Updates 2021-05-11

Welcome back, Folks!

Today is Patch Tuesday for May, 2021. There have been a couple dozen major hacking incidents and critical security issues, and every browser has now continued their weekly security update cadence through the third month.

This Month in Technology

Apple (Quanta Computer), Apple’s AirDrop, Apple’s iOS 14.5, Apple’s macOS Big Sur 11.3, Cellebrite, Celsius Network, Colonial Pipeline, Dell dbutil, Dominion election hardware, various DNS implementations, mostly on IoT devices, various medical devices, Elliman Property Management, Facebook, Geico, enterprise password app Passwordstate, various Police Departments, Pulse Connect Secure, Tesla’s Model X, and Trend Micro’s Apex One were hacked this month.

Linux banned University of Minnesota from submitting code because they intentionally submitted patches that would have intentionally made Linux devices insecure.

The FBI is violating the Computer Fraud and Abuse Act.

It’s illogical to justify or mandate an experimental treatment that increases your risk for a disease and creates side-effects on its own that are equivalent to the disease. When you can’t win your arguments using actual science you have to ignore the inserts, the numbers, falsify the data, falsify the tests, censor, attack their education, ridicule and intimidate, hide the dead children, secretly destroy the unused ventilators, ignore the tens of thousands of barrels of DDT dumped in the ocean by the same  companies making the experimental vaccines today, make sure nobody knows you have no idea what you’re doing, or just straight-up kill people. A Jedi mind trick or two goes a long way, too. By the way, the COVID-19 mortality rate for vaccinated test subjects dwarfs the rate for the “control group.” France is at least capable of putting two and two together. It’s sad that American doctors can’t.

In a surprise move, Apple & Google have actually stood by their privacy policies forbidding the UK from collecting additional location details through the NHS COVID-19 tracking app. That said, no matter how much they try to limit data exposure, if it’s collected, it can be compromised.

Piracy is bad and FLoC is worse10DLC is a step in the right direction, but will likely only result in increased text messaging forgery.

USPS is violating the first amendment but that pales in comparison to what state and federal governments are doing, and what the Speaker has done to keep her seat. Christianity isn’t illegal, yet. Violence is, but it has proven to be effective anyway, so will continue unabated.

There are still some wins coming in, so I guess we haven’t quite devolved into communism, but it doesn’t look good when censorship is so pervasive and ambiguous, and officials openly engage in fraud during an audit, and blame the victims for being assaulted.

The Epic vs Apple suit is currently underway and has proven to be what you’d expect from a conflict between a monopoly and a video game company. Meanwhile, Apple is now being sued for terminating accounts for customers that have “bought” apps and services through them, and the EU has declared Apple’s App Store a monopoly. Seeing the writing on the wall, Microsoft has lowered it’s Windows Store cut.

Google, which dropped Fortnite last year for violating the terms of a contract, just sidestepped Roku’s removal of the YouTube TV app by inserting the functionality of  YouTube TV app into the YouTube app. Demonstrating the flaws in their app compatibility argument Google broke YouTube TV on their own Chromecast platform during this circus.

Now for the good news:

Dogecoin for the win. Just make sure you are the only one with the keys to your wallet!

Oh, and Samsung is planning to provide a way so you can still make use of some of your archaic hardware.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge – with well over a hundred common applications and operating systems releasing fixes. The typical computer should see roughly 3.2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iCloud for Windows 12.3, iTunes 12.11.3 for Windows, Safari 14.1, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, Xcode 12.5, iOS 14.5.1 and iPadOS 14.5.1, iOS 12.5.3, macOS Big Sur 11.3.1, tvOS 14.5, and watchOS 7.4.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.5.1 and 12.5.3 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 14.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.4.1 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 90.0.4430.100 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 34-1.2 has a lot of changes under the hood, such as UEFI improvements, driver and updated libraries. This is a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v2009) is huge (about 18% larger than v2004, which was 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.3.9 improves diagnostics and removal. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 8.54.106 resolves several bugs. This version does not provide a detailed changelog so should be treated as a security update.
https://www.logitech.com/en-us/product/options

Nvidia 466.27 improves compatibility. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Engine 3.20.0 resolves several bugs. This is not a security update.
https://steelseries.com/engine

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.24.84 is a security update.
https://brave.com/

Google Chrome 90.0.4430.212 is a security update.
https://www.google.com/chrome/

Microsoft Edge 90.0.818.56 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 88.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.10.1 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.7.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 3.8.2259.42 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.9.1 is a security update.
https://getmailspring.com/

Thunderbird 78.10.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.48 adds a QR code toolbar button and resolves a bug in the SaveDirect command-line switch. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 7.76.1 resolves several bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 121.4.4267 doesn’t provide a changelog, so should be treated as a security update.
https://www.dropbox.com/

FreeFileSync 11.10 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Java 8u291 is a security update.
https://www.java.com/en/download/manual.jsp

Npcap 1.31 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 4.3.5 resolves several bugs and improves compatibility. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

PuTTY 0.75 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Technitium DNS Server 6.2.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 2.7.4 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.6.5.823 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.11.3 is a security update.
https://www.apple.com/itunes/download/

Picard 2.6.2 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Media Server 1.22.3.4392 resolves several bugs with collections. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.14 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS4 8.03 improves notification controls and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PlayStation PS5 21.01-03.10.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.9 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.57.0 updates libraries, and resolves several bugs. This is not a security update.
https://atom.io/

LibreOffice Fresh 7.1.3 resolves over a hundred bugs. This is a security update. Be aware that LibreOffice Fresh is a beta version and should be avoided in favor of the Still (stable) version.
https://www.libreoffice.org/

Lightworks NLE 2021.2 resolves dozens of bugs and improves reliability. This is not a security update.
https://www.lwks.com/

Nextcloud Desktop 3.2.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

OpenOffice 4.1.10 is a security update.
https://www.openoffice.org/download/

Paint.net 4.2.16 resolves several bugs. This is not a security update.
https://www.getpaint.net/

Adobe Creative Cloud Desktop Application 5.4.3 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-31.html

Adobe Genuine Service 7.3 is a security update.
https://helpx.adobe.com/security/products/integrity_service/apsb21-27.html

Adobe Acrobat and Reader 2021.001.20155, 2020.001.30025, and 2017.011.30196 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-29.html

Adobe After Effects 18.2 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb21-33.html

Adobe Animate 21.0.6 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-35.html

Adobe Experience Manager 6.5.8.0 and 6.4.8.4 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb21-15.html

Adobe InDesign 16.2.1 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb21-22.html

Adobe Illustrator 25.2.3 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb21-24.html

Adobe InCopy 16.2.1 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-25.html

Magento 2.4.2-p1 and 2.3.7 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-30.html

Adobe Media Encoder 15.2 is a security update.
https://helpx.adobe.com/security/products/media-encoder/apsb21-32.html

Adobe Medium 2.4.5.332 is a security update.
https://helpx.adobe.com/security/products/medium/apsb21-34.html

Security Software Updates

One or more of these is likely to be of interest to most people.

HTTP Toolkit 1.3.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://httptoolkit.tech/

KeePass 2.48.1 improves compatibility and resolves several bugs. This is not a security update.
https://keepass.info/

uBlock Origin 1.35.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.9.6 doesn’t provide a changelog so should be treated as a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Tails 4.18 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.30 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.3.1 resolves two minor bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Education updates

One or more of these are likely to be of interest to most people.

Zotero 5.0.96.2 optimizes online storage and resolves a hang in generating citations. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8.2 resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.6.801 is a security update.
https://1password.com/downloads/windows/

Autoruns 13.100 resolves a crash bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

CCleaner 5.79.8704 adds cleaning of Slack cache, adds ability to wipe free space, and improves debug logging. This is a security update.
https://www.ccleaner.com/

CPU-Z Installer 1.96 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

CurrPorts 2.65 resolves a kernel tracing bug and improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Etcher 1.5.120 is a documentation change. This is not a security update.
https://www.balena.io/etcher/

Fing 2.6.0 adds Deep Scan and updates libraries. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 11.6.6 resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWMonitor 1.44 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NTLite 2.1.0.7862 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.2 adds ability to free up space on Windows partitions by moving apps to another partition. This is not a security update.
https://www.diskpart.com/

PowerToys 0.37.2 updates all components, settings app and configuration, and improves silent installation behavior. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.70 allows constraining the number of events and fixes several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

ProduKey 1.97 adds command-line configuration processing. This is not a security update.
https://www.nirsoft.net/utils/product_cd_key_viewer.html

RoboForm 9.1.3 resolves several bugs. This is not a security update.
https://www.roboform.com/

SearchMyFiles 3.11 adds high-DPI support and adds a sorting as a menu option. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TCPView 4.01 is a cosmetic update. This is not a security update.
https://sysinternals.com/

WinRAR 6.01 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WinScan2PDF 7.07 improves compatibility with Windows. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.41 resolves several bugs. This is not a security update.
https://wiztreefree.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.33.09 resolved several bugs. This is not a security update.
https://www.autohotkey.com/download/

Godot 3.3 improves reliability and adds several new features. This is not a security update.
https://godotengine.org/

MySQL ConnectorNet 8.0.25 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 16.1.0 resolves dozens of bugs and compatibility issues with the new major v16 update to Node.js, which removes support for Python 2 and updates system requirements. This is not a security update.
https://nodejs.org/en/

Node.js 14.17.0 updates libraries, resolves dozens of bugs, improves diagnostic capabilities, and backports several features from stable. This is not a security update.
https://nodejs.org/en/

SQLite 3.35.5 is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.56 improves hover feedback, terminal profile, debugger, and more. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.12 adds ARM64 support and resolves dozens of bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.22-144080 is a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.12 updates libraries. This is not a security update.
https://coppermine-gallery.net/

Dada Mail 11.13.0 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 3.3.3 updates libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.0.13 updates libraries and resolves several bugs. This should be treated as a security update.
https://drupal.org/download

HumHub 1.8.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

OpenPetra 2021.04 improves contact and import, and resolves several bugs. This is not a security update.
https://www.openpetra.org/

ScreenConnect 21.6.3280.7796 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.7.1 is a security update.
https://wordpress.org/

Autoptimize 2.8.4 is a security update.

BuddyPress 7.3.0 is a security update.

Contact Form 7 5.4.1 resolves several bugs and compatibility issues. This is not a security update.

WooCommerce 5.3.0 resolves dozens of bugs and introduces several new features. This is not a security update.

WP Mail SMTP 2.8.0 resolves several bugs. This is not a security update.

WPtouch 4.3.41 resolves a cosmetic bug. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-01-12

Welcome back, Folks!

Today is Patch Tuesday for January, 2021.

This Month in Technology

By now you’re probably very aware with the SolarWinds “hack” since it was 24/7 news only a month ago, though mostly conjecture. We now know they were hacked over a year before a third-party (FireEye) pointed it out to them, and the malware remained on their servers weeks after it was identified.

What we’ve learned of it over the last month is a rich reminder of do’s and don’ts:

  • Don’t trust multi-factor authentication – it’s not nearly as effective at preventing logins as you’ve been lead to believe.
  • Don’t take over devices you can’t exploit quickly – don’t expose yourself wideband for 0.2%.
  • Do use a strong, unique password for everything – never something as absurd as “solarwinds123“.
  • Do modify your firewall to eliminate automatic whitelists for government IP addresses.
  • Do regular checkups – you never know what you’re going to find.

Don’t worry, though, they’ve hired a political hack to CYA!

Austin City, the City of CorneliaCity of EllensburgIndependence City (Kansas), Chatham County (North Carolina), Huntsville City Schools (Alabama), Jefferson County (Kentucky), Subway, Intel’s Habana LabsMicrosoftFireEye, the United NationsMaryland’s GBMC HealthCare, the US Dept of JusticeNissanLivecoinSpotifyIndiGo, various Israeli companies, the US Judiciary case file system, and many gaming companies have all been hacked.

Security issues or backdoors were found in Zyxel firewalls, Typo3Android BluetoothGlassdoorNintendo 3DSMicrosoft 365Google Titan security keys, Signal App cryptography, Starbucks mobile, and terabytes of secrets and databases have been dumped online.

Point-of-sale hardware has a “service mode” with a default password, malware is fingerprinting and mapping networks using the MAC address, Smart Doorbells are still a bad idea, Gionee has been infecting their own budget smartphones for kickbacks, and Google is still the easiest way to hack Google.

Ticketmaster hacked their competition 7 years ago and is only now paying a fine for it, Twitter is being fined almost half a million Euros for its breach handling, and Sabre Corp has now settled with 27 states over data breach.

WhatsApp won’t let you use it if you don’t want it to have your data tied to the rest of Facebook. The bigger you are, the bigger the target is on your back.

The “secure communication” tool Telegram tells everyone your precise location if you enable location support. One of my favorite browser extensions, The Great Suspender, changed hands in 2020 and the new publisher has recently been caught using it to distribute malware under the guise of analytics. Shopify, BigCommerce and other large sales platforms are being targeted with a card skimmer.

Mozilla (creator of Firefox and Thunderbird) wants the entire Internet to be used to censor certain publishers (that’s a bad thing), which is sad since they recently dropped support for PWAs (that’s a good thing).

Speaking of censorship and cancel culture, a potential new federal banking rule could put an end to the social/financial terrorism employed by cancel culture devotees. However, Big Tech censorship is at an all-time high in the wake of “riots” that were tame for the last year.

Corellium is protected by Fair Use and Tim Cook is going to have to testify more than a mere 4 hours about how his elimination of competition and closed ecosystem aren’t “really” a monopoly.

Ledger WalletT-Mobile (yet again), Amazon partner JuspayUbiquitiNintendo21 ButtonsSangoma TechnologiesDental Care AllianceKoei Tecmo, and Apex Laboratory all suffered data leaks/breaches.

Zoom, however, willingly shared their US user data with China.

Facebook’s recent Instagram hack exposed a massive click farm.

Google has had several service outages in the last month, as has Apple and even #Slack.

WinZip is vulnerable to a MitM attack (dude, no SSL, really?!).

Google broke SMS on many Android devices, your RAM can be used to exfil data from your device, Apple iPhone assembly plant Wistron in India has been suspended after a riot causes $60 million in damages. That may be a good thing, though, since the Apple MagSafe chargers can deactivate pacemakers.

macOS Preview is damaging PDFs (again).

Apple has removed the ability to download combo updates for Big Sur. This is going to cause serious security problems for the vast majority of the world that doesn’t have Bay Area bandwidth available to them.

In a good move, Apple has upset Facebooks advertising ecosystem by preventing certain data collection and use on their latest platforms, even Google is trying to figure out how to get around the new privacy requirements.

Why don’t I trust government? It’s hard to pick just one reason, but this month has many examples. Government employees tasked with preserving election data call for its mass deletion, or “accidentally” delete the security log files, while ignoring hundreds of pages of evidence and “moving the goalposts.”

The FBI has been hiding Seth Rich’s laptop while claiming they didn’t have it, public schools are purchasing hacking tools to get the data off student’s phones, mass data collection never ends, agencies fine you for helping during a crisis or being in a car without permission, while they hack journalist’s phones and run pedophile rings out of large white government buildings in DC. Nevertheless, you should trust the math and not look behind the curtain. Or else.

By the way, streaming content that you don’t have rights to is now a felony thanks to a nearly 6,000 page bill passed without anyone reading itHypocrisy is their bread and butter. Which is why they have such religiously held beliefs that violate all common sense.

Now for the good news:

It is now possible to integrate Everything into the Windows taskbar!

Starlink is approved for use in the UK, opening the door to true worldwide broadband.

Let’s Get Busy

Now back to our regularly scheduled program.

Adobe Flash Player is finally dead! There will be no more security updates released for Flash, and it’s probably the application single-most responsible for infections world-wide over the last 20 years, so it should be removed immediately. Use the utility below to remove it.
Win: https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-windows.html
Mac: https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-mac-os.html

Patch Tuesday this month is pretty big. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, and MSRT (~ 1.6 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, Safari 14.0.2, macOS Server 5.11, macOS X Combo Update 10.15.7, Brother Printer Drivers 4.1.1 and HP Printer Drivers 5.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.3 and iOS 12.5.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 14.3 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.2 and watchOS 6.3 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 14.3 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 87.0.4280.142 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.0) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v2009) is huge (about 18% larger than v2004, which was 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Crucial Storage Executive 6.09 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.3.5 improves removal of various artifacts. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

nVidia 461.09 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.18.78 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 87.0.4280.141 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 87.0.664.75 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 84.0.2 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/

Firefox ESR 78.6.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/

Iridium 2020.11 is a security update (but still not patched to the current Chromium security updates). Use Menu, Help, About to install the most current version.
https://iridiumbrowser.de/

Vivaldi 3.5.2115.87 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.6.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Facebook Messenger 20201207 is a security update, but is still a month behind the current chromium security level. You should remove Facebook Messenger if you have it installed.
https://www.messenger.com/download

Trillian 6.4.0.2 resolves several bugs. This is not a security update.
https://www.trillian.im/

curl 7.74.0 is a security update.
https://curl.haxx.se/windows/

Dropbox 112.4.321 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.52.0.5 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.5 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Minds 4.7.0 improves data use and channel header, restyles posts, and resolves several bugs. This is not a security update.
https://www.minds.com/mobile

Npcap 1.10 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Technitium DNS Server 5.6 adds dynamic configuration application, adds cleanup options, block list refresh intervals, forced refresh, and resolves many other bugs. This is not a security update.
https://technitium.com/dns/

Zoom 5.4.59931.0110 adds ability to block insecure participants, force authentication, silence notifications when sharing, and management improvements. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Adobe FrameMaker 2020.0.1 doesn’t provide a changelog so should be treated as a security update.
https://supportdownloads.adobe.com/detail.jsp?ftpID=7061

Adobe Bridge 11.0.1 is a security update.
https://helpx.adobe.com/security/products/bridge/apsb21-07.html

Adobe Captivate 2019 11.5.1.499 hotfix 1 is a security update.
https://helpx.adobe.com/security/products/captivate/apsb21-06.html

Adobe InCopy 16.0 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-05.html

Adobe Campaign Classic Gold Standard 11, 20.3.3.9234, 20.2.4.9187, 20.1.4.9126, 19.2.4.9082, and 19.1.8.9039 are security updates.
https://helpx.adobe.com/security/products/campaign/apsb21-04.html

Adobe Animate 21.0.2 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-03.html

Adobe Illustrator 25.1 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb21-02.html

Adobe Photoshop 22.1.1 is a security update.
https://helpx.adobe.com/security/products/photoshop/apsb21-01.html

darktable 3.4.0 resolves over 100 issues and adds several new features. This is not a security update.
https://www.darktable.org/install/

Flickr Downloadr 3.3.3.2 resolves a couple bugs. This is not a security update.
https://flickrdownloadr.com/downloads/

Picard 2.5.6 resolves several bugs.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.12.21 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PlayStation PS3 4.87 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

PlayStation PS4 8.03 adds option to disable Game Chat Audio. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PlayStation PS5 20.02-02.30.00 resolves PS4 transfer bugs, text input and Wi-Fi stability issues, and improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Interactive Calendar 2.2 adds color schemes, resolves search issues, improves stability & performance, and fixes several bugs. This is not a security update.
https://www.csoftlab.com/calendar

LibreOffice 7.0.4 resolves over a hundred bugs and is now the new general release. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.1.1 resolves dozens of bugs and improves compatibility. This is not a security update.
https://nextcloud.com/

Notepad++ 7.9.2 resolves over three dozen issues including performance and stability. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.14 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

Gpg4win 3.1.15 improves AD support and resolves a random security key selection bug. This is a security update.
https://www.gpg4win.org/download.html

KeePass 2.47 resolves several bugs, improves search and options. This is not a security update.
https://keepass.info/

NSudo 8.0.1 updates libraries and adds translations. This is not a security update.
https://github.com/M2Team/NSudo/releases/latest

RogueKiller 14.8.3 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.32.4 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Wireless Network Watcher 2.23 updates internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2021.1.0 improves transparency handling, scaling improvements, and resolves several bugs. This is not a security update.
https://12pd.com/click?snagit

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.1.5 adds new models and profiles, improved Enlarger AI handling. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 4.7 adds an option to import and export templates, improved reliability, scanning, and read handling, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.15.4 improves compatibility, implements seamless join of TrueHD streams, and resolves bugs. This is not a security update.
https://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

BulkFileChanger 1.72 adds “Photo – Date Taken” option. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

CCleaner 5.75.8238 adds import for “Cookies to Keep” option, and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

ControlMyMonitor 1.27 adds switches for turning on, off, and toggling on/off state. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Dell Command Update 4.0 adds support for DCH drivers, adds a filter for Security updates, and improves user interface. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 8.38 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dupeGuru 4.1.0 now uses tabs instead of windows, adds cosmetic fixes and options, and resolves several bugs. This is not a security update.
https://dupeguru.voltaicideas.net/

Etcher 1.5.113 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything 1.4.1.1003 resolves issues with the exit switch, improves shortcuts and autofocus. This is not a security update.
https://www.voidtools.com/

GoodSync 11.5.4 resolves several bugs. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 2.71 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 1.8.0 improves usability. This is not a security update.
https://lessmsi.activescott.com/

MS ISO Downloader 8.46 adds new builds for Office 2019 for Mac, more Dell models and ISO Tools hash improvements. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 2.0.0.7756 resolves several bugs and improves controls. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.1 resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 5.01 improves rendering. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Process Monitor 3.61 adds monitoring for various registry APIs and resolves a query output bug. This is not a security update.
https://live.sysinternals.com/

PsExec 2.21 is a security update.
https://live.sysinternals.com/

Sysmon 13.00 adds image tampering events and resolves several bugs. This is not a security update.
https://live.sysinternals.com/

TaskSchedulerView 1.65 adds columns for Task File Created/Modified. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.13.6 is released – but their changelog is on their community site (forum) which is currently down and redirecting to a third-party site. The new build may be a security update, but I recommend disabling TeamViewer completely for the near future just to be safe.
https://www.teamviewer.com/en/download/windows/

TraceRouteOK 2.31 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WakeMeOnLan 1.87 updates the internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WifiChannelMonitor 1.66 adds option to copy clicked cell and updates MAC addresses file. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.67 adds window resizing and pagination to the properties window, and adds wildcard filter support. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 6.41 improves duplex support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WirelessKeyView 2.21 improves display and adds QR Code view (F2). This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

Developer Updates

These are unlikely to be of interest to most people.

Node.js 12.20.1 is a security update.
https://nodejs.org/en/

Node.js 14.15.4 is a security update.
https://nodejs.org/en/

Node.js 15.5.1 is a security update.
https://nodejs.org/en/

Redemption 5.26.0.5872 adds ability to remember SMTP passwords, and resolves several bugs. This is not a security update.
http://www.dimastr.com/redemption/

Visual Studio Code 1.52.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Docker Desktop 3.0.4 resolves a stability bug. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.1.2 updates libraries and resolves several bugs. This is not a security update.
https://drupal.org/download

Joomla 3.9.24 is a security update.
https://www.joomla.org/

Nextcloud Server 20.0.4 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

OpenPetra 2020.12 removes support for SQLite, improves Find, Type Ahead, and resolves several bugs. This is not a security update.
https://www.openpetra.org/

phpList 3.6.0 adds blacklisting hook, and counter limits. This is not a security update.
https://www.phplist.org/

phpMyAdmin 5.0.4 resolves several bugs. This is not a security update.
https://www.phpmyadmin.net/

ConnectWise Control 21.1.2009.7678 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.6 improves layout flexibility, adds new block patterns, captions, new default theme, and improved auto-update capabilities. This is not a security update.
https://wordpress.org/

Akismet 4.1.8 resolves a couple bugs. This is not a security update.

Autoptimize 2.8.1 resolves several bugs. This is not a security update.

BuddyPress 7.1.0 resolves two bugs. This is not a security update.

Contact Form 7 5.3.2 is a security update.

Social Post Feed 2.18.1 resolves several bugs. This is not a security update.

Interactive World Map 3.1.9 improves compatibility. This is not a security update.

myStickymenu 2.4.9 resolves a couple bugs. This is not a security update.

W3 Total Cache 2.0.1 resolves several bugs. This is not a security update.

Widgets on Pages 1.5.0 is a security update.

WooCommerce 4.9.0 resolves dozens of bugs. This is not a security update.

Show IDs 1.1.6 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2014-07-08

Hi, Folks!

It’s Patch Tuesday!

Microsoft released 6 updates for Windows and Internet Explorer. This includes security updates (~70mb). A reboot is required.
http://update.microsoft.com/

Apple released updates for OS X, iOS 7, ProApps, MacBook Air, Apple TV, and Safari. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Adobe Flash Player 14.0.0.145 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

iOS 7.1.2 is a security update. The easiest way to install it is through your Apple mobile device “OTA” or over-the-air. Make sure you’re online with Wifi, then go to Settings, General, Software Update, and follow the prompts.

Browser Updates

One or more of these are likely to be of interest to everyone.

SeaMonkey 2.26.1 is a security update. Use Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 2.94 adds secondary sorting and fixes a bug merging MAPIPDL records. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Adobe Shockwave 12.1.3.153 is a security update.
https://12pd.com/click?shockwave

Mumble 1.2.7 is a security update.
http://mumble.sourceforge.net/

Evernote 5.4.1.3962 corrects several minor bugs. This is not a security update.
http://www.evernote.com/

Dropbox 2.8.4 improves proxy tolerance and fixes several bugs. This is not a security update.
https://12pd.com/click?dropbox

IPInfoOffline 1.34 updates the internal IP to country database. This is not a security update.
http://www.nirsoft.net/utils/ip_country_info_offline.html

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codecs Advanced 4.6.7 updates included codecs. To install the update, you must uninstall and reinstall the application.
http://shark007.net/win7codecs.html

Media Updates

These are unlikely to be of interest to most people.

MPC HC x64 1.7.6 updates libraries and fixes a number of bugs. This is not a security update.
https://12pd.com/click?mpchc

Game Updates

These are unlikely to be of interest to most people.

EA Origin 9.4.10.297 improves updates, installation, Twitch streaming and fixes several bugs. This is not a security update.

Minecraft 1.7.10 is primarily a Realms featureset update. This is not a security update.

PS3 4.60 fixes a non-security stability bug.

PS4 1.72 fixes a non-security stability bug.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat 10.1.10 Pro and Standard is a security update.

Adobe Illustrator CC 2014 is a new major release of Illustrator. This is not a security update.

Adobe InCopy CC 2014 is a new major release of InCopy. This is not a security update.

Adobe InDesign CC 2014 is a new major release of InDesign. This is not a security update.

Adobe Photoshop CC 2014 is a new major release of Photoshop. This is not a security update.

Adobe Photoshop Lightroom 5.5 fixes several bugs, adds newer hardware support, adds support for star ratings and custom sort. This is not a security update.

Paint.net 4.0 is a major update, improving performance and memory usage, adding hardware acceleration, fine-grained history, including the ability to tune settings live to see the results (such as selection wand or paint bucket), antialiasing and more. This is not a security update.
http://www.getpaint.net/

Artweaver 4.5.4 increases maximum grid size and fixes several bugs. This is not a security update.
http://www.artweaver.de/

Notepad++ 6.6.7 adds OneDrive settings storage and fixes a crash bug. This is not a security update.
https://12pd.com/click?npp

IrfanView 4.38 adds image tiling, improved command line options, adds drag & drop and several other improvements. This is not a security update.
http://www.irfanview.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Avast! Home Edition 9.0.2021 is a security update.
http://www.avast.com/free-antivirus-download

Wireshark 1.10.8 does not provide a changelog, so should be treated as a security update.
http://www.wireshark.org/

Wireless Network Watcher 1.71 adds always-on-top behavior. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

AVG Anti-Virus Free 2014.4716 is a security update.
http://www.avg.com/us-en/download

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 0.625 Beta corrects several non-security bugs and updates libraries. This is not a security update.
http://obsproject.com/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 9 9.1.5.6 adds support for new DVDs, bug fixes, improvements to crop & trim, and adds watermark support. This is not a security update.
http://www.dvdfab.cn/download.htm

MakeMKV 1.8.11 adds support for newer media, improved error correction, and bug fixes. This is not a security update.
https://12pd.com/click?makemkv

Utility Updates

These are unlikely to be of interest to most people.

TeamViewer 9.0.29947 provides several non-security bug fixes. This is not a security update.
http://www.teamviewer.com/en/download/

FolderChangesView 1.64 adds always-on-top support. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html

MyEventViewer 2.12 fixes a command compatibility bug. This is not a security update.
http://www.nirsoft.net/utils/my_event_viewer.html

USBDeview 2.35 adds the ability to reload an individual USB hub. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

WifiChannelMonitor 1.01 improves bit-detection and stability. This is not a security update.
http://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 1.61 adds secondary column sorting. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

CCleaner 4.15.4725 adds Chrome x64 support, improves performance and memory usage, improves wipe algorithm, bug fixes and other application support. This should be treated as a security update.
https://12pd.com/click?ccleaner

Agent Ransack 2014.822 improves search behavior and fixes 64-bit installer. This is not a security update.
http://mythicsoft.com/agentransack/download

Bitcoin 0.9.2.1 is a security update. All Bitcoin clients should be updated.
http://bitcoin.org/en/download

RoboForm 7.9.8 adds two-factor authentication, fixes bugs in sync and autoupdate. This should be treated as a security update.
https://12pd.com/click?rf

GoodSync 9.8.9 improves scheduling, installation, limited user support, and other bug fixes. This should be treated as a security update.
https://12pd.com/click?goodsync

Hamachi 2.2.0.214 is a stability fix. This is not a security update.
http://help.logmein.com/SelfServiceDownloads

LogMeIn Mac 4.1.4405 improves performance. This is not a security update.
http://help.logmein.com/SelfServiceDownloads

Developer Updates

These are unlikely to be of interest to most people.

SQLite Database Browser 3.2.0 adds project notation support, many bug fixes and improvements. This is not a security update.
http://sqlitebrowser.org/

Redemption 5.7.0.3868 adds several new features and a few dozen bug fixes primarily relating to import/export. This is not a security update.
http://www.dimastr.com/redemption/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 6.0.3 is a security update.
http://www.vmware.com/products/player/

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 7.0.5 improves installer behavior, bounce handling, UTF-8 encoding support and several bug fixes. This is not a security update.
http://dadamailproject.com/download/

phpMyAdmin 4.2.5 and 4.1.14.1 are security updates.
http://www.phpmyadmin.net/home_page/news.php

SMF 2.0.8 is a performance and bug fix release. This is not a security update.
http://download.simplemachines.org/

Coppermine Gallery 1.5.30 corrects several bugs, improves defaults and installation process. This is not a security update.
http://coppermine-gallery.net/

Anti-Splog 2.1.2 fixes a bug relating to super-admin spamming. This is not a security update.

BuddyStream 3.2.6 updates API. This is not a security update.

Easy Bootstrap Shortcode 4.3.2 corrects a bug in image upload. This is not a security update.

Register IP – Multisite 1.6.1 cleanup, fixes typo. This is not a security update.

Smart YouTube 4.2.5 fixes Vimeo compatibility. This is not a security update.

Theme My Login 6.3.10 is a security update.

WooCommerce 2.1.12 corrects several bugs. This is not a security update.

WP Edit 2.0 corrects several bugs. This is not a security update.

WPtouch 3.4.2 corrects a date/time bug in Bauhaus. This is not a security update.

Zemanta 1.2.5 adds SSL compatibility, and consolidates plugin configuration. This is not a security update.
That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2012-10-09

Hi, Folks!

Microsoft released 7 updates today to address security issues in Windows, SQL Server, Office, SharePoint, Lync, Microsoft Works and InfoPath, for all supported versions of Windows. A reboot is required.
http://update.microsoft.com/

Apple released updates for AppleTV, OS X Server, iPhoto, Aperture and a variety of printers this week. This includes security updates. Use the Apple Updater to get the most current versions.

Adobe Flash Player 11.4.402.287 is a security update.
https://12pd.com/click?flashie
https://12pd.com/click?flash

Adobe AIR 3.4.0.2710 is a security update.
https://12pd.com/click?air

Also note – Adobe recently had one of their build servers hacked and as a safety precaution, they revoked an SSL certificate used to sign their programs. While this is, you know, scary, there is not yet any reason to believe there is an actual exploit in any “real” Adobe software. However, some antivirus programs treat signed programs with revoked certificates as “malware” (technically, as a PUP – Potentially Unwanted Program) so you can expect to see overzealous antivirus programs removing valid Adobe applications. I expect Adobe to release updates for the affected software soon. You may need to reinstall any affected Adobe software completely if your antivirus program removes it.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me anytime, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

BullZip PDF Printer 9.1.0.1454 adds the ability to install silently. This is not a security update.
http://www.bullzip.com/products/pdf/info.php#download

Browser Updates

One or more of these are likely to be of interest to everyone.

Firefox 16.0 is a security update. This major version update corrects just shy of 2,000 issues, from 3D to scripting to performance fixes and more. Use Help, About to get the most current version.

Google Chrome 22.0.1229.79 is a security update. Use Tool (or Menu), About to get the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

WinSCP 5.1 is the first of the 5.x release, which adds a number of new features, including tabs, vastly improved scripting support, a number of bugfixes, and more. This is a security update.
http://winscp.net/eng/index.php

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codec Package 3.8.0 updates included codecs. To install the update, you must uninstall and reinstall the application. This is not a security update.
http://shark007.net/win7codecs.html

Win x64 Codec Support 3.8.0 updates included codecs. This update applies only to 64-bit computers, and requires either the Win7 Codec Package or the Windows Vista Codec package. This is not a security update.
http://shark007.net/x64components.html

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.4.2.3442 adds Opus support and corrects several bugs. This is not a security update.
http://cdburnerxp.se/

MPC HC 1.6.4.6052 corrects sveral bugs, improves chapter support, subtitle behavior, updates hardware support, codecs and positioning. This is not a security update.
http://sourceforge.net/projects/mpc-hc/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 9.0.13.2141 corrects several stability and reliability bugs. This is not a security update.
http://www.filehippo.com/download_origin/

GameMaker Studio 1.0 is a complete rewrite of the GameMaker franchise. GameMaker now supports building to devices running iOS, Android, Windows, OS X and even HTML5. And the basic program is still free.
http://www.yoyogames.com/gamemaker/studio/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe FrameMaker 11.0.1 corrects a reliability bug. This is not a security update.
http://www.adobe.com/support/downloads/new.jsp

Adobe Photoshop Lightroom 4.2 improves camera and export support, as well as several bugfixes. This is not a security update.
http://www.adobe.com/support/downloads/new.jsp

Adobe Photoshop 13.0.1.1 is a security update. Use Help, Updates to get the most current version.

Adobe Premiere Pro CS6 6.0.3 is a security update.
http://www.adobe.com/support/downloads/new.jsp

Adobe Bridge CS6 5.0.1.1 is a security update.
http://www.adobe.com/support/downloads/new.jsp

Adobe InCopy CS6 8.0.1 is a bugfix release, correcting a couple dozen issues. This is not a security update.
http://www.adobe.com/support/downloads/new.jsp

Adobe InDesign CS6 8.0.1 is a bugfix release, correcting a couple dozen issues. This is not a security update.
http://www.adobe.com/support/downloads/new.jsp

Adobe Audition CS6 5.0.2 is a stability and feature update. This version improves Windows 8 support, removes limitations to CD burning and corrects issues with touch and metronome. This is not a security update. Use Help, About to get the most current version.

Adobe Encore CS6 6.0.2 does not provide a changelog, so it should be treated as a security update.
http://www.adobe.com/support/downloads/new.jsp

Artweaver 3.1.2 corrects a number of minor bugs. This is not a security update.
http://www.artweaver.de/

SketchUp 8.0.15158 removes most Google branding (SketchUp is now owned by Trimble Navigation Limited), improves recording and text display. This is not a security update.
http://www.sketchup.com/

Kindle for PC 1.10.4 Build 40317 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

SuperAntiSpyware 5.6.1010 is a major update, providing vastly improved memory handling and performance, and corrects several bugs. This is a security update.
http://www.superantispyware.com/download.html

Wireshark 1.8.3 corrects a number of bugs and adds additional protocal support. This is not a security update.
http://www.wireshark.org/

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 2.37 improves display, and corrects Firefox cache-reading bug. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 7.8.3 corrects several bugs including crash and reliability issues. This is not a security update.
https://12pd.com/click?rf

Goodsync 9.3.4.5 improves user handling, GUI and drag-and-drop support. This is not a security update.
https://12pd.com/click?goodsync

CCleaner 3.23.1823 adds newer application support, improves file deletion security and several other fixes. This is a security update.
http://www.piriform.com/ccleaner

FolderChangesView 1.16 improves multi-monitor support. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html

USBDeview 2.16 adds the ability to scan for specific USB version devices from the command prompt. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

WifiInfoView 1.05 adds Router Name and Router Model reports. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

Process Explorer 15.23 adds process token of protected processes, fixes crash bugs. This is a security update.
http://live.sysinternals.com/

DebugView 4.8 fixes a BSOD bug. This is a security update.
http://live.sysinternals.com/

Sigcheck 1.81 fixes a crash bug. This is a security update.
http://live.sysinternals.com/

Developer Updates

These are unlikely to be of interest to most people.

Inno Setup 5.5.2 and Inno Setup QuickStart 5.5.2 adds Windows 8 compatibility, adds userpf and usercf constants, and various other improvements. This is not a security update.
http://www.jrsoftware.org/isdl.php

MySQL 5.5.28 corrects several bugs with partitioning, InnoDB, replication, and others. This should be treated as a security update.
http://www.mysql.com/downloads/mysql/

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 3.5.3 is a security update.
http://www.phpmyadmin.net/home_page/news.php

ModSecurity 2.6.8 corrects two non-security bugs. This is not a security update.
http://www.modsecurity.org/

Movable Type 5.2 adds several new features and corrects dozens of bugs. This is not a security update.
http://www.movabletype.org/download.html

Contact Form 7 3.3 vastly improves message formatting options and tags, eliminates timeout for nonce (not a good thing, IMHO), and other changes. This is not a security update.
http://wordpress.org/extend/plugins/contact-form-7/

Multisite Plugin Manager 3.1.2 is a security update.
http://wordpress.org/extend/plugins/multisite-plugin-manager/

Smart YouTube 4.1.7 adds support for a new playlist format. This is not a security update.
http://wordpress.org/extend/plugins/smart-youtube/

Theme My Login 6.2.3 corrects a static front-page bug and removes tab indexes. This is not a security update.
http://wordpress.org/extend/plugins/theme-my-login/

WP Geocode Filter 1.0.4 updates MaxMind data. This is not a security update.
http://wordpress.org/extend/plugins/wpgeocode/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2011-11-08

Hi, Folks!

Patch Tuesday is here again, and is extremely light this month.

Microsoft released updates to Windows, Windows Mail, Outlook, MSRT, TCP/IP and LDAPS. This includes security updates. These updates weigh in at less than 10mb. A reboot is required.
http://update.microsoft.com/

Apple released updates for various printer drivers, Aperture, and iPhoto. Use the Apple Software Updater to obtain the most current versions. This includes security updates.

Adobe released stability updates to a variety of CS products, including InDesign, Premiere, InCopy and others. Select your installed product from the list here to find any specific updates:
http://www.adobe.com/downloads/

Be aware that on months with an ‘early’ Patch Tuesday, such as this one, several vendors, including Apple and Adobe, tend to release the bulk of their updates on the third Tuesday, not the second. Expect next week to include several security updates from these vendors.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Driver Updates

If you’re using this hardware – these updates are for you.

iOS 5.0 is now generally available for supported iPhone, iPad, iPod and AppleTV products. iOS 5 adds over 200 new features including a notifications window, better application management, improved reminders, Twitter support, camera improvements, email formatting and other mail and calendar features, and various accessibility improvements. This includes security updates. Use iTunes to install this update – and be patient, it’s around 700mb.

Sn0wBreeze 2.8b10 enables jailbreaking iOS 5. This is not a security update.
http://iphoneroot.com/utilities/

ATI Catalyst 11.10 adds newer hardware support, better performance for various games and applications, and correcting several crash and display corruption bugs. This is not a security update.
http://sites.amd.com/us/game/downloads/Pages/radeon_win7-64.aspx

GMail Drive FS 1.0.18 improves support for Google Apps accounts, corrects a login issue and adds a Shell Command Bar. This is not a security update, but is required of all users of this driver in order to continue to operate correctly.
http://www.viksoe.dk/code/gmail.htm

Browser Updates

One or more of these are likely to be of interest to everyone.

Firefox 8.0 corrects several security and stability issues, disables add-ons by default, improves performance of HTML5 audio and video tags and context menus. This is a security update. Use Help, About to get the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 8.0 corrects several security and stability issues, removes the folder switching pane widget, and disables add-ons by default. This is a security update. Use Help, About to get the most current version.

OutlookAttachView 1.95 adds ‘/extractall’ and the ability to scan only recent messages for attachments. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

FileZilla 3.5.2 corrects several bugs related to password storage and the queue. This is not a security update.
http://filezilla-project.org/

uTorrent 3.0 Build 25824 corrects a stability issue for large files. This is not a security update.
http://www.utorrent.com/

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codec Package 3.2.4 updates included codecs, and fixes a significant settings bug. To install the update, you must uninstall and reinstall the application. This is not a security update.
http://shark007.net/win7codecs.html

Win x64 Codec Support 3.2.5 updates included codecs, and fixes a significant settings bug. This update applies only to 64-bit computers, and requires either the Win7 Codec Package or the Windows Vista Codec package. This is not a security update.
http://shark007.net/x64components.html

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.3.9.2783 improves spanning behavior, adds drag and drop ability for DVD Video folders, improved startup time, and several 64-bit compatibility issues. This is not a security update.
http://cdburnerxp.se/

Winamp 5.622 corrects several security and stability bugs. This is a security update.
http://www.winamp.com/media-player/en

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 5.9.6.1 corrects a crash bug and improvements to folder processing and project manager. This is not a security update.
http://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Wireshark 1.6.3 provides several dozen updates including various bugfixes, improved protocol support, and stability issues. This should be considered a security update.
http://www.wireshark.org/

MSRT 4.2 adds support for detection and removal of Duqu and improves scanning quality. This is a security update.
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=585D2BDE-367F-495E-94E7-6349F4EFFC74

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 2.02 fixes a caching performance issue. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 8.1.3.2 offers significant performance improvements, library updates, various minor bugfixes, stability and pathplayer fixes. This is not a security update.
http://www.dvdfab.com/download.htm

Utility Updates

These are unlikely to be of interest to most people.

Intel SSD Toolbox 3.0.1 improves hardware and OS support, adds drive health and life estimation display, and export support. This is not a security update.
http://www.intel.com/support/go/ssdtoolbox/index.htm

RoboForm 7.6.2 corrects a number of bugs in Firefox and Chrome, crash issues with corrupted site icons and display improvements. This should be considered a security update.
https://12pd.com/click?rfe

USBDeview 1.96 improves USB hub detection. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

WakeMeOnLan 1.21 adds tray support and corrects a bug in netrange scanning. This is not a security update.
http://www.nirsoft.net/utils/wake_on_lan.html

Wireless Network Watcher 1.32 adds several new options to the tray context menu. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 4.1.6-74713 corrects several crash, screen corruption, networking and stability bugs. This should be treated as a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

DotNetNuke 06.01.00 corrects multiple security issues related to messaging and browser caching. This is a security update.
http://dotnetnuke.codeplex.com/

Contact Form 7 3.0.1 improves WP 3+ compatibility, file type options, and security improvements. This is a security update.
http://wordpress.org/extend/plugins/contact-form-7/

Zemanta 0.8.2 improves API key processing. This is not a security update.
http://wordpress.org/extend/plugins/zemanta/

Recurly 1.1.3 improves behavior of percentage discount coupons. This is not a security update.
http://js.recurly.com/

That’s all for now folks. Keep it clean out there.

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/