://www.openoffice.org/download/
PDF-XChange Editor 10.2.0.384 improves control for compression, comments and margins, and adds support to search within comments and open email messages in the editor. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
QuickBooks Pro 2022 20231120-R13_53 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products
QuickBooks Pro 2023 20231107-R9_116 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products
One or more of these is likely to be of interest to most people.
ProtonVPN (macOS) 4.1.1 improves stability. This is not a security update.
https://protonvpn.com/download
QubesOS 4.2.0 updates libraries, updates default behaviors, and resolves several bugs. This is a security update.
https://www.qubes-os.org/downloads/
Stinger 12.2.0.709 updates detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
Tails 5.21 updates libraries and resolves several bugs. This is a security update.
https://tails.boum.org/install/dvd/index.en.html
uBlock Origin 1.55.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
Velociraptor 0.7.1 updates notebooks, improves plugins, and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest
These are unlikely to be of interest to most people.
ScreenToGif 2.40.1 resolves a couple minor bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest
SnagIt 24.0.4 resolves a couple crash bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html
These are unlikely to be of interest to most people.
DVDFab 13.0.0.9 resolves several bugs and improves compatibility. This is not a security update.
https://www.dvdfab.cn/download.htm
HandBrake 1.7.2 resolves several bugs. This is not a security update.
https://handbrake.fr/
PDF Creator 5.2.0 adds Outlook Web Access support and resolves several bugs. This is a security update.
https://www.pdfforge.org/pdfcreator
StreamFab 6.1.5.8 resolves dozens of bugs and improves reliability. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm
UniFab 2.0.0.7 improves performance and stability. This is not a security update.
https://www.dvdfab.cn/unifab.htm
These are unlikely to be of interest to most people.
1Password 8.10.23 resolves a bug. This is not a security update.
https://1password.com/downloads/
AOMEI Partition Assistant 10.2.2 resolves a couple bugs. This is not a security update.
https://www.diskpart.com/
Bitwarden 2023.12.1 improves auto-fill. This is not a security update.
https://bitwarden.com/
CCleaner 6.19.10858 resolves several stability bugs. This is not a security update.
https://www.ccleaner.com/
CurrPorts 2.77 improves IPv6 compatibility. This is not a security update.
https://www.nirsoft.net/utils/cports.html
DesktopOK 11.15 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.0.189.0 resolves several bugs. This is not a security update.
https://dngrep.github.io/
email-oauth2-proxy 2023-12-19 is a security update.
https://github.com/simonrob/email-oauth2-proxy
ExplorerPatcher 22621.2861.62.2 resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/
Fido 1.54 adds support for Windows 11 23H2v2. This is not a security update.
https://github.com/pbatard/Fido/releases
Fing 3.6.0 resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows
GoodSync and GoodSync2Go 12.5.3 improves compatibility, stability and security. This is not a security update.
https://www.goodsync.com/
Homedale 2.09 adds MAC grouping and improves oui.txt support. This is not a security update.
https://www.the-sz.com/products/homedale/
HWiNFO 7.68 doesn’t provide a detailed change log so should be treated as a security update.
https://www.hwinfo.com/download/
Kingston SSD Manager 1.5.3.4 doesn’t provide a detailed change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager
Memtest86+ 7.00 adds support for new hardware, improves debugging and resolves several bugs. This is not a security update.
https://www.memtest.org/
NTLite 2023.12.9552 improves controls and resolves a couple bugs. This is not a security update.
https://www.ntlite.com/download/
PowerToys 0.77.0 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
ripgrep 14.1.0 resolves several bugs. This is not a security update.
https://github.com/BurntSushi/ripgrep/releases/latest
TcpLogView 1.41 adds support for setting CaptureInterval in cfg file. This is not a security update.
https://www.nirsoft.net/utils/tcp_log_view.html
WifiInfoView 2.92 adds an option to start as hidden. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html
WinGet 1.6.3482 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest
These are unlikely to be of interest to most people.
.NET Runtime 8.0.1 is a security update. Expect well-maintained applications that package .NET Runtime with them to release new versions in the near future.
https://dotnet.microsoft.com/en-us/download/dotnet
Android Studio 2023.1.1.27 resolves a couple bugs. This is not a security update.
https://developer.android.com/studio
AutoHotkey 2.0.11 resovles several bugs. This is not a security update.
https://www.autohotkey.com/download/
Node.js 21.5.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/
TortoiseSVN 1.14.6 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html
Visual Studio Code 1.85.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/
These are likely to be of interest only to web developers.
HumHub 1.15.2 resolves over a dozen bugs. This is not a security update.
https://www.humhub.com/en
Joomla 5.0.2 and 4.4.2 resolve several bugs. This is not a security update.
https://www.joomla.org/
Piwigo 14.1.0 improves compatibility and resolves several bugs. This is not a security update.
https://piwigo.org/
Contact Form 7 5.8.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/
My Sticky Bar 2.6.7 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/
Redirection 5.4.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/
Social Post Feed 4.2.1 improves reliability. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/
Sucuri Security 1.8.40 improves cleanup. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/
WooCommerce 8.4.0 resolves dozens of bugs and provides almost 100 improvements. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/
WP Cerber Security 9.6.1 fixes a 2FA bug and a crash bug. This is not a security update.
https://wpcerber.com/
WP Mail SMTP 3.11.0 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/