Updates 2023-08-08

Posted on August 8, 2023 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for August, 2023.

This month brings a whole bucket of ugly, and a reminder that fixing a bug is not the same thing as fixing the software. Every common browser released at least a security update each week for the last month, with Firefox maxing out sanity tests by releasing five (5) security updates in a mere ten (10) days. I warned about this years ago.

There were over 160 major hacks (some involving millions of users and thousands of organizations, one involving billions of users, Microsoft’s own security keys), and over 200 application updates this month. It’s a huge month, with about 4 GB of updates for most users.

This Month in Technology

Acupuncture and Integrative Solutions Incorporated, All-In-One Security, Allegheny County, AlphaPo, AMD Zen CPUs, AMD Zen2 CPUs, AMI MegaRAC Baseboard Management Controller (BMC), Argentina’s Comprehensive Medical Care Program, PathGroup Health Plan, Barracuda ESG, Batesville Tool & Die, Inc., Baylor College of Medicine, BAZAN Group, Beverly Hills Plastic Surgery, Bi-Bett Corporation, BookCrossing, Buckingham County Public Schools, Buffalo State, California Public Employee and Retirement System (CalPERS), Call of Duty, Canon printers, CardioComm Solutions Inc, Care N’ Care Insurance Company, Inc., Centers for Medicare and Medicaid (CMS), Charles George Department of Veterans Affairs Medical Center, Cisco SD-WAN vManage, Citrix Netscaler ADC and Gateway servers, Cloudzy, CoinsPaid, ColdFusion (several times), Colorado Department of Higher Education (CDHE), Colorado State University (CSU), Comdirect, Commerzbank, Conic Finance, almost all CPUs, CraftRise, Curve Finance, Deutsche Bank AG, air-gapped systems in Eastern Europe, Egyptian Ministry of Health and Population, Era Lend, Estée Lauder (twice!), European diplomats, Evotec, Exchange Online, EY Law, Fairfax Oral and Maxillofacial Surgery, Family Vision of Anderson, P.A., Fortinet SSL VPNs, FortiOS and FortiProxy, Gary Motykie, M.D., Ghostscript, Google Accelerated Mobile Pages (AMP), Google Cloud Build, Harkins Pain & Sleep Management Group, Harris Health System, Hawai’i Community College, Helix, Henry Ford Health, Highland Health Systems, Hillsborough County, Hines Interests Limited Partnership, Hot Topic, Howard County General Hospital, Immigration Directorate General in Indonesia, ING, Italian government, Ivanti Endpoint Manager Mobile/Mobileiron — an unknown number of devices are effected, likely in the millions (and again, and again), IVF Michigan, P.C., Johns Hopkins Health System Corporation, JumpCloud, Kenya’s e-Citizen, LeetSwap, LetMeSpy, Life Management Center of Northwest Florida, Inc., Locally, MagicDuel, Majorel, Maximus Federal Services, Inc, Microsoft, Microsoft Azure, Microsoft Exchange, MikroTik RouterOS routers, Military and Police “Secure” Radio systems, Minecraft servers, MobiMed ePR, Molina Healthcare, Mondee, at least 545 servers/organizations running MOVEit software, Multichain, National Student Clearinghouse (3,500 colleges and universities – 97% of postsecondary enrollment in the US), NATO (yes, that NATO), New England Life Care, Inc., 12 Norwegian Ministries, Norwegian Government Security and Service Organisation (DSS), NPO Mashinostroyeniya, OpenAI, Orrick, Herrington & Sutcliffe, Ortivus, Outlook.com, PaperCut NG/MF, Paramedic Billing Services, Park Royal Hospital, Pension Benefit Information, Performance Health Technology (PH Tech), Physicians Insurance, Poly Network, Postbank, Prospect Medical Holdings, Quinn Emanuel, Razer, Redis, Rite Aid Corporation, Roblox, Roblox Developer Conference, Rockstar Games Inc., Rockwell Automation ControlLogix, Rodeo Finance, Saint Francis Health System, Salesforce, Serco Inc., several hospitals, Shutterfly, 70,000 small office/home office (SOHO) routers, SonicWall, South Central Ambulance Service, South Western Ambulance Service, Southern Association of Independent Schools, Sutter Senior Care, Tampa General Hospital, Teachers Insurance and Annuity Association of America, Terrestrial Trunked Radio (TETRA), Tesla, The Chattanooga Heart Institute, The Health Plan of West Virginia, Inc., Tigo, TLScontact, Tomra, Uber Technologies Inc, Ubuntu OverlayFS, UEFI boot loader security, UK Electoral Commission, Ukrainian and Polish businesses, Unified Pain Management, US Ambassador to China, US Department of Commerce (and at least two dozen other US government agencies), UT Southwestern Medical Center, Vermillion, VirusTotal, VMware ESXi, VMware Tanzu Application Service, Wake Family Eye Care, WooCommerce Payments, WordPress Ninja Forms, Wuhan Earthquake Monitoring Center, Yamaha, Zimbra (twice), and Zyxel firewalls have reportedly been hacked or compromised this month.

In light of all that, Barracuda Networks asserts that fewer than 100 scammers are responsible for global email extortion campaigns, leading to record breaches. There is yet another means of exfiltrating user information and passwords – this time from the sound your keyboard makes as you type.

BAZAN Group, Microsoft Exchange Online, Microsoft Sharepoint, Reddit, Slack, Spotify, and WhatsApp have suffered from outages this month.

Last months updates broke display and audio hardware, Outlook for Desktop saving, Outlook hyperlinks, websites in Safari, Screen Time on iOS, video recording and playback, certain VPNs, and Windows Update. I am also seeing reports from dozens of my clients that the iOS and iPadOS updates released last week are triggering alerts about “new devices” connecting to users’ Apple accounts. In all cases it was triggered shortly after a restart of a device that had received the OTA update.

Google is *really* pushing Enhanced Safe Browsing, the feature that allows them to monitor all activity on your devices, including third-party apps and websites in other browsers, even when you tell them no. Google announced they will be making it easier to remove personal information and explicit images from Google Search. Google is pushing WEI, though, which will make it impossible to enforce security and privacy in your own browser. As an example, your local Taco Bell could refuse to show you their address on their own website – or even load at all – unless you enable their ability to access your precise location, microphone and camera. This isn’t just my paranoia, it’s a standard Google is pushing at this very moment.

IBM’s Red Hat has announced that they will change the way they “comply” with the GPLv2 open source requirements, limiting access to some of their source. Oracle (yes, that Oracle!) is actually pointing out the insanity of this move.

Amazon is raising prices on some IPv4 addresses.

Clop ransomware is now using bittorrent to bypass takedowns. Cloudflare, primarily known for their security and privacy features, is being abused to aid malware.

The SEC is now mandating that publicly traded companies disclose attacks in four business days after discovery. The Australian government isn’t sure if the Privacy Act applies to their own actions when they violate citizen’s trust or privacy.

Microsoft is going to be forcing users of the native Windows Mail and Calendar applications to the “new Outlook” starting this month. Don’t do it!

Now for the good news:

The FBI finally found out which evil organization purchased malicious spyware after the US banned it: the FBI itself!

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released updates to address 88 vulnerabilities in .NET Core, .NET Framework, ASP.NET, Azure Arc, Azure DevOps, Azure HDInsights, Dynamics Business Central Control, Memory Integrity System Readiness Scan Tool, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Teams, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Codecs Library, Reliability Analysis Metrics Calculation Engine, SQL Server, Tablet Windows User Interface, Visual Studio, Windows Bluetooth A2DP driver, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Defender, Windows Fax and Scan Service, Windows Group Policy, Windows HTML Platform, Windows Hyper-V, Windows Kernel, Windows LDAP – Lightweight Directory Access Protocol, Windows Message Queuing, Windows Mobile Device Management, Windows Projected File System, Windows Reliability Analysis Metrics Calculation Engine, Windows Smart Card, Windows System Assessment Tool, Windows Wireless Wide Area Network Service, and MSRT (~ 2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Ventura 13.5, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, Safari 16.6, iOS 15.7.8, iOS 16.6, iPadOS 15.7.8, iPadOS 16.6, tvOS 16.6, watchOS 9.6, and Pro Video Formats 2.2.6. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.7.8 and 16.6 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.7.8 and 16.6 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.6 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 16.6 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 108.0.5359.239 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Ventura (13.x) means that macOS Catalina (10.15) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.7.2 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

BullZip PDF Printer 14.3.0.2961 resolves several bugs and improves compatibility. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Display Driver Uninstaller 18.0.6.5 improves removal. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Drivers by Seagull 2023.3 adds support for 300 new models including several RFID tag printers. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

DS4Windows 3.2.13 several new features and improves hardware compatibility. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Ghostscript 10.01.2 resolves several bugs. This is a security update.
https://www.bullzip.com/products/pdf/download.php

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.56.20 is a security update. Use Menu, Help, About to get the most current version.
https://brave.com/

Microsoft Edge 115.0.1901.200 is a security update. Use Menu, Help, About to get the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 116.0.2 is a security update…the fifth in the last ten days! Use Menu, Help, About to get the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.1.0 is a security update. Use Menu, Help, About to get the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 115.0.5790.170 is a security update. Use Menu, Help, About to get the most current version.
https://www.google.com/chrome/

Microsoft Edge 115.0.1901.188 is a security update. Use Menu, Help, About to get the most current version.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge WebView2 115.0.1901.200 is a security update. Use Menu, Help, About to get the most current version.
https://developer.microsoft.com/en-us/microsoft-edge/webview2/

SeaMonkey 2.53.17 is a security update. Use Menu, Help, About to get the most current version.
https://www.seamonkey-project.org/

Vivaldi 6.1.3035.257 is a security update. Use Menu, Help, About to get the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.11.0 improves cosmetics and resolves several bugs. This is a security update.
https://getmailspring.com/

Spark (macOS) 3.6.8 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark 3.6.8 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.1.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 7.2.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 8.2.1 resolves dozens of bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 179.4.4985 doesn’t provide a change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 192.0.0.8.125 is a security update.
https://www.messenger.com/download

FreeFileSync 12.5 resolves several bugs and improves stability and reliability. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 79.0 is a security update.
https://drive.google.com/start

Grocy Desktop 2.5.0 updates Grocy to 4.0.1 and resolves several bugs and improves performance. This is not a security update.
https://github.com/grocy/grocy-desktop

Microsoft Teams 1.6.00.20074 updates the channels experience and improves security. This is a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 27.0.1 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Npcap 1.76 resolves a couple bugs, improves performance, and updates the code signing key. This is not a security update.
https://nmap.org/npcap/

Qbox 4.0.5.48 doesn’t provide a change log so should be treated as a security update.
https://www.coraltreetech.com/qbox

Rclone 1.63.1 resolves several bugs, improves compatibility and resilience. This is not a security update.
https://rclone.org/

Signal (Android) 6.27.10 doesn’t provide a change log so should be treated as a security update.
https://signal.org/android/apk/

Signal 6.27.1 improves voice and video calling. This is not a security update.
https://signal.org/download/macos/
https://signal.org/download/windows/

Skype 8.99.0.403 resolves several bugs, integrates motr Bing AI, and adds self-chat. This is not a security update.
https://www.skype.com/

Telegram 4.8.10 resolves a couple bugs. This is not a security update.
https://telegram.org/

Zoom 5.15.6.19959 resolves dozens of bugs. This is a security update. Note that Zoom has also recently updated their Terms of Service to assert ownership of any audio, video, or other communication through their platform IN ANY WAY THEY SEE FIT with no way to opt out.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.11 resolves a dozen bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.0.4 resolves a couple minor bugs. This is not a security update.
https://www.bitwig.com/download/

darktable 4.4.2 resolves several bugs. This is not a security update.
https://www.darktable.org/

Picard 2.9 resolves dozens of bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.75.0.3920 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.44.1.3926 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.5.7349 resolves several bugs and improves hardware compatibility. This is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.6.0.92 improves macOS compatibility. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.2.169 resolves several bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.23.7.3 resolves a stability bug. This is not a security update.
https://www.lego.com/en-us/ldd

Minecraft Server (Bedrock) 1.20.14.01 is a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 23.01-07.60.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat and Reader 23.003.20269, 20.005.30516.10516, and 20.005.30514.10514 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb23-30.html

Adobe Commerce and Magento Open Source 2.4.6-p2, 2.4.5-p4, 2.4.4-p5, 2.4.3-ext-4, 2.4.2-ext-4, 2.4.1-ext-4, 2.4.0-ext-4, and 2.3.7-p4-ext-4 are security updates.
https://helpx.adobe.com/security/products/magento/apsb23-42.html

Adobe Dimension 3.4.10 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb23-44.html

Adobe XMP Toolkit SDK 2023.07 is a security update.
https://helpx.adobe.com/security/products/xmpcore/apsb23-45.html

Blender 3.6.1 improves performance and resolves several bugs. This is not a security update.
https://www.blender.org/download/

Calibre 6.24.0 adds the ability to operate full text search across a subset of books, fixes calibre:// links, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

GnuCash 5.3 resolves a couple bugs and improves performance. This is not a security update.
https://www.gnucash.org/

ImageMagick 7.1.1-15 resolves several bugs. This is a security update.
https://imagemagick.org/

Inkscape 1.3 resolves dozens of bugs and improves several tools. This is not a security update.
https://inkscape.org/release/

Kdenlive 23.04.3 resolves over a dozen bugs. This is not a security update.
https://kdenlive.org/

LibreOffice Fresh 7.5.5 resolves 70 bugs. This is not a security update. Remember that the “Fresh” line is beta software and you should use the “Still” line instead.
https://www.libreoffice.org/

Nextcloud Desktop 3.9.1 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Paint.net 5.0.8 resolves several bugs. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 4.2.0 resolves a dozen bugs. This is a security update.
https://www.gpg4win.org/download.html

HTTP Toolkit 1.13.0 doesn’t provide a change log so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.5.34 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.20.7 resolves several bugs. This is not a security update.
https://www.malwarebytes.com/mac/

OpenSSL 1.1.1v and 3.1.2 are security updates.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN 2.4.3 improves stability. This is not a security update.
https://protonvpn.com/download

Radmin VPN 1.4.4642.1 doesn’t provide a change log so should be treated as a security update.
https://www.radmin-vpn.com/

Tails 5.16 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.51.0 resolves several bugs and adds support for several new filters and scriptlets. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.14.0 adds silent operation support, winget and go support, and resolves a couple bugs. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 23.1.2 updates libraries and resolves several bugs. This is a security update.
https://www.techsmith.com/video-editor.html

SnagIt 23.2.0 updates libraries and resolves over a dozen bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.1.1.2 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.3.4 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 1.0.2.8 improves conversion speed and resolves a couple bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

.NET Runtime 7.0.10 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

1Password 8.10.9 resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/windows/
https://1password.com/downloads/mac/

8GadgetPack 37.0 updates My Weather and removes unsupported widgets. This is not a security update.
https://8gadgetpack.net/

Bitcoin 25.0 improves network communication, RPCs, and resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 2023.7.1 adds commands to the CLI Secrets Manager. This is not a security update.
https://bitwarden.com/

CCleaner 6.14.10584 is a security update.
https://www.ccleaner.com/

Dell Command Update 5.0.0 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 11.01 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.0.45.0 updates libraries and resolves several bugs to improve compatibility. This is a security update.
https://dngrep.github.io/

Etcher 1.18.12 resolves a couple bugs. This is not a security update.
https://www.balena.io/etcher/

Everything Toolbar 1.2.0 improves compatibility. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Go 1.21.0 is a major update, adding several new tools and language constructs. This is a security update.
https://go.dev/

GoodSync 12.3.1 improves AutoUpdate sync, stability, and resolves several compatibility issues. This is not a security update.
https://www.goodsync.com/

HWiNFO 7.60 doesn’t provide a change log so should be treated as a security update.
https://www.hwinfo.com/download/

Java 8u381 is a security update.
https://www.java.com/en/download/manual.jsp

JShelter 0.13 improves stability. This is not a security update.
https://jshelter.org/install/

LiveTcpUdpWatch 1.51 adds dark background and full screen support. This is not a security update.
https://www.nirsoft.net/utils/live_tcp_udp_watch.html

NetworkOpenedFiles 1.61 adds dark background and full screen support. This is not a security update.
https://www.nirsoft.net/utils/network_opened_files.html

NTLite 2023.7.9371 resolves several bugs and improves features. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1015 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.9.1 adds ARM support and resolves several bugs. This is a security update.
https://osquery.io/downloads

PowerToys 0.72.0 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Explorer 17.05 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

Rufus 4.2 improves compatibility and stability, adds conversion options, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.5.8.8598 improves logging. This is not a security update.
https://www.connectwise.com/software/control/download

SmartMonTools 7.4 adds several new switches, improved hardware support, and resolves a couple bugs. This is not a security update.
https://smartmontools.org/

TcpLogView 1.38 updates IP database. This is not a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

Ventoy 1.0.94 resolves compatibility issues. This is not a security update.
https://www.ventoy.net/en/index.html

VMMap 3.33 improves compatibility. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/vmmap

WinRAR 6.23 is a security update.
https://www.rarlab.com/

WinScan2PDF 8.61 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

ZoomIt 7.1 adds audio capture support. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit

ZoomText 2023 2023.2307.29.400 improves keyboard shortcuts and resolves several bugs.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

ADB 34.0.4 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2022.3.1.18 improves compatibility. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.4 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

AutoHotkey 1.1.37.01 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

GitHub Desktop 3.2.7 resolves several bugs. This is not a security update.
https://desktop.github.com/

Godot (macOS) 4.1.1 improves stability. This is not a security update.
https://godotengine.org/

MySQL ConnectorNet 8.1.0 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.34 resolves dozens of bugs. This is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 18.17.0 updates libraries, improves performance, and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.5.0 updates libraries, improves performance, and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Visual Studio Code 1.81 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.10 resolves dozens of bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.14.3 resolves several bugs. This is not a security update.
https://www.humhub.com/en

ISPConfig 3.2.11 adds support for Debian 12 and resolves several bugs. This is not a security update.
https://www.ispconfig.org/ispconfig/download/

Invision Community 4.7.12 updates libraries and resolves dozens of bugs. This should be treated as a security update.
https://invisioncommunity.com/

Grocy 4.0.1 is a major update adding new API features, compatibility, and performance improvements. This build also resolves several bugs.
https://github.com/grocy/grocy

MailEnable 10.47 resolves several bugs. This should be treated as a security update.
https://www.mailenable.com/

ownCloud Client 4.2.0.11670 resolves several bugs. This should be treated as a security update.
https://owncloud.com/desktop-app/

Contact Form 7 5.8 adds several hooks and resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.5.1 improves messaging and subsite mapping structure. This is not a security update.
https://wordpress.org/plugins/duplicator/

Social Post Feed 4.1.9 adds promotional link, updates the block and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Theme My Login 7.1.6 resolves a couple bugs and adds a new hook. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/

W3 Total Cache 2.4.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 7.9.0 resolves over a hundred bugs, updates blocks and options. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.8.2 resolved several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WPBakery 7.0 adds a couple elements, improves notifications and compatibility. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-12-13

Posted on December 13, 2022 by Shawn K. Hall

Merry Christmas, Folks!

Today is Patch Tuesday for December, 2022.

This month brings a new version of Windows 10 (v22H2), critical security updates for all supported Apple products, and (literally) new security updates every single week since the last update cycle on November 8th. That’s on top of the 150+ major hacks, and over 165 application updates this month. Prepare yourself, there will be about 4 GB of updates for most devices this month.

This Month in Technology

Over 15,000 websites, Abandonia2022, ABB Totalflow, Accuro, Acer UEFI Secure Boot, dozens of apps using the Algolia API, Amazon ECR, Amnesty International Canada, Android, Android OEM certificates, André-Mignot Hospital, Ankr, Antwerp, Belgium, Argentina de Soluciones Satelitales, Arkansas Department of Human Services, Atlassian Bitbucket Server, Bahrain, Bank of Russia, Boa web server, California’s Department of Finance, Canadian Teachers Union, Canon hardware, CareFirst Administrators, CCA Health Plans of California, Inc d/b/a CCA Health CA, Central Depository Services Ltd, Chiropractic Board of New Zealand, Cincinnati State Technical and Community College, Cisco IP phones, Citrix ADC and Gateway, CloudSEK, Codesys, CoinTracker, CommonSpirit Health, Community Health Network, Inc. as an Affiliated Covered Entity, Connexin Software, Consumer Directed Services In Texas, Inc., CorrectCare Integrated Health Inc, County of Tehama, California, Dallam Hartley Counties Hospital District, Deribit, Dermatology & Skin Cancer Ctr, PC, Dialpad, Inc., Dietitians Board of New Zealand, Docs Medical Inc, Doctors’ Center Hospital, Dr. Douglas C. Shoenberger,PC, Durham District School Board, Dutch LNG Terminal, Easton Cardiovascular, Ellen M. Field, M.D., Epic Management LLC, European Parliament, F5 BIG-IP and BIG-IQ, Fars News Agency, Festo, FortiOS SSL-VPN, FTX, GATE Petroleum Company Employee Benefits Plan, Gateway Rehabilitation Center, General Council of the Judiciary, GGCorp, Google Pixel 5 and 6, Google’s Looker Studio, GoTo, Guatemala’s Ministry of Foreign Affairs, Health Care Management Solutions, LLC, Health New Zealand, Hope Health Systems Inc., Hospital Center of Versailles, HP hardware, Hyundai and Genesis cars, Indian Central Board of Higher Education, Indian Community Health Network, Indian Council of Medical Research, Indian electrical grid operators, Innovative Service Technology Management Services, Inc., Kaiser Foundation Health Plan of the Mid-Atlantic States, Inc., Keralty Group, Lake Charles Memorial Health System, LastPass (again), Lehigh Valley Women’s Specialties, Lenovo UEFI Secure Boot, Lexmark hardware, Magento 2, Manassas Surgery Center Anesthesia Services, MaryAnne Freeman Brndjar, DO, PC, Medibank, Mena Regional Health System, Mercury IT, Microsoft Exchange, Mikrotik hardware, NETGEAR hardware, New York-Presbyterian Hospital, New Zealand Ministry of Justice, New Zealand Psychologists Board, New York-Presbyterian Hospital, a NY salon, NU House Calls, PC, Nuance Communications, Inc., OakBend Medical Center, One Brooklyn Health System, Optometrists and Dispensing Opticians Board of New Zealand, Oracle Fusion, Orange Telecom, Orlando Health, Pendurthi Surgical Associates, Peter J. Isaac, D.O., Physiotherapy Board of New Zealand, Plascar Participacoes Industriais, Podiatrists Board of New Zealand, Polsinelli PC, Quarkus Java Framework, Rackspace, Radio Free Asia, Receivables Performance Management, Restaurants in Cincinnati, Roman Catholic Church, Rosenfeld VanWirt, PC, Royal Mail, Samsung Galaxy S22, Sequoia One, Seville Urban Transport Company, Silverstone Circuit, Sobeys, Sonder, Sonos hardware, South Staffordshire Water, South Walton Fire District, Southampton County, Virginia, Sree Saran Medical Centre, Stanley Street Treatment and Resources, Inc., Synology hardware, Tata Power, Telstra, The Smith Family, TP-Link hardware, Tuloso-Midway Independent School District, Twitter, Uber, Ubiquiti hardware, University Medical Center of Southern Nevada, UOB KayHian, Uruguay’s Ministry of Transport and Public Works, the US government, VMware ESXi, VTB Bank, Western Digital hardware, Whoosh, Work Health Solutions, Wright & Filippis LLC, Xavier College, Yakima Neighborhood Health Services, Yale University, and the Zwijndrecht police have reportedly been hacked or compromised this month.

There’s another novel method for exfiltrating information from air-gapped devices: the power supply. Most US DoD contractors fail to implement basic security controls.

Windows updates last month broke DirectAccess, gaming performance, ODBC database connections, Remote Desktop, Task Manager, Windows Kerberos, caused Windows freezes and domain controller freezes.

Meta (Facebook and Instagram) has acknowledged they’ve been used by the US Military for propaganda.

Now for the good news:

Apple is finally adding end-to-end encryption for some iCloud backups.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released updates to address 57 vulnerabilities in .NET Framework, Azure, Client Server Run-time Subsystem (CSRSS), Microsoft Bluetooth Driver, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Windows Codecs Library, Windows Hyper-V, SysInternals, Windows Certificates, Windows Contacts, Windows DirectX, Windows Error Reporting, Windows Fax Compose Form, Windows HTTP Print Provider, Windows Kernel, Windows PowerShell, Windows Print Spooler Components, Windows Projected File System, Windows Secure Socket Tunneling Protocol (SSTP), Windows SmartScreen, Windows Subsystem for Linux, Windows Terminal and MSRT (~ 2.5 GB). This includes security updates. A reboot is required.

Apple released updates for iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2, iOS 16.2 and iPadOS 16.2, macOS Big Sur 11.7.2, macOS Monterey 12.6.2, macOS Ventura 13.1, Safari 16.2, tvOS 16.1.1, tvOS 16.2, and watchOS 9.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.7.2, 16.1.2, and 16.2 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.7.2, 16.1.2, and 16.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 16.1.1 and 16.2 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 108.0.5359.75 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 37-1.7 is a major update, adding support for Raspberry Pi 4, new editions, and updates libraries. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.11.2 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.5.9 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.1.11 resolves several bugs. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Garmin Express 7.15.2 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

NVcleanstall 1.14.0 resolves several bugs. This is not a security update.
https://www.techpowerup.com/download/techpowerup-nvcleanstall/

Nvidia Driver 474.06 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Drivers by Seagull 2022.3 adds support for over 200 new devices. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

Wacom Driver 6.4.0-11 resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.46.134 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 108.0.5359.98 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 108.0.1462.46 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 108.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Vivaldi 5.6.2867.40 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.7 resolves a couple bugs and improves cosmetic options. This is not a security update.
https://getmailspring.com/

OutlookAttachView 3.47 adds option to cancel scan with Esc key. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.2.1.40643 resolves many bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.2.1.40641 resolves many bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.6 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 7.0.0 resolves several bugs and improves interface and Settings. This is not a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.53 adds multiple profile support to several browsers and adds the ability to cancel scan with the Esc key. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

DNSDataView 1.70 adds support for collecting A records of all PTR record. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 162.4.5419 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 172.0.0.23.215 is a security update.
https://www.messenger.com/download

FileZilla Client 3.62.2 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.6.1 resolves an installation bug and improves certificate controls. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.28 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 68.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.5.00.33362 adds HOSI support for compatible hardware. This is not a security update.
https://teams.microsoft.com/downloads

Minds (Android) 4.30.1 resolves several bugs. This is not a security update.
https://www.minds.com/

Nextcloud Server 25.0.2 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.7.4 improves the user interface, adds several new options, and resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.20.29 resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.34 resolves several bugs. This is not a security update.
https://pocketnet.app/

Qbox 4.0.5.35 doesn’t provide a changelog so should be treated as a security update.
https://www.coraltreetech.com/qbox

Rclone 1.60.1 resolves several bugs and improves compatibility. This is not a security update.
https://rclone.org/

Signal 6.0.1 adds Stories support. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.3.6 adds donation support. This is not a security update.
https://signal.org/android/apk/

Skype 8.91.0.404 adds universal translation and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.22.2 resolves several bugs and updates libraries. This is not a security update.
https://syncthing.net/

Technitium DNS Server 10.0.1 adds several features and resolves bugs. This is a security update.
https://technitium.com/dns/

Telegram 4.4.1 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 9.2.1 doesn’t provide a detailed changelog so should be treated as a security update.
https://telegram.org/apps

TP-Link Archer AX21 v1.3.6 is a security update.
https://www.tp-link.com/us/support/download/archer-ax21/v1.20/#Firmware

WinSCP 5.21.6 is a security update.
https://winscp.net/eng/index.php

Zoom 5.12.9.10650 improves policy controls, CC and translation, and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4.3 fixes a couple stability bugs. This is not a security update.
https://www.bitwig.com/download/

Picard 2.8.5 resolves several bugs. This is a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.59.1.3398 adds support for AV1 and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.30.1.3391 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.30.0.6486 adds pattern matching, improves scheduled tasks, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.18 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2022.11.0.54 resolves dozens of bugs and improves usability. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.1.152 adds new features, including monetization through assets, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.22.12.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Steam 2022.12.01 resolves 20 bugs. This is not a security update.
https://steamcommunity.com/news/client

SteamOS SteamDeck Update 2022-11-21 resolves many bugs including hardware compatibility, performance and stability issues. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Campaign Classic 7.3.2 and 8.4.2 are security updates.
https://helpx.adobe.com/security/products/campaign/apsb22-58.html

Adobe Experience Manager 2022.10.0 and 6.5.15.0 resolve almost three dozen security vulnerabilities.
https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html

Illustrator 2023 27.0.1 and 2022 26.5.2 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-60.html

Artweaver 7.0.14 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.63.1 is the final release of Atom before it is to be EOL in a couple days. Please switch to another editor.
https://atom.io/

Audacity 3.2.2 adds VST2 realtime effect support and resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 6.9.0 adds signing to all binaries and resolves several bugs. This should be treated as a security update.
https://calibre-ebook.com/

Inkscape 1.2.2 resolves dozens of bugs. This is not a security update.
https://inkscape.org/release/

Kindle for PC 1.39.65383 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 7.4.3 resolves 100 bugs. This is a security update. Remember that the Fresh line is beta software. Most users should use the Still line.
https://www.libreoffice.org/

Nextcloud Desktop 3.6.4 improves stability. This is not a security update.
https://nextcloud.com/

PDF-XChange Editor 9.5.366.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.3.0 improves culprit tracking. This should be treated as a security update.
https://github.com/countercept/chainsaw

HTTP Toolkit 1.12.1 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware Mac 4.17.8 adds support for macOS Ventura/13. This is not a security update.
https://www.malwarebytes.com/mac/

ProtonVPN 2.3.1 improves user interface. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.10 improves the user interface. This is not a security update.
https://protonvpn.com/download

Radmin VPN 1.3.4568.3 adds ability to add exceptions from within the software. This is not a security update.
https://www.radmin-vpn.com/

RogueKiller 15.6.3 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 5.7 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.45.2 resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.6.7 adds PGP automation and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

WebBrowserPassView 2.12 adds High-DPI support and improves portable browser support. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 22.4.1 resolves several bugs. This is not a security update.
https://www.techsmith.com/video-editor.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.9.4 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.3 doesn’t provide a changelog so should be treated as a security update.
https://imazing.com/heic

IsoBuster 5.1 adds support for reading the FAT directly, improves performance and stability, and resolves dozens of bugs. This is not a security update.
https://www.isobuster.com/download.php

PDF Creator 5.0.3 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.0.0.7 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.18 resolves a merge bug. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.9.10 improves 2FA support and compatibility, and resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.9.10 improves 2FA support and compatibility, and resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/windows/

Agent Ransack 2022.3349 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2022.11.0 implements 2-step authentication and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.06.10144 adds and improves cleanup for over a dozen applications. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.4.1 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 10.51 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.1.197.0 adds recycle bin support, resolves several bugs, and improves bookmark behavior. This is not a security update.
https://dngrep.github.io/

Etcher 1.10.6 updates dependencies. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 2022.3349 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.39.0 resolves several bugs. This is not a security update.
https://git-scm.com/

Go 1.19.4 is a security update.
https://go.dev/

GoodSync 12.1.2 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

Homedale 2.04 removes log headers and updates languages. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.48 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NetConnectChoose 1.10 adds Metric column and resolves a network selection bug. This is not a security update.
https://www.nirsoft.net/utils/net_connect_choose.html

NTLite 2.3.9.9018 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1006 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.6.0 resolves several bugs, adds new columns and controls. This is not a security update.
https://osquery.io/downloads

AOMEI Partition Assistant 9.13.0 resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 6.11 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.65.0 upgrades dependencies and resolves a couple bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Explorer 17.02 resolves stability bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

RoboForm 9.3.8 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 3.21 updates dependencies, libraries, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 22.9.10589.8370 resolves dozens of bugs including stability and reliability. This is a security update.
https://www.connectwise.com/software/control/download

Sysmon 14.13 resolves a stability bug. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TeamViewer 15.36.9 improves terminal and scripting support. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.22 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Unity 2022.2.0 resolves over a hundred bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WinScan2PDF 8.31 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.12 resolves a couple bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomText 2022 2022.2211.5.400 improves integration and stability, and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2023 2023.2210.28.400 is a new major version adding tethered view and improves compatibility. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.36.02 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Docker Desktop 4.14.1 improves stability and performance, adds WebAssembly support, user interface improvements, upgrades libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Node.js 14.21.2 updates certificates and timezone information. This should be treated as a security update.
https://nodejs.org/en/

Node.js 16.19.0 updates certificates and timezone information. This should be treated as a security update.
https://nodejs.org/en/

Node.js 19.2.0 updates libraries and resolves over a dozen bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.40.0 improves support for data recovery, performance, and reliability. This is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.74 adds several new features. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.4 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.4.9 resolves several bugs. This is not a security update.
https://drupal.org/download

HumHub 1.12.3 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 4.2.6 improves compatibility and resolves several bugs. This is not a security update.
https://www.joomla.org/

jQuery 3.6.2 improves compatibility and resolves several bugs. This is not a security update.
https://code.jquery.com/

MailEnable 9.86 is a security update.
https://www.mailenable.com/

MailEnable 10.43 is a security update.
https://www.mailenable.com/

ownCloud Client 3.0.0.9215 resolves dozens of bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 13.3.0 resolves several bugs. This is not a security update.
https://piwigo.org/

SMF 2.1.3 resolves dozens of bugs. This should be treated as a security update.
https://www.simplemachines.org/

WordPress 6.1.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/

Akismet 5.0.2 is a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.4 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.7 resolves dozens of bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.1 adds support for the latest build of WordPress and resolves several bugs. This is a security update.
https://wordpress.org/plugins/duplicator/#developers

Redirection 5.3.6 improves translations. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Simple Lightbox 2.9.3 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/simple-lightbox/

Sucuri Security 1.8.36 is a cosmetic update. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.2.9 improves translation support. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 7.1.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPtouch 4.3.46 is a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-08-09

Posted on August 9, 2022 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for August, 2022. This is a much lighter month, but there are still over a hundred large hacking victims, two hundred updates and a little over 3.5 GB in updates today.

This Month in Technology

7-Eleven, 70 Lenovo laptop models, Acts Retirement Services, Inc. and Affiliates, Aetna ACE, alio.lt, Allegheny Health Network, Atlassian Confluence Server, Audius, Avamere Health Services LLC, Avamere Holdings, Axie Infinity, Azure Site Recovery, Bandai Namco, Battlefy, Belgian Ministry of Defense, Bellingham Public Library, Benefit Plan Administrators, Inc., Benson Health, BHG Behavioral Health Group, BHG Holdings, LLC, Black Swan State Theatre Company, Blue Cross and Blue Shield of Alabama, Bronx Accountable Healthcare Network, Cavender Stores, Ltd Health Plan, Center for Primary Care, Centerstone, Central Maine Medical Center, Cisco Small Business VPN routers, City of Newport, Cleartrip, Colorado Springs Utilities, Conifer Value-Based Care, LLC, Creos Luxembourg S.A., Deakin University, deBridge Finance, governments and organizations in the defense industry, DHS Emergency Alert System, DrayTek routers, East Valley Ophthalmology, Elastix VoIP, Entrust, Eskimi, Famm, First Choice Community Health Care, Inc., Florida Springs Surgery Center, German Chambers of Industry and Commerce, Granbury Eye Clinic, Healthback Holdings, LLC, JukinMedia, Klaviyo, Knauf Group, L’Agenzia delle Entrate, La Poste Mobile, Lawson Products, Inc., Lopes, Magie Mabrey Hughes Eye Clinic, P.A., MBDA, Mecho Download, MiCODUS GPS trackers, Minuteman Senior Services, Mooresville Schools, Neopets, NetStandard, Newfoundland and Labrador English School District, Nomad, NuLife Med, LLC, OneTouchPoint, Orthopedic Specialists of North America, PLLC, Perth Festival, Pixlr, Policybazaar, PPCGeeks, Prefeitura Municipal de Itapermirim, Premere Infinity Rehab, LLC, Premint, PrestaShop, Professional Finance Company, QuestionPro, Radiation Oncology Centers of the Carolinas, hundreds of restaurants, Scott County, Iowa, Semikron, Slack, Slope, Solana, Southwest Behavioral & Health Services, Spanish National Research Council, Synergic Healthcare Solutions, LLC, T-Mobile, Taiwanese Government, TAVR Media, The Bronx Accountable Healthcare Network, Tuned Global, Twilio, Twitter, Uniswap Liquidity Pool, US DOJ, Virginia Commonwealth University Health System, WA ballet, WA opera, Washington University School of Medicine, Wooton Upper School, Zenith American Solutions, and Zimbra have reportedly been hacked or compromised this month.

Microsoft 365 (and again), Microsoft Access, Microsoft Exchange Online, Microsoft Outlook, Microsoft Teams (and 365 again), Google, Oracle, Twitter, and the UK NHS have had major outages this month.

Google is blocking the ACM. Microsoft broke USB printing. There’s yet another novel method to extract data from air-gapped systems. And Meta (Facebook) is in hot water again, this time for collecting private medical information from within patient portals.

Now for the good news:

A million disinformation bots have been disabled. This still leaves primarily the MSM to disinform us.

Windows 8.1 only has a few months of support left. Upgrade to Windows 10 now.

Play stupid games, win stupid prizes.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released updates to address 65 vulnerabilities in .NET Core, Active Directory Domain Services, Azure Batch Node Agent, Azure Real Time Operating System, Azure Site Recovery, Azure Sphere, Microsoft ATA Port Driver, Microsoft Bluetooth Driver, Microsoft Edge, Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Windows Support Diagnostic Tool (MSDT), Remote Access Service Point-to-Point Tunneling Protocol, System Center Operations Manager, Visual Studio, Windows Bluetooth Service, Windows Canonical Display Driver, Windows Cloud Files Mini Filter Driver, Windows Defender Credential Guard, Windows Digital Media, Windows Error Reporting, Windows Fax Service, Windows Hello, Windows Hyper-V, Windows Internet Information Services, Windows Kerberos, Windows Kernel, Windows Local Security Authority (LSA), Windows Network File System, Windows Partition Management Driver, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Secure Boot, Windows Secure Socket Tunneling Protocol (SSTP), Windows Storage Spaces Direct, Windows Unified Write Filter, Windows WebBrowser Control, Windows Win32K, and MSRT (~ 3 GB). This includes security updates. A reboot is required.

Apple released updates for Safari 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, tvOS 15.6, and watchOS 8.7. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.6 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 15.6 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 15.6 is a security update. Use System, Software Update to install the most current version.

watchOS 8.7 are security updatess. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 104.0.5112.83 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.7.1 adds support for newer hardware, resolves several bugs and improves performance. This is not a security update.
https://www.amd.com/en/support

BullZip PDF Printer 14.0.0.2938 adds support for TLS3, updates libraries, and resolves bugs. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Drivers by Seagull 2022.2 adds support for over 240 new printer models, resolves a compatibility bug, and adds support for RFID TID and creating custom printer commands. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

Display Driver Uninstaller 18.0.5.4 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 9.70.68 resolves several bugs. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025297893

Nvidia Driver 473.81 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.42.88 is a security update.
https://brave.com/

Google Chrome 104.0.5112.81 is a security update.
https://www.google.com/chrome/

Microsoft Edge 104.0.1293.47 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 103.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.12.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 5.3.2679.70 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 102.1.2 is a security update.
https://www.thunderbird.net/en-US/

Mailspring 1.10.4 resolves compatibility issues, adds 64-bit, Apple Silicon M1 and M2 support, and resolves several bugs. This is not a security update.
https://getmailspring.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.13 resolves a cosmetic bug. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 154.4.5363 improves reliability and consistency, adds external device indication and resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 156.0.0.21.216 is a security update.
https://www.messenger.com/download

FileZilla Client 3.60.2 updates libraries to address stability bug. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.5.1 improves reliability and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.23 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 61.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Java 8u341 is a security update.
https://www.java.com/en/download/manual.jsp

Nextcloud Server 24.0.3 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Omada Software Controller 5.4.6 adds support for new protocols, newer hardware, and resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Qbox 4.0.5.20 doesn’t provide a changelog so should be treated as a security update.
https://www.coraltreetech.com/qbox

Rclone 1.59.1 resolves almost two dozen bugs. This is not a security update.
https://rclone.org/

Signal 5.53.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Skype 8.86.0.409 resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.20.4 resolves a couple bugs and improves CLI support. This is not a security update.
https://syncthing.net/

WinSCP 5.21.2 is a security update.
https://winscp.net/eng/index.php

Zoom 5.11.4.7185 improves reliability and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.3 resolves several bugs. This is not a security update.
https://en.3tene.com/

Plex Desktop 1.50.1.3185 resolves several bugs and improves controls. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.22.1.3169 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.28.0.5999 adds support for Apple Silicon, many improvements to music handling, and resolves a compatibility bug with Microsoft’s linker. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.1.4 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.6.1.26 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.22.7.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Steam 2022.07.27 resolves dozens of bugs and improves compatibility. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Commerce 2.3.7-p4, 2.4.3-p3, 2.4.4-p1, and 2.4.5 are security updates.
https://helpx.adobe.com/security/products/magento/apsb22-38.html

Adobe Acrobat and Reader 22.002.20191, 20.005.30381, and 17.012.30262 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb22-39.html

Adobe Illustrator 26.4 and 25.4.7 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-41.html

Adobe FrameMaker 15.0.8 and 16.0.4 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb22-42.html

Adobe Premiere Elements 20220702 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb22-43.html

Calibre 6.2.1 adds support for newer hardware, improves full text search, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Essential Forms 2022.07.20 is the summer data update. This is not a security update.
https://help.ceb.com/en/collections/2482118-essential-forms

Inkscape 1.2.1 resolves several bugs. This is not a security update.
https://inkscape.org/release/

Kindle for PC 1.38.65290 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 7.3.5 resolves over 80 bugs. This is not a security update. The Fresh line is beta software. I recommend you use LibreOffice “Still” to get the most stable version.
https://www.libreoffice.org/

Nextcloud Desktop 3.5.4 adds proper silent installation support. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4.4 resolves a find-in-files bug. This is not a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.13 is a security update. If you’re still using OpenOffice please consider switching to LibreOffice. OpenOffice has only had sporadic security updates for the last several years and there’s no sign of that changing.
https://www.openoffice.org/download/

PDF-XChange Editor 9.4.362.0 adds dozens of new features and resolves a lot of bugs. This is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

FSS 2022.7.18 adds support for newer platforms. This is not a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62

HTTP Toolkit 1.10.0 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.5.12 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.16.7 resolves several bugs. This is not a security update.
https://www.malwarebytes.com/mac/

ProtonVPN 2.0.5 improves stability. This is not a security update.
https://protonvpn.com/download

QubesOS 4.1.1 is a security update.
https://www.qubes-os.org/downloads/

Tails 5.3.1 is a security update.
https://tails.boum.org/install/dvd/index.en.html

YARA 4.2.3 is a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 22.1.1 adds support for WebP, PiP, OBS, resizable arrowheads, and resolves several bugs. This is a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.8.1 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.17.1 adds support for new encodings, improves stability, and resolve several bugs. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 4.4.3 updates the associated PDF Architect installer and uses a new application signature. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 5.0.4.7 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.10 resolves several bugs. This is not a security update.
https://www.zotero.org/

Zotero (macOS) 6.0.11 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.8.0 improves import support, additional browser support, accessibility improvements, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.8.0 improves import support, additional browser support, accessibility improvements, and resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

7-Zip 22.01 improves UDF, HFS and APFS support. This is not a security update.
https://www.7-zip.org/

AOMEI Partition Assistant 9.9.0 resolves several bugs and adds PC Cleaner. This is not a security update.
https://www.diskpart.com/

AstroGrep 4.4.8 is a security update.
http://astrogrep.sourceforge.net/

Beyond Compare 4.4.3.26655 is a security update.
https://www.scootersoftware.com/download.php?zz=dl4

BgInfo 4.31 fixes a compatibility bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/bginfo

CCleaner 6.02.9938 adds support for cleaning new applications, improvements in existing application cleaning, and resolves several bugs. This is a security update.
https://www.ccleaner.com/

DesktopOK 10.01 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.77 resolves a data export bug. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Everything CLI 1.1.0.24 improves stability. This is not a security update.
https://www.voidtools.com/

Git SCM 2.37.1 is a security update.
https://git-scm.com/

GoodSync 11.11.7 resolves several bugs. This should be treated as a security update.
https://www.goodsync.com/

Kingston SSD Manager 1.5.2.0 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2.3.7.8826 adds support for new builds, new components and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1003 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.4.0 resolves several bugs, improves compatibility and adds support for several new engines. This is a security update.
https://osquery.io/downloads

PowerToys 0.61.1 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.91 fixes a compatibility bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Recuva 1.53.2083 updates license integration. This is not a security update.
https://www.ccleaner.com/recuva

Rufus 3.20 resolves several compatibility bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 22.6.8722.8249 improves stability and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SearchMyFiles 3.21 improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Sigcheck 2.90 adds custom code integrity policy checks. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sigcheck

TeamViewer 15.32.3 adds remote terminal sessions to the Instant Connect bar, and resolves a couple bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.12 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

Windows 11 RCT 1.5.0 adds support for newer hardware and resolves a couple bugs. This is not a security update.
https://bytejams.com/

WinScan2PDF 8.01 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Zoomit 6.01 fixes a compatibility bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/zoomit

ZoomText 2022 2022.2207.14.400 resovles several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2021.2.1.16 resolves a dozen bugs. This is a security update.
https://developer.android.com/studio

GitHub Desktop 3.0.5 updates libraries and resolves a warning. This is not a security update.
https://desktop.github.com/

Go 1.18.5 and Go 1.19 are security updates. Go 1.19 is a major update adding several new features and improvements, as well as updating libraries.
https://go.dev/

MySQL Server 8.0.30 is a security update.
https://dev.mysql.com/downloads/installer/

MySQL ConnectorNet 8.0.30 is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 18.7.0 resolves dozens of bugs. This is a security update.
https://nodejs.org/en/

Rustup 1.25.1 resolves a build order bug. This should be treated as a security update.
https://www.rust-lang.org/

SQLite 3.39.2 is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.70 adds support for custom folded sections, tree views and filters, terminal improvements and other fixes. This is is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.13.1 resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

VirtualBox 6.1.36 resolves dozens of bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.18.2 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Drupal 9.3.19 is a security update.
https://drupal.org/download

Drupal 9.4.5 is a library security update.
https://drupal.org/download

HumHub 1.12.0 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

OpenPetra 2022.07 resolves several bugs and improves security checking. This should be treated as a security update.
https://www.openpetra.org/

Akismet 5.0 improves spam detection. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.0 is a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.6.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.4.7.1 is a security update.
https://wordpress.org/plugins/duplicator/#developers

NextScripts Social Networks Auto-Poster 4.3.30 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Redirection 5.3.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Show IDs 1.1.9 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

Social Post Feed 4.1.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.33 improves cache cleaning. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.2.4 resolves several bugs and improves compatibility. This is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 6.7.0 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.5.1 resolves a bug. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WPtouch 4.3.42 resolves a menu bug. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-06-14

Posted on June 14, 2022 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for June, 2022. It’s the biggest update series in well over a year.

This Month in Technology

AA Traveller, Acuity International’s Comprehensive Health Services, Adecco, Aesto Health, Aimware, Alameda Health System, Allaire Healthcare Group, Allwell Behavioral Health Services, Amart Furniture, Aon PLC, Apple iPhones (even when off), Apple M1 CPUs, Apple Watches, Arnprior Regional Health, Associated Ophthalmologists of Kansas City, P.C., Atlassian Confluence Server and Data Center, AU Health, Bangladesh government, Bank of Zambia, Behavioral Health Partners of Metrowest, LLC, BJC Health System, BlackBerry Fans, Bored Ape Yacht Club, Bryan County Ambulance Authority, Burman & Zuckerbrod Ophthalmology Associates, P.C., Capital One, Capsule, Carinthia, Austria, Central Florida Inpatient Medicine, Chicago Public Schools, CHRISTUS Health, Cisco IOS, Comstar LLC, Costa Rican Social Security Fund, Cypress Healthcare, LLC, Dis-Chem, DivX SubTitles, East Tennessee Children’s Hospital, Fanpass, Finkelstein Eye Associates, Fishman Vision, Football World Cup 2022 qualifier between Wales and Ukraine, Foxconn, Fred Hutchinson Cancer Center, General Motors, Genetics & IVF Institute, GitHub, GitLab, Greenland’s healthcare services, Healthcare Assistance Plan for Employees of Seventh-day Adventist Organization of the North American Division, Heidell, Pittoni, Murphy & Bach, LLP, Heroku, Homestead Hospice & Palliative Care, HP BIOS, 70 Indian government websites, John Knox Village of Florida, Kaiser Foundation Health Plan of Washington, Kaiser Permanente, Kiddos’ Clubhouse, Mandiant, McCoy Vision Center, McKenzie Health System, Memorial Community Health, Inc., MGM Resorts, Microsoft Teams, Mindpath Care Centers, North Carolina, PLLC, Mississippi Sports Medicine and Orthopaedic Center, Moyes Eye Center, PC, Nikkei, NLB Corporation, North Alabama Bone & Joint Clinic, P.C., North Lakes Pain Consultants, Northern Rockies Orthopaedics, Novartis, NuLife Med, LLC, Numrich Gun Parts, OE Enterprises, Inc, OGUsers, Oklahoma City Indian Clinic, Omnicell, Orangeburg Eye Center, Oswego County Opportunities, Inc, Otherside Metaverse, Palermo, Italy, Paragon Cheats, Parker-Hannifin Corporation, Partnership HealthPlan of California, PayHere, Pegasus Airlines, Platinum Hospitalists LLP, Preen.Me, QNAP NAS, Quantum Imaging & Therapeutic Associates, Quincy, Illinois, Rainier Arms, ReadNovel, RiverKids Pediatric Home Health, Russian Ministry of Construction, Housing and Utilities, Sberbank, Scarborough Health Network, Schneck Medical Center, Screencastify, Shaker Heights City School District in Ohio, Shields Health Care Group, Shoreline Eye Group, SirHurt, SonicWall Secure Mobile Access (SMA) 1000 Series, South Australia’s Treasury, SpiceJet, Stevens & Lee, Summit Healthcare Association, Sylvester Eye Care, Telegraph, Tesla Model 3, Tesla Model Y, Texas Department of Insurance, Texas Department of Transportation, The Multiple Sclerosis Center of Atlanta, Travis-CI, Trend Micro, U.S. Drug Enforcement Administration (DEA), University of Chicago Medical Center, Val Verde Regional Medical Center, Versus Market, Viasat, Virginia Mason Medical Center, Wagner Heights Nursing and Rehabilitation Center, Washington University School of Medicine, Wendy’s, and Windows 11 have reportedly been hacked or compromised this month.

Netgear broke the Orbi firmware. I’ve been warning about the privacy risks of Wi-Fi for years. It’s finally going mainstream. A pirated version of CCleaner is yet again being used to hijack user accounts.

Apple allowed 1.6 million malicious apps onto the Apple AppStore, then later removed them.

The next time someone uses the argument that “how is a web-based business supposed to stay alive without ads” to decry your use of an ad blocker, send them this link about how third-party trackers (like the ones used in Google and DuckDuckGo) are collecting everything you type.

Now for the good news:

Intuit has finally acknowledged they’re being used to send phishing messages. They’re not going to put an end to it, but they finally have admitted that it’s a widespread source of phishing emails.

Oh, and the UK has declared that “defensive attacks” are legal.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates to address 62
vulnerabilities in .NET Framework, AV1 Video Extension, Azure OMI, Azure RTOS, Azure Service Fabric Container, HEVC Video Extensions, Microsoft Endpoint Configuration Manager, Microsoft File Server, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Photos App, Microsoft SharePoint Server, Microsoft SQL Server, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Microsoft Windows Support Diagnostic Tool (MSDT), Remote Volume Shadow Copy Service (RVSS), Visual Studio, Windows App Store, Windows Autopilot, Windows Container Isolation FS Filter Driver, Windows Container Manager Service, Windows DCOM Server, Windows Defender, Windows Encrypting File System (EFS), Windows File History Service, Windows Hyper-V, Windows Installer, Windows iSCSI, Windows Kerberos, Windows Kernel, Windows LDAP, Windows Media, Windows Media Center, Windows Network Address Translation, Windows Network File System, Windows PowerShell, Windows SMB, Windows WinSock, and MSRT (~2.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.5, iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.7, Security Update 2022-004 Catalina, watchOS 8.6, tvOS 15.5.1, Safari 15.5, Xcode 13.4, and iTunes 12.12.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.5 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 15.5 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 15.5.1 is a security update. Use System, Software Update to install the most current version.

watchOS 8.6 are security updatess. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 101.0.4951.72 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Important Notes

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

Garmin Express 7.13.1 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Nvidia Driver 473.62 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.39.111 is a security update.
https://brave.com/

Google Chrome 102.0.5005.115 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 102.0.1245.41 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 101.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.10.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Iridium 2022.04.100 is a security update. Use Menu, Help, About to install the most current version.
https://iridiumbrowser.de/

Vivaldi 5.3.2679.55 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.10.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.10 resolves an error reporting bug. This is not a security update.
https://anydesk.com/en/downloads

curl 7.83.1 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

DNSDataView 1.65 adds a new command-line parameter. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 150.4.5000 resolves several bugs. This is not a security update. (btw, thank you Dropbox for finally releasing a changelog!)
https://www.dropbox.com/

FileZilla Client 3.60.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.21 adds volume GUID support, case conflicts, and resolves several bugs. This is a security update.
https://www.freefilesync.org/download.php

Google Drive 59.0 adds support for client-side encryption, system-level search shortcuts, and resolves several bugs. This is not a security update.
https://drive.google.com/start

Nextcloud Server 24.0.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

Prosody 0.12.1 adds CORS controls and resolves several bugs. This is not a security update.
https://prosody.im/download/start

PuTTY 0.77 is a major update adding several new features, networking and security features, and resolves many bugs. This should be treated as a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Signal 5.45.1 improves language leveling and data sync. This is not a security update.
https://signal.org/download/windows/

Skype 8.83.0.408 resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.20.2 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 8.1.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Trillian 6.5.0.20 resolves several bugs. This is not a security update.
https://www.trillian.im/

Trillian Mac 6.5.0.14 resolves dozens of bugs. This is not a security update.
https://www.trillian.im/

TrueNAS Core 13.0 resolves dozens of bugs. This is a security update.
https://www.truenas.com/download-truenas-core/

Wget2 2.0.1 is a security update.
https://gitlab.com/gnuwget/wget2/-/releases

Zoom 5.10.7.6120 adds Zoom Whiteboard sharing and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.12.4.1 is a security update.
https://www.apple.com/itunes/download/

Picard 2.8.1 updates libraries and resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.46.1.3056 improves compatibility and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.18.0.3023 improves compatibility and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.27.0.5897 resolves several bugs and improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.0.12 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.5.1.16 updates runtime. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Nintendo Switch 14.1.2 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS5 22.01-05.10.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2022.05.31 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Calibre 5.43.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Inkscape 1.2 adds pages, markers and dashes, more gradient controls, performance improvements and resolves several bugs. This is not a security update.
https://inkscape.org/release/

LibreOffice Fresh 7.3.4 resolves over 80 bugs. This is not a security update. Remember that the Fresh line is beta software and should be avoided by most users.
https://www.libreoffice.org/

LibreOffice 7.2.7 resolves almost 50 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.5.1 resolves 20 bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4.2 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.11 improves dark theme and updates plugins. This is not a security update.
https://www.getpaint.net/

PDF Candy Desktop 2.93 doesn’t provide a changelog so should be treated as a security update.
https://pdfcandy.com/

Adobe Animate 21.0.11 and 22.0.6 are security updates.
https://helpx.adobe.com/security/products/animate/apsb22-24.html

Adobe Bridge 12.0.2 is a security update.
https://helpx.adobe.com/security/products/bridge/apsb22-25.html

Adobe Illustrator 26.3.1 and 25.4.6 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html

Adobe InCopy 17.3 and 16.4.2 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb22-29.html

Adobe InDesign 17.3 and 16.4.2 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb22-30.html

RoboHelp Server 11.3 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb22-31.html

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 15.5.3 is a security update.
https://www.adlice.com/download/roguekiller/

Tails 5.1 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.43.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.7.4 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.8 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9.5 is a security update.
https://1password.com/downloads/mac/

AccessChk 6.15 resolves a crash bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/accesschk

Agent Ransack 2022.3326 resolves several bugs and dds support for new policies and file types. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AOMEI Partition Assistant 9.8.0 improves compatibility. This is not a security update.
https://www.diskpart.com/

Bitwarden 2022.5.1 resolves several bugs and improves integration and compatibility. This is not a security update.
https://bitwarden.com/

Cygwin 3.3.5 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 9.91 adds system-wide dark theme controls. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.0.64.0 resolves several bugs, improves performance and reliability. This is not a security update.
https://dngrep.github.io/

Everything 1.4.1.1017 updates localizations and resolves a search history bug. This is not a security update.
https://www.voidtools.com/

Fido 1.29 adds UEFI Shell 2.2 support. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3326 resolves several bugs and dds support for new policies and file types. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Go 1.18.3 is a security update.
https://go.dev/

GoodSync 11.11.2 is a security update.
https://www.goodsync.com/

NTLite 2.3.6.8785 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSFMount 3.1.1001 improves command-line verbosity and error reporting. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

osquery 5.3.0 resolves several bugs. This is not a security update.
https://osquery.io/downloads

PowerToys 0.59.0 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RAMMap 1.61 improves compatibility. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/rammap

ScreenConnect 22.5.7881.8171 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SmartMonTools 7.3 resolves several bugs and improves compatibility. This is not a security update.
https://smartmontools.org/

Sysmon 13.34 resolves several bugs. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TaskSchedulerView 1.71 adds a new switch to control column display and export. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.30.3 improves user interface and resolves a send-to bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.01 improves internal networking. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Unity 2022.1.4 improves performance and resolves several bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

USBDeview 3.05 adds WCID column. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WinScan2PDF 7.81 improves multi-monitor support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.34.03 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Android Studio 2021.2.1.15 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.0.2 resolves several bugs. This is not a security update.
https://desktop.github.com/

Node.js 14.19.3 updates OpenSSL. This is not a security update.
https://nodejs.org/en/

Node.js 16.15.1 updates OpenSSL. This is not a security update.
https://nodejs.org/en/

Node.js 17.9.1 is a security update.
https://nodejs.org/en/

Node.js 18.3.0 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.68.0 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.2.21 is a security update.
https://drupal.org/download

Drupal 9.3.15 resolves several bugs. This is not a security update.
https://drupal.org/download

HumHub 1.11.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 4.1.4 resolves several bugs. This is not a security update.
https://www.joomla.org/

OpenCart 4.0.0.0 is major update adding many new features and libraries. This is not a security update.
https://www.opencart.com/

phpList 3.6.8 resolves several bugs. This is not a security update.
https://www.phplist.org/

phpMyAdmin 5.2.0 updates libraries and resolves several bugs. This is not a security update.
https://www.phpmyadmin.net/

YOURLS 1.9.1 updates libraries and resolves several bugs. This is not a security update.
https://yourls.org/

WordPress 6.0 is a major update adding several new features, including block locking, performance, accessibility and new design tools. This is not a security update.
https://wordpress.org/

Akismet 4.2.4 only updates documentation. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

BuddyPress 10.3.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.5.6.1 resolves Constant Contact API changes and improves compatibility. This should be treated as a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Social Post Feed 4.1.4 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Duplicator 1.4.6 resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

myStickymenu 2.5.9 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Slider Revolution 6.5.24 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Sucuri Security 1.8.31 resolves a path bug. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

Theme My Login 7.1.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/

WooCommerce 6.5.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-02-08

Posted on February 8, 2022 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for February, 2022.

It’s only the beginning. February tends to be “patch it once, whoops, patch it again” month most years, so expect another cycle later in the month.

This Month in Technology

Abington Memorial Hospital (dba Jefferson Abington Hospital), dozens of WordPress Themes and Plugins by AccessPress, Aditya Birla Fashion and Retail, Advocates, Inc., Albany Family Dentistry, Albuquerque Public Schools, Allegheny Health Network Home Infusion, LLC, Argo CD, Arnprior Regional Health, AWS Glue, Box, BTC-Alpha, Caring Communities, Chico State, Cisco StarOS, Colorado Department of Human Services, County of Kings (CA), Crypto.com, Delta Electronics, Digital Insurance, LLC doing business as OneDigital, Evos in the Netherlands, Fiondella, Milone & LaSaracina, LLP, Global Affairs Canada, Golden State Dermatology, Goodwill, Greensward Academy, Griggsville-Perry School District, Hensoldt, IDEMIA biometric ID hardware, Independence Blue Cross, International Committee of the Red Cross, iRise Florida Spine and Joint Institute, LLC, KP Snacks, Lympo, McAfee Enterprise (Trellix), various medical devices, Medical Healthcare Solutions, Inc., Medical Review Institute of America, Memorial Health System, Meter, Midland University, Millennium Eye Care LLC, Moncler, Motorola, Multichain, News Corp, publisher of The Wall Street Journal, Nobel Foundation, Oiltanking in Germany, Olympic Games App, OpenSubtitles, Oscar Buckeye State Insurance Corporation, Oscar Health Plan of California, Oscar Insurance Company of Florida, Oscar Insurance Corporation of Ohio, Pace Center for Girls, Panasonic, Pellissippi State Community College in Tennessee, Pennsbury School District, Philadelphia FIGHT Community Health Centers, Polkit, Practolytics LLC, Puma, R.R. Donnelly, Raveco Medical, RedDoorz, SEA-Invest in Belgium, Securitas, Segway, Seneca Family of Agencies, South City Hospital, Spencer Gifts LLC Health and Welfare Benefit Plan, St. Lucie County’s Drug Screening Lab, Swiss Federal Railways, Swissport, Taylor Regional Hospital, Thai University Central Admission System, Thomas Jefferson University Hospital, Inc., Ubiquiti’s UniFi Network, University of Arkansas for Medical Sciences, Upstox, Vantage Holding Company, LLC, Volunteers of America Southwest California, Walgreen Co., Washington Department of Licensing, Wormhole, and Zimbra have been hacked.

GitHub, Discord, and Telegram have suffered major outages.

Phishing is proving to be even more effective against multi-factor authentication (MFA), as I’ve warned for decades. UPnP is still the worst network design feature. Buy an expensive GPU, gift your identity. Firefox’s “private” email relay service has been added to disposable email blacklists. As expected. Target, the premier member of the “hacked every month club“, is releasing the source code for some of their security software. Google Drive is flagging files containing the number “1” as violating copyrights. VPN companies Nord and Surfshark will merge. 11th and 12th generation Intel CPUs will not be able to play Blu-ray UHD disks.

The IRS is now mandating the use of a private third-party in order to access your own IRS information online. But wait, there’s more! The company, id.me, conceals their own identity and hides their WHOIS data. Tax-filers are already being phished with a threat of refunds being cancelled. The worst news: Nvidia has called off its efforts to acquire Arm.

Now for the good news:

The US Department of Justice has indicted 6 India Call Centers for Scams Targeting Seniors. Maybe the amount of scam calls we get will decrease? I doubt it though, considering the vast increase I’ve received in the last month. 🙁

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is almost back to normal. Well, for now. The typical computer should see roughly 1.8 GB in updates today. Let’s get started.

Microsoft released updates for .NET, Windows, Azure Data Explorer, Kestrel Web Server, Microsoft DNS Server, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft OneDrive, Microsoft Teams, Microsoft Windows Codecs Library, Power BI, Roaming Security Rights Management Services, SQL Server, Visual Studio Code, Windows Common Log File System Driver, Windows DWM Core Library, Windows Hyper-V, Windows Kernel, Windows Kernel-Mode Drivers, Windows Named Pipe File System, Windows Print Spooler Components, Windows Remote Access Connection Manager, Windows Remote Procedure Call Runtime, Windows User Account Profile, Windows Win32K, and MSRT (~1.4 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.3 and 15.2.1, iPadOS 15.3 and 15.2.1, tvOS 15.3, watchOS 8.4.1, Safari 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3, and Security Update 2022-001 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.3 and 15.2.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.3 and 15.2.1 are security updates. Use Settings, General, Software Update to install the most current update.

tvOS 15.3 is a security update. Use System, Software Update to install the most current version.

watchOS 8.4.1 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 98.0.4758.91 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.8 is a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Daemon Tools Lite 11.0.0 adds new image support, DD write, and resolves several other bugs. This is a security update.
https://www.daemon-tools.cc/products/dtLite

Logi Bolt App 1.2.6024 adds support for the Logitech Unifying Adapter and resolves several bugs. This is not a security update.
https://support.logi.com/hc/en-us/articles/4418089333655

Logitech Options 9.50.269 is a security update.
https://support.logi.com/hc/en-us/articles/360025297893

Nvidia 473.04 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.35.100 is a security update.
https://brave.com/

Google Chrome 98.0.4758.80 is a security update.
https://www.google.com/chrome/

Microsoft Edge 98.0.1108.43 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 97 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.6 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 5.0.2497.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.5.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Mumble 1.4.230 is a major update resolving dozens of bugs, adding many new features and introducing true plugin support. This is not a security update.
https://www.mumble.info/downloads/

Prosody 0.11.13 is a security update.
https://prosody.im/download/start

Telegram 3.5.2 resolves several bugs and improves reactions. This is not a security update.
https://telegram.org/

Trillian Mac 6.4.0.4 improves compatibility and resolves several bugs. This is not a security update.
https://www.trillian.im/

BrowsingHistoryView 2.51 adds Visit Duration and improves Visited From. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Dropbox 141.4.3299 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FreeFileSync 11.17 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 55.0 adds integrated desktop search, resolves several bugs and improves performance. This is not a security update.
https://drive.google.com/start

Omada Software Controller 5.0.30 adds newer hardware support, 2FA for Cloud Access, DHCP reservations in Services, and resolves dozens of bugs. This is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Syncthing 1.19.0 resolves a bug and improves ignore patterns. This is not a security update.
https://syncthing.net/

Zoom 5.9.3.3169 resolves several bugs, adds new features (and requirements) and controls. This is a security update.
https://zoom.us/

Java 8u321 is a security update.
https://www.java.com/en/download/manual.jsp

Media Updates

These are unlikely to be of interest to most people.

Flickr Downloadr 3.4.5.1 only updates the packager. This is not a security update.
https://flickrdownloadr.com/downloads/

Picard 2.7.3 resolves the launcher bug. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.40.1.2823 resolves a packaging error in the installer. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.10.0.2819 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.25.5.5492 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 13.1.7 resolves a couple bugs and prepares for feature changes. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.1.1.610 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Nintendo Switch 13.2.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

Steam 2022.01.20 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe After Effects 22.2 and 18.4.4 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb22-09.html

Adobe Creative Cloud Desktop 2.7.0.15 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb22-11.html

Adobe Illustrator 26.0.3 and 25.4.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-07.html

Adobe Photoshop 22.5.5 and 23.1.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-08.html

Adobe Premiere Rush 2.3 is a security update.
https://helpx.adobe.com/security/products/premiere_rush/apsb22-06.html

Artweaver 7.0.11 is a security update.
https://www.artweaver.de/

Atom 1.59.0 resolves several bugs. This is not a security update.
https://atom.io/

Blender 3.0.1 doesn’t provide a changelog so should be treated as a security update.
https://www.blender.org/download/

Inkscape 1.1.2 resolves over 40 bugs, improves stability and reliability. This is not a security update.
https://inkscape.org/release/

LibreOffice Fresh 7.3.0 resolves hundreds of bugs. This is not a security update. The “Fresh” line is beta software and should be avoided in favor of the “Still” line whenever possible.
https://www.libreoffice.org/

LibreOffice Still 7.2.5 resolves almost a hundred bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.4.2 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.3 improves support for large files and resolves several bugs. Be aware there may be plugin stability issues for the near future. This is not a security update.
https://notepad-plus-plus.org/

Scribus 1.5.8 improves dark mode, import, PDF export, and resolves several bugs. This is not a security update.
https://www.scribus.net/

Calibre 5.36.0 improves metadata parsing and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Kindle for PC 1.34.63103 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes Anti-Malware 4.5.2 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.14 improves up-sell ability. This is not a security update.
https://www.malwarebytes.com/mac/

OnionShare 2.5 is a security update.
https://onionshare.org/

RogueKiller 15.2.0 adds several new features and cosmetics. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 4.27 updates components and libraries. This is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

uBlock Origin 1.41.0 adds dark mode and resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

QubesOS 4.1.0 is a major update, with updated components, improved granular controls, new features and resolves many bugs. This is a security update.
https://www.qubes-os.org/downloads/

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 3.09 improves compatibility with new Chromium-based browsers. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.6.0 resolves several crash bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

Agent Ransack 2022.3294 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Autoruns 14.08 resolves several bugs. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

ControlMyMonitor 1.35 adds display filter options. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Cygwin 3.3.4 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 9.61 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.0.0 improves the build process and now generates signed packages, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

Everything CLI 1.1.0.23 adds support for long file names. This is not a security update.
https://www.voidtools.com/

Everything Toolbar 0.7.4 resolves a first-boot filter bug. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.28 adds support for Windows 11 21H2 v1. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3294 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.35.1 resolves dozens of bugs. This is not a security update.
https://git-scm.com/

GoodSync 11.10.3 resolves several compatibility bugs. This is not a security update.
https://www.goodsync.com/

Kingston SSD Manager 1.5.1.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2.3.3.8585 adds new settings, upgrades components, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.55.1 resolves several bugs and improves reliability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.88 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Macrium Reflect 8.0.6525 improves media creation, compatibility, and resolves several bugs. This is not a security update.
https://www.macrium.com/reflectfree

RoboForm 9.2.4 improves Basic Auth support and resolves several bugs. This is not a security update.
https://www.roboform.com/

Samsung Magician 7.0.1 doesn’t provide a changelog, so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

SmartMonTools 7.2 significantly improves field detection and reporting, offers YAML output, drive database extensions, and other fixes. This is not a security update.
https://smartmontools.org/

Sysmon 13.32 improves compatibility. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.17 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

VMMap 3.32 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/vmmap

Windows 11 RCT 1.4.0 adds support for newer hardware. This is not a security update.
https://bytejams.com/

WinRAR 6.10 adds support for new formats, improved compatibility, resolves several bugs, and optimizes user interface. This is not a security update.
https://www.rarlab.com/

ZoomIt 5.0 adds support for Windows 11 and resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

ADB 32.0.0 adds native M1 support. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Docker Desktop 4.4.4 is a security update.
https://www.docker.com/products/docker-desktop

MySQL ConnectorNet 8.0.28 is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 12.22.10 upgrades libraries and time zone information. This is not a security update.
https://nodejs.org/en/

Node.js 14.19.0 updates time zone information, adds Corepack and updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 17.4.0 resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

TortoiseGit 2.13.0.1 updates requirements, libraries, and resolves dozens of bugs. This is not a security update.
https://tortoisegit.org/

Visual Studio Code 1.64 improves cosmetics, automation, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.32 is a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.2.12 is a security update.
https://drupal.org/download

MailArchiva 8.7.1 improves role functionality and resolves several bugs. This is not a security update.
https://mailarchiva.com/

ownCloud Client 2.10.0.6519 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

ownCloud Server 10.9.1 improves stability and reliability. This is not a security update.
https://owncloud.org/install/

phpMyAdmin 5.1.2 and 4.9.9 are security updates.
https://www.phpmyadmin.net/

ScreenConnect 21.15.6739.8073 improves automation, triggers, auditing, 2FA timeouts, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.9 resolves dozens of bugs and implements front-end editing. This is not a security update.
https://wordpress.org/

Akismet 4.2.2 improves compatibility and resolves several bugs. This is not a security update.

Autoptimize 2.9.5.1 resolves a stability bug. This is not a security update.

BuddyPress 10.0.0 is a major update offering several new features and resolving dozens of bugs. This is not a security update.

Contact Form 7 5.5.4 adds double opt-in support, new action and filter hooks and resolves a bug with the default contact form. This is not a security update.

Duplicator 1.4.4 resolves several bugs. This is not a security update.

Redirection 5.2.3 resolves several bugs. This is not a security update.

Slider Revolution 6.5.15 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

WooCommerce 6.1.1 resolves dozens of bugs. This is not a security update.

WordPress Zero Spam 5.2.10 is a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/