Updates 2022-01-11

Welcome back, Folks!

Today is Patch Tuesday for January, 2022.

It’s a big one. This month has been insane. There’s always a surge in hacking events near holidays, but this month had almost double the *known* hacking events from previous months. What’s worse is that many of the vulnerabilities used were known weeks and sometimes years in advance, though the patches were not yet installed or the specific applications and services were simply not being maintained or secured. Grrrr.

This Month in Technology

A New Leaf, Inc., Advocate Aurora HealthAlabama Department of Rehabilitation ServicesAll in One SEOAmediaAndrew Sauchelli, DMDApache httpdApple Blossom Family PracticeAzure App ServiceBansley and Kiener (B&K), Belgium’s MilitaryBernalillo CountyBioPlus Specialty Pharmacy Services LLCBrazil’s Health MinistryBroward HealthC.E. Niehoff & CompanyChaddockCiox HealthCommission on ElectionsCOVID-19 Home TestsCrawford County Assessors OfficeDaniel J. Edelman Holdings, Inc., DatPiff, The De Montfort SchoolDouglas C Morrow ODPCDuneland School CorporationEvanston Township High SchoolExpresso and SICFertility Centers of Illinois, PLLC, FinalSiteFlexBookerFlorida Digestive Health Specialists LLP, Forensic Science IrelandFresenius Kabi infusion pump systemsGarrett metal detectorsGeorgia Bone & Joint Surgeons, P.C., Google Docs Comment PlatformGrass Valley, CAGumtreeH2 DatabaseHellmann Worldwide LogisticsImpresaInetum GroupiPhone 13James Kagan, MDJefferson Surgical ClinicKearsarge Regional School DistrictLastPassLog4j (several times)Loyola University Medical CenterLuxemburg-Casco School DistrictmacOS powerdirMcMenaminsMedQuest Pharmacy, Inc., Microsoft Active DirectoryMicrosoft TeamsMonkey Kingdom (via Grape), Monongalia Health System Inc., Monroe Public SchoolsMonterey Peninsula Unified School DistrictNetgear NighthawkNorthwest Broward Orthopaedics AssociatesNorth Shore Hebrew Academy High SchoolOG department storeONUSOregon Eye SpecialistsPeck & Associates, PC, Pithadia Medical Professional Services, Inc., ProtempsPulseTVQNAPRavkooRedLine StealerRhode Island Public Transit AuthorityR.R. Donnelley & SonsRunning Warehouse LLC, Sainsbury’sSaltzer HealthSaskatchewan Liquor and Gaming AuthoritySEGAShelley School DistrictShutterflySkate Warehouse LLC, Skin Care Specialty PhysiciansSotheby’s Realty’s BrightcoveSouthern Orthopaedic AssociatesSpar StoresStandard BankSuperior PlusSurgery Group SCT-MobileTackle Warehouse LLC, Tennis Warehouse LCC, Tiyuli and LametayelUAW Retiree Medical Benefits TrustUberUbisoftUK Defence AcademyUltimate Kronos GroupUS Commission on International Religious FreedomUScellular, Utah Department of Health, Virginia Division of Capitol PoliceVirginia General AssemblyVolvoWalgreen Co., WD MyCloudWelfare, Pension and Annuity Funds of Local No. ONE, I.A.T.S.E., and Zoho UEM have been hacked.

Norton 360 is now opting you in for their CPU cryptomining if you have their software installed. The very same software designed to protect you from evildoers that would take advantage of your computer to do this kind of thing…is now doing it. Apple has released an Android app under the auspice of helping users discover Tracker devices that might be tracking them…by enabling your device to allow them to communicate with the Apple Tracker network. Firefox still doesn’t properly support OCSP stapling. Dell BIOS updates are crashing devices. Microsoft has integrated their own financing platform into Edge.

Microsoft rang in the new year by breaking Microsoft Exchange (on-prem) for every server that had filtering enabled (almost all of them). Microsoft acknowledged the problem about 20 hours after it began and released resolution steps by deleting and rebuilding the scanning engine about 31 hours after it began. Sonicwall, too.

CloudflareAWS, Twitch, Zoom, PSN, Slack, Hulu, Imgur have had extended outages this month.

Please, for all that is holy, check your backups!

Phishing is an ever-growing problem. Sophos reminds us how to check for scams like this.

Now for the good news:

Mozilla has added Secure DNS to Firefox, now enabled by default. Unfortunately, this bypasses DNS filtering options you may have assigned yourself – so if you use Firefox you’ll need to enable your own DoH URLs within the settings.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is pretty big. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates for.NET Framework, Microsoft Dynamics, Edge, Exchange Server, Microsoft Office, SharePoint, Microsoft Teams, Active Directory, CLFS, Windows Cryptographic Services, Windows Defender, DirectX, Windows Installer, Windows RDP, Windows Remote Desktop, ReFS, Windows Security Center, Windows Storage Spaces, Windows Tile Data Repository, Windows UEFI, Windows User Profile Service, and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for Safari 15.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Google Chrome OS 96.0.4664.111 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.7 removes support for Vista, updates libraries, and improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.34.80 is a security update.
https://brave.com/

Google Chrome 97.0.4692.71 is a security update.
https://www.google.com/chrome/

Microsoft Edge 97.0.1072.55 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 96.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.5.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Iridium 2021.12.96 is a security update.
https://iridiumbrowser.de/

SeaMonkey 2.53.10.2 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.0.2497.35 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.5.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 6.4.0 resolves a couple bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 7.81.0 is a security update.
https://curl.haxx.se/windows/

Dropbox 139.4.4896 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Server 1.2.0 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.16 updates libraries and resolves several bugs. This is a security update.
https://www.freefilesync.org/download.php

Omada Software Controller 5.0.29 is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Prosody 0.11.11 resolves several bugs. This is not a security update.
https://prosody.im/download/start

Syncthing 1.18.6 improves usability. This is not a security update.
https://syncthing.net/

Telegram 3.4.3 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.9.1.2581 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

darktable 3.8.0 makes nearly 4,000 changes including performance, bug fixes, new hardware support and more. This should be treated as a security update.
https://www.darktable.org/install/

Picard 2.7.2 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

TuneIn 1.25.0 does not provide a changelog so should be treated as a security update.
https://tunein.com/radio/home/

Game Updates

These are unlikely to be of interest to most people.

Steam 2022.12.16 resolves several bugs. This is not a security update.
https://store.steampowered.com/about/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 21.011.20039 is a security update.
https://get.adobe.com/reader

Adobe Acrobat and Reader 21.011.20039, 20.004.30020, and 17.011.30207 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb22-01.html

Adobe Illustrator 26.0.2 and 25.4.3 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-02.html

Adobe Bridge 12.0.1 and 11.1.3 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb22-03.html

Adobe InCopy 16.4.1 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb22-04.html

Adobe InDesign 16.4.1 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb22-05.html

Audacity 3.1.3 improves stability. This is not a security update.
https://www.audacityteam.org/download/

Krita 5.0.2 is a major update. This version adds several features, resolves bugs and improves stability and reliability. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.2.5 resolves almost 100 bugs. This is not a security update. The “Fresh” line is beta software and should be avoided in favor of the stable version (“Still”) by most users.
https://www.libreoffice.org/

Nextcloud Desktop 3.4.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.2 improves stability. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.7 resolves a stability bug. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

elementary OS 6.1
https://elementary.io/

Gpg4win 4.0.0 is a major update adding several new features and updates libraries. This is a security update.
https://www.gpg4win.org/download.html

KeePass 2.50 improves performance and generator, updates libraries, and resolves several bugs. This is not a security update.
https://keepass.info/

OpenSSL 1.1.1m is a security update.
https://www.openssl.org/source/

OpenSSL 3.0.1 is a security update.
https://curl.se/windows/

OpenSSL 3.0.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ReactOS 0.4.13 provides over 250 bug fixes and improvements. This is not a security update.
https://reactos.org/

RogueKiller 15.1.5 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 4.26 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

TinyWall 3.2.5 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.40.6 improves reliability. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.35.4 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.5.1 updates libraries, resolves several bugs and improves stability and reliability. This is not a security update.
https://handbrake.fr/

IsoBuster 4.9 adds support for new hardware, new formats, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

Utility Updates

These are unlikely to be of interest to most people.

7-Zip 21.07 adds VHDX support, improved parameter handling and compatibility. This is not a security update.
https://www.7-zip.org/

Agent Ransack 2022.3283 improves performance and reliability, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Aomei Partition Assistant 9.6.0 resolves several bugs and improves compatibility. This is not a security update.
https://www.diskpart.com/

Autoruns 14.07 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Active Directory Explorer 1.51 fixes a Windows Store packaging crash. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/adexplorer

CacheSet 1.02 fixes a 64 bit OS regression. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/cacheset

Beyond Compare 4.4.1.26165 resolves several bugs and improves compatibility. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

ControlMyMonitor 1.31 adds a new parameter for Secondary displays. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

CPU-Z 1.99 adds support for new hardware and resolves a couple bugs. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 9.51 adds dark mode. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 2.9.482.0 resolves several bugs. This is not a security update.
https://dngrep.github.io/

Etcher 1.7.3 is a security update.
https://www.balena.io/etcher/

Everything 1.4.1.1015 resolves several bugs. This is not a security update.
https://www.voidtools.com/

Everything CLI 1.1.0.21 resolves several bugs. This is not a security update.
https://www.voidtools.com/

FileLocator Pro 2022.3283 provides performance and reliability improvements. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

GoodSync 11.10.0 resolves several bugs and improves stability. This is not a security update.
https://www.goodsync.com/

Homedale 2.02 improves colors. This is not a security update.
https://www.the-sz.com/products/homedale/

Macrium Reflect 8.0.6495 doesn’t provide a changelog, so should be treated as a security update.
https://www.macrium.com/reflectfree

NTLite 2.3.2.8526 updates libraries and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.1.0 adds resource limiting, new objects, and resolves several bugs. This is not a security update.
https://osquery.io/downloads

PowerToys 0.53.1 adds several new features and resolves bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.87 fixes resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Samsung Magician 7.0.1 is a major update, but doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

SearchMyFiles 3.16 is a cosmetic update. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Sysmon 13.31 improves reliability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TeamViewer 15.25.8 fixes a VOIP bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 2.71 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WifiInfoView 2.72 updates the internal MAC database and resolves a high-DPI bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

ZoomText 2022.2112.10.400 resolves several bugs and improves display. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Maraura 3.9.7 updates Java support and libraries, and resolves several bugs. This is a security update.
http://arianne.sourceforge.net/engine/marauroa.html

Docker Desktop 4.3.2 updates the scan engine to detect log4j vulnerabilities. This is a security update.
https://www.docker.com/products/docker-desktop

Godot 3.4.2 updates libraries and resolves several bugs. This is a security update.
https://godotengine.org/

Node.js 12.22.9 is a security update.
https://nodejs.org/en/

Node.js 14.18.3 is a security update.
https://nodejs.org/en/

Node.js 16.13.2 is a security update.
https://nodejs.org/en/

Node.js 17.3.1 is a security update.
https://nodejs.org/en/

SQLite 3.37.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.3.2 resolves a major stability bug. This is not a security update.
https://drupal.org/download

HumHub 1.10.3 is a security update.
https://www.humhub.com/en/download

MailArchiva 8.5.6 resolves several bugs. This is not a security update.
https://mailarchiva.com/

ownCloud Server 10.9 is a security update.
https://owncloud.org/install/

Piwigo 12.2.0 resolves several bugs. This is not a security update.
https://piwigo.org/

ScreenConnect 21.14.5924.8013 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SMF 2.0.19 is a security update.
https://www.simplemachines.org/

WordPress 5.8.3 is a security update.
https://wordpress.org/

Slider Revolution 6.5.14 updates libraries and resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

WPBakery 6.8.0 improves compatibility and resolves several bugs. This is not a security update.
https://wpbakery.com/

Autoptimize 2.9.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 9.2.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Social Post Feed 4.1.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Postie 1.9.59 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/postie/

NextScripts Social Networks Auto-Poster 4.3.25 is a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Visual Composer 41.1 improves compatibility. This is not a security update.
https://visualcomposer.com/

WooCommerce 6.1.0 is a major update, resolving several bugs and adding features. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Zero Spam 5.2.9 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/zero-spam/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-11-09

Welcome back, Folks!

Today is Patch Tuesday for November, 2021.

This month we’ve got the new macOS (Monterey) which is bricking Macs, Windows 11 (don’t do it!), and a new build of Windows 10 (v21H2) is slated for release within the next few days. If you’re running a version of Windows 10 prior to v20H2 (v2009/19042) then you’ll want to install either Windows 10 v21H1 or prepare to install v21H2 on release, as the older versions will no longer be supported in only a month.

This Month in Technology

Acer (a couple times), American Osteopathic AssociationAnthem, Inc., Apple iCloudArgentina’s National Registry of PersonsBillQuick, Blue Cross of California, Bryan HealthbZxCalifornia Physicians’ Services (Blue Shield of California), Canadian province of Newfoundland and Labrador Health SystemsCentara Hotels & ResortsClinical Pathology Diagnostics, LLCCoinMarketCapColleton County School District (SC), Community Medical CentersCyberserveDeep 6 AIDiscord CDN (still), Discourse, Doctors Health Group, Inc., Domaining.comElectronic Warfare (US defense contractor), EU Digital Covid certificate system “Green Pass”Exterity IPTVFamily of WoodstockFerrara Candy CoFullerton HealthGigabyteGitLab serversGraffHariexpressHumana IncInstagram and TikTokKasperskyLas Vegas Cancer CenterLavaca Medical CenterMachon MorMaxim Healthcare GroupMediaMarkt, many more Microsoft Exchange servers, Missouri Delta Medical CenterMLBNational Iranian Oil Products Distribution CompanyNationwide Laboratory ServicesNorth American Dental Management, a bunch of NPM librariesNRAOlympusOpenSea NFTPainters District Council No. 30 Health and Welfare FundPhilips Tasy EMRPlaybookPractice MaxPremier Patient HealthcareProfessional Dental AlliancePutnam County Memorial HospitalQRS, Inc., Quest Diagnostics ReproSourceQuickfoxRobinhoodRussia’s Federal Information SystemScoolioSCUF Gaming InternationalSeneca Family of AgenciesSinclair TVSocietà Italiana degli Autori ed EditoriSurecare Specialty PharmacySyracuse ASC, LLCTescoThingiverseThrockmorton County Memorial Hospitaltribal casinosTwitchTwitterUK Councils (dude!), UK Labour PartyUNC HospitalsUniversity of Colorado BoulderUMass Memorial HealthUniversity of SunderlandThe Urology Center of ColoradoUS Immigration and Customs Enforcement’s Homeland Security InvestigationsUS Water and Wastewater SystemsNational Health Service of UkraineVenmo used to syphon bank accounts, VisibleVisual Tool DVRsViverant PT, LLCWashington Central Unified Union School District (VT), and, of course, more Zoho ManageEngine servers than you can shake a stick at, have been hacked this month.

Google Chromebook enrollmentMicrosoft 365KT, and Voipfone have suffered outages this month. Microsoft overlooked expired certificates again, and Microsoft is force-installing crapware again, as well.

Pwn2Own this year demonstrated over 60 hacks across dozens of devices. Default password patterns (like your phone number) are sadly and unsurprisingly insecure. Facebook will (supposedly) delete 1 billion faceprintsYahoo pulled out of China and YouTube is pushing malware. Mozilla has finally removed two malicious add-ons that have been weakening security for half a million users. macOS Monterey is bricking MacsCanon is being sued for disabling their printers. And McAfee is being purchased by an “investor consortium.”

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is very large. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, Windows 7, Windows Server 2008 R2, Server 2012, and MSRT (~2.3 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.8.1, iOS 15.1, iPadOS 14.8.1, iPadOS 15.1, Safari 15.1, macOS Big Sur 11.6.1, macOS Monterey 12.0.1, Security Update 2021-007 Catalina, tvOS 15.1, and watchOS 8.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.8.1 and 15.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 14.8.1 and 15.1 are security updates. Use Settings, General, Software Update to install the most current update.

tvOS 15.1.1 is a security update. Use System, Software Update to install the most current version.

watchOS 8.1 is security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 94.0.4606.114 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 35-1.2 is a major update, adding several new configuration and control features, and updates libraries. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 has been released, but it has only been out a few weeks so should be considered beta software. Give it at least a couple months before you install it on your devices.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.6 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.31.88 is a security update.
https://brave.com/

Google Chrome 95.0.4638.69 is a security update.
https://www.google.com/chrome/

Iridium 2021.10.95 is a security update.
https://iridiumbrowser.de/

Microsoft Edge 95.0.1020.44 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 94.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.3.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 4.3.2439.65 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.3.0 is a security update.
https://www.thunderbird.net/en-US/

OutlookAttachView 3.44 resolves a profile selection bug. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 6.3.5 resolves a couple bugs. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 134.4.4115 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.56.2 resolves several bugs and improves compatibility. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.1.0 is a security update.
https://filezilla-project.org/

Google Drive 52.0 improves compatibility, no longer respects custom cache location mapping, forcefully overwrites the destination of any link named “Google Drive,” and improves performance. This is not a security update.
https://drive.google.com/start

Rclone 1.57.0 resolves dozens of bugs and improves reliability, compatibility and stability for several platforms and protocols. This is not a secuirty update.
https://rclone.org/

Skype 8.77.0.97 adds background blurring, user pinning, Meet Now improvements, and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.18.4 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 7.1 adds certificate generation, Block Page App, Drop Requests App, Query Logs App, Advanced Blocking App, improves logging, and resolves several other bugs. This is a security update.
https://technitium.com/dns/

Telegram 3.2.3 resolves a couple bugs. This is not a security update.
https://telegram.org/
This month Telegram also added advertising support – a harsh reminder that the platform is run by a Russian company.

WinSCP 5.19.4 resolves a couple bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.8.3.1581 adds administrative controls, improvements in Meeting, webinar, chat, and resolves several bugs. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.18 improves tracking and expression matching reliability. This is not a security update.
https://en.3tene.com/

iTunes 12.12.2 doesn’t provide a changelog so should be considered a security update.
https://www.apple.com/itunes/download/

Plex Home Theater 1.7.0.2676 improves update check and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.24.5.5173 improves database structure, search matching, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Nintendo Switch 13.1.0 adds support for the new expansion pack. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS5 21.02-04.03.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2021.10.14 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 3.1.0 improves usability, adds clip handle bars, smart clips, and reworks the looping feature. This is not a security update.
https://www.audacityteam.org/download/

LibreOffice Still 7.1.7 resolves 27 bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.2.2 resolves almost 70 bugs. This is not a security update. Be aware that the “Fresh” line is beta software and should be avoided in favor of the “Still” line.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.6 resolves several bugs. This is a security update.
https://nextcloud.com/

Notepad++ 8.1.9 resolves several stability bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.2 improves performance of Tools and plugins, and resolves a reliability bug. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.2.358.0 resolves several bugs. This is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

RoboHelp Server RHS2020.0.2 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb21-87.html

Adobe InCopy 17.0 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-110.html

Adobe Creative Cloud 5.6 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.html

Adobe After Effects 18.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb21-79.html

Adobe Audition 14.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/audition/apsb21-92.html

Adobe Bridge 11.1.2 and 12.0 are security update.
https://helpx.adobe.com/security/products/bridge/apsb21-94.html

Adobe Character Animator 4.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/character_animator/apsb21-95.html

Adobe Prelude 22.0 is a security update.
https://helpx.adobe.com/security/products/prelude/apsb21-96.html

Adobe Lightroom Classic 10.4 and 11.0 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb21-97.html

Adobe Illustrator 25.4.2 and 26.0 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb21-98.html

Adobe Media Encoder 15.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb21-99.html

Adobe Premiere Pro 15.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb21-100.html

Adobe Animate 22.0 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-105.html

Adobe Premiere Elements 19.0 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb21-106.html

Adobe InDesign 17.0 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb21-107.html

Adobe XMP Toolkit SDK 2021.08 is a security update.
https://helpx.adobe.com/security/products/xmpcore/apsb21-108.html

Adobe Photoshop 22.5.2 and 23.0 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-109.html

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 15.1.3 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 4.24 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

TinyWall 3.2.3 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.38.6 resolves compatibility with Twitch. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

YARA 4.1.3 should be treated as a security update.
https://github.com/countercept/chainsaw

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.34.1 replaces update engine and resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.16.5 improves stability and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9.1 adds support for macOS Monterey, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.9.828 resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

AccessEnum 1.33 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/accessenum

Autoruns 14.06 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

BatteryInfoView 1.25 updates tray tooltip to display information on multiple batteries. This is not a security update.
https://www.nirsoft.net/utils/battery_information_view.html

Bitwarden 1.28.3 resolves several bugs. This is not a security update.
https://bitwarden.com/

CacheSet 1.01 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/cacheset

Contig 1.81 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/contig

ControlMyMonitor 1.30 improves error handling. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

CPU-Z 1.98 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.3.1 resolves a compatibility bug. This is not a security update.
https://cygwin.com/

DesktopOK 9.31 adds option to customize DPI values. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Desktops 2.01 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/desktops

Disk2vhd 2.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/disk2vhd

DiskMon 2.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/diskmon

dnGrep 2.9.428.0 resolves cancel bug, .gitignore filtering, theme improvements, and PDF association. This is not a security update.
https://dngrep.github.io/

EFSDump 1.03 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/efsdump

Everything Toolbar 0.7.3 adds option to enable or disable thumbnails and hotkey handling. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Git SCM 2.33.1 improves compatibility and resolves several bugs. This is not a security update.
https://git-scm.com/

GoodSync 11.9.3 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

Homedale 2.00 adds new column for Station Count. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.45 adds support for new hardware and disk read/write speeds. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

Java 8u311 is a security update.
https://www.java.com/en/download/manual.jsp

LessMSI 1.10.0 adds support for MSP files, MSI Stream names and resolves a cache bug. This is not a security update.
https://lessmsi.activescott.com/

LoadOrder 1.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/loadorder

NTLite 2.3.1.8454 adds new components, settings, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.5.0 adds SMART health checks and improves update behavior. This is not a security update.
https://www.diskpart.com/

PointerStick 5.55 updates languages. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.49.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcessMonitor 3.86 updates icons. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

PsShutdown 2.53 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psshutdown

RegJump 1.11 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/regjump

RoboForm 9.2.1 improves compatibility, import, sync performance, and resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 3.17 resolves several bugs and updates libraries. This should be treated as a security update.
https://rufus.ie/en_US/

ShareEnum 1.61 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/shareenum

ShellRunas 1.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/shellrunas

SimpleWMIView 1.46 adds error handling and improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Sysmon 13.30 resolves several bugs, improves stability, and adds user fields for events. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.16 updates icons. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

WinObj 3.13 updates icons. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

Windows 11 RCT 1.3.1 improves detection of CPU features and updates languages. This is not a security update.
https://bytejams.com/

WinScan2PDF 7.44 improves hardware compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.04 adds support for mobile devices and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomText 2021.2111.2.400 resolves compatibility bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2022.2110.47.400 resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.4 improves user interface, input handling, adds large file support, frame delta smoothing, and dozens of other features. This is not a security update.
https://godotengine.org/

MySQL ConnectorNet 8.0.27 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 16.13.0 updates libraries, resolves several bugs and is promoted to LTS. This is not a security update.
https://nodejs.org/en/

Node.js 17.0.1 is a new major version adding OpenSSL 3.0 support, updates libraries,
https://nodejs.org/en/

Visual Studio Code 1.62 resolves over 4000 issues and adds vscode.dev beta. This should be treated as a security update.
https://code.visualstudio.com/

WinMerge 2.16.16 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.12.3 resolves a gamepad bunding bug. This is not a security update.
https://ppsspp.org/downloads.html

VirtualBox 6.1.28 resolves almost two dozen bugs. This should be treated as a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.17.1 resolves several bugs and improves the GUI. This is not a security update.
https://dadamailproject.com/

Docker Desktop 4.2.0 adds pause/resume, windows management, updates libraries, and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.8 resolves several bugs. This is not a security update.
https://drupal.org/download

HumHub 1.9.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

MailArchiva 8.3.14 resolves several bugs. This is not a security update.
https://mailarchiva.com/

OpenPetra 2021.10 resolves several bugs and improves automation. This is not a security update.
https://www.openpetra.org/

ownCloud Client 2.9.1.5500 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 12.0.0 improves sorting, performance, maintenance, and adds bulk actions and logging. This is not a security update.
https://piwigo.org/

Contact Form 7 5.5.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Social Post Feed 4.0.3 resolves several bugs and improves compatibility. This should be treated as a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Email Log 2.4.8 is a security update.
https://wordpress.org/extend/plugins/email-log/

Visual Composer 40.0 resolves several bugs. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.9 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 5.9.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Zero Spam 5.1.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/zero-spam/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-09-14

Welcome back, Folks!

This is for Patch Tuesday for September, 2021.

I’m running late with the newsletter this month. I needed to focus on our clients since there was simply so much to do. In the typical month we usually see 85-90 updated applications (some several times). This month there have been over 160. An increase in application release frequency is typical when other major software releases are impending, and the next month will bring Windows 11, iOS 15, a new build of Windows 10, a new version of Microsoft Office, iPhone 13, and Windows Server 2022.

This Month in Technology

AccentureApple devices, and Apple iCloudAT&T (more than once), various airline and IAB staffBangkok AirwaysBanksyBeaumont HealthBlackbaud (more information about a previous hack), Boston Public LibraryBrooklyn Technical High SchoolCampbell Conroy & O’Neil, P.C., Chase Bank, thousands of Coinbase accountsComcast/Xfinity remotes29% increase in attacks targeting the education sector, Cream FinanceDallas Police DepartmentDallas School DistrictDesert Wells Family MedicineDuPage Medical GroupEpikEskyFunFordForHousing and Liberty, over 80,000 Fortinet FortiGate VPN devices, Fortinet FortiWebFortress Home Security, the French Visa ProgramGuntrader (including data of over 100,000 UK gunowners), Howard UniversityHP Omen HubIndiana Department of Health (Contact Tracing System), ImavexEvin (Iranian Prison), JenkinsJohn Deere, JP Morgan Chase, over 1,200 K-12 schoolsKaseya UnitrendsLithuanian Ministry of Foreign AffairsMarketron60,000 domains with MarkMonitorMcDonald’sMemorial Health SystemMicrosoft Power Apps (38 million records!), MikroTik routersMyRepublicNEW Cooperative, a NY Credit UnionOlympusParallels DesktopPeterborough, New HampshireRazer mouse driver (and pretty much all other drivers), Republican Governors AssociationRevere HealthSAC WirelessSonic, various NAS drivesPayPal is sharing user data and transactions with the ADL, pNetworkRazorPayvarious routers from over a dozen vendors, various Russian phonesSouth Africa’s Department of JusticeSpotify data leak, Syracuse UniversityT-MobileTexas GOPTokio Marine, the United NationsUPS, the US Census, the US State Department, hundreds of US financial systems, almost half of all US hospitals, dozens of US government websites, the US Terrorist Screening CenterValveWalgreens, the WordPress Gutenberg Template Library Plugin, and Zoho ManageEngine have been hacked this month.

I separated the Microsoft-specific hacks this month mostly to shame them. The month they claim that “the cloud” is more secure they should absolutely have their noses rubbed in it. Microsoft suffered from yet another nasty, epic, world-wide Exchange attack, but defended their own hosted product by claiming “Microsoft’s Office 365 wasn’t swept up in the breach because it runs in the cloud, which offers more protection,” even though only hours later a critical vulnerability in Microsoft’s Azure Cosmos DB service was confirmed — one of the largest cloud hacks of all time, affecting thousands of service providers. The vulnerability existed for months, so there’s simply no way to know if your accounts were compromised or if permanent access to any victim’s Microsoft Azure services occurred months prior, and Microsoft patched it only two weeks before making the claim above that “the cloud…offers more protection.” As if hammering the point home, yet another series of vulnerabilities in Microsoft’s Azure cloud services were discovered this week which expose millions more endpoints, with thousands already infected. Microsoft’s 365 Cloud PCIIS, Microsoft Teams event data, WSL, and MSHTML used by Microsoft Office have all been hacked this month. Microsoft’s PrintNightmare still isn’t over. In fact, the “fix” breaks printing and printer installation on at least 5% of computers. To top it all off, with all of these incidents they are removing features and they still feel their software is worth a 20% price increase based on the improved security and reliability of their products. Sigh.

The Ragnarok ransomware gang has released a master decryption key. So has REvil (accidentally).

The US Senate is working to make encryption meaningless. Facebook is, too. And Facebook just got slapped by the German Supreme Court for violating free speech rights in Germany. Hypocrisy is their codeword. Facebook actually hid their transparency report. That kinda says it all, doesn’t it? If not, then Apple “considering” removing Facebook for their ties to human trafficking should at least raise an eyebrow. Really, the question should be, why didn’t they? Google geofence warrants are up 1,167%.

Anyone can post a job for any company on LinkedIn. A new fake Captcha tricks the user into keeping malware. ProtonMail, once a beacon of hope for privacy advocates, has shared IP addresses and device information of a user in violation of their own privacy assertions.

Dogfooding is usually a good thing. Not always.

On hardware – GPU-level malware is a thing. Hacking strict hardware security through a silly design flaw. ASUS has made a few serious mistakes with their $2,000 GeForce RTX graphics cards. If you ever wondered why you shouldn’t borrow someone’s charging cable or wall wart, wonder no more. Samsung has acknowledged that they can disable any Samsung TV using a “feature” (read: backdoor) installed on all their televisions. Do you think they limited this “feature” to their TVs?

Apple is still pushing their Jedi Mind Tricks. They want you to use your phone as your ID, but a recent iOS update even broke the “phone” part of iPhones. Why would anyone trust their identity to their phones?

The Epic v Apple case finally has a ruling. One of the two most significant issues, that Apple forbade any payments not through the App Store, was (rightly) ruled illegal. All other counts were dismissed. It’s being appealed, of course. This could cost Apple a huge chunk of a $20+ billion pie. There are some great reads from discovery. South Korea has passed a new law with similar implicationsEpic v Google is really shaping up.

Be careful how you treat your employees – they might turn out to be the “evil insider” for a ransomware gang.

If you’re a government employee and the scope of your abuse was just to use your boss’s computer then you’re really thinking small potatoes.

Oh, and don’t photograph the moon. You might get sued by UMG.

All technology carries risk, but Wi-Fi is probably the most significant risk to your privacy.

Microsoft broke OneDrive for Business, has some major issues with Outlook 365 right now, and VoIP.ms has been extorted by a DDoS attack.

Apple has dropped it’s lawsuit against Corellium over virtual iPhones, lost their Optis trial, and settled with small developers who publish on the App Store, but it still in bed with Big Brother. The US is pushing a bill right now to prevent App Stores from being the sole source of apps and content for their platforms and the EU is pushing for a minimum of seven years of hardware support.

There is no Section 230 in Australia…and it shows. Until social media companies are slapped by the Supreme Court, they will continue to get away with acting on behalf of government while claiming to be independent.

Since nobody is working “full time” anyway, they’re planning to force employers to cut their hours even more.

A federal court has ruled that the HHS can not force doctors to perform transgender surgeries or abortions. If you were concerned about the damage someone might do to your wedding cake, why would you want them holding a scalpel between your legs?

When the MSM has to resort to blatant lies to support their position and the people eat it up you have to acknowledge that they’re the enemy of honesty. The only real pandemic is a curious series of deaths only affecting those leaders opposed to mandates and ignoring the blatantly obvious data. This isn’t the first time. Sadly, absolute fraud passes for science today. There really are proven treatments available.

The science behind face masks demonstrates that this has never been an honest conversation. Instead, politicized (and ineffective) tests and treatments are more lethal
than the disease. Those required to do so are failing or simply refusing to report injuries (does this mean they lose protection under NVICP?) and the events that are reported still resemble a certain climate change “hockey stick.” They’re maliciously and negligently ignoring the dataactual health and safety concernscommitting fraud, and cherry-picking sources so they can make tiktok videos. They’re intentionally falsifying data to coerce and terrorize the publicGeorge Orwell would be proud. The spews media, and by extension, their loyal vidiots, aren’t interested in the truth. They mindlessly supportJab Crow,” racism, rape, tyranny, dehumanizing people, and sweep the scandals under the rug with their massive propaganda machine.

If they were honest and their goals were actually in line with reality, then isolation and replication would be required *before* the creation of a cure, but they’re still pushing tests that can’t distinguish Coronavirus from Influenza. The “vaccines” intentionally, permanently alter your DNA. Claims of effectiveness have repeatedly been disproven, as have their false claims of FDA licenseapproval.” So they push illegal mandates that aren’t intended to protect your health, even going so far as to ban students from online classesPoliticians ignoring mathematics isn’t really anything new. Especially when there’s animportantagendaIt’s time for a human rights commission for war crimes over this bio weapon. After all, more servicemembers have died from the vaccines than the disease.

The anti-privacy passports are not designed to prove you’re immune. They’re not designed to prove you’re not a carrier.

Whether there’s sufficient evidence to determine the cause of any deaths over the last 18 months, one thing is sure: Science no longer has any validity.

At least some regions are waking up to the insanity of a group of super-governmental multi-national corporations with total immunity from any and all liability. Or elseIt’s time to opt out.

The FBI admits no one (else!) orchestrated the Jan 6 protest. Nevertheless, it was, according to “experts,” the darkest day in American history. (And they don’t mean the subsequent human rights violations.) Odd that the same agenda is unfolding through Big Pharma.

A real President doesn’t abandon their people, or commit war crimes when they’re embarrassed, the Speaker shouldn’t be silencing the names of those who died on their watch, and the FCC, the FDA, OSHA, and other government agencies should actually study what they approve. Companies that only answer to consumers do.

Only after the last year of humans treating other humans as trash, and validating it by dumbing down the rest, could a flight attendant say, matter-of-factly, that “we don’t follow federal law” and expect her victim to just roll over and comply.

It makes perfect sense, then, that the Constitution and Declaration of Independence would be labeled “harmful content” by the National Archives. Not to be outdone, the UK – once the standard to measure an open press – will now punish reporters who “embarrass” the government with up to 14 years in prison.

Now for the good news:

Inexpensive batteries are on the horizon and Starlink satellites are being fitted with lasers.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~2.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15 and 14.8, iPadOS 15 and 14.8, tvOS 15, macOS Big Sur 11.6, watchOS 8 and 7.6.2, Safari 15, Safari 14.1.2, Xcode 13, iTunes 12.12 for Windows and Security Update 2021-005 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15 and 14.8 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15 and 14.8 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 8 and 7.6.2 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 15 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 93.0.4577.63 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Citizen Driver 2021.1 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.seagullscientific.com/support/downloads/drivers/citizen/download/

Display Driver Uninstaller 18.0.4.3 improves removal. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

HP Laserjet Stub 13.3.3 doesn’t provide a changelog so should be treated as a security update.
https://123.hp.com/us/en/devices/LASERJET

Nvidia 472.12 adds support for Windows 11, CUDA 11.4, and resolves several bugs. This is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.29.81 adds more advertising, improves IPFS support, resolves several crashes and other bugs. This is not a security update.
https://brave.com/

Google Chrome 94.0.4606.54 is a security update.
https://www.google.com/chrome/

Microsoft Edge 93.0.961.52 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 92.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.14.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 4.2.2406.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.9.2 resolves several bugs. This is not a security update.
https://getmailspring.com/

Thunderbird 91.1.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.75.0.140 resolves several bugs. This is not a security update.
https://www.skype.com/

Telegram 3.1.0 resolves several bugs. This is not a security update.
https://telegram.org/

Trillian 6.5.0.17 updates libraries and resolves upload bug. This is not a security update.
https://www.trillian.im/

AnyDesk 6.3.3 improves connection reliability. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 6.3.2 adds a URL handler and adds a warning for permissions. This is not a security update.
https://anydesk.com/en/downloads

aria2 1.36.0 updates libraries and resolves several bugs. This is not a security update.
https://aria2.github.io/

BrowsingHistoryView 2.50 improves menu sorting behavior. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 7.79.0 is a security update.
https://curl.haxx.se/windows/

DNSDataView 1.61 resolves an international compatibility bug. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 130.4.4978 doesn’t provide a changelog, so should be treated as a security update.
https://www.dropbox.com/

FileZilla Server 1.0.1 (wow! I honestly thought they’d never release a major version) adds ACME Let’s Encrypt support, logging improvements, library updates and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.14 adds OpenSSL 3.0 support, resolves several bugs, adds ability to manage filter settings, and improves cross-platform compatibility. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 51.0 improves reliability and stability. This is not a security update.
https://drive.google.com/start

Npcap 1.55 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 4.4.4 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.56.1 improves reliability and resolves several bugs. This is not a security update.
https://rclone.org/

Technitium DNS Server 6.4.1 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Zoom 5.7.8.1247 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

darktable 3.6.1 improves hardware support and resolves over a dozen bugs. This is not a security update.
https://www.darktable.org/install/

Flickr Downloadr 3.4.3.1 updates libraries. This is not a security update.
https://flickrdownloadr.com/downloads/

iTunes 12.12.0.6 is a security update. Use Apple Software Update to install the most current version.
https://www.apple.com/itunes/download/

MediaMonkey 5.0.3 resolves a duplication bug. This is not a security update.
https://www.mediamonkey.com/windows#download

Plex Home Theater 1.5.1.2629 updates libraries, improves hardware support, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.24.3.5033 adds support for new hardware, updates libraries, resolves stability and reliability bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Steam 2021.09.20 resolves dozens of bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Nintendo Switch 13.0.0 adds Bluetooth Audio, the ability to install Dock updates, and preserve the Internet connection in sleep mode. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS5 21.02-04.00.00 adds M.2 SSD expansion support, 3D audio, and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 3.0.4 resolves a stability bug. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.4 resolves dozens of bugs. This is not a security update.
https://www.blender.org/download/

Gimp 2.10.28 is a major update ported to GEGL, adds multithreading, GPU-side processing, hi-DPI support, and improved user interface, selection tools and more. This is not a security update.
https://www.gimp.org/

IcoFX 3.6.1 resolves a startup bug. This is not a security update.
https://icofx.ro/

Krita 4.4.8 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.2.1 resolves over 400 bugs. This is a security update. The “Fresh” line is beta software, and should be avoided in favor of the “Still” version for most users.
https://www.libreoffice.org/

LibreOffice Still 7.1.6 resolves 44 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.4 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.4 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Adobe XMP Toolkit SDK 2021.08 is a security update.
https://helpx.adobe.com/security/products/xmpcore/apsb21-85.html

Adobe Photoshop 21.2.12 and 22.5.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-84.html

Adobe Experience Manager 6.5.10.0 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb21-82.html

Adobe Genuine Service 7.4 is a security update.
https://helpx.adobe.com/security/products/integrity_service/apsb21-81.html

Adobe Digital Editions 4.5.11.187658 is a security update.
https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html

Adobe Premiere Elements 20210809.daily.2242976 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb21-78.html

Adobe Photoshop Elements 20210811.m.158081 is a security update.
https://helpx.adobe.com/security/products/photoshop_elements/apsb21-77.html

AdobeCreative Cloud Desktop Application 5.5 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-76.html

Adobe ColdFusion 2018.12 and 2021.2 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb21-75.html

Adobe Framemaker 2019.8 and 2020.3 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb21-74.html

Adobe InDesign 16.4 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb21-73.html

Adobe SVG-Native-Viewer 20210914 is a security update.
https://helpx.adobe.com/security/products/svg-native-viewer/apsb21-72.html

Adobe InCopy 16.4 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-71.html

Adobe Premiere Pro 15.4.1 is a security update.
https://helpx.adobe.com/security/products/premiere_pro/apsb21-67.html

Adobe Acrobat and Reader 2021.007.20091, 2020.004.30015, and 2017.011.30202 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-55.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.22 resolves several stability bugs with Tor. This is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

BelArc Advisor 11.1 adds support for new software and operating systems. This is not a security update.
https://www.belarc.com/products_belarc_advisor

Hashcat 6.2.4 improves performance, adds hash modes, and resolves several bugs. This is not a security update.
http://hashcat.net/hashcat/#downloadlatest

KeePass 2.49 improves accessibility, reliability, and resolves several bugs. This is not a security update.
https://keepass.info/

OnionShare 2.3.3 adds dark mode, updates libraries, and resolves several bugs. This is not a security update.
https://onionshare.org/

OpenSSL 1.1.1l and 3.0.0 are security updates.
https://curl.se/windows/
https://slproweb.com/products/Win32OpenSSL.html

RogueKiller 15.1.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.38.0 adds Node.js support and resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

WebBrowserPassView 2.11 adds a new export/import option, Firefox CSV. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD 3.70.55 adds Facecam support and resolves several bugs. This is not a security update.
https://www.elgato.com/en/game-capture-software

SnagIt 2021.4.4 resolves several bugs. This is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.1 resolves several bugs. This is not a security update.
https://handbrake.fr/

PDF Creator 4.4 resolves several bugs, adds CS Script action, page numbers, and a couple more actions. This is not a security update.
https://www.pdfforge.org/pdfcreator

Education updates

One or more of these are likely to be of interest to most people.

Zotero 5.0.96.3 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8.7 resolves dozens of bugs and compatibility issues. This is not a security update.
https://1password.com/downloads/mac/

Autoruns 14.01 resolves a bug with VirusTotal and adds a dark theme. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Beyond Compare 4.4.0.25886 adds support for TLS 1.3, improves SFTP and resolves several bugs. This should be treated as a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 1.28.2 resolves several bugs. This is not a security update.
https://bitwarden.com/

CPU-Z Installer 1.97 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 9.21 improves support for Windows 11 and resolves bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 2.9.378.0 adds several new features and resolves several bugs. This is a security update.
https://dngrep.github.io/

Drive Snapshot 1.49 adds support for new operating systems and improves encryption. This should be treated as a security update.
http://www.drivesnapshot.de/en/

Etcher 1.5.122 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything Toolbar 0.7.2 resolves a display bug. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.24 adds UEFI Shell downloads and command line support. This is not a security update.
https://github.com/pbatard/Fido/releases

GoodSync 11.8.2 resolves several bugs. This is not a security update.
https://www.goodsync.com/

LessMSI 1.8.2 resolves a CAB parsing bug. This is not a security update.
https://lessmsi.activescott.com/

NTLite 2.3.0.8330 adds support for Windows 11 and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.0.1 adds several new tables and queries, updates libraries and resolves several bugs. This is not a security update.
https://osquery.io/downloads

PowerToys 0.45.0 improves stability and resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.84 adds dark theme. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Process Explorer 16.43 resolves a memory leak and other bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

Synergy 1.14.1 resolves several bugs, improves reliability and adds new operating system support. This is not a security update.
https://symless.com/synergy/

Sysmon 13.24 improves stability and event handling. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.14 adds dark theme. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.21.8 resolves a license warning bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WhyNotWin11 2.4.1 improves compatibility detection. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WifiChannelMonitor 1.70 adds 802.11ac monitoring mode. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.71 improves internationalization. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Windows 11 RCT 1.1.0 improves compatibility detection. This is not a security update.
https://bytejams.com/

WinScan2PDF 7.31 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.03 is a massive update. This version adds zoom, improved search controls and organization, Explorer interaction and improved cosmetic controls. This is not a security update.
https://wiztreefree.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.33.10 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Godot 3.3.3 resolves dozens of bugs. This is not a security update.
https://godotengine.org/

Node.js v12 12.22.6 is a security update.
https://nodejs.org/en/

Node.js v14 14.17.6 is a security update.
https://nodejs.org/en/

Node.js v16 16.9.1 updates libraries, resolves several bugs, and improves error handling. This is a security update.
https://nodejs.org/en/

Unreal Engine 4.27 resolves several bugs. This is not a security update.
https://unrealengine.com/en-US/

Visual Studio Code 1.60 adds debug watch values, improves cosmetics, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

OpenCart 3.0.3.8 resolves an RTL bug. This is not a security update.
https://www.opencart.com/

Coppermine Gallery 1.6.13 is a security update.
https://coppermine-gallery.net/

Dada Mail 11.15.1 updates libraries and resolves several bugs. This is a security update.
https://dadamailproject.com/

Docker Desktop 4.0.1 introduces the new licensing scheme, updates libraries, and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.1.13 is a security update (the second in a week).
https://drupal.org/download

Drupal 9.2.5 resolves dozens of bugs. This is not a security update.
https://drupal.org/download

MailArchiva 8.2.4 resolves several bugs. This is not a security update.
https://mailarchiva.com/

MailEnable 10.36 resolves several bugs, including a certificate assignment bug. This is not a security update.
https://www.mailenable.com/

Nextcloud Server 22.1.1 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

ownCloud Client 2.9.0.5150 resolves several bugs and improves stability. This is not a security update.
https://owncloud.com/desktop-app/

ScreenConnect 21.12.4575.7914 adds several controls for compatibility and reporting, improves stability, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

YOURLS 1.8.2 resolves several bugs. This is a security update.
https://yourls.org/

WordPress 5.8.1 is a security update.
https://wordpress.org/

Akismet 4.1.12 resolves a couple bugs. This is not a security update.

Autoptimize 2.9.2 improves compatibility and resolves several bugs. This is not a security update.

BuddyPress 9.1.1 is a security update.

Duplicator 1.4.3 resolves several bugs. This is not a security update.

Postie 1.9.57 improves attachment handling. This is not a security update.

Show IDs 1.1.8 adds support for the latest WordPress. This is not a security update.

Slider Revolution 6.5.8 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Social Post Feed 4.0 is a major update adding several new features. This is not a security update.

Sucuri Security 1.8.28 removes a warning. This is not a security update.

Visual Composer 38.1 resolves a couple bugs. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.8 resolves several bugs. This is not a security update.

WooCommerce 5.7.0 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-05-11

Welcome back, Folks!

Today is Patch Tuesday for May, 2021. There have been a couple dozen major hacking incidents and critical security issues, and every browser has now continued their weekly security update cadence through the third month.

This Month in Technology

Apple (Quanta Computer), Apple’s AirDrop, Apple’s iOS 14.5, Apple’s macOS Big Sur 11.3, Cellebrite, Celsius Network, Colonial Pipeline, Dell dbutil, Dominion election hardware, various DNS implementations, mostly on IoT devices, various medical devices, Elliman Property Management, Facebook, Geico, enterprise password app Passwordstate, various Police Departments, Pulse Connect Secure, Tesla’s Model X, and Trend Micro’s Apex One were hacked this month.

Linux banned University of Minnesota from submitting code because they intentionally submitted patches that would have intentionally made Linux devices insecure.

The FBI is violating the Computer Fraud and Abuse Act.

It’s illogical to justify or mandate an experimental treatment that increases your risk for a disease and creates side-effects on its own that are equivalent to the disease. When you can’t win your arguments using actual science you have to ignore the inserts, the numbers, falsify the data, falsify the tests, censor, attack their education, ridicule and intimidate, hide the dead children, secretly destroy the unused ventilators, ignore the tens of thousands of barrels of DDT dumped in the ocean by the same  companies making the experimental vaccines today, make sure nobody knows you have no idea what you’re doing, or just straight-up kill people. A Jedi mind trick or two goes a long way, too. By the way, the COVID-19 mortality rate for vaccinated test subjects dwarfs the rate for the “control group.” France is at least capable of putting two and two together. It’s sad that American doctors can’t.

In a surprise move, Apple & Google have actually stood by their privacy policies forbidding the UK from collecting additional location details through the NHS COVID-19 tracking app. That said, no matter how much they try to limit data exposure, if it’s collected, it can be compromised.

Piracy is bad and FLoC is worse10DLC is a step in the right direction, but will likely only result in increased text messaging forgery.

USPS is violating the first amendment but that pales in comparison to what state and federal governments are doing, and what the Speaker has done to keep her seat. Christianity isn’t illegal, yet. Violence is, but it has proven to be effective anyway, so will continue unabated.

There are still some wins coming in, so I guess we haven’t quite devolved into communism, but it doesn’t look good when censorship is so pervasive and ambiguous, and officials openly engage in fraud during an audit, and blame the victims for being assaulted.

The Epic vs Apple suit is currently underway and has proven to be what you’d expect from a conflict between a monopoly and a video game company. Meanwhile, Apple is now being sued for terminating accounts for customers that have “bought” apps and services through them, and the EU has declared Apple’s App Store a monopoly. Seeing the writing on the wall, Microsoft has lowered it’s Windows Store cut.

Google, which dropped Fortnite last year for violating the terms of a contract, just sidestepped Roku’s removal of the YouTube TV app by inserting the functionality of  YouTube TV app into the YouTube app. Demonstrating the flaws in their app compatibility argument Google broke YouTube TV on their own Chromecast platform during this circus.

Now for the good news:

Dogecoin for the win. Just make sure you are the only one with the keys to your wallet!

Oh, and Samsung is planning to provide a way so you can still make use of some of your archaic hardware.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge – with well over a hundred common applications and operating systems releasing fixes. The typical computer should see roughly 3.2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iCloud for Windows 12.3, iTunes 12.11.3 for Windows, Safari 14.1, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, Xcode 12.5, iOS 14.5.1 and iPadOS 14.5.1, iOS 12.5.3, macOS Big Sur 11.3.1, tvOS 14.5, and watchOS 7.4.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.5.1 and 12.5.3 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 14.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.4.1 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 90.0.4430.100 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 34-1.2 has a lot of changes under the hood, such as UEFI improvements, driver and updated libraries. This is a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v2009) is huge (about 18% larger than v2004, which was 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.3.9 improves diagnostics and removal. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 8.54.106 resolves several bugs. This version does not provide a detailed changelog so should be treated as a security update.
https://www.logitech.com/en-us/product/options

Nvidia 466.27 improves compatibility. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Engine 3.20.0 resolves several bugs. This is not a security update.
https://steelseries.com/engine

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.24.84 is a security update.
https://brave.com/

Google Chrome 90.0.4430.212 is a security update.
https://www.google.com/chrome/

Microsoft Edge 90.0.818.56 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 88.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.10.1 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.7.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 3.8.2259.42 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.9.1 is a security update.
https://getmailspring.com/

Thunderbird 78.10.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.48 adds a QR code toolbar button and resolves a bug in the SaveDirect command-line switch. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 7.76.1 resolves several bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 121.4.4267 doesn’t provide a changelog, so should be treated as a security update.
https://www.dropbox.com/

FreeFileSync 11.10 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Java 8u291 is a security update.
https://www.java.com/en/download/manual.jsp

Npcap 1.31 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 4.3.5 resolves several bugs and improves compatibility. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

PuTTY 0.75 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Technitium DNS Server 6.2.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 2.7.4 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.6.5.823 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.11.3 is a security update.
https://www.apple.com/itunes/download/

Picard 2.6.2 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Media Server 1.22.3.4392 resolves several bugs with collections. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.14 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS4 8.03 improves notification controls and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PlayStation PS5 21.01-03.10.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.9 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.57.0 updates libraries, and resolves several bugs. This is not a security update.
https://atom.io/

LibreOffice Fresh 7.1.3 resolves over a hundred bugs. This is a security update. Be aware that LibreOffice Fresh is a beta version and should be avoided in favor of the Still (stable) version.
https://www.libreoffice.org/

Lightworks NLE 2021.2 resolves dozens of bugs and improves reliability. This is not a security update.
https://www.lwks.com/

Nextcloud Desktop 3.2.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

OpenOffice 4.1.10 is a security update.
https://www.openoffice.org/download/

Paint.net 4.2.16 resolves several bugs. This is not a security update.
https://www.getpaint.net/

Adobe Creative Cloud Desktop Application 5.4.3 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-31.html

Adobe Genuine Service 7.3 is a security update.
https://helpx.adobe.com/security/products/integrity_service/apsb21-27.html

Adobe Acrobat and Reader 2021.001.20155, 2020.001.30025, and 2017.011.30196 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-29.html

Adobe After Effects 18.2 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb21-33.html

Adobe Animate 21.0.6 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-35.html

Adobe Experience Manager 6.5.8.0 and 6.4.8.4 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb21-15.html

Adobe InDesign 16.2.1 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb21-22.html

Adobe Illustrator 25.2.3 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb21-24.html

Adobe InCopy 16.2.1 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-25.html

Magento 2.4.2-p1 and 2.3.7 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-30.html

Adobe Media Encoder 15.2 is a security update.
https://helpx.adobe.com/security/products/media-encoder/apsb21-32.html

Adobe Medium 2.4.5.332 is a security update.
https://helpx.adobe.com/security/products/medium/apsb21-34.html

Security Software Updates

One or more of these is likely to be of interest to most people.

HTTP Toolkit 1.3.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://httptoolkit.tech/

KeePass 2.48.1 improves compatibility and resolves several bugs. This is not a security update.
https://keepass.info/

uBlock Origin 1.35.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.9.6 doesn’t provide a changelog so should be treated as a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Tails 4.18 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.30 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.3.1 resolves two minor bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Education updates

One or more of these are likely to be of interest to most people.

Zotero 5.0.96.2 optimizes online storage and resolves a hang in generating citations. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8.2 resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.6.801 is a security update.
https://1password.com/downloads/windows/

Autoruns 13.100 resolves a crash bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

CCleaner 5.79.8704 adds cleaning of Slack cache, adds ability to wipe free space, and improves debug logging. This is a security update.
https://www.ccleaner.com/

CPU-Z Installer 1.96 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

CurrPorts 2.65 resolves a kernel tracing bug and improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Etcher 1.5.120 is a documentation change. This is not a security update.
https://www.balena.io/etcher/

Fing 2.6.0 adds Deep Scan and updates libraries. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 11.6.6 resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWMonitor 1.44 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NTLite 2.1.0.7862 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.2 adds ability to free up space on Windows partitions by moving apps to another partition. This is not a security update.
https://www.diskpart.com/

PowerToys 0.37.2 updates all components, settings app and configuration, and improves silent installation behavior. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.70 allows constraining the number of events and fixes several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

ProduKey 1.97 adds command-line configuration processing. This is not a security update.
https://www.nirsoft.net/utils/product_cd_key_viewer.html

RoboForm 9.1.3 resolves several bugs. This is not a security update.
https://www.roboform.com/

SearchMyFiles 3.11 adds high-DPI support and adds a sorting as a menu option. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TCPView 4.01 is a cosmetic update. This is not a security update.
https://sysinternals.com/

WinRAR 6.01 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WinScan2PDF 7.07 improves compatibility with Windows. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.41 resolves several bugs. This is not a security update.
https://wiztreefree.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.33.09 resolved several bugs. This is not a security update.
https://www.autohotkey.com/download/

Godot 3.3 improves reliability and adds several new features. This is not a security update.
https://godotengine.org/

MySQL ConnectorNet 8.0.25 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 16.1.0 resolves dozens of bugs and compatibility issues with the new major v16 update to Node.js, which removes support for Python 2 and updates system requirements. This is not a security update.
https://nodejs.org/en/

Node.js 14.17.0 updates libraries, resolves dozens of bugs, improves diagnostic capabilities, and backports several features from stable. This is not a security update.
https://nodejs.org/en/

SQLite 3.35.5 is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.56 improves hover feedback, terminal profile, debugger, and more. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.12 adds ARM64 support and resolves dozens of bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.22-144080 is a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.12 updates libraries. This is not a security update.
https://coppermine-gallery.net/

Dada Mail 11.13.0 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 3.3.3 updates libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.0.13 updates libraries and resolves several bugs. This should be treated as a security update.
https://drupal.org/download

HumHub 1.8.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

OpenPetra 2021.04 improves contact and import, and resolves several bugs. This is not a security update.
https://www.openpetra.org/

ScreenConnect 21.6.3280.7796 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.7.1 is a security update.
https://wordpress.org/

Autoptimize 2.8.4 is a security update.

BuddyPress 7.3.0 is a security update.

Contact Form 7 5.4.1 resolves several bugs and compatibility issues. This is not a security update.

WooCommerce 5.3.0 resolves dozens of bugs and introduces several new features. This is not a security update.

WP Mail SMTP 2.8.0 resolves several bugs. This is not a security update.

WPtouch 4.3.41 resolves a cosmetic bug. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-10-28

Welcome back, Folks!

It’s not Patch Tuesday, but updates from Microsoft, Apple, Google, Mozilla, and many others have triggered an out-of-cycle update.

This Month in Technology

Hackney Council has been hacked, Dickey’s BBQ has been hacked, Carnival Corp was hacked, a Finland psychotherapy center was hacked and the stolen data is being used to blackmail patientsSonicWall VPN Portal can be easily hacked, there’s yet another Bluetooth vulnerability (in all but the latest Linux kernel), dozens of government networks have been targeted (and some hacked) by a “Russian hacker group” (though it’s hard to believe that the Russians are behind anything anymore), and President Trump’s campaign website was hacked. Any password you can remember is a bad password. Even if you’re the President. Or a multinational security company.

Some nutjobs are still supporting the lockdowns, even though the half-baked science encouraging lockdowns and masks have been proven false again and again, but that won’t stop authoritarians from treating people as terrorists.

Facebook is permabanning users for buying $300 VR hardware Facebook sells. Really. That’s okay, it’s time for VR to abandon Facebook anyway.

An overzealous Apple security feature (XProtect) has blocked access to HP printers, Amazon Music and more. They’re humorously contradicting themselves about security. On the one hand, they advise users to never plug any device into a non-Apple power adapter, and on the other hand they say they’re saving the planet by not including power adapters anymore.

Epic Games founder and chief executive Tim Sweeney observes:
“What’s most disturbing about Apple’s position is that they seem to truly believe they “own” all commerce involving phones they make, characterizing direct payment as theft, smuggling, and even shoplifting. It’s a crazy, misguided view.”

Yes, in June T-Mobile broke the entire US cell network. No, they won’t be punished.

Twitter and Facebook are actively censoring actual news based on false claims of hacking and sensitive information…but even if it were true, they didn’t seem to mind when the target of the hacking was of a different political persuasion. Twitter acknowledges that Joe Biden is a child sex predator. It should go without saying that social networks will never treat everyone the same. The FCC and President Trump have repeatedly asserted that they will be “clarifying” Section 230. Wouldn’t it be better if they just enforced it?

Not to be outdone by mere social media, the RIAA has demonstrated that it has too much power. Google has demonstrated that they can control what the world knows and believes, which has painted them into a corner for a federal antitrust case.

Orca Security has a great write-up about Palo Alto Networks defective (and illegal) pursuit of security-by-obscurity.

Now for the good news:

Energy scavenging may soon be a reality, hopefully it won’t be used to send us back to the 18th century like in the TV series Revolution. Isn’t it time that we pedaled for power?

Let’s Get Busy

Microsoft released the newest build of Windows 10 v2009, which isn’t that different from v2004. It’s another minor “major” update that streamlines several features and improves overall performance.
https://www.microsoft.com/en-us/software-download/windows10

Apple released updates for iOS, iPadOS, watchOS, iTunes, and Apple Music 3.4.0 for Android. These are security updates.

iOS 14.1 is a security update. Use Settings, General, Software Update to install the most current version.

iPadOS 14.1 is a security update. Use Settings, General, Software Update to install the most current version.

watchOS 7.0.3 is a security update. Use your updated iPhone to install the most current version through the Watch app.
https://support.apple.com/en-us/HT204641

Google Chrome OS 86.0.4240.112 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 33-1.2 adds PARSEC support, improves interoperability and development environment, updated libraries and resolves several bugs. This is not a security update.
https://getfedora.org/en/workstation/download/

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.3.4 improves removal capabilities. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

MS Mouse and Keyboard Center 13.0 adds support for new hardware. This is not a security update.
https://www.microsoft.com/accessories/en-us/downloads/mouse-keyboard-center

Logitech Options 8.34.82 (and 8.34.91 for macOS) resolves several bugs, adds support for new hardware and plugins, and implements the new permissions options for macOS Mojave compatibility. This is not a security update.
https://www.logitech.com/en-us/product/options

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.16.68 is a security update.
https://brave.com/

Google Chrome 86.0.4240.111 is a security update.

Microsoft Edge 86.0.622.56 is a security update.

Firefox 82.0.2 is a security update.

Firefox ESR 78.4.0 is a security update.

Vivaldi 3.4.2066.86 is a security update.
https://vivaldi.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.45 adds an option to display QR codes for selected URLs. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 7.73.0 resolves over a hundred bugs and adds several new switches, improving help and error handling. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 108.4.453 does not provide a detailed changelog, so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.51.0 resolves several bugs. This is not a security update.
https://filezilla-project.org/

TrueNAS 12.0 is the merger of FreeNAS and TrueNAS to build a much more powerful whole. This major update improves quality, reliability and performance, adds and improves support for new file systems and dataset encryption, improves diagnostics, 2FA, API support, quotas and much more. This is not a security update.
https://www.truenas.com/download-truenas-core

Technitium DNS Server 5.4 resolves several bugs, adds QNAME randomization and PTR zone creation. This is not a security update.
https://technitium.com/dns/

WinSCP 5.17.8 is a security update.
https://winscp.net/eng/index.php

Zoom 5.4.58636.1027 resolves several bugs. This is a security update.
https://zoom.us/

Java 8u271 is a security update.
https://www.java.com/en/download/manual.jsp

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.10.10 is a security update. Use Apple Software Update to get the most current version.

3tene 2.0.7 adds 32-bit screen capture, adjusts transition time, and resolves several bugs. This is not a security update.
https://en.3tene.com/

Picard 2.5.1 resolves dozens of bugs, improves reliability, and adds improved privacy controls. This is not a security update.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.10.23 is a security update.

PlayStation PS4 8.00 is a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

LibreOffice 6.4.7 resolves over 70 bugs, including stability and reliability issues. This is not a security update.
https://www.libreoffice.org/

Paint.net 4.2.14 improves performance, adds AV1 support, and resolves several bugs. This is not a security update.
https://www.getpaint.net/

Adobe Creative Cloud Desktop Application 5.3 and 2.2 are security updates.
https://helpx.adobe.com/download-install/kb/creative-cloud-desktop-app-download.html

Adobe InDesign 16.0 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb20-66.html

Adobe Media Encoder 14.5 is a security update.
https://helpx.adobe.com/security/products/media-encoder/apsb20-65.html

Adobe Premiere Pro 14.5 is a security update.
https://www.adobe.com/in/creativecloud/catalog/desktop.html

Adobe Photoshop 21.2.3 and 22.0 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb20-63.html

Adobe After Effects 17.1.3 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb20-62.html

Adobe Animate 21.0 is a security update.
https://helpx.adobe.com/security/products/animate/apsb20-61.html

Adobe Dreamweaver 21.0 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb20-55.html

Adobe Illustrator 25.0 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb20-53.html

Marketo 1.4357 is a security update.
https://helpx.adobe.com/security/products/marketo/apsb20-60.html

Magento 2.4.1 and 2.3.6 are security updates.
https://helpx.adobe.com/security/products/magento/apsb20-59.html

Security Software Updates

One or more of these is likely to be of interest to most people.

BelArc Advisor 9.7 doesn’t provide a changelog so should be treated as a security update.
https://www.belarc.com/products_belarc_advisor

RouterPassView 1.90 adds a new display mode including backup files. This is not a security update.
https://www.nirsoft.net/utils/router_password_recovery.html

uBlock Origin 1.30.6 resolves several bugs and adds a click-to-load widget. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

RogueKiller 14.7.4 improves reliability. This is not a security update.
https://www.adlice.com/download/roguekiller/

HTTP Toolkit 1.0.2 updates libraries. This is not a security update.
https://httptoolkit.tech/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2021.0.0 is a major update adding several features, updating Templates, Themes, Simplify, Magnify, and the Editor. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.0.3 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

CCleaner 5.73.8130 improves license management. This is not a security update.
https://www.ccleaner.com/

TeamViewer 15.11.6 improves RSA key length, allows flashlight while zooming, and resolves a copy/paste notification bug. This is not a security update.
https://www.teamviewer.com/en/download/windows/

Fido 1.17 adds support for the latest Windows 10 build, v2010. This is not a security update.
https://github.com/pbatard/Fido/releases

GoodSync 11.4.1 improves Google Photos FS access, event handling, GsRunner, CCRunner, updates certificate roots, and resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

NTLite 2.0.0.7705 updates components and compatibility, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PointerStick 4.71 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Rufus 3.12 adds support for the latest Windows 10 build, v2010, SHA-512 digests, improved Windows To Go support, and resolves several bugs. This is not a security update.
https://rufus.ie/en_IE.html

TaskSchedulerView 1.57 adds options to copy contents of clicked cell. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

WinScan2PDF 6.13 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

VMMap 3.30 identifies .NET Core 3.0 managed heaps. This is not a security update.
https://live.sysinternals.com/

RAMMap 1.60 adds customizable map colors and a new empty system working sets. This is not a security update.
https://live.sysinternals.com/

Sysmon 12.01 is a security update.
https://live.sysinternals.com/

Developer Updates

These are unlikely to be of interest to most people.

MySQL ConnectorNet 8.0.22 resolves several bugs. This is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 14.15.0 resolves several bugs and is now officially in Long Term Support (LTS) status. This is not a security update.
https://nodejs.org/en/

Node.js 15.0.1 is a major update adding several new features and removing others, updating libraries and resolves bugs. This is not a security update.
https://nodejs.org/en/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.16-140961 resolves several bugs. This should be treated as a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.12.2 resolves a minor bug. This is not a security update.
http://dadamailproject.com/

phpMyAdmin 4.9.7 and 5.0.4 resolve 2FA bug and PHP compatibility, and resolve several other bugs. This is not a security update.
https://www.phpmyadmin.net/

ScreenConnect 20.11.1385.7587 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Nextcloud Server 20.0.1 resolves over 60 bugs and improves performance, reliability and privacy. This is not a security update.
https://nextcloud.com/

Akismet 4.1.7 improves integration. This is not a security update.

Contact Form 7 5.3 resolves several bugs. This is not a security update.

myStickymenu 2.4.7 resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.19 improves compatibility and resolves several bugs. This is not a security update.

Redirection 4.9.1 resolves logging and database upgrade bugs. This is not a security update.

Social Post Feed 2.17.1 resolves several bugs. This is not a security update.

WooCommerce 4.6.1 resolves several bugs. This is not a security update.

WP Mail SMTP 2.5.1 adds password encryption, improves Gmail compatibility, and resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/