Updates 2025-06-10

Welcome back, Folks!

Today is Patch Tuesday for June, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer.

There were 418+ major hacks, and over 260 application updates this month. It’s a mild month, with only about 2 GB of updates for most users.

This Month in Technology

2BrightSparks SyncBackFree, 3P Corporation, A+ Machining, Abu Dhabi Department of Culture and Tourism, Access2Day Health, Action1, Adidas, Adobe Dreamweaver, Al Tadawi Specialty Hospital, Alera Group, Inc, Alliance Healthcare IT, ALN Medical Management, Amazon Spain, American Hospital in Dubai, American National Bank & Trust, AMI Group, Anne Arundel County Department of Health, AntFarm, Anyproxy, over 1 million consumer AOSP devices, Apache InLong, Apache Tomcat, Apple iMessage, Apple macOS, Apple XNU, Apple’s Safari web browser, Apro, Arla Foods, Arrowhead Evaluation Services, Ascension Health, over 9,000 ASUS routers, AT&T, Austin Small Business Group Health Insurance, Australian Human Rights Commission, Australian Taxation Office, Auto-ici, Autodesk Revit, AVCheck, AXT, Inc, Bailey’s, Balance Autism, Bank Street College of Education, Better Business Bureau Serving the Pacific Southwest, Central & Inland California (BBB), BidenCash, BitoPro, Blaine, MN, Brackett & Ellis, Bradford Health Services, British Horseracing Authority, Broadcom, Bronx Pro Group, Bumfords, Business Systems House, Cahaba Center for Mental Health, Canadian Rocky Mountain Resorts, Canon imageCLASS MF656Cdw, Cape Robbin, Capital Trade, CareNexa, LLC, Carpenter, McCadden & Lane, Carrera Chevrolet, Cartier, Catdoc, Cator Ruma & Associates, Cellcom, Central Maine Healthcare, Central Point School District 6, OR, Cetus Protocol, Channel Islands YMCA, Choice AG, Chroma, Cisco Customer Collaboration Platform (CCP), Cisco Identity Services Engine ISE),Cisco IOS XE, City of Belvedere, City of San Clemente, City of Sheboygan, CNHI LLC, Cobb County, GA, Coca-Cola, Cocospy, Cody Law Firm, Coinbase, Inc, ColoCrossing, Colombia National ID, Community Choice Credit Union, Community Counseling of Bristol County, Community Hospital of Anaconda, Compassion Health Care, Inc, Connections for Kids, ConnectWise, ConnectWise ScreenConnect, CookUnity, Cooper Health System, Covenant Health, Covenant Surgical Partners, Inc, Crystal Hotels, Cumberland County Hospital, Cyprus Airways, Czech Republic Ministry of Foreign Affairs, DanaBot, Dassault Systèmes eDrawings Viewer, Dior, Disk Union, Docker Desktop, Doctors Hospital at Renaissance, LTD, DSI Tech, EB Archbald & Associates, Effortel, Eight8Ate Holdings, Eindhoven University of Technology, El Dorado Irrigation District, Elit Avia, Epworth Healthcare, EsSalud, Etsy, Everest Bank, Excelsior Springs School District, eXch, Executive Jet Support, Facebook, Family Health Services, Inc, Family Health Specialists, Flagship Bank, FLOE International, Florida Lung, Force Bridge, Fortinet FortiWeb, FORTÉ, Frederick’s Machine & Tool Shop, Free (ISP), French Government, French Ministry of Education, Fujipoly, FWD Vietnam, Fédération Francaise de Rugby, Gargle, Gateway Community Services, Gearhiser Peters Elliott & Cannon, Ghana Insurance Database, GIMP, GitLab Duo, Gloucester County, CA, Google, Google Chrome, GovDelivery, Government of Spain, Greater Seattle Concrete, Hacendado, Haowang Guarantee, Harbin Clinic, Hartwig Mechanical, HealthEquity, Inc (twice), High Grade Materials, High-Logic FontCreator, HMRC, Homestead Gardens, HopeWay Foundation, Horde, Horizon Blue Cross Blue Shield NJ, Hostinger, HP Enterprise Insight Remote Support, HP Enterprise StoreOnce, Hudson River Housing, Humboldt County Office of Education, Humboldt Independent Practice Association, Hunter Health Clinic, iCloud, In’Tech Industries, Indian Navy, Indigo Group SA, Indonesian Nuclear Energy Regulator BAPETEN, Indonesian Polytechnic Politeknik Tonggak Equator, Ingonyama Trust Board, Inns of Aurora, Instituto de Ojos de Puerto Rico, Insulet Corporation, Interactive Brokers LLC, Iowa County, IA, ITinSell, Ivanti Endpoint Manager Mobile, Ivanti Workspace Control, Jackson Health System, JDC Air & Sea Freight, JetBrains TeamCity, Jordan Kuwait Bank, JPMorgan Chase, Kalamazoo Public Schools District, Kansas City Aviation Center, Katie Jo Sider, Kelly & Associates Insurance Group, KENAI DRILLING LIMITED, Kenneth Wong, CPA, Kettering Health, KiranaPro, Kittery Police Department, Kronick Moskovitz Tiedemann & Girard, Lafayette Federal Credit Union, Landmark Properties, Lasercam, Lee Enterprises, Legal Practice Board of Western Australia, LexisNexis Risk Solutions, Liberty Tax, Lila, Linux Kernel, Logan University, Lower Merion School District, Lumma, MailEnable Webmail, MainStreet Bancshares, Making Tech Happen, Mantis Creative, Marlboro-Chesterfield Pathology, Marriott International, Maruichi Leavitt Pipe & Tube, Masimo, Mastery Schools, MathWorks/MATLAB, McKenzie Commercial Contractors, MDaemon, Mediclinic Group, Mercer Capital, Mercy Surgical Dressing Group, Inc, Microsoft OneDrive, Microsoft PC Manager, Microsoft SharePoint, Microsoft Windows Installer Service, Missouri Conservation Department, Morgan County 911 service, Mozilla Firefox, Mozilla Firefox Accounts API, Myer Auto, Naper Grove Vision Care, NASA, Nationwide Recovery Service, Naukri, Nepal Police, Next Step Healthcare, NHPP Physical Medicine and Rehabilitation, Nokota Packers, North Shore University Hospital Sleep Disorders Center, North Sulawesi Provincial Government, Northwest Territories Health and Social Services Authority, Northwestern Community Services Board, Nottingham Construction, Nova Scotia Power, Nucor Corporation Steel, Nunez Dental, NVIDIA cuobjdump, NVIDIA Triton, Odoo, Olympus Aero, Operation Endgame 2.0, Opexus, Optima Tax Relief, Oracle VirtualBox, Origin PC, OurBus, Output Messenger Server Manager, OxBykes, Oxford Life Insurance Company, Pacific Summit Energy, Parallels Desktop, Passion.io, Payne County, OK, Payne County Sheriff’s Office, PDI Health, Pearson, Petroquim Chile, Pierce County Library, Planet IT, PPM Industries, Precision Tax Relief, Prenovost, Normandin, Dawe & Rocha, APC, PrepHero, Procolored, Promises2Kids, QuadMiners, Qualcomm Adreno GPU driver, Quick Frames USA, Radiology Chartered, Rajkot Municipal Corporation, RE/MAX, Rechler Equity Partners, Red Hat Enterprise Linux, Redis, Regents Capital, Renkim Corporation, RIBridges, RISE Racing, Riverdell Construction, Rivers Academy West London, Rockwell Automation PowerMonitor 1000, Rockwell Automation ThinManager ThinServer, Rommel Harley-Davidson, Roundcube webmail, Royal Chemical, Royal Moroccan Football Federation, S5 Agency World, Safalata, Samlify, Samsung MagicINFO, San Jose Country Club, Sandhills Medical Foundation, Sante DICOM Viewer, SAP NetWeaver, Schneider Electric Home Devices, Semple & Cooper, Sensata Technologies, Sequoia Capital, Serviceaide, SF Humane Society, Shopify, Shore Medical Center, Siena Hotel, Smartfren, Solar City Tyre Service, SolarWinds DameWare, Sonos Era 300, South African Airways, South Atlantic Federal Credit Union, South Bay Credit Union, Southeast Series of Lockton Companies, Spain’s DGT & CNMC, Sports Physical Therapy, Occupational Therapy and Rehabilitation Services of the North Shore, Sri Lanka’s Pensions Department, State of Indiana, STC Kuwait, Steam supply chain, Straits Construction, Sturdevant’s Auto Parts, SunMoon University, Swedish Edmonds Hospital, Sylvania, Syrian Army, Tata Consultancy Services, TBK DVR-4104 and DVR-4216, TD Bank, Texas Department of Transportation, Texas Digestive Specialists, Texas Health and Human Services Commission, The Epoch Times, The Green Flame Gas Co, The Habesha, The Haymond Law Firm, The Holiday Adult Care Community & Retirement Homes, The Salvation Army, The Smith Institute for Urology, The Vascular Experts, Ticketmaster, Tien Tuan Pharmaceutical Machinery, Tiffany & Co, TOP Ships Inc, Town of North Providence Rhode Island, Tradgo, Trend Micro Apex Central, Tri-City Cardiology Consultants, Trimble Cityworks, Triumph Construction, Tupolev, US Dermatology Partners, UAE Government, UChicago Medicine Medical Group, UK Legal Aid Agency (LAA), Ukrainian critical infrastructure, UNFI, Unigaz, Union County Children and Youth Services, Union Health System, Universidad Técnica del Norte Ecuador, Universitas Udayana Bali, University College London Hospitals, University Hospital Southampton, University of Chile, Uruguay’s National Vehicle System SUCIVE, US Center for Disease Control (CDC), the US telecom systems hack (Salt Typhoon) goes back a year earlier han they claimed, USA Credit Control, Valentin Hotels, Valiant Energy Solutions, Vanta, vBulletin, Vernon Milling, Versa Concerto, Victoria’s Secret, Virgin Islands Lottery, Virgin Media, VMware ESXi, Volkswagen Group, VS One Technology, Wadma Network, Wazuh Servers, Weis Markets, Weiser Memorial Hospital, West Lothian Council, Western Insurance Marketing Corporation, Williams Patent Crusher & Pulverizer, Windows 11, WiredBucks, WOLFBOX Level 2 EV Charger, WordPress Crawlomatic plugin, WordPress Motors theme, WordPress PayU CommercePro plugin, WordPress RomethemeKit for Elementor, WordPress Wishlist plugin, Worldline Yomani XR credit card readers, Xenoblade Chronicles X, YES24, York County, PA, Yuantong Express, Zhihu, Zimbra, Zlgoon, and Zoho ManageEngine Exchange Reporter have reported hacking or compromises this month. An interesting article published recently shows you how long it takes for companies to report that they’ve been compromised if they find out.

Cellcom, ChatGPT, Heroku, Kettering Health, MathWorks/MATLAB, Microsoft 365, NZ Internet (read that, it’s hilarious), Reddit, and SentinelOne have suffered from outages this month.

Last months updates broke Bitlocker on Windows 10, boot on Windows 11, Google Workspace Sync for Outlook, and Hyper-V VM.

Microsoft is killing off their Authenticator app shortly. Export your data and switch to another auth app.

Meta (Facebook) is requiring users to opt out of AI a second time, and will only respect it in certain areas.

In the UK, Apple is going to lose more than a billion dollars in revenue due to a comma. In the US, Epic Games has filed a motion alleging Apple violated the court’s injunction by blocking Fortnite’s App Store submission.

Google has released their block of Nextcloud after worldwide uproar.

President Trump has enlisted Palantir Technologies to build a massive, cross-agency database tracking every American citizen. … Let that sink in. A private company—deciding whose politics are too dangerous to exist?”

CIA-created Palantir is now publicly threatening reporters after being given a $795 million contract to track and report on every American to the government. I don’t understand why we should be paying for this. Hackers compile this data for free!

No, the DMV did not text you. It’s a scam. It’s always a scam.

To literally nobodies surprise, the Pakistani government is disabling IDs and devices of people within protest areas using geofencing methods. Do you still want digital ID?

Now for the good news:

FFmpeg has added a WHIP Muxer for sub-second streaming latency.

The Swiss authoritarian bill that would have all but eliminated the last refuge for privacy has failed.

The Linux Foundation is launching an independent WordPress package manager.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is mild this month. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released 41 updates to address 69 vulnerabilities in .NET and Visual Studio, App Control for Business (WDAC), Microsoft AutoUpdate (MAU), Microsoft Edge, Microsoft Local Security Authority Server (lsasrv), Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office PowerPoint, Microsoft Office SharePoint, Microsoft Office Word, Nuance Digital Engagement Platform, Power Automate, Remote Desktop Client, Visual Studio, WebDAV, Windows Common Log File System Driver, Windows Cryptographic Services, Windows DHCP Server, Windows DWM Core Library, Windows Hello, Windows Installer, Windows KDC Proxy Service (KPSSVC), Windows Kernel, Windows Local Security Authority (LSA), Windows Local Security Authority Subsystem Service (LSASS), Windows Media, Windows Netlogon, Windows Recovery Driver, Windows Remote Access Connection Manager, Windows Remote Desktop Services, Windows Routing and Remote Access Service (RRAS), Windows SDK, Windows Secure Boot, Windows Security App, Windows Shell, Windows SMB, Windows Standards-Based Storage Management Service, Windows Storage Management Provider, Windows Storage Port Driver, Windows Win32K – GRFX, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iPadOS 17.7.8. This includes security updates. Use Apple Software Update to install the most current versions.

iPadOS 17.7.8 is a security updates. Use Settings, General, Software Update to install the most current update.

Google ChromeOS 136.0.7103.158 and ChromeOS LTS 132.0.6834.225 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 25.6.1 adds support for new hardware, improves Vulkan support, improves compatibility and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.1.1.4 improves hardware support and translations. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

UniFi Network Server 9.2.87 adds WAN SLA, improved DHCP management, a dozen resolved bugs and many interface and configuration improvements. This is not a security update.
https://www.ui.com/download/releases/network-server

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.79.119 is a security update.
https://brave.com/

Firefox 139.0.4 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 137.0.7151.68
https://www.google.com/chrome/

SeaMonkey 2.53.21 is a security update.
https://www.seamonkey-project.org/

Vivaldi 7.4.3684.46 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.23.1.108665 adds Outlook Calendar import support and improves stability. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.23.1.108664 adds Outlook Calendar import support and improves stability. This is not a security update.
https://sparkmailapp.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.5.5 resolves over a dozen bugs. This should be treated as a security update.
https://anydesk.com/en/downloads

curl 8.14.1 resolves dozens of bugs. This should be treated as a security update.
https://curl.haxx.se/windows/

Discord June 3, 2025 updates libraries and resolves dozens of bugs. This is not a security update.
https://discord.com/download

Dropbox 225.4.4896 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Google Drive 109.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

jq 1.8.0 is a security update.
https://jqlang.github.io/jq/

MeshCentral 1.1.45 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.8.00.12555 adds dial-in details to invitations. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 31.0.5 resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

Rclone 1.69.3 is a security update.
https://rclone.org/

Signal 7.56.1 fixes a couple bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.44.2 improves sticker management. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.29.7 resolves several bugs and paves the way for 2.0. This is not a security update.
https://syncthing.net/

Telegram 5.15.3 improves cosmetics. This is not a security update.
https://telegram.org/

Zoom 6.4.13.2309 and 6.4.12.64384 are security updates.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Grayjay 319 improves playback controls, new engines, improves cosmetics and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

KaraFun Player 3.7.5 doesn’t provide a change log so should be treated as a security update.
https://www.karafun.com/karaoke-windows/

Plex Desktop 1.109.0.329 improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.8.9834 resolves several bugs including performance and stability issues. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.84.1 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 20.1.1 improves stability and resolves several bugs. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2025.522 changes some messaging and cosmetics. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.05.20 improves hardware compatibility and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS 3.7.8 is the first stable release for non-Valve hardware. It’s a major update with dozens of fixes and newer hardware support. This is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat DC 25.001.20531 and Adobe Acrobat DC 25.001.20529 (macOS) are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Adobe Acrobat Reader DC 25.001.20531 and 25.001.20529 (macOS) are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Adobe Acrobat 2024 24.001.30254 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Adobe Acrobat 2020 20.005.30774 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Adobe Acrobat Reader 2020 20.005.30774 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Adobe Commerce 2.4.9-alpha1, 2.4.8-p1 for 2.4.8, 2.4.7-p6 for 2.4.7-p5 and earlier, 2.4.6-p11 for 2.4.6-p10 and earlier, 2.4.5-p13 for 2.4.5-p12 and earlier, 2.4.4-p14 for 2.4.4-p13 and earlier are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-50.html

Adobe Commerce B2B 1.5.3-alpha1, 1.5.2-p1 for 1.5.2, 1.4.2-p6 for 1.4.2-p5 and earlier, 1.3.4-p13 for 1.3.4-p12 and earlier, 1.3.3-p14 for 1.3.3-p13 and earlier are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-50.html

Magento Open Source 2.4.9-alpha1, 2.4.8-p1 for 2.4.8, 2.4.7-p6 for 2.4.7-p5 and earlier, 2.4.6-p11 for 2.4.6-p10 and earlier, 2.4.5-p13 for 2.4.5-p12 and earlier are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-50.html

Adobe Commerce and Magento Open Source isolated patch for CVE-2025-47110 is a security update.
https://helpx.adobe.com/security/products/magento/apsb25-50.html

Adobe Experience Manager 2025.5 and 6.5.23 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb25-48.html

Adobe InCopy 19.5.4 and 20.3 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb25-41.html

Adobe InDesign ID19.5.4 and ID20.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-53.html

Adobe Substance 3D Painter 11.0.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb25-58.html

Adobe Substance 3D Sampler 5.0.3 is a security update.
https://helpx.adobe.com/security/products/substance3d-sampler/apsb25-55.html

Audacity 3.7.4 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

GIMP 3.0.4 resolves several bugs. This is not a security update.
https://www.gimp.org/

LibreOffice Fresh 25.2.4 resolves over 50 bugs. This is not a security update. This is beta software so should not be used by most users.
https://www.libreoffice.org/

Manager 25.6.8.2380 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.16.5 resolves several bugs. This is not a security update.
https://nextcloud.com/

Paint.net 5.1.8 resolves several bugs. This is not a security update.
https://www.getpaint.net/

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

Tails 6.16 is a security update.
https://tails.net/install/download/index.en.html

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Runtime 9.0.5 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

FRSTx64 2025.6.6 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Gpg4win 4.4.1 is a security update.
https://www.gpg4win.org/download.html

MalwareBytes Desktop Security 5.3.2.195 resolves several bugs and improves stability. This is not a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 4.1.13 improves stability and updates libraries. This is a security update.
https://github.com/ProtonVPN/win-app/releases/latest

RogueKiller 16.2.2 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.372 updates detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

VT-CLI 1.1.1 resolves a bug. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

WebBrowserPassView 2.16 improves Chrome parsing. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

YARA 4.5.4 resolves several bugs. This should be treated as a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 31.0.3 removes support for older hardware and resolves several bugs. This is not a security update.
https://obsproject.com/

SnagIt 25.2.0 updates libraries, adds support for Camtasia editing, improves step capture, and improves performance. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.4.3 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.2.4.0 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.1.8 improves hardware support, adds subtitle generation and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.80 resolves several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.8.1 improves USB creation and improves stability. This is not a security update.
https://www.diskpart.com/

Beyond Compare 5.1.0.31016 resolves dozens of bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2025.5.1 updates dependencies and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.36.11508 improves reliability. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.6.3 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 11.83 updates language engine. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.5.30.0 updates libraries and resolves several bugs. This is a security update. Note that dnGrep no longer includes the Everything libraries for native Everything support. You can download them and add them manually. 🙁
https://dngrep.github.io/

Everything 1.4.1.1027 is a security update.
https://www.voidtools.com/

Everything CLI 1.1.0.30 adds a new code-signing certificate. This is not a security update.
https://www.voidtools.com/

Everything Portable 1.4.1.1027 is a security update.
https://www.voidtools.com/

Everything Toolbar 1.5.5 improves reliability and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22631.5335.68.2 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fing 3.9.0 integrates Desktop to Workspaces and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 12.9.1 resolves several bugs. This should be treated as a security update.
https://www.goodsync.com/

grepWin 2.1.9 resolves a blank popup. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

HWMonitor 1.58 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

Kingston SSD Manager 1.5.5.5 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 2.7.3 resolves several bugs. This is not a security update.
https://lessmsi.activescott.com/

NTLite 2025.06.10460 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Open-Shell 4.4.196 adds ARM64 support. This is not a security update.
https://github.com/Open-Shell/Open-Shell-Menu

PointerStick 6.77 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.91.1 resolves dozens of bugs and improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.7.5 integrates new authentication platform and automatic update engine. This is not a security update.
https://www.roboform.com/

ScreenConnect 25.4 is not available yet. Soon…maybe? So the drama, dude. ConnectWise announced that they’ll be releasing this new version (still in Canary status only 4 days ago) to address a “security concern” with only two days notice. The ConnectWise code signing certificate is being revoked due to the way their previous client installations were designed (which, in their defense, is how Microsoft encouraged apps to operate a few years ago), and all builds prior to the bleeding edge version are going to be not merely “unsupported,” but likely not installable and clients may be randomly removed by antivirus, security and client management software, leaving the clients inaccessible for support. ConnectWise will not be patching previous versions. ConnectWise isn’t even answering many support questions. Among other things, this means that many server platforms will no longer be supported, custom and even vendor-published extensions that are not compatible with the new bleeding-edge build will simply not work – possibly for months, if ever – and these “incompatible” extensions may not simply be disabled within ScreenConnect itself if they don’t have the right version attribute, but might take down the ScreenConnect server completely until they’re manually removed (which was my own experience when upgrading to 24.x). The installation process for all clients will change. ConnectWise hasn’t published the new process yet and have not updated much of their documentation for over a year. To say users are in limbo is about as accurate a statement as any. In the last week they published then removed 25.4, and have removed the downloads for all current and previous builds, save one (25.3.4) which they say isn’t even going to be supported later today. Sigh.
https://www.screenconnect.com/download

SetUserFTA 2.5.2 improves compatibility with UCPD 4.2.
https://setuserfta.com/

SpaceSniffer 2.0.2.5 resolves a cosmetic bug. This is not a security update.
http://www.uderzo.it/main_products/space_sniffer/

Synergy 3.3.1 is the first really stable build of v3. This resolves several bugs and improves compatibility. This is not a security update.
https://symless.com/synergy/

Sysmon 1.3.7 for Linux improves compatibility. This is not a security update.
https://github.com/microsoft/SysmonForLinux/releases/tag/1.3.7.0

System Informer 3.2.25011.2103 is a redesign and relaunch of ProcessHacker, adding dozens of features and improved analysis and over 5,000 changes. This is a security update.
https://github.com/winsiderss/systeminformer/

WizFile 3.13 resolves a couple bugs. This is not a security update.
https://antibody-software.com/wizfile/

ZoomText 2025.2505.31.400 improves compatibility. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.3.2.15 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.5.231 adds 3D physics-based vehicle behavior, Play and Jolt improvements, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.20 resolves a UNC mapping bug. This is not a security update.
https://desktop.github.com/

GitHub includefragment 6.4.0 updates libraries. This is not a security update.
https://github.github.io/include-fragment-element/

Go 1.24.4 is a security update.
https://go.dev/

Microsoft Visual C++ 2022 Redistributable 14.44.35208.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Node.js 20.19.2 is a security update.
https://nodejs.org/en/

Node.js 22.16.0 updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 23.11.1 is a security update.
https://nodejs.org/en/

Node.js 24.2.0 removes HTTP/2 priority signaling and resolves several bugs.
https://nodejs.org/en/

Python 3.13.4 resolves several bugs. This is a security update.
https://www.python.org/downloads/macos/

SQLite 3.50.1 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Unreal Engine 5.6 improves performance and threading on modern hardware, camera, motion, mapping and other features. This is not a security update.
https://unrealengine.com/en-US/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.10 resolves several bugs and improves compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.21 is a security update.
https://invisioncommunity.com/

Joomla 5.3.1 resolves over a dozen bugs. This is not a security update.
https://www.joomla.org/

phpList 3.6.16 resolves a reliability bug. This is not a security update.
https://www.phplist.org/

Sucuri Security 2.2 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

My Sticky Bar 2.8.2 improves support flow. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Theme My Login 7.1.12 resolves an extension bug. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/

WP Cerber Security 9.6.9 adds RDAP support, improved settings, htaccess lockdown, and resolves several bugs. This is not a security update.
https://wpcerber.com/

WP Plugin Update Checker 5.6 improves compatibility. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2025-02-11

Happy Valentines, Folks!

Today is Patch Tuesday for February, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, that time was about 5 weeks ago. Pickin’s are thin right now. 🙁

There were 275+ major hacks, and over 640 application updates this month. It shouldn’t be that bad though, with about 3.5 GB of updates for most users.

This Month in Technology

1win, 9Lives, Addison Northwest School District, Adobe Photoshop, Adopt Me Trading Values, an airline travel integration service, Allegheny Health Network, Alltours, Alpine iLX-507, Alpine IVI, AMD CPUs, American National Insurance Company, Android, AngelSense, Aoki Holdings, Apex Custom Software, Apple Core Media, Apple CPUs, Apple iPad, Apple iPhone, Apple macOS, Apple WebKit, Aprendamos Intervention Team, Arab Civil Aviation Organization, Arlington Westend Dental, Ascension Health, Asheville Eye Associates, AT&T, Autel MaxiCharger, AuthoraCare Collective, Automotive Grade Linux, Avery Products Corporation, AVTECH cameras, Bank Central Asia, Bankers Cooperative Group, Bayhealth Medical Center, BCP Council, Behavioral Health Resources, Benefits Management Group, Berman & Rabin, PA, Big Cheese Studio, Biomedical Caledonia Medical Laboratory Limited, Bitbucket Server, Blacon High School, Cabrillo College, Cacti, Canon imageCLASS MF656Cdw, Casio UK, Catholic Charities of Southern Nevada, ChargePoint EV charger, ChargePoint HomeFlex, Chicago Department of Public Health, Christian Community Aid, Circle K, Cisco, Cisco Identity Services Engine (ISE), City of Hayward, City of McKinney, City of Tarrant, City of Ulster, Cityworks, ClamAV, ClearML, Cleo, Comhairle nan Eilean Siar, Communicare, Community Health Center, Conduent, CR&R Incorporated, Cracked.io, Craft CMS, Crayfish, Crunchyroll, Daytrip, DeepSeek, Delaware Valley School District, Delta County Memorial Hospital District, Dignity Health Lassen Medical Clinic, Django, DogWifTools, Doxbin, DragonNest, E-Benefit Solution, Econet Wireless, Endo Group, ENGlobal, Ethereum, FC Barcelona, FortiOS and FortiProxy, Fota Wildlife Park, Frame & Optic, Frederick Health, Garden of Life, LLC, GeoTools, GitHub Copilot, Globe Life, Google Chrome, Google Gemini AI, Google’s OAuth, Gravy Analytics, GrubHub, H&M, Hakko Corporation, Han Van Duong, MD, Hanover County Public Schools, Harmonyland, Harrison County Schools, Harvard Pilgrim Health Care, HCF Management, Heart Centre, HeatGames, Hewlett Packard Enterprise (HPE), Hikari Seiko, Holdrege Memorial Homes, Hospital El Cruce, Hospital Sisters Health System, Huawei HG532 routers, Iannuzzi Manetta & Co, IMI plc, InterCon Construction, International AIDS Vaccine Initiative, IntraSystems, IPany VPN, Israel Police Systems, Ivanti Avalanche, Ivanti Endpoint Manager, Jefferson School District, Juniper VPN gateways, Kafene, Inc, Kenwood DMX958XR, Kenwood IVI, Kenya’s Business Registration Service, 12,000+ KerioControl firewalls, KraftCPAs, LandAirSea, Laravel Voyager, LCPtracker, Inc, Le Coq Sportif Columbia, Let’s Secure Insurance Brokers Pvt Ltd, LifeBridge Health, Lightning AI, Logsign Unified SecOps, Lucent Health, Magento, Malaysia’s National Tuberculosis Registry, Marina Family Medical, Matagorda County, MedSave Health Insurance, Microsoft Edge, Microsoft Office Word, Microsoft Outlook, Microsoft Windows Installer Service, 13,000 MikroTik routers, Mintty Sixel, Mission Bank, Mity, Inc, Mizuno USA, Mongoose, Moniepoint, Mortgage Investors Group, MSI, NASAMS, Nash County Public Schools, Netgear WiFi routers, New York Blood Center, NI Vision Builder, NoMachine, NorthBay Health, Nulled.to, OneBlood, OnePoint Patient Care, OpenAI ChatGPT, OpenMRS, Oppo, OrthoMinds, Otelier, OU Medicine, over 660,000 Rsync servers, Oxfam Hong Kong, O’Connor Corporation, Palo Alto firewalls, Parallels Desktop, PDF-XChange Editor, PFS Investments, Phemex, Philippines National Bureau of Investigation, Phoenix Contact CHARX SEC-3150, Planet Technology WGS-804HPT, PoinCampus, Portola Valley School District, PowerSchool Group LLC, Puroland, QNAP NAS, Ramona Unified School District, Rebound Orthopedics & Neurosurgery, Regence BlueShield, Republic of Georgia, Rhode Island Health Information Exchange, River Region Cardiology, RM Group of Education, Rochester City School District, Salinas City Elementary School District, San Francisco-Marin Food Bank, Sanrio Entertainment, Sante PACS Server, Santee School District, SAP NetWeaver, Scholastic, Self Esteem Brands, LLC, Siemens Tecnomatix, SimpleHelp RMM, SkilloVilla, Smiths Group, SonicWall SMA1000, Sony IVI, Sony XAV-AX8500, South African Weather Service, Speedio, Spring River Mental Health & Wellness, Square Medical Group, Stark AeroSpace, Sterling Bank, Subaru’s Starlink service, SuperDraft, the Taliban, TalkTalk, Tata Technologies, TD Bank, TeamViewer, Telefónica, Tesla Wall Connector, Texas Health and Human Services, Texas Tech University Health Sciences Center, The O’farrell Charter School, The Reshaping and Nutritional Company LLC, Thermomix Recipe World Forum, Tokio Marine HCC, Tornillo Independent School District, Trump Hotels, Tycon Medical Systems, Ubiquiti charger, UEFI, UFCW Local 135, University Diagnostic Medical Imaging, University of Notre Dame, Upper Canada District School Board, Valio, Valley News Live, Veeam, VMware Avi Load Balancer, VSCode SSH Agent, W3 Total Cache, Wacom, Wavlink AC3000, Welhof, Westend Dental, Wetaskiwin Regional Public Schools, WhoDB, Willow Pays, WinZip, Wolf Haldenstein, WOLFBOX EV charger, WOLFBOX Level 2 EV Charger, WordPress ASE Plugin, Ya-Moon, Yazoo Valley Electric Power Association, YesWiki, York Region District School Board, Young Consulting LLC, Youthmanual, Yubico pam-u2f, ZAR rehab clinics, Zendesk, Zimbra, Zyxel CPE routers, and Zyxel USG Flex and ATP firewalls, have reported hacking or compromises this month.

Bitbucket, Bohemia Interactive (DayZ and Arma Reforger), Cloudflare’s R2 object storage, Conduent, Garmin GPS watches, GitHub, Lee Enterprises, Microsoft 365, and PlayStation Network have suffered from outages this month.

Last months updates broke Microsoft 365 on Windows Server OS, “New” Outlook, Outlook email composition, Outlook search, USB audio drivers, Windows Activation, and Windows Server 2022.

Microsoft is now force-installing “new” Outlook (“Outlook Fred” for those in the know). Recently, Microsoft has been changing the management methods to prevent installation faster than they release updates to the software or tell their customers of the new policy changes, making it an administrative nightmare. I figure it will be either a class-action lawsuit, a federal (or EU) racketeering case, or an enterprise-wide wake-up to switch to Thunderbird that will finally get Microsoft to (briefly) start respecting their customers that have (oft repeatedly) expressly signalled their desire to opt out of this crap.

Microsoft is saying they’re going to stop supporting installing updates for Office apps on Windows 10 after it reaches end-of-life in October. This is probably BS, since they’ve never prevented installing Office updates on previous operating systems when they reached end-of-life, but you should switch from Windows 10 by then for other reasons anyway.

This doesn’t bode well for Let’s Secure Insurance. Ouch.

A year after announcing that it would be imposing a new UEFI signature and mere months before mandatory enforcement, Microsoft has finally released a script to create media that can boot using the new requirements.

Amazon has (finally) improved the default settings for Redshift to reduce the number of data leaks using their platforms.

The FTC has ordered GM to stop selling OnStar customer data (such as precise geolocation and driving behavior) without obtaining express consent.

In a surprise to literally nobody, security researchers learned that if you install bad things on your device, bad things can happen!

Now for the good news:

A lawsuit against automatic license plate readers is allowed to proceed.

Brave now allows you to inject custom JavaScript to tweak websites without an extension. 🙂  This comes only weeks after adding the ability to Rerank websites in the Brave Search engine.

Most importantly: Ross Ulbricht is free.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is not that bad this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released 41 updates to address 67 vulnerabilities in Active Directory Domain Services, Azure Network Watcher, Microsoft AutoUpdate (MAU), Microsoft Digest Authentication, Microsoft Dynamics 365 Sales, Microsoft Edge (Chromium-based), Microsoft Edge for iOS and Android, Microsoft High Performance Compute Pack (HPC) Linux Node Agent, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft PC Manager, Microsoft Streaming Service, Microsoft Surface, Microsoft Windows, Open Source Software, Outlook for Android, Visual Studio, Visual Studio Code, Windows Ancillary Function Driver for WinSock, Windows CoreMessaging, Windows DHCP Client, Windows DHCP Server, Windows Disk Cleanup Tool, Windows DWM Core Library, Windows Installer, Windows Internet Connection Sharing (ICS), Windows Kerberos, Windows Kernel, Windows LDAP, Windows Message Queuing, Windows NTLM, Windows Remote Desktop Services, Windows Resilient File System (ReFS) Deduplication Service, Windows Routing and Remote Access Service (RRAS), Windows Setup Files Cleanup, Windows Storage, Windows Telephony Server, Windows Telephony Service, Windows Update Stack, Windows Win32 Kernel Subsystem, and MSRT. This includes security updates. A reboot is required.

Oracle released 301 security updates this quarter to address vulnerabilities in 109 applications.

Apple released updates for GarageBand 10.4.12, iOS 18.3, iOS 18.3.1, iPadOS 17.7.4, iPadOS 17.7.5, iPadOS 18.3, iPadOS 18.3.1, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, Safari 18.3, tvOS 18.3, visionOS 2.3, and watchOS 11.3. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 18.3 and 18.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7.4, 17.7.5, 18.3 and 18.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.3 is a security update. Use System, Software Update to install the most current version.

visionOS 2.3.1 is a security update. Use System, Software Update to install the most current version.

Google ChromeOS 132.0.6834.98 and Google ChromeOS LTS 126.0.6478.264 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Epson ET-2750 2.71.00 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2750/s/SPT_C11CG22201

Epson ET-3760 2.68.02 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-3760/s/SPT_C11CG20203

Epson ET-3850 3.01 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-3850/s/SPT_C11CJ61201

Epson ET-4800 3.05 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4800/s/SPT_C11CJ65201

Epson ET-5880 3.04.00 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-5880/s/SPT_C11CJ28201

UniFi Network Server 9.0.114 resolves over a dozen bugs and improves Zone controls. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.6.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.75.175 is a security update.
https://brave.com/

Google Chrome 133.0.6943.53 is a security update.
https://www.google.com/chrome/

Firefox 135.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.7.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 7.1.3570.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.15.1 resolves several bugs. This is not a security update.
https://getmailspring.com/

Spark 3.20.4 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.7.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.0.2 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 8.12.0 is a security update.
https://curl.haxx.se/windows/

Discord February 3, 2025 adds several new performance improvements and privacy controls, as well as cosmetic and stability improvements. This is not a security update.
https://discord.com/download

Dropbox 217.4.4417 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

FreeFileSync 14.0 adds dark mode support, improves cosmetics and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 104.0 is a security update.
https://drive.google.com/start

Grocy Desktop 2.12.1 updates the Grocy release and fixes dependencies. This is not a security update.
https://github.com/grocy/grocy-desktop

Microsoft Teams 1.8.00.1362 adds several new management and organizational features. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.5 resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

PuTTY 0.83 resolves several bugs. This is not a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Signal 7.41.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.32.3 improves organization. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.4.1 should be treated as a security update.
https://technitium.com/dns/

Telegram 5.10.7 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 6.3.6.56144 adds a “new and improved” sidebar and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.13 improves rigging motions. This is not a security update.
https://en.3tene.com/

Grayjay 281 resolves compatibility issues. This is not a security update.
https://grayjay.app/index.html

KaraFun Player 3.4.6 improves stability and performance, ARM compatibility, and resolves several bugs. This is not a security update.
https://www.karafun.com/karaoke-windows/

Kodi 21.2 resolves dozens of bugs. This is a security update.
https://kodi.tv/

Plex Desktop 1.107.2.300 resolves a compatibility bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.70.1.303 updates libraries and now improves privacy on Linux. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.60.10 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2025.115 improves performance and usability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.01.28 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Commerce 2.4.8-beta2, 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 1.5.1, 1.4.2-p4, 1.3.5-p9, 1.3.4-p11, 1.3.3-p12, 2.4.8-beta2, 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-08.html

Adobe Illustrator 28.7.4 and 29.2.1 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb25-11.html

Adobe InCopy 19.5.2 and 20.1 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb25-10.html

Adobe InDesign 19.5.2 and 20.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-01.html

Adobe Photoshop Elements 2025.1 is a security update.
https://helpx.adobe.com/security/products/photoshop_elements/apsb25-13.html

Adobe Substance 3D Designer 14.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb25-12.html

Adobe Reader DC 24.005.20399 resolves several crash bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Substance 3D Stager 3.1.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-09.html

Artweaver 8.0.2 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 7.25.0 resolves several bugs and improves compatibility. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.1.5 improves compatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Krita 5.2.9 massively improves text support. This is not a security update.
https://krita.org/en/download/

LibreOffice Fresh 25.2.0 resolves almost 300 bugs. This is a security update. Please do not use the “Fresh” line – use the stable release instead.
https://www.libreoffice.org/

Manager 25.2.9.2075 improves inventory controls. This is not a security update.
https://www.manager.io/

Notepad++ 8.7.7 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.1.3 resolves over a dozen bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.5.1.394 improves cosmetics and resolves over a dozen bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

iOS 18.3.1 is a security update. Use Settings, General, Software Update to get the most current version.

iPadOS 17.7.5 and iPadOS 18.3.1 are security updates. Use Settings, General, Software Update to get the most current version.

macOS 15.3.1 is a security update. Use Settings, General, Software Update to get the most current version.

Tails 6.12 is a security update.
https://tails.net/install/download/index.en.html

tvOS 18.2.1 and tvOS 18.3 are security updates. Use Settings, General, Software Update to get the most current version.

watchOS 11.3.1 is a security update. Use the Watch app from your iPhone to install the current version.

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Runtime 9.0.1 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Java 8u441 is a security update.
https://www.java.com/en/download/manual.jsp

MalwareBytes Desktop Security 5.2.6.163 resolves a quarantine bug. This should be treated as a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 3.5.1 improves stability and performance. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest

RogueKiller 16.0.2 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.283 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1272 adds a new Browser Protection feature and resolves several bugs. This should be treated as a security update.
https://www.superantispyware.com/download.html

Windows Defender Offline 20250119 doesn’t provide a change log so should be treated as a security update.
https://windows.microsoft.com/en-us/windows/what-is-windows-defender-offline

Wireless Network Watcher 2.42 updates the internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 31.0.1 resolves several crash and stability bugs. This is not a security update.
https://obsproject.com/

SnagIt 24.3.2 is a security update.
https://www.techsmith.com/screen-capture.html

VideoCacheView 3.11 improves support for newer Chrome (v132+) cache structure. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.5 adds support for MP4/MKV AV1 output, improved hardware acceleration and resolves an audio quality bug. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 20250204 resolves an SVT-AV1 API compatibility issue. This is not a security update.
https://ffmpeg.org/ffmpeg.html

IsoBuster 5.5.2 resolves compatibility issues with CD-i and macOS generated media, and special characters in file and folder names. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.17.9 changes only the version number. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 5.3.3 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.2.2.0 improves compatibility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.0.5 adds Colorizer support and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.60 resolves several bugs. This is not a security update.
https://1password.com/downloads/

Beyond Compare 5.0.5.30614 updates libraries and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2025.1.4 now imposes 2FA for new sessions and unknown locations, adds ability to generate SSH keys, and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.32.11432 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.14 adds support for newer hardware and resolves a cosmetic bug. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.5.7 resolves several bugs. This is not a security update.
https://cygwin.com/

Dell OS Recovery Tool 2.4.2.2193 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 11.57 improves uninstall and automatic update. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.3.3.0 updates libraries, adds several new features (Show Replacements, Minimize & Restore, Replace dialog layout) and updates translations. This is a security update.
https://dngrep.github.io/

GoodSync 12.8.2 adds a new @file filter, improves compatibility and rearranges job options. This is not a security update.
https://www.goodsync.com/

GUIPropView 1.31 adds several new columns to the display. This is not a security update.
https://www.nirsoft.net/utils/gui_prop_view.html

Homedale 2.16 adds a Japanese translation. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.56 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

LessMSI 2.5.0 adds ability to change languages in the GUI. This is not a security update.
https://lessmsi.activescott.com/

ManageWirelessNetworks 1.15 adds dark mode support. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NTLite 2025.01.10293 modifies more than a dozen Components features and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.1.1001 resolves several bugs. This should be treated as a security update.
https://www.osforensics.com/download.html

osquery 5.15.0 resolves several bugs and improves data collection and display. This is not a security update.
https://osquery.io/downloads

PowerToys 0.88.0 updates libraries and resolves several bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 4.0.5 resolves dozens of bugs. This is not a security update.
https://psappdeploytoolkit.com/

TeamViewer 15.62.4 is a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.46 improves uninstall and automatic update. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Ventoy 1.1.01 adds native remounting capability to support all Linux distros and resolves a couple bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WakeMeOnLan 1.92 updates the internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WinScan2PDF 9.25 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.24 adds several administrative features and cosmetic improvements. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 2.0.19 resolves several bugs. This is a security update.
https://www.autohotkey.com/download/

GDevelop 5.5.224 improves cosmetics and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.16 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.6 is a security update.
https://go.dev/

MySQL ConnectorNet 9.2.0 resolves several bugs. This should be treated as a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 18.20.6 is a security update.
https://nodejs.org/en/

Node.js 20.18.3 is a security update.
https://nodejs.org/en/

Node.js 22.14.0 is a security update.
https://nodejs.org/en/

Node.js 23.7.0 is a security update.
https://nodejs.org/en/

Python 3.13.2 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.49.0 resolves several bugs and improves performance. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.97.1 is a security update.
https://code.visualstudio.com/

WinMerge 2.16.46 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.6 adds support for Linux kernel 6.13 and resolves dozens of bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.20 adds Postmark, Bluesky and Backblaze B2 support. This is not a security update.
https://invisioncommunity.com/

Grocy 4.4.1 adds support for Open Food Facts barcode lookup and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

MailEnable 10.51 is a security update.
https://www.mailenable.com/

ownCloud Client 5.3.2.15463 is a security update.
https://owncloud.com/desktop-app/

phpMyAdmin 5.2.2 is a security update.
https://www.phpmyadmin.net/

WordPress 6.7.2 resolves 35 bugs. This is not a security update.
https://wordpress.org/

Really Simple CAPTCHA 2.4 improves hash strength and compatibility. This is not a security update.
https://wordpress.org/extend/plugins/really-simple-captcha/

Sucuri Security 1.9.8 adds CORS configuration. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WP Cerber Security 9.6.6 resolves several bugs. This is not a security update.
https://wpcerber.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-10-08

Welcome back, Folks!

Today is Patch Tuesday for October, 2024.

Windows 11 24H2 is out. So is macOS 15/Sequoia. iOS 18, iPadOS 18, tvOS 18, watchOS 11, and visionOS 11 are out now.  The first set of security updates for each of these are released now, too.

All versions of Windows 11 prior to 23H2 are no longer be supported. Upgrade to 23H2 now, then do not upgrade to 24H2, yet. Let everyone else be the guinea pigs. It’s already showing quite a few issues.

All versions of macOS prior to 13/Ventura are no longer supported. If you can’t upgrade your Mac to Ventura you need to permanently take it offline and/or replace it.

Windows 10 now has only 12 months of support left. If your computer can not be upgraded to Windows 11 either start planning now for a switch to Linux or replacing your computer.

There were 505+ major hacks, and over 395 application updates this month. It’s an enormous month, with about 4 GB of updates for most users.

This Month in Technology

4B Components, 5.11 Tactical, A1 Mobile Locksmith, Access Ambulatory Surgery Center, LLC, Access Sports, Accurate Railroad Construction Ltd, Acuity Advisor, Adobe Acrobat Reader DC, Adobe After Effects, Adobe Audition, Adobe Commerce & Magento stores (5% of all their commerce sites!!!),  Adobe Media Encoder, Adobe Photoshop, Adobe Premiere Pro, ADT, Advanced Sterilization Products, Inc, Affirm Agency, AFP, air-gapped government systems, Akromold, Al Rajhi Bank, Albany College of Pharmacy, Alliance, Ally Bank, Alshaya Group, Altman Plants, Alvan Blanch, American Water Works, Amgen Inc, Amplitude Laser, Andamen, Andantex USA, Anniversary Holding, Apache Avro, Apache HugeGraph-Server, Apex Softcell, Aramark myPay, Arc browser, Arelance Group, Around the Clock Companies, Asheville Arthritis and Osteoporosis Center, PA, AT&T, ATG Communications Group, Atrium Health, Autel Maxicharger, Auto Recyclers, AutoCanada, Autodesk Navisworks Freedom DWF, automatic storage tank gauge (ATG) systems (6 models), Avi Resort & Casino, Avis, Balboa Bay Club Ventures LLC, Banana Gun, Bangladeshi government, Barbados Revenue Authority, Barnes & Cohen, Batcom, Battle Lumber Co, Bay Ridge Automotive Management Group, Bazooka, Bel-Air Bay Club, BELL DATA, Inc, Benny Gantz, Bethalto Community Unit School District, Betterhalf, Bharat Petroleum, BingX, Bloom Hearing Specialists, Blundstone USA Inc, BNBuilders, BotSpace, Branhaven Chrysler Dodge Jeep Ram, Brechbuhler Scales Inc, BroadGrain Commodities, Broward Realty Corp, Brown Bottling Group, Brown Integrated Logistics, Brunswick Hospital Center, BSH Soft, BudTrader, C&L Ward, CaleyWray, Calibrated Healthcare, LLC, California Department of Social Services, Cameroon’s pension fund, Canstar Restorations, Capgemini, Capital Printing, Carlile Group, Cascade Columbia Distribution, Casino Fandango, Casio, Caterpillar Inc, Cellular Plus, CentralTickets, CF Medical, Charles Darwin School, Chernan Technology, ChiceDNA, Chinese government, a Chinese government botnet, Chrome, Chunghwa Telecom Data, Cincinnati Public Schools, City of Aberdeen, WA, City of Forest Park, City of Pleasanton, CA, City of Richardson, TX, CK Associates, CKS Packaging, Classic Business Products, CobelPlast, Cohesive Networks VNS3, Comcast Cable Communications, Community Clinic of Maui, Inc, Community Hospital of Anaconda, Compass Group, Concord Management Services, Condere IP, Conductive Containers, Inc, Connally Memorial Medical Center, Control Panels USA, CopySmart LLC, Corantioquia, Creative Consumer Concepts, Creative Playthings, CrediHealth, Crown Mortgage Company, CSG Consultants, D-Link routers, DATASUS, Daughterly Care, David’s Bridal, Del Valle Independent School District, Delaware Library system, Dell (twice in a week),  Deloitte, Delta Prime, Department of Foreign Affairs (DFA), Philippines, DETRAN, Detroit Public TV, Diamond Contracting, LLC, Didi Chuxing, digiDirect, Dimensional Merchandising, DINAS Corp, Divine Interprises INC, DJH Jugendherberge, Domain Industries, DotPe, DPC DATA, Dr. Web, DrayTek routers, Dreyfuss + Blackford Architecture, Duopharma Biotech, Dutch Police, EasyMPS, Edge Imaging, eFile.com, EigenLayer, Elgin Separation Solutions, Elitecare Emergency Hospital, Elitecare, Empereon Marketing, English Football League, Enterprise Outsourcing, EnviroNET Inc, Environmental Code Consultants Inc, Erasmus+, ETC Companies, Ethena Labs, Eurobulk, Evans Distribution Systems, Experience Engine, Express Services, Fabrica Industrial Machinery & Equipment, FastStone Imave Viewer, Fazenda Brazil government, FBCS, Fedbank Financial Services, Feeld, Feldstein & Stewart, Fireworks Software, First Choice, Fleet Equipment, FoccoERP, Forshey Prostok LLP, Fortinet, Fortive, Foundation, Foxit PDF Reader, Freshstart Credit Repair, Frigocenter, Fritzøe Engros, FTV Employment Services LLC, Fylde Coast Academy Trust, G/S Solutions, Galloway MacLeod, Games Box, GameVN, Garvey, GenPro Inc, GitLab, GNOME Project G, GoDaddy, Golden Age Nursing Home, Gough Construction, Graminex, Graybill Medical Group, Greene Acres Nursing Home, Guerriere & Halnon, GW Mechanical, Hair Club for Men, Hamel Cranial Chiropractic & Wellness INC, Harvard Pilgrim Health Care, Harvey Nichols, HDI, Hertz, Hezbollah, Hindle Group, Holmes & Brakel, Howard CPAs, HPE Aruba Networking, Hughes Gill Cochrane Tinetti, Hunter Dickinson Inc, HuntStand, I-MED, Ibermutuamur, ICBC London, IDEALEASE INC, Idre Fjäll, Indian Supreme Court, Indodax, Infosys McCamish Systems, Instituto Nacional de Deportes de Chile, Insurance Agency Marketing Services, Inc, InteriorWorx Commercial Flooring, iOS Password Manager, 260,000 IoT devices (Raptor Train), Iron Metals, Isola, Israel Defense Minister, Israel Foreign Affairs Minister, Israel Harel Insurance, Israel Prime Minister, an Israeli analytics company, Israeli defense companies, Israeli Industrial Batteries, Istrail, Italian Ministry, Ivanti Cloud Services Appliance, Ivanti Endpoint Manager, Ivanti Workspace Control, Jackson Paper Manufacturing, Jacobsen Construction Co, Inc Health Plan, Joe Swartz Electric, Johnson & Wales University, JTaylor & Associates LLC, Juice Generation, Kawasaki Motors Europe, Keller Williams Realty Group, Kennedy Funding, Keuka College, Keya Accounting and Tax Services LLC, Kia dealer portal, Kia vehicles (again), KintApp, Kravit, Hovel & Krawczyk SC, KukuFM, Kuwait Health Ministry, LA Financial Federal Credit Union, Labib Funk Associates, Ladov Law Firm, Lakeland Chamber, Lancaster Royal Grammar, three-quarters of law firms (which explains a lot of the hacks this month), Law Offices of Michael J Gurfinkel, Inc, Lawrie Insurance Group, Lee Hoffoss Injury Lawyers, LEGO, Lenovo Service Bridge, Liberty First Credit Union, Local 1964 ILA Health & Insurance Fund, Lumen Technologies, Luso Cuanzа, Lyomark Pharma, MacGillivray Law, macOS graphics driver, macOS video decoder, Magenta Photo Studio, Malwarebytes Antimalware, Markdom Plastic Products, Maryville Academy, Mattson Technology, Inc, Max Shop, MC2 Data, McAbee Construction, Inc, McCarty Company, MCNA Dental, MDSi INC, MediCheck, MedReview, Messe C, Miami Dolphins Forum, Michigan Masonic Home, Michigan Medicine, Microsoft Azure API Management, Microsoft C++ redistributable, Microsoft Pragmatic General Multicast Server, Microsoft SharePoint, Microsoft Windows, Microsoft Windows 10 AllJoyn Router Service, Microsoft Windows Internet Explorer, Microsoft Windows SmartScreen, Mile Hi Foods, MIPS Holding, Inc, Mobility Compare, Model Engineering, Moeller Door and Window, MoneyGram, Mozambique Election System, Mt. Carmel Behavioral Healthcare, Muskogee City County Enhanced 911 Trust Authority, mySCADA myPRO, NASA, New Electric, New River Electrical, New York Sports Club, Noble Environmental, North American Breaker, Nova Sinseg, Nusser Mineralöl GmbH, NVIDIA Container Toolkit, Octapharma Plasma, OffRoadAction, Omega Industries, One Point HR Solutions, Onyx, OpenAI, OpenPLC_v3 Runtime, Optigo Networks ONS-S8, Oracle WebLogic, Pacific Coast Building Products, Pacific Islands Forum, Fiji, Pacific Scientific Energetic Materials Company LLC, Palomar Medical Group, PaperCut NG, Partners Air, Patelco Credit Union, Patrick Sanders Company, PDF-XChange Editor, Pearl Cohen, Peerless Umbrella, Performance Food Centers, Performance Therapies, PetEdge, Pete’s Road Service, PetroChina, Physical Medicine & Rehabilitation Center, Piggly Wiggly, Plaisted Companies, Plastics Plus, Plumbers Stock, Port of Seattle/Seattle-Tacoma International Airport (SEA), Power Torque Services, PRC-Saltillo, Premier Packaging, Prentke Romich Company, Progress Software WhatsUp Gold, Pureform Radiology Center, Qualcomm DSP, Quantum Healthcare, Raaga, Rackspace, Radio Geretsried, 19 UK railway stations, Ranveer Allahbadia, Reading Train Station, Red Barrels, Repsol, Research Electronics International, Reutter, Richland County, WI, Richmond Auto Mall, Richmond Community Schools, Riley Gear Corporation, Rim Country Health and Rehabilitation, Ring Power, River Delta Unified School District, River Region Cardiology Associates, Riverside Resort Casino, Rob Levine & Associates, Robson Planning Group Inc, Rockwell Automation PLC Software, Sacred Heart Catholic School, Sage Home Loans Corporation, SaniRent, Satia Group, Savannah Candy, Schäfer, dein Bäcker GmbH & Co KG, Scranton School District, Sellafield, ServiceNow, Shenango Area School District, Sherr Puttmann Akins Lamb PC, Shezmu, Shin Bet, ShoreMaster, Signature Healthcare Services LLC, siParadigm LLC, Slim CD, Smart Buy, Smart Source, Inc, 2,700 “smart” devices in the Netherlands, SolarWinds Access Rights Manager, Solutii Sistemas, Sono Bello, Southeast Cooler, Southern Bone, SpaceX, Spectrum Industries, Sportstech, spWETH Wallet, Star Blizzard, Star Health (India), Stillwater Mining Company, Storck-Baugesellschaft mbH, Structural Concepts, Sub-Zero, Wolf, and Cove, Sunrise Farms, Synnovis, TANYA Creations, TeamViewer, TeleHealth Center (India), Temu, Tewkesbury Borough Council, Thai Honda Manufacturing, The Gill Corporation, The Maids International, The Rubber Resources, The Superior Court of California, The Tech Interactive, Theresa Gordon Tax Services, Inc, Think Simple, Thomas Lloyd, Thompson Construction Supply, TIAA, Title Financial Corporation, Total Electronics, TOTVS, Toyota, TradeZero America Inc, Transport for London, Transtec SAS, TransUnion Risk and Alternative Data Solutions, Inc, Travel Alberta, TRC Worldwide Engineering, Trend Micro Deep Discovery Inspector, True Family Enterprises, Truflation, Truist Bank, Trump campaign, Tuttle-Click Automotive Group, Twilio, Uber Eats, UCC Retreivals, United Animal Health, Universal Music Group, University Medical Center, University of Minnesota Orthodontics, US Centers for Medicare and Medicaid Services, US Congress, US Dermatology Partners, UT Southwestern Medical Center, Uttarakhand (India) government, Veertu Anka Build, Verizon, Vermilion Parish Schools, Versa Director, VGTRK, Vickers Engineering, Vidisco, Virginia Dare Extract Co, Visionary Homes, Visteon Infotainment System, VMware vCenter Server, Ward Transport, Wayne County, MI, WazirX, We Level Up Treatment Lake Worth, Weiser Memorial Hospital, Weldco-Beales Manufacturing, Wells Fargo, Western Digital MyCloud PR4100, WhatsApp, Wichita Police, Wilmington Convention Center, Wilson & Lafleur, Wisconsin Physicians Service Insurance Corp, Woodard, Hernandez, Roth & Day, WordPress Houzez Login Register plugin, WordPress Houzez theme, WordPress LiteSpeed Cache Plugin, Wright, Moore, DeHart, Dupuis & Hutchinson, LLC, Young Consulting LLC, and Zimbra email servers have reported hacking or compromises this month.

AFP, AT&T, Cloudflare, Confidant Health, Dr. Web, Google CloudImposer, Highline Public Schools, MoneyGram, PlayStation Network, Port of Seattle, Providence Public Schools, State Data Center (India), Verizon, and WP Engine have suffered from outages this month.

Last months updates broke M4 iPad Pro devices, macOS Sequoia VPN & antivirus software, Microsoft 365 apps, Microsoft Outlook mail vs nested folders, Microsoft Word (serious – Word deletes your files if they have mixed case extensions!), Windows 11 24H2 BSODs, Windows 11 24H2 gaming performance, Windows 11 24H2 license activation, Windows reboots, and Windows USB & Bluetooth.

In other news

The Internet backdoor mandated by US federal law has been hijacked by China (Salt Typhoon) and is being actively exploited again across several phone providers. It’s not good.

Almost 3 in 5 of breached UK firms admit to paying ransom on demand. An insane 92% of healthcare firms in the US were hit by cyberattacks this year.

Now that “exploding pagers” (and more) are a thing, will people start to take supply chain and physical security seriously?

Fearing exposure of weak security processes, Apple has moved to dismiss their lawsuit against NSO Group.

Now for the good news

Discord has added end-to-end encryption for audio & video calls.

NIST has finally scrapped their complexity and change frequency recommendations. The math on these recommendations simply doesn’t add up.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is enormous this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released 65 updates to address 121 vulnerabilities in .NET Framework, .NET, Azure CLI, Azure Monitor, Azure Stack, BranchCache, Code Integrity Guard, DeepSpeed, Internet Small Computer Systems Interface (iSCSI), Microsoft ActiveX, Microsoft Configuration Manager, Microsoft Defender for Endpoint, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Management Console, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office, Microsoft Simple Certificate Enrollment Protocol, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Speech, OpenSSH for Windows, Outlook for Android, Power BI, Remote Desktop Client, RPC Endpoint Mapper Service, Service Fabric, Sudo for Windows, Visual C++ Redistributable Installer, Visual Studio Code, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows BitLocker, Windows Common Log File System Driver, Windows Cryptographic Services, Windows cURL Implementation, Windows EFI Partition, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows Kernel-Mode Drivers, Windows Local Security Authority (LSA), Windows Mobile Broadband, Windows MSHTML Platform, Windows Netlogon, Windows Network Address Translation (NAT), Windows NT OS Kernel, Windows NTFS, Windows Online Certificate Status Protocol (OCSP), Windows Print Spooler Components, Windows Remote Desktop Licensing Service, Windows Remote Desktop Services, Windows Remote Desktop, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Scripting, Windows Secure Channel, Windows Secure Kernel Mode, Windows Shell, Windows Standards-Based Storage Management Service, Windows Storage Port Driver, Windows Storage, Windows Telephony Server, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for Apple TV 1.5.0.152 for Windows, iOS 17.7, iOS 18, iOS 18.0.1, iPadOS 17.7, iPadOS 18, iPadOS 18.0.1, macOS Sequoia 15.0.1, macOS Sonoma 14.7, macOS Ventura 13.7, Safari 18, Safari 18.0.1, tvOS 17.6.1, tvOS 18, visionOS 2, visionOS 2.0.1, watchOS 10.6.1, watchOS 11, watchOS 11.0.1, and Xcode 16. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.6.1, 11, and 11.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 18 is a security update. Use System, Software Update to install the most current version.

visionOS 2 and 2.0.1 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 128.0.6613.163, 129.0.6668.80, and ChromeOS LTS 126.0.6478.254 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.9.1 improves hardware compatibility, game support, resolves several bugs and expands Vulkan extensions. This is not a security update.
https://www.amd.com/en/support

TP-Link Archer AX55 v1 240628 improves mesh and configuration controls. This is not a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

goxlr-utility 1.1.4 resolves several compatibility and reliability bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

UniFi Network Server 8.4.62 resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.2.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.70.123 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 129.0.6668.100 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 129.0.2792.79 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 131.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.3.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 6.9.3447.51 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.14.0 is a security update.
https://getmailspring.com/

ProtonMail (Android) 4.0.22.1 resolves a major stability bug. This is not a security update.
https://proton.me/mail/download

Spark 3.17.9.86866 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.9.86865 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.3.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.1.0 resolves dozens of bugs and improves stability. This is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.1.2 is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.58 resolves an export bug. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.10.1 resolves over a dozen bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 209.4.3661 does not provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.6.0.24.211 is a security update.
https://www.messenger.com/download

FileZilla Server 1.9.2 resolves a bug in the update engine. This is not a security update.
https://filezilla-project.org/

Google Drive 98.0 is a security update.
https://drive.google.com/start

MeshCentral 1.1.32 is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.26062 improves onboarding flow and allows external presenters to join from mobile platforms. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.0 is a major update, updating libraries, minimum requirements, and resolving more than a hundred bugs. This is a security update.
https://nextcloud.com/

Npcap 1.80 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Rclone 1.68.1 improves compatibility and resolves several bugs. This is not a security update.
https://rclone.org/

Signal 7.27.0 adds several new display options for media, groups and restores ability to search stored messages from groups you’re no longer part of. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.18.2 adds ability to search for emoji. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.0.2 resolves protocol bugs. v13 adds several other new DNS features and controls including ZONEMD, RP, Catalog Zones and improved logging. This is not a security update.
https://technitium.com/dns/

Telegram 5.6.1 resolves dozens of bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 11.1.3 resolves dozens of bugs. This is not a security update.
https://telegram.org/apps

Zoom 6.2.3.47507 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.10 resolves a couple bugs and improves lip sync. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.4 resolves over 20 bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 264 adds auto-play toggle, allows you to control rotation sensitivity, reverse rotation, and resolves several bugs and compatibility issues. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.3.2 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.102.0.230 resolves a couple bugs and adds an advertising consent notice. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.67.1.233 updates web engine. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.0.8994 adds support for external subtitles, improved ad detection, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.31.04 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 19.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.920 improves stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.09.17 changes the terms of use and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.10.03 improves Wi-Fi 7 compatibility. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.8 and 24.0.5 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-76.html

Adobe Commerce 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11, 1.4.2-p3, 1.3.5-p8, 1.3.4-p10, and 1.3.3-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Magento Open Source 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Adobe Dimension 4.0.4 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb24-74.html

Adobe FrameMaker 2020.7 and 2022.5 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-82.html

Adobe InCopy 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb24-79.html

Adobe InDesign 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-80.html

Adobe Lightroom 7.5, 13.5.1, and 12.5.2 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb24-78.html

Adobe Substance 3D Painter 10.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html

Adobe Substance 3D Stager 3.0.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html

Audacity 3.6.4 doesn’t have a change log so should be treated as a security update.
https://www.audacityteam.org/download/

Blender 4.2.2 resolves dozens of bugs. This is a security update.
https://www.blender.org/download/

Calibre 7.19.0 improves performance and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.04.0 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GnuCash 5.9 resolves several bugs. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.08.1 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Krita 5.2.6 resolves over 50 bugs and improves reliability and stability. This is not a security update.
https://krita.org/en/download/

LibreOffice Fresh 24.8.2 resolves almost 200 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.10.8.1879 adds business templates, FDX support, and resolves several bugs. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.14.1 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7 updates libraries, resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

PDF Candy Desktop 3.13 doesn’t provide a change log so should be treated as a security update.
https://pdfcandy.com/

PDF-XChange Editor 10.4.1.389 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_34 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_39 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

JShelter 0.19.1 improves Manifest V3 compatibility and performance. This is not a security update.
https://jshelter.org/install/

KeePass 2.57.1 is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 5.5.4 doesn’t provide a change log so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

RogueKiller 15.18.3 updates libraries and resolves several bugs. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/

SecurityCheck 2024.9.22 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/securitycheck/dl/123/

Stinger 13.0.0.197 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1268 adds support for new browsers, applications, unicode compatibility and resolves several bugs. This is a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.60.0 adds several new features and resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

QubesOS 4.2.3 is a security update.
https://www.qubes-os.org/downloads/

Tails 6.8 is a security update. 6.8 also signals the merger of Tails and the Tor Project.
https://tails.net/install/download/index.en.html

Zorin OS 17.2 improves customization, updates libraries, and resolves several bugs. This is not a security update.
https://zorin.com/os/mirrors/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.2.4 resolves stability bugs. This is not a security update. This is not a security update.
https://www.techsmith.com/screen-capture.html

VideoCacheView 3.10 improves compatibility with Google Chrome. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.7 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.17.8 improves defect tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.2.0.0 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.5 adds FLAC support and resolves sseveral bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.7 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.46 adds QR code authentication, Wi-Fi QR code sharing, accessibility improvements, and resolved several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.5.0 adds Boot Repair, improves Migrate OS and resolves bugs in the optical media creation flow. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.9.2 improves PDF attachment handling and improves Secrets Manager. This is not a security update.
https://bitwarden.com/

CCleaner 6.28.11297 adds support for new applications. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.11 improves mainboard detection and adds new hardware support. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Deskflow 1.17.0 is a complete rebrand of the upstream Synergy source, pushing the public code base into a useful utility. This is the first one, though, so I’d hold off a little while. This is not a security update.
https://deskflow.org/

DesktopOK 11.44 improves copmatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.84.0 improves cache plug-in to use hash data to reduce network chatter, encoding improvements, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-09-12 adds option to use password as credentials, improves documentation and resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.5.1 improves compatibility, adds RTL support, keyboard shortcuts and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3880.66.6 improves compatibility and adds support for Windows 11 v24H2. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.60 adds support for Windows 11 v24H2 and removes v23H2. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 3.7.1 improves Network Insights and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.9.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.46.1 resolves several bugs and improves documentation. This is not a security update.
https://git-scm.com/

GoodSync 12.7.6 improves logging and compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 2.13 adds channel utilization reporting, Wi-Fi 7 (802.11be) support and filtering improvements. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.12 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.55 adds support for newer hardware and battery information. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 4.11 adds support improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 2.2.0 adds Italian language support. This is not a security update.
https://lessmsi.activescott.com/

MultiMonitorTool 2.11 resolves a mapping bug. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NTLite 2024.9.10073 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1014 resolves over a dozen bugs including performance and reliability issues. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 6.44 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.85.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 24.2 should be avoided. It has had rollout “paused” due to stability issues four times already. Just wait for 24.3 or 24.4 to be stable.
https://screenconnect.connectwise.com/download

TeamViewer 15.58.5 resolves several bugs and implements new cosmetics. This is a security update.
https://www.teamviewer.com/en-us/download/windows/

TestDisk 7.3 doesn’t provide a change log so should be treated as a security update.
https://www.cgsecurity.org/wiki/TestDisk_Download

XnConvert 1.101.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.10 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.2.1.9 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.4.213 adds ability to change opacity within properties panel, tilemap improvements, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.6 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.2 resolves several bugs. This is not a security update.
https://go.dev/

Node.js 20.18.0 updates libraries, resovles several bugs and adds experimental support for network inspection. This is not a security update.
https://nodejs.org/en/

Node.js 22.9.0 updates libraries, adds support for stack trace, disables V8, and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.0 resolves over a dozen bugs. This is a security update.
https://www.python.org/downloads/windows/

Visual Studio Code 1.94 improves Explorer Find, adds filtering options to Source Control Graph, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.2 is a major update, changing style, performance, stability, hardware compatibility and adding many options. It also initially broke older guests and this release fixes that as well as a dozen other bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Duplicator 1.5.11 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Sucuri Security 1.9.5 improves analysis. This should be treated as a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-08-13

Today is Patch Tuesday for August, 2024.

There were 436+ major hacks, and over 372 application updates this month.
It’s an enormous month, with about 4 GB of updates for most users.

This Month in Technology

1Password, 1Tx.io, 40 French Museums, 5G baseband, A-Line Staffing Solutions, a16z, Acadian Ambulance, Accelon Technologies Private, Acronis, Adreno, ADT, Advance Stores Company, Inc, Advantage Orthopedic & Sports Medicine, LLP, AirAsia Group, AirsoftC3, Al-Karam Textile Mills Pvt, Alabama Cardiovascular Group, Alabama Department Of Education, Allcare Medical Management, Alternate Energy, Amazon India, Amazon Web Services (AWS), AMD (SinkClose), American Golf Corporation, an “undisclosed ISP”, Angel One, AnimeLeague, Ankitects Anki, Anniversary Holding Company, Apache HugeGraph, Apache InLong, Apache OFBiz, Argentina Citizen Data, Arisa Health, Astra Daihatsu Motor, AT&T, Augusta Orthopedic, Aveanna Healthcare, LLC, Aviben, B&G Foods, Bandolier, BangBros, Barrett Eye Care, Bassett Furniture Industries, Bausch Health, Baxter International, Bayhealth, Bazaar, Berkshire Hathaway Home Services, Betances Health Center, BIND 9, BioMatrix Specialty Pharmacy, BlackCat, Bluewater Health, BMW Hong Kong, Bosque Animal Rescue Kennels, Brazil FGTS, Brevard Alzheimer’s Foundation, Brownell Travel, Inc, Bunkhouse Group, Business Insider, Cadre Holdings, Calibrated Healthcare, Cambridgeshire schools, Care Vision UK, Cartier, CCM Health, Celcom Axiata Berhad, Cencora, Central Bedfordshire Council, Central Contra Costa Transit Authority, Central Texas 911 service, Change Healthcare Inc, Chilean Government, Chrome, Cisco Small Business SPA 300 and SPA 500, Cisco Smart Install, Cisco Smart Manager software, City of Cold Lake, Alberta, City of Columbus, OH, City of Philadelphia, PA, City of Victorville, CA, Clay County, IN, ClickBalance, Co-op Banks, CoinStats, Columbus Regional Healthcare System, Community Care Alliance, Compex Legal Services Inc, Compound Finance, Condo.com, Congoleum, Convergence, Credible Group, Crescent Point Energy, Crimson Wine Group, Croatia’s Split Airport, CSC ServiceWorks, Cyepro Solutions, Dallas County, DaVita, Deep Sea Electronics DSE855, Dell & Dean PLLC, Delta County Memorial Hospital District (Delta Health), Designed Receivable Solutions, Deye, Digitalstress, Directional Aviation, Disney’s Slack, Docker Engine, Dorset Council, Dough Finance, Dr Bronner’s, Dubai Municipality, dYdX, East Valley Institute of Technology (evit), easySim.global, Econolite, Ecovacs home robots, Edward Flynn, LMHC, EgBill India, Embily Crypto, Embotits Espina, SLU, EMS Department for the Kansas City, Kansas Fire Department, Energo, Evening Post Publishing Inc, Everest, Evolution Mining, Evolve Bank & Trust, Exco Solutions, Exim, Explore Talent, FacilityBills, Fairfax Radiological Consultants, Family Dynamics Counseling Services, Inc, FCDG Management LLC, Federacion Española de Padel, Fidelity Investments Life Insurance Company, FilterBaby, LLC, Financial Business and Consumer Solutions, Inc, Firefox, First Choice Dental, Flexible, Florence Cement Company, Inc, Football Federations of Tenerife and Las Palmas, Fractal ID, Franklin County, Kansas, Fresnillo PLC, Freudenberg Medical, Fujitsu, Gateway Extrusions, GCA Global Cargo Alliance, Gemini, Gendron & Gendron, GeoServer GeoTools, Ghayar, GitLab Community and Enterprise, Glendale Unified School District, Golden Business Machines, Good Smile Company, Google Cloud Platform, Google Quick Share, Google Workspace, Gramercy Surgery Center, Granit Design, Graphic Solutions Group Inc, Greece’s Land Registry, Green Investment Management, Inc, Greenlight Biosciences, Grupo Jal, Guaranteed Supply Company, Guardian Analytics, Guhring, Hair Club for Men, Ltd, Inc, Hajj and Pilgrimage Organization of Iran, Harry Perkins Institute of Medical Research, Hayden Power Group, HealthCare.gov, Healthed, HealthEquity, Help PDF, Hit Promotional Products, Hokushinko Co, Ltd, Horizon View Medical Center, Hospital Auxilio Mutuo, Hotjar, Hyperice, Indian Ministry of Defence, Indonesian government, Infomedika, Ingo Money, Inc, Ingresse, InHouse Physicians, Injectable Therapy Services, Inc, Insula Group, Intelight X-1, iRacing, Iseto Corp, Island Transportation Corp, Israeli Intelligence, Israeli Security Ministry, ISTA International GmbH, Janna Pharmacy LLC, Jefferson County, KY, Jersey Financial Services Commission (JFSC), JG Summit, Jim Ellis Automotive Group, Joe’s Club, Kadokawa, Kaiser Foundation Hospitals, Karvo Companies, Inc, Kerman Unified, Keytronic, KinetX, KnowBe4, Kofile Technologies, Korean National Police Agency (KNPA), KuiperCompagnons, Kusum Group of Companies, La Salle University, Lago Group Spa, Lake Washington Institute of Technology, LangChain, Laurentian University, Law Office of Omar O Vargas PC, LCS and Partners, Lebanon Ministry of Health, Leicester City Council, Leidos, LI.FI, Life360, Linux Kernel (SLUBStick), LITE-ON, LivaNova USA, Inc, Liverpool Football Club, Loretto, Los Angeles Superior Court, Loumar, LS Networks, LuLu, Lvivteploenergo, L’Oréal, Macau government, Majestic Metals, Mallox, Manila Health Department, MarineMax, Maybank2u, McDowall Affleck, McLaren Health Care (again), MediSecure, Melchers Singapore, Meridian Internal Medicine, PA, Meta Prompt Guard, Microsoft (several times),  Microsoft 365, Microsoft BITS, Microsoft Copilot, Microsoft Windows (Downgrade), Microsoft Windows Update, MIPS Technologies, Mississippi Blood Services, MNGI Digestive Health, Mobex, Mobile Guardian, Monte Nido, Moonly app, mSpy, Multiplayer.it, multiple VPN services, Mykukun/USBank, Nainital Bank, National Curry Awards, National Payments Corporation of India, National Public Data/Jerico Pictures, Neiman Marcus, Netflix, Netgear Orbi, Netgear WiFi 6 routers, NetOne, Netshoes, Neuro Rehab Associates, Inc, New Jersey City University, New Jersey Oral & Maxillofacial Surgery Associates, Nexera, Nexperia, Nidec Corporation, Nigerian Cloud Service, Nilorngruppen AB, Nokia, Norfolk and Norwich University Hospitals, North Texas Municipal Water District, Northeast Rehabilitation Hospital Network, Northern Ireland Department of Education, Northwest Arkansas Community College, NSA SkillTree, NVIDIA GPU, OakBend Medical, Odyssey Fitness Center, OfficeOps, Ohio School Boards Association, Olympus Financial, OneBlood, OpenAI, Oxfam Hong Kong, Pacific Oaks College, Palo Alto Networks Expedition Migration Tool, PAN, Patelco Credit Union, PDF Pro, Peco Foods, Peruvian Government, Peterson Holding Company, Philippine Department of Migrant Workers, Philips Vue PACS, PHL Variable Insurance Company in Rehabilitation, phpBB, Pick n Pay Group, Pinnacle Bank, Piramal Group, Playa Vista Job Opportunities and Business Services, PlayNow, Port of Tyne, Portuguese Government, Preferred IT Group, PRI, Principal Life Insurance, Proofpoint, Pueblo County School District 70, Pure Storage, Q-Cells, RADIUS, Recology Inc, Recruit Co, Red Art Games, Rencontre-Ados, REPLIGEN, Resolian, Rhode Island Wyatt Detention Facility, RISC-V CPU (GhostWrite), Rite Aid, RiverSoft, Roberts HVAC, Rockwell Automation Logix Controllers, Romanian Government, Ronglian Group, Ronin Network, Roseland Community Hospital Association, Sable International, Samsung Galaxy Secure Vault, SAP AI Core, Saudi FarmGo App, Schlatter Group, Sede Electrónica de la DGT, ServiceNow, SFR, SH Pension, Shadow, Shoe Zone, Shorenstein Realty Services, Sibanye-Stillwater, Singapore Moneylenders Credit Bureau (MLCB), Solarman, SolarWinds Access Rights Manager, Sonic Automotive, South Korean Military, South Suburban College, South Western Communications, Inc, SouthCoast Medical Group, Special Health Resources of Texas, Inc, Splunk, Spytech, Student Transportation of America, Sumter County Sheriff, Sun City Pediatrics, PA, Superior Court of Justice of Mexico City, Surgery Center of Mid Florida, Sutton Dental Arts, SUUMO, Synnovis, Taiyo Kogyo Co, Ltd, TC Capital Asia Limited, Telerik Report Server, TelPro, Texas Alcohol & Drug Testing Service, Texas Electric Cooperatives, The 21st Century Energy Group, The Coffee Bean & Tea Leaf, The Computer Merchant, The Heritage Foundation, The Lutheran Foundation, Therapeutic Health Services, Thompson Creek, Thousands of Ubiquiti cameras and routers, TopNet, Topserve Service Solutions, TPCI, Trello, Tri-Star Display, Trib Total Media, Tribunal Superior de Justicia CDMX, True Blue Environmental, Trump Campaign, TV SAT 364, U Mobile, UAB School of Nursing, uBook, UEFI SecureBoot (PKfail), UK Home Office, United of Omaha Life Insurance Company, United Seating and Mobility LLC, Universitas Indonesia, University of Michigan/Michigan Medicine, US Voter Data, Valisana, Venezuelan Military, Veren Inc, Victoria’s Royal Brighton Yacht Club, Vivamax, Walmart, WazirX, WebTPA Employer Services, LLC, Western Sydney University, Western Wyoming Beverages, WhatsApp, Williams Construction, Windows Smart App Control and SmartScreen, Wise US Inc, Woodstock Hospital, WordPress Modern Events Calendar plugin, WordPress Time Capsule plugin, ZB Financial Holdings, Zeroed-In Technologies, Zoppo, and Zotac have reported hacking or compromises this month.

CrowdStrike published a buggy definition file to Windows-based devices, causing literally tens of millions of devices from Microsoft Azure, Airlines, Hospitals, Media, Banks and much more. The damage from this “update” can not be overstated: they released an untested, defective, definition to all devices within a 87 minute window and the “fix” to restore access on modern hardware requires a complex process involving decrypting the drive and removing the defective definition file from a system folder. This is already being called the largest IT outage in history. Locally, it even hit Chicken Ranch Casino.

Delta Air LinesGoogle Ads, iCloud Private Relay, iRacing, Microsoft Azure, Microsoft 365, and Microsoft 365 Admin Center have suffered from outages this month.

Last months updates broke signed WDAC policies, Office Click-to-Run updates, tens of millions of computers (CrowdStrike), Google Password Manager, Bitlocker-encrypted devices, Remote Desktop, Microsoft Connected Cache, Microsoft Photos app, Microsoft 365 Defender, and Windows Update.

Stop using Zelle. The fraud risk is too high, and banks don’t care if you’re defrauded. Robots are not your friendsThe US Postal Service has been sharing your private information with Meta, LinkedIn and Snap. Microsoft – the organization primarily behind mandating DMARC – is sending Data Breach Notifications that fail their own DMARC rules

DigiCert is still breaking trust with the world by allowing malicious certificates to be preserved, in the name of ensuring maximum availability…for maliciously created certificates?

Hackers are much faster at exploiting vulnerabilities than vendors are in discovering and patching them. The US federal agency tasked with tracking known vulnerabilities (NIST) is seeing a growing backlog which could exceed 30,000 records in only a few short months.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is enormous this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released 56 updates to address 102 vulnerabilities in .NET and Visual Studio, Azure Connected Machine Agent, Azure CycleCloud, Azure Health Bot, Azure IoT SDK, Azure Stack, Line Printer Daemon Service (LPD), Microsoft Bluetooth Driver, Microsoft Copilot Studio, Microsoft Dynamics, Microsoft Edge, Microsoft Local Security Authority Server (lsasrv), Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office PowerPoint, Microsoft Office Project, Microsoft Office Visio, Microsoft Streaming Service, Microsoft Teams, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Reliable Multicast Transport Driver (RMCAST), Windows Ancillary Function Driver for WinSock, Windows App Installer, Windows Clipboard Virtual Channel Extension, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Compressed Folder, Windows Deployment Services, Windows DWM Core Library, Windows Initial Machine Configuration, Windows IP Routing Management Snapin, Windows Kerberos, Windows Kernel, Windows Kernel-Mode Drivers, Windows Layer-2 Bridge Network Driver, Windows Mark of the Web (MOTW), Windows Mobile Broadband, Windows Network Address Translation (NAT), Windows Network Virtualization, Windows NT OS Kernel, Windows NTFS, Windows Power Dependency Coordinator, Windows Print Spooler Components, Windows Resource Manager, Windows Routing and Remote Access Service (RRAS), Windows Scripting, Windows Secure Boot, Windows Secure Kernel Mode, Windows Security Center, Windows SmartScreen, Windows TCP/IP, Windows Transport Security Layer (TLS), Windows Update Stack, Windows WLAN Auto Config Service, and MSRT. This includes security updates. A reboot is required.

Apple released updates for macOS Sonoma 14.6.1, macOS Ventura 13.6.9, macOS Monterey 12.7.6, iOS 17.6.1, iOS 16.7.10, iPadOS 17.6.1, iPadOS 16.7.10, tvOS 17.6, watchOS 10.6, visionOS 1.3, and Safari 17.6. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.6.1 and 16.7.10 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.6.1 and 16.7.10 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.6 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.6 is a security update. Use System, Software Update to install the most current version.

visionOS 1.3 is a security update. Use Settings, General, Software Update to install the most current version.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.7.1 resolves several bugs and incompatibility issues, improves performance and introduces AntiLag 2. This is not a security update.
https://www.amd.com/en/support

BullZip PDF Printer 14.5.0.2974 is a security update.
https://www.bullzip.com/products/pdf/info.php#download

Nearly every Epson ET Series (EcoTank) and WF Series (WorkForce) printer has received an update to their firmware in the last week, with no details on what is included. Instead of listing them all here, assume it applies to your device, too. This should be treated as a security update. Use the Epson Software Updater to install the current firmware on your Epson ET printer.
https://epson.com/Support/Printers/

goxlr-utility 1.1.2 resolves several bugs and improves stability and reliability. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

GSLite 20240711 is a security update.
https://www.bullzip.com/products/pdf/download.php

MTPdrive 4.4.166 resolves a couple bugs. This is not a security update.
https://www.mtpdrive.com/

UniFi Network Server 8.3.32 adds support for customer NAT rules, feature and control improvements and resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.68.137 is a security update.
https://brave.com/

Google Chrome 127.0.6533.99 is a security update.
https://www.google.com/chrome/

Microsoft Edge 127.0.2651.98 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 129.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Vivaldi 6.8.3381.53 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

ProtonMail (Android) 4.0.17 resolves several bugs. This is not a security update.
https://proton.me/mail/download

Spark 3.17.0.82433 introduces Meet with and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.0.82432 introduces Meet with and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.1.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.13 fixes a crash bug and improves licensing behavior. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.1.1 resolves several bugs and adds heirarchical tag support. This is not a security update.
https://anydesk.com/en/downloads

curl 8.9.1 resolves several bugs and improves input sanitization. This should be treated as a security update.
https://curl.haxx.se/windows/

DNSDataView 1.75 adds support for loading domains from a file. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 205.4.5765 doesn’t provide a change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.3.0.13.211 is a security update.
https://www.messenger.com/desktop

FileZilla Client 3.67.1 resolves a confirmation dialog bug and updates library. This is not a security update.
https://filezilla-project.org/

Google Drive 95.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

MeshCentral 1.1.27 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.19353 implements new virtualization behavior. This should be treated as a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.4 resolves dozens of bugs and updates dependencies. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.14.26.1 resolves several bugs and implements new configuration and statistical options. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.22.5 implements several network changes for privacy and security. This is a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.93 resolves several bugs. This is not a security update.
https://pocketnet.app/

Signal (Android) 7.13.3 adds landscape support. This is not a security update.
https://signal.org/android/apk/

Signal 7.19.1 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Syncthing 1.27.10 resolves a couple bugs. This is not a security update.
https://syncthing.net/

Telegram 5.3.2 resolves a crash bug. This is not a security update.
https://telegram.org/

Trillian 6.5.0.42 resolves almost a dozen bugs and updates emoji. This is not a security update.
https://www.trillian.im/

Zoom 6.1.6.43767 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Grayjay 253 resolves several bugs. This is not a security update.
https://grayjay.app/index.html

3tene 4.0.8 resolves a couple cosmetic bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.1 adds new compression options, EQ improvements and improves keyboard shortcuts, in addition to dozens of resolved bugs. This is not a security update.
https://www.bitwig.com/download/

darktable 4.8.1 resolves several bugs. This is not a security update.
https://www.darktable.org/

Plex Desktop 1.99.0.210 resolves sevveral bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.65.4.206 updates libraries. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.4.8679 improves TVDB support and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Lego Studio 5.6 resolves a stability bug. This is not a security update.
https://www.lego.com/en-us/ldd

Minecraft Server (Bedrock) 1.21.20.03 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21.1 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PS5 2024.723 adds option to share links to public games and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.07.17 resolves a couple bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.08.09 improves update engine and resolves over 20 bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat Reader 24.002.21005 and 24.001.30159 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-57.html

Adobe Bridge 13.0.9 and 14.1.2 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-59.html

Adobe Commerce 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, and 2.4.4-p10 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-61.html

Magento Open Source 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, and 2.4.4-p10 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-61.html

Adobe Dimension 4.0.2 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb24-47.html

Adobe Illustrator 28.6 and 27.9.5 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-45.html

Adobe InCopy 19.5 and 18.5.3 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb24-64.html

Adobe InDesign ID19.5 and ID18.5.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-56.html

Adobe Photoshop 24.7.4 and 25.11 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-49.html

Adobe Substance 3D Designer 14.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-67.html

Adobe Substance 3D Sampler 4.5.1 is a security update.
https://helpx.adobe.com/security/products/substance3d-sampler/apsb24-65.html

Adobe Substance 3D Stager 3.0.3 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-60.html

Audacity 3.6.1 adds new themes, FFmpeg 7 support, new compressor, limiter, master effects, improved performance and resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.16.0 is a security update.
https://calibre-ebook.com/

Kindle for PC 2.4.70946 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 24.2.5 resolves over 80 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.8.11.1812 adds ability to send emails via HTTP and changes Freight-in behavior. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.12.7 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.6.9 improves installer and resolves over 25 bugs. This not a security update.
https://notepad-plus-plus.org/

PDF Candy Desktop 3.09 doesn’t provide a change log so should be treated as a security update.
https://pdfcandy.com/

QuickBooks Pro 2022 20240529-R16_30 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240529-R13_30 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Runtime 8.0.8 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Chainsaw 2.9.2 improves amcache hive processing. This should be treated as a security update.
https://github.com/countercept/chainsaw

FSS 2024.8.12 doesn’t provide a detailed change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

Java 8u421 is a security update.
https://www.java.com/en/download/manual.jsp

JShelter 0.19 weakens security implementation in order to comply with Manifest v3. This is not a security update.
https://jshelter.org/install/

Microsoft Edge Policy 2024.08.07 adds several new policies and obsoletes two. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

QubesOS 4.2.2 is a security update.
https://www.qubes-os.org/downloads/

RogueKiller 15.18.0 updates engine and theme platform, resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SmartSniff 2.30 adds support for the SAPICS geo data. This is not a security update.
https://www.nirsoft.net/utils/smsniff.html

Stinger 13.0.0.155 adds new detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.6 adds support for Dangerzone, updates libraries and resolves several bugs. This is a security update.
https://tails.net/install/download/index.en.html

uBlock Origin 1.59.0 resolves several bugs and improves perforamnce and reliability. This may be the last version to support Chromium-based browsers due to the Manifest v3 changes that limit much of the very capabilities that uBlock Origin requires. Time for Firefox.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.2.2 resolves several bugs. This is not a security update.
https://obsproject.com/

SnagIt 24.2.1 improves video recorder, performance, automated installation and resolves several bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.4 resolves several bugs and adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Exact Audio Copy 1.8 resolves a metadata parsing problem. This is not a security update.
https://www.exactaudiocopy.de/en/

HandBrake 1.8.2 updates libraries and resolves several bugs. This is not a security update.
https://handbrake.fr/

StreamFab 6.1.9.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.0 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

e-Sword 14.1 improves mobile integration and adds ability to convert Topic Notes to a Reference Book and export notes. This is not a security update.
https://www.e-sword.net/

Zotero 7.0 is a major update and adds several new features, performance improvements, cosmetic improvements and resolves dozens of bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.39 resolves a dozen bugs and disables the option to reset settings. This is a security update.
https://1password.com/downloads/

7-Zip 24.08 resolves several bugs. This is not a security update.
https://www.7-zip.org/

Beyond Compare 5.0.1.29877 resolves over a dozen bugs. This is not a security updte.
https://www.scootersoftware.com/download

Bitwarden 2024.7.3 improves secrets manager and provider portal controls, and adds vault item keys for each item. This is a security update.
https://bitwarden.com/

CCleaner 6.26.11169 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Dell OS Recovery Tool 2.4.0.7813 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 11.32.1 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 4.2.0.814 adds Btrfs and large cluster NTFS support, increases file limits, and resolves several bugs. This is not a security update.
https://dmde.com/

dnGrep 4.2.46.0 resolves several bugs, improves display behavior, and updates libraries. This is a security update.
https://dngrep.github.io/

DriverView 1.51 adds support for Windows 11 24H2. This is not a security update.
https://www.nirsoft.net/utils/driverview.html

Eraser 6.2.0.2994 doesn’t provide a change log so should be treated as a security update.
https://eraser.heidi.ie/download/

Everything 1.4.1.1026 updates localization. This is not a security update.
https://www.voidtools.com/

Fing 3.7.0 resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Free Virtual Serial Ports 6.03.00.1321 resolves several bugs. This is not a security update.
https://freevirtualserialports.com/

Git SCM 2.46.0 resolves dozens of bugs. This should be treated as a security update.
https://git-scm.com/

grepWin 2.1.5 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

Homedale 2.12 improves cosmetics. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.06 resolves several bugs and updates hardware support. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.54 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

Inkchip WIC 1.18 doesn’t provide a change log so should be treated as a security update.
https://inkchip.net/wic/

IsMyHdOK 3.99 resolves a couple bugs and improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 2.1.1 improves extraction behavior. This is not a security update.
https://lessmsi.activescott.com/

LiveTcpUdpWatch 1.55 adds custom context menu, new columns and resolves a clipboard bug. This is not a security update.
https://www.nirsoft.net/utils/live_tcp_udp_watch.html

MobileFileSearch 1.49 adds option to export all items. This is not a security update.
https://www.nirsoft.net/utils/mobile_device_file_search.html

NetworkOpenedFiles 1.63 adds number of open files to the tray tooltip. This is not a security update.
https://www.nirsoft.net/utils/network_opened_files.html

NTLite 2024.7.10001 resolves two crash bugs. This is not a security update.
https://www.ntlite.com/download/

PointerStick 6.41 updates language support and compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.83.0 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 4.01 adds process start timestamp and improves cosmetics. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/procmon

QuickSetDNS 1.36 adds an indicator in the tray tooltip for the current DNS service. This is not a security update.
https://www.nirsoft.net/utils/quick_set_dns.html

RoboForm 9.6.2 resolves several bugs. This is not a security update.
https://www.roboform.com/

ScreenConnect 24.2.8.8987 resolves several bugs, including those that broke instances and prevented interacting with older devices. This is not a security update.
https://screenconnect.connectwise.com/download

Sysmon 15.15 resolves a stability bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TraceRouteOK 3.44 updates language support and compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinGet 1.8.1911 improves compatibility. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.91 updates language support and compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.20 improves performance and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

ADB 35.0.2 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2024.1.1.13 improves compatibility. This is not a security update.
https://developer.android.com/studio

cx_Freeze 7.2 resolves dozens of bugs and updates libraries. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

DB Browser for SQLite 3.13.0 adds new features including tab support, updates libraries, and resolves several bugs. This is a security update.
https://sqlitebrowser.org/

GameMaker Studio 2024.06.2.162 resolves a crash bug. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.4.208 resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.3 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.0 introduces telemetry, improves env, tidy, and list commands, as well as modifying behavior for several modules and libraries. This is not a security update.
https://go.dev/

Inno Setup 6.3.3 improves support for ASLR. This should be treated as a security update.
https://www.jrsoftware.org/isdl.php

Node.js 20.16.0 updates libraries and resolves dozens of bugs. This should be treated as a security update.
https://nodejs.org/en/

Node.js 22.6.0 updates libraries and resolves dozens of bugs. This should be treated as a security update.
https://nodejs.org/en/

Python 3.12.5 resolves dozens of bugs. This is a security update.
https://www.python.org/downloads/windows/

SQLite 3.46.1 improves tokenization, query planner, error reporting and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.92.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.42.1 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.20 improves compatibility and resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.18 resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

Piwigo 14.5.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.6.1 resolves dozens of bugs and adds many new features and cosmetic controls. This is not a security update.
https://wordpress.org/

Autoptimize 3.1.12 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 14.0.0 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.8 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.10.2 improves compatibility. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Multisite Enhancements 1.7.1 improves stability. This is not a security update.
https://wordpress.org/extend/plugins/multisite-enhancements/

Redirection 5.5.0 adds support for multiple URL and WP page type redirects. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

My Sticky Bar 2.7.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Sucuri Security 1.9.2 improves cosmetics. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WPBakery 7.8 resolves several bugs. This is a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2023-11-14

Happy Thanksgiving, Folks!

Today is Patch Tuesday for November, 2023. It’s ugly.

This month brings a new version of Windows 11 (v23H2), critical security updates for all supported Apple products, and (literally) new security updates for every browser every single week since the last update cycle on October 10th. That’s on top of the 190+ major hacks, and over 205 application updates this month. Prepare yourself, there will be about 5 GB of updates for most devices this month.

The new Windows Copilot AI feature is now enabled by default in Windows 10 and 11, but can be disabled either in the deep settings or within group policy.

This Month in Technology

1Password, 23andMe, Accenture, Ace Hardware, Advarra, Air Canada, Air Europa, Allen & Overy, Allied Pilots Association, AlohaCare, American Family Insurance, Ampersand, Android 13, AndroidLista, Apache ActiveMQ, Apple Safari, Apple “Find My”, Atlas Healthcare CT, Atlassian Confluence, Avito, BHI Energy Health and Welfare Benefits Plan, BHI Energy I Specialty Services LLC, BHS Physician Network, Inc., Boeing, British Library, Bukalapak, BulletProftLink, Bureau van Dijk, Cadence Bank, Caesars Entertainment, Inc., Casio, CCleaner, Chess, Cisco IOS XE, City of Philadelphia, City of Victorville, California, Clark County School District (CCSD), Colonial Pipeline, Counseling and Recovery Services of Oklahoma, Crum & Forster, D-Link, Dakota Eye Institute, Deer Oaks Behavioral Health, 22 companies overseeing energy infrastructure in Denmark, District of Columbia Board of Elections, DP World Australia, Drug Free Workplaces USA, LLC, Edward C. Taylor, PhD., PL, eleHealth, Ethereum wallet system, European government email servers, F5 BIG-IP, Fidelity National Information Services, Inc., Financial Asset Management Systems, First Judicial Circuit, Fitmart, Five Guys Enterprises, LLC, Frax Outsourcing, Frazier & Deeter, LLC, Fredericksburg Foot & Ankle Center, PLC, GameSprite, GamingMonk, GPD Holdings LLC (CoinFlip), Grammarly, Greater Rochester Independent Practice Association, Inc., Growers Express, LLC, Grupo GTD, Healthsoft LLC, Helping the Aging Needy and Disabled Inc, Henry Schein, Hill International, Inc, Hospital & Medical Foundation of Paris, Inc, Hospital Sisters Health System, Indian state government, Industrial and Commercial Bank of China (ICBC)…which paid the ransom, International Criminal Court, IPM Healthcare DBA Boomerang Healthcare, Jeffco Public Schools, Juniper devices, Jupyter Notebooks, JustSystems Corporation Ichitaro, Kansas Supreme Court, Kwik Trip, Kyocera AVX Components Corporation (KAVX), La Red Health Center, LastPass, LCS Financial Services, LDLC ASVEL, Lennar Corporation, Life Generations Healthcare LLC, Lobel Financial Corporation, Longhorn Village, macOS, Marina Bay Sands, Mattson Technology, Inc., McLaren Health Care, MemeChat, Microsoft Exchange, Morrison Community Hospital, Mozi IoT Botnet, Mr. Cooper, Napa Integrated Medicine PC, NASCO, NetScaler ADC and NetScaler Gateway appliances, New York Life Insurance Company, Northern Iowa Therapy PC, Okta (again and again), OrthoAlaska, LLC, Oscar Insurance Company of Florida, Pacific Clear Vision Institute, Pacific Union College, Peerstar LLC, Pennsylvania General Store, peplink Surf SOHO, Perry Johnson & Associates, Personify Care, Pharmacy Group of Mississippi, LLC, Phoenix, Pisenti & Brinker LLP, Postmeds, Inc./Truepill, Progress Software MOVEit, Progressive Leasing, Prolific Puma, Pypl, QNAP QTS, Radius Global Solutions, RagnarLocker ransomware, Redcliffe Labs, Refresco Beverages US Inc., Resort Data Processing, Inc., Revival Animal Health, Riverside County Office of Education, Roundcube Webmail, Royal Elementor, Samsung Galaxy S23, San Diego PACE, San Francisco Jazz Organization, Sberbank, Seiko, Shadow PC, Simpson Manufacturing, Singing River Health System, 1 million Windows and Linux hosts using SMBv1, SoftEther VPN, SolarWinds Access Rights Manager, South River Technologies Titan MFT and Titan SFTP, Sphero, Stanford University, Stars Arena, State of Maine, Sumo Logic, Sun Life Financial, Sutter Health, SysAid, Taylored Service Parent Co., TeamCity, The Chattanooga Heart Institute, The Commerce Insurance Company (MAPFRE Insurance), The Hilb Group Operating Company, LLC, The Newtron Group, LLC, Toronto Public Library, Toumei, Town of Iowa, Louisiana, Transaction Data Systems, TransForm, Tri Counties Bank, Tri-City Medical Center, Trigona ransomware gang, Trust Benefit Technologies, LLC, Tunngle, 11 Ukrainian telcos, University Federal Credit Union, University of Michigan, University of Missouri, User Submitted Posts WordPress plugin, Veeam ONE IT, Vidio, VMware vCenter Server, VMware vRealize Log Insight, WACOSA, Wescom Central Credit Union, West Texas Gas, Westat, Inc., Western Washington Medical Group, Weston Embedded uC-HTTP HTTP Server, Women Political Leaders Summit, WS_FTP, Wyze Cam v3, Yifan YF325, Zhefengle have reportedly been hacked or compromised this month.

In what should be no surprise to 40,000 people, yes, leaving the default “admin” password will get you hacked.

Cloudflare, OpenAI/ChatGPT, Outlook.com, and the Toronto Public Library have suffered from outages this month.

Last months updates broke .NET 6.0 security patches, .NET 7.0 security patches, Apple device integration with Enterprise Single Sign On, Hosted Exchange, HP motherboards, Hyper-V, Microsoft 365 admin system, Microsoft 365, MS Office, Outlook Desktop, Rivian infotainment systems, Veeam RCT, VMware ESXi, Windows desktop icons, Windows Server 2022 VMs on VMware ESXi, Windows Update, and WSUS.

Microsoft violated (again) their promise not to push bloatware on LTSC.

Microsoft also introduced over 110 security vulnerabilities (discovered so far…) to Microsoft 365 by integrating SketchUp 3D capabilities.

Sadly, Microsoft has also disabled the free upgrade to Windows 10 from Windows 7 and 8. Until about a month ago it was still possible to upgrade older machines to Windows 10 without having to purchase a license. Now it is no longer possible.

Microsoft has also changed Authenticator behavior to suppress notifications for “risky sign-ins.” The idea is that when a login occurs from an unlikely source, somewhere you have not logged in before or a country you’re unlikely to be in, they can prevent the out-of-the-blue popup asking if you’re trying to log in. Unfortunately, if you’ve reused passwords, or used weak passwords, then this will increase the likelihood of a random calls “from microsoft” or “your IT department” asking you to “verify that you still have access to account” by opening the authenticator and actively approving the login. This kind of UI behavior teaches people to be less wary since they have to then go out of their way to “prove” themselves, which is something most humans innately want to do. It’s going to be bad. To reduce the risk please use strong, unique, random passwords to lessen the risk of successful password spraying attacks.

Microsoft extended the security update support period for Windows Server 2012 to October 2026.

LBRY, Inc is finally throwing in the towel after years of fighting the SEC. LBRY is the organization behind the best (IMHO) video and data sharing service in the world, and was targeted because the federal government chooses not to understand crypto. LBRY is dead, long live LBRY!

The US is leading an alliance to never pay ransom to cybercriminals. A US court has ruled that it is not a privacy violation for your car to harvest your contacts, texts and call logs even when you do not grant those permissions. The SEC has charged SolarWinds and their CISO with fraud over the massive hack in late 2020.

Not only is it foolhardy to assume that any automated system could prevent abuse by 100% of the advertisers, Google’s own data shows that the number of malicious ads they have detected has increased by over 50% in the last year.

The “they have detected” clause is the important takeaway from that statement. Google has over a thousand dedicated people within their ad review department whose sole purpose is to detect and block malicious advertisements, and ads that violate any other policies. Even with that, many people that interact with ads still don’t realize they’re advertisements or are taken to malicious or fraudulent sites. They simply can not detect all malicious advertisements.

Now that Google is pushing a new ad-blocker war via YouTube, it’s actually increasing the number of people that realize that they can, and should, take action to block advertisements. Is it any wonder why people are increasingly blocking ads? You should, too. Start with uBlock Origin. Blocking advertisements is not just about security, though, it could help save the planetNeed help? Ask.

Moody’s has downgraded the US financial outlook to “negative”.

Now for the good news:

According to the CDC there are now record-high childhood vaccine refusals across the country. It’s about time.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released updates to address 83 vulnerabilities in .NET Framework, ASP.NET, Azure, Azure DevOps, Microsoft Dynamics, Microsoft Dynamics 365 Sales, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Remote Registry Service, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Search Component, Microsoft Windows Speech, Open Management Infrastructure, Tablet Windows User Interface, Visual Studio, Visual Studio Code, Windows Authentication Methods, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Compressed Folder, Windows Defender, Windows Deployment Services, Windows DHCP Server, Windows Distributed File System (DFS), Windows DWM Core Library, Windows HMAC Key Derivation, Windows Hyper-V, Windows Installer, Windows Internet Connection Sharing (ICS), Windows Kernel, Windows NTFS, Windows Protected EAP (PEAP), Windows Scripting, Windows SmartScreen, Windows Storage, and MSRT (~ 2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Monterey 12.7.1, macOS Ventura 13.6.2, macOS Sonoma 14.1.1, iOS 15.8, iOS 16.7.2, iOS 17.1.1, iPadOS 15.8, iPadOS 16.7.2, iPadOS 17.1.1, Safari 17.1, tvOS 17.1, and watchOS 10.1.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.8, 16.7.2, and 17.1.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.8, 16.7.2, and 17.1.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.1.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 118.0.5993.123/124 and 114.0.5735.339 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 39-1.5 is a major update, adding cosmetic, networking, security and other improvements, and updates libraries. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.11.1 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 12.0.0 is a major update with a redesign, improves search and resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Display Driver Uninstaller 18.0.6.9 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.2.19 updates libraries and resolves several bugs. This is a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Nvidia Driver 474.66 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Samsung DeX 2.4.1.22 doesn’t provide a change log so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

Wacom Driver 6.4.4-3 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.60.114 resolves dozens of bugs. This is a security update.
https://brave.com/

Google Chrome 119.0.6045.123 is a security update.
https://www.google.com/chrome/

Microsoft Edge 119.0.2151.58 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 119.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.4.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 6.4.3160.42 is a security update.
https://vivaldi.com/

Microsoft Edge WebView2 119.0.2151.44 is a security update.
https://developer.microsoft.com/en-us/microsoft-edge/webview2/

Email Updates

One or more of these are likely to be of interest to everyone.

DavMail Gateway 6.2.0 updates dependencies and resolves several bugs. This is a security update.
https://davmail.sourceforge.net/

Spark 3.10.2 adds Spark Integrations and +AI to improve automation and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.10.2.61166 adds Spark Integrations and +AI to improve automation and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.4.2 resolves several bugs. This is not a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.6 adds dark mode, improves key handling, improves UI, and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 7.2.3 vastly improves key handling and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.57 improves compatibility with Opera. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.4.0 adds support for IPFS and resolves more than 100 bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 186.4.6207 improved hard drive space controls. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 199.0.0.9.236 is a security update.
https://www.messenger.com/download

FileZilla Client 3.66.1 improves stability and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 13.1 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 84.0 is a security update.
https://drive.google.com/start

Microsoft Teams 1.6.00.29964 adds SMS notifications, unique join links, workflows within channels and resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 27.1.3 is a security update.
https://nextcloud.com/

Npcap 1.78 is a security update.
https://nmap.org/npcap/

Pocketnet-GUI 0.8.67 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.64.2 resolves several bugs. This should be treated as a security update.
https://rclone.org/

Signal 6.38.0 improves contact management, voice and video calls. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.39.3 improves contact management. This is not a security update.
https://signal.org/android/apk/

Skype 8.106.0.212 resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.26.0 resolves several bugs. This should be treated as a security update.
https://syncthing.net/

Technitium DNS Server 11.5.3 resolves several bugs. This follows shortly after a security update, so should be treated as a security update.
https://technitium.com/dns/

Telegram (Android) 10.2.3 doesn’t provide a changelog so should be treated as a security update.
https://telegram.org/apps

Telegram 4.11.8 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.16.6.24712 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.13 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.0.11 resolves several bugs. This is not a security update.
https://www.bitwig.com/download/

iTunes 12.13.0.9 is a security update.
https://www.apple.com/itunes/download/

Picard 2.10 is a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.81.0.4012 adds Discover Together and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.50.1.4014 improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.8.7639 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.20 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.8.2.108 improves stability. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.180 resolves several bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.23.10_1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Minecraft Server (Bedrock) 1.20.41.02 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 17.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 23.02-08.20.02 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

SteamOS SteamDeck Update 2023-11-13 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat and Reader DC 23.006.20380 is a security update.
https://get.adobe.com/reader

Adobe Acrobat and Reader 20.005.30539 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb23-54.html

Adobe After Effects 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb23-66.html

Adobe Animate 23.0.3 and 24.0 are security updates.
https://helpx.adobe.com/security/products/animate/apsb23-61.html

Adobe Audition 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/audition/apsb23-64.html

Adobe Bridge 13.0.5 and 14.0.1 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb23-57.html

Adobe ColdFusion 2021.12 and 2023.6 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html

Adobe Dimension 3.4.10 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb23-62.html

Adobe FrameMaker Publishing Server 2022.1 is a security update.
https://helpx.adobe.com/security/products/framemaker/apsb23-58.html

Adobe InCopy 18.5.1 and 19.0 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb23-60.html

Adobe InDesign 18.5.1 and 19.0 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb23-55.html

Adobe Media Encoder 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb23-63.html

Adobe Photoshop 24.7.2 and 25.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb23-56.html

Adobe Premiere Pro 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html

Adobe RoboHelp Server 11.5 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html

Artweaver 7.0.16 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Audacity 3.4.1 adds musical view, pitch controls, and resolves a dozen bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 3.6.5 doesn’t provide a detailed change log so should be treated as a security update.
https://www.blender.org/download/

Calibre 6.29.0 resolves several bugs, improves zoom control, and adds a command line option to open a new instance. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.02.1 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GIMP 2.10.36 is a security update.
https://www.gimp.org/

ImageMagick 7.1.1-21 is a security update.
https://imagemagick.org/

Kdenlive 23.08.3 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.1.70471 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Krita 5.2.1 improves various features and resolves dozens of bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice 7.5.8 resolves more than a dozen bugs. This is not a security update.
https://www.libreoffice.org/

Manager 23.11.13.1143 resolves several bugs. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.10.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.5.8 resolves more than a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.11 resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.1.2.382 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

QuickBooks Pro 2022 R13_09 improves migration assistant and resolves several bugs. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 R6_25 resolves resolves a major billing bug. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2024 20230817-R3_61 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

SumatraPDF 3.5.2 resolves several bugs. This is not a security update.
https://www.sumatrapdfreader.org/download-free-pdf-viewer

Security Software Updates

One or more of these is likely to be of interest to most people.

JShelter 0.17 adds several new controls and features. This is not a security update.
https://jshelter.org/install/

KeePass 2.55 resolves more than a dozen bugs and adds several new features. This is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.6.5 improves compatibility and resolves a couple bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.1.4 is a security update.
https://www.openssl.org/

ProtonVPN (macOS) 4.0.0 improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.13.0 is a security update.
https://www.adlice.com/download/roguekiller/

Stinger 12.2.0.664 adds support for several new detections. This should be considered a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1258 is a security update.
https://www.superantispyware.com/download.html

Tails 5.19 is a security update.
https://tails.boum.org/install/dvd/index.en.html

Tron 2023-10-17 is a security update.
https://www.bmrf.org/repos/tron/

uBlock Origin 1.53.4 improves stability.
https://github.com/gorhill/uBlock/releases/latest

Wireless Network Watcher 2.40 adds columns for IPv6 Address and Link Local IPv6 Address. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.0.0 is a major update which removes support for older platforms, adds support to new features and capabilities, and resolves over 50 bugs. This should be treated as a security update.
https://obsproject.com/

SnagIt 24.0.1 resolves several bugs, improves performance and adds output to Teams. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.0.4 resolves dozens of bugs and adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 20231114 adds caption decoding. This is not a security update.
https://ffmpeg.org/ffmpeg.html

StreamFab 6.1.4.9 improves compatibility and resolves dozens of bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.0.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.30 is a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

.NET Runtime 7.0.13 and 8.0.0 are security updates.
https://dotnet.microsoft.com/en-us/download/dotnet

1Password 8.10.18 resolves over a dozen bugs. This is not a security update.
https://1password.com/

Agent Ransack 2022.3416 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AMD Ryzen Master 2.11.2.2659 is a security update.
https://www.amd.com/en/technologies/ryzen-master

AOMEI Partition Assistant 10.2.1 improves compatibility. This is not a security update.
https://www.diskpart.com/

Beyond Compare 4.4.7.28397 improves stability and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 2023.10.1 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.17.10746 improves junk cleaning. This is a security update.
https://www.ccleaner.com/

CurrPorts 2.76 adds option to show only incoming TCP connections. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Dell Command Update 5.1.0 is a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

Dell OS Recovery Tool 2.3.2.7523 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 11.13 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.0.129.0 updates libraries and resolves several bugs. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2023-11-01 adds support for secret rotation, resolves a couple bugs, and improves compatibility. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.3.2 resolves a couple bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.52 adds support for Windows 11 23H2. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3416 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.5.1 improves stability and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Go 1.21.4 is a security update.
https://go.dev/

GoodSync 12.4.5 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

HDD Raw Copy 1.20 doesn’t provide a change log so should be treated as a security update.
https://hddguru.com/software/HDD-Raw-Copy-Tool/

HWiNFO 7.66 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

Java 8u391 is a security update.
https://www.java.com/en/download/manual.jsp

NConvert 7.163 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NetworkInterfacesView 1.35 adds support for IPv6 addresses and IPv6 DNS servers. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

NTLite 2023.11.9477 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.10.2 is a security update.
https://osquery.io/downloads

PingInfoView 3.01 adds support for IPv6, sorting, reporting improvements, and resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.75.1 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.5.4 reduces nags and resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 4.3 adds support for Windows 11 23H2, improves compatibility, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.8.5.8707 is a security update.
https://www.connectwise.com/software/control/download

Sysmon 15.11 improves performance and resolves a couple bugs. This is a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon

TcpLogView 1.40 adds option to show only incoming connections. This is not a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

VMMap 3.4 adds support for .NET 6 and higher. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/vmmap

WinGet 1.6.3133 adds support to configure behavior and resolves several bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.68 improves performance and reliability. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.16 adds several new features, cosmetic and reliability improvements, and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomIt 7.2 adds highlighter and blur and microphone selection. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

ADB 34.0.5 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2022.3.1.21 resolves a couple issues with Gradle. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.5 resolves several bugs. This is not a security update.
https://desktop.github.com/

Godot 4.1.3 resolves several bugs. This is not a security update.
https://godotengine.org/

Microsoft Visual C++ 2022 Redistributable 14.36.33130.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

MySQL ConnectorNet 8.2.0 updates libraries and resolves a couple bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.35 resolves over a dozen bugs. This is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 18.18.2 is a security update.
https://nodejs.org/en/

Node.js 20.9.0 is a security update.
https://nodejs.org/en/

Node.js 21.2.0 resolves several bugs, updates libraries, and provides dozens of improvements. This is a security update.
https://nodejs.org/en/

SQLite 3.44.0 provides more than a dozen improvements and bug fixes. This should be treated as a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.84.2 resolves several bugs. As of 1.84 Microsoft has dropped support for 32-bit versions of Visual Studio. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.34 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.16.6 resolves several bugs. This is not a security update.
https://www.ppsspp.org/download/

VirtualBox 7.0.12 resolves dozens of bugs. This should be treated as a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.0 resolves dozens of bugs. This is a security update.
https://www.humhub.com/en

Invision Community 4.7.14 resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

Joomla 5.0.0 and 4.4.0 are both major updates with many new features, compatibility improvements, and bug fixes. These are not security updates.
https://www.joomla.org/

ownCloud Client 5.1.2 is a major update improving compatibility, performance, stability and resolving many bugs. This is not a security update.
https://owncloud.com/desktop-app/

ownCloud Server 10.13.2 updates depenendencies and resolves several bugs. This is a security update.
https://owncloud.com/download-server/

WordPress 6.4.1 is the third update to WordPress in the last month, following several security issues.
https://wordpress.org/

Autoptimize 3.1.10 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 11.4.0 improves stability and compatibility. This is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.8.2 improves stability and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.7 resolves a couple bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar (formerly myStickymenu) 2.6.5 rebrands, adds a couple features, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.66 improves compatibility and resolves a notification bug. This is not a security update.
https://wordpress.org/extend/plugins/postie/

Show IDs 1.1.10 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

W3 Total Cache 2.6.0 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.2.2 resolves several bgus. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.10.0 improves OAuth integration and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WP Plugin Update Checker 5.3 resolves a couple bugs. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

WPBakery 7.2 adds AI support and resolves several bugs. This is not a security update.
https://wpbakery.com/

WPtouch 4.3.55 resolves several bgus. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/