Updates 2011-09-13

Welcome back, everyone. It’s Patch Tuesday!

Today, Microsoft released 11 updates affecting Windows, Word, Excel, MS Office, Groove, SharePoint, OWA and MSRT. A reboot is required. This includes security updates. They released a couple updates that should have been applied to your Windows-based computers last week, too, including a certificate update to address the DigiNotar hack, adding that entire company to their certificate revocation list.
http://update.microsoft.com/

Adobe Reader 10.1.1 is a security update. Use Help, Check for Updates to get the most current version.

Adobe Flash Player 10.3.183.7 fixes a several compatibility issues. While this specific build is not a security update, if it’s even remotely possible you don’t have the current version, treat this as a security update as the last build corrected dozens of security issues.
https://12pd.com/click?flash
https://12pd.com/click?flashie

Adobe Shockwave 11.6.1.629 is a security update.
https://12pd.com/click?shockwave

Java 6u27 improves performance and stability, updates the timezone tables, and adds certification for Firefox 5. This is not a security update.
http://www.java.com/en/download/manual.jsp

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Driver Updates

If you’re using this hardware – these updates are for you.

ATI Catalyst 11.8 fixes compatibility and stability issues with many of the new line of devices going back several months. If you have an ATI card, consider this an important update. This is not a security update.
http://game.amd.com/us-en/drivers_catalyst.aspx

nVidia 280.26 is a minor stability and performance update. This is not a security update.
http://www.nvidia.com/Download/index5.aspx?lang=en-us

BullZip PDF Printer 7.2.0.1313 adds PStill support, debugging, and priority controls. This is not a security update.
http://www.bullzip.com/products/pdf/info.php

MS IntelliType 8.20.469.0 is a stability update. This is not a security update. Look at the bottom of your keyboard for the model and version number. This is not a security update. You CAN NOT use this version with a PS/2 connection – it MUST be using USB in order for this driver to continue to allow your keyboard to work!
http://www.microsoft.com/hardware/en-us/downloads

Browser Updates

One or more of these are likely to be of interest to everyone.

There have been a lot of Firefox updates recently. Only the most recent revisions (6.0.1 and 6.0.2) are security updates, however, and the stability issues that the new major versions have introduced have been “all abuzz” in the online world. At this point, if you’re still using Firefox, it’s probably best to switch to a more stable system such as Chrome, Internet Explorer or Safari. Mozilla has announced that their new release track intentions for Firefox are to release a new MAJOR version (7, 8, 9…) every six weeks regardless of added feature set. This means that even if no significant changes have occurred in the features or capabilities in Firefox by next Christmas, we should see Firefox 14.0 released by then. This is already becoming a nightmare for web developers, system administrators and even end users, as monitoring changes for this single application becomes a full time job. Unless – and until – Mozilla reconsiders this decision, I strongly suggest that you avoid use of Firefox as your primary browser. Maintenance should never become this time consuming. Anyway…back to the business of updates.

Firefox 6.0 thru 6.0.2 are feature, performance and security updates. This is a security update. Use Help, About to obtain the most current version.

Google Chrome 13.0.782.220 is the second Chrome security update inside of a week. Both to address Flash and SSL certificate issues. Chrome should download the update automatically, but requires you to close and reopen it to install the update.

Opera 11.51 corrects several bugs including security updates and performance issues. This is a security update. Use the Opera button, Help, Check for Updates to get the most current version.

SeaMonkey 2.3 thru 2.3.3 correct a number of security and stability issues, and add various new features. This is a security update. Use Help, About to get the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 1.81 fixes a crash bug, while adding better sorting and searching functionality. This is not a securityu update.
http://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 6.0 thru 6.0.2 are feature, performance and security updates. This is a security update. Use Help, About to obtain the most current version.
http://www.mozillamessaging.com/en-US/thunderbird/

Internet Updates

One or more of these are likely to be of interest to everyone.

FileZilla 3.5.1 improves security in kiosk mode, installer issues, updates PuTTY compatibility and adds MVS listing compatibility. This is a security update.
http://filezilla-project.org/

Skype 5.5.0.115 adds Windows 8 support, as well as fixing an authentication issue. This should be treated as a security update.
http://www.skype.com/intl/en/home

Trillian Astra 5.0.35 corrects issues with Google Talk. This is not a security update.
http://www.trillian.im/windows/

Trillian Astra 5.1.8 adds native Skype integration, improves AIM, ICQ, chat history and corrects a number of minor bugs. This is not a security update.
http://www.trillian.im/windows/

Trillian for Mac 1.2.1 adds new chat window tabs, history searching, and Lion-related bugfixes. This is not a security update.
http://www.trillian.im/mac/

Connectify 3.0.0.20932 is a major update that improves performance, device ID, cleaner interface, service startup, and other bugs. This also introduces the “Pro” version ($30) which adds even more features. This is not a security update.
http://www.connectify.me/

DynDNS Updater 4.1.8 incorporates a number of stability fixes and brand changes, as well as adding internal hostname resolution. This is not a security update.
http://dyn.com/support/clients/

Evernote 4.5.0.5229 adds print preview, audio recording and playback, toolbar modification and various bug fixes. This is not a security udpdate.
http://www.evernote.com/

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codec Package 3.0.7 fixes LAV audio. To install the update, you must uninstall and reinstall the application. This is not a security update.
http://shark007.net/win7codecs.html

Win x64 Codec Support 3.0.7 fixes LAV audio. To install the update, you must uninstall and reinstall the application. This update applies only to 64-bit computers, and requires either the Win7 Codec Package or the Windows Vista Codec package. This is not a security update.
http://shark007.net/x64components.html

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.3.8.2631 adds various control and usability options, and fixes several bugs. This is not a security update.
http://cdburnerxp.se/

iTunes 10.4.1 fixes keyboard inconsistencies, and various other bugs. This is not a security update. Use the Apple Updater to get the most current version.

Office Updates

One or more of these are likely to be of interest to most people.

Inkscape 0.48.2 is a stability and bugfix release. This version corrects issues with OSX Lion, tablets, various crashes and the Save As functionality. This is not a security update.
http://www.inkscape.org/

Kindle for PC 1.7.1.33056 adds collections, “Print Replica” to emulate the printed version and PDF reading support. This is not a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

Avast! Home Edition 6.0.1289 adds Script Shield to help protect browser interactions, Web Shield, WebRep and other improvements, including security and stability. This is a security update. Use the built-in Update method to install the most recent version.
http://www.avast.com/free-antivirus-download

AVG Anti-Virus Free “2011” version 2012.1796 improves stability, security, performance, and adds various features and troubleshooting information. This is a security update.
http://free.avg.com/us-en/download-file-dm-afh

MalwareBytes’ Anti-Malware 1.51.2 fixes several bugs. This is not a security update.
http://www.malwarebytes.org/products/malwarebytes_free

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 1.98 corrects invalid characters in file rename. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

Utility Updates

These are unlikely to be of interest to most people.

CCleaner 3.10.1525 adds newer browser support, improvements in previous filters and minor optimizations. This is not a security update.
http://www.piriform.com/ccleaner

Defraggler 2.07 adds drive health information, improved SSD detection, and several minor bugfixes. This is not a security update.
http://www.piriform.com/defraggler

Speccy 1.12.265 adds multiple new features, improvements in quality, search and reporting, and fixes a few minor bugs. This is not a security update.
http://www.piriform.com/speccy

GPU-Z 0.5.5 adds support for newer hardware and improved BIOS version detection. This is not a security update.
http://www.techpowerup.com/downloads/SysInfo/GPU-Z/

DebugView 4.77 adds a command-line switch to enable or disable kernel-mode capture, a switch to enable millisecond clock display, and a number of bug fixes. This is not a security update.
http://sysinternals.com/

ProcDump 4.0 enables you to control the contents of the dump with your own minidump callback DLL and adds a new switch that has ProcDump wait for a specified process to start. This is not a security update.
http://sysinternals.com/

Process Explorer 15.04 fixes several minor bugs, and quickly follows updates 15.02 and 15.03, which do correct some security issues. This should be treated as a security update.
http://sysinternals.com/

Process Monitor 2.96 changes several UI elements and updates the graphs to match the style introduced in Process Explorer 15.
http://sysinternals.com/

SDelete 1.6 fixes a bug that prevented it from accessing some files on 64-bit Windows and swaps the zero-free-space and clean-free-space arguments to make them more intuitive. This is not a security update.
http://sysinternals.com/

RoboForm 7.4.2 fixes bugs with Opera, Firefox, iTunes, and corrects crashes, search and certain submission behaviors. This is not a security update.
https://12pd.com/click?rf

Goodsync 8.7.8.8 fixes a number of bugs and improves visual interface. This is not a security update.
https://12pd.com/click?goodsync

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 4.1.2-73507 provides a number of bugfixes as well as VBoxAdditions issues. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

VirtualBox Extension Pack 4.1.2-73507 updated for VBox 4.1.2. This is not a security update.
http://www.oracle.com/technetwork/server-storage/virtualbox/downloads/index.html#extpack

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 3.4.4 is a bugfix and security release. This is a security update.
http://www.phpmyadmin.net/home_page/news.php

BuddyPress 1.2.10 is a security update.
http://wordpress.org/extend/plugins/buddypress/

bbPress 2.0-rc-5 fixes several pre-release bugs and improves internal API’s. This is not a security update. Full release is just around the corner!
http://wordpress.org/extend/plugins/bbpress/

BuddyStream 2.1.4 adds BP 1.5 compatibility, fixes several bugs (including frequent database errors and a global Facebook filter) and improves stability. This is not a security update.
http://wordpress.org/extend/plugins/buddystream/

Multisite Plugin Manager 3.1 fixes auto-activation for new blogs. This is not a security update.
http://wordpress.org/extend/plugins/multisite-plugin-manager/

Redirection 2.2.9 fixes an XSS in the menu system. This is a security update.
http://wordpress.org/extend/plugins/redirection/

Simple Facebook Connect 1.0 is a total rewrite. There are quite a few changes, but the highlights are mostly redesign-related and improved structures. This is not a security update.
http://wordpress.org/extend/plugins/simple-facebook-connect/

WP Geocode Filter 1.0.2 adds GeoIP functionality. This is not a security update.
http://wordpress.org/extend/plugins/wpgeocode/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2011-08-19

Patch Tuesday is here again, folks, and it’s another big one.

Microsoft released 13 updates this month, covering Windows, Office, .NET Framework, Developer Tools, and Internet Explorer. These are all security updates and a reboot is required.
http://update.microsoft.com/

iOS 4.3.4/4.3.5 corrects a long-term PDF exploit in all previous versions of iOS, exploitable as easily as opening the browser. It’s about time. Sigh. 4.3.5 corrects a MITM security flaw. This is a security update. Use iTunes to download and install this update (480-670mb).

QuickTime 7.7 corrects more than a dozen distinct security issues. This is a security update. Use Apple Updater to install this update.

Adobe released security updates for AIR and Flash. Download each of the following, then close all browsers before installing each update.
https://12pd.com/click?air
https://12pd.com/click?flash
https://12pd.com/click?flashie

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Driver Updates

If you’re using this hardware – these updates are for you.

ATI Catalyst 11.7 corrects several bugs, including stability issues on high-performance systems. If you have an ATI video card, you’ll want to install this update right away. This is not a security update.
http://game.amd.com/us-en/drivers_catalyst.aspx

MS IntelliPoint 8.20.468.0 is a driver update for Microsoft mice. No changelog is provided, so this should be treated as a security update. DO NOT use this update with PS/2 mice! If you’re using Microsoft Update you may be prompted to install this there, otherwise, download the version for your hardware here:
http://www.microsoft.com/hardware/en-us/downloads

MS IntelliType x86 8.20.468.0 is a driver update for Microsoft keyboards. No changelog is provided, so this should be treated as a security update. DO NOT use this update with PS/2 keyboards! If you’re using Microsoft Update you may be prompted to install this there, otherwise, download the version for your hardware here:
http://www.microsoft.com/hardware/en-us/downloads

nVidia 280.26 adds newer hardware support and additional feature support (particularly with 3D hardware). This is not a security update.
http://www.nvidia.com/Download/index5.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Safari 5.1 corrects dozens of security issues. Use the Apple Updater to get this update.

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 1.72 adds child folder parsing support.
http://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 5.5.0.113 adds support for OS X Lion, grid view, updates contact list view and provides several other minor improvements. This is not a security update.
http://www.skype.com/intl/en/home

IPNetInfo 1.37 corrects lookup source determination. This is not a security update.
http://www.nirsoft.net/utils/ipnetinfo.html

WinSCP 4.3.4 upgrades SSH core to PuTTY 0.61 and fixes several bugs. This is a security update.
http://winscp.net/eng/index.php

Codec Updates

One or more of these are likely to be of interest to everyone.

Vista Codec Package 5.9.8 updates included codecs and libraries, and adds 10bit decoding. To install the update, you must uninstall and reinstall the application. This version works for both Windows XP and Windows Vista.
http://shark007.net/vistacodecpackage.html

Win7 Codec Package 3.0.1 updates included codecs and libraries, adds 10bit decoding and corrects a minor bug. To install the update, you must uninstall and reinstall the application.
http://shark007.net/win7codecs.html

Win x64 Codec Support 3.0.1 updates included codecs and libraries, adds 10bit decoding and corrects a minor bug. This update applies only to 64-bit computers, and requires either the Win7 Codec Package or the Windows Vista Codec package.
http://shark007.net/x64components.html

Media Updates

These are unlikely to be of interest to most people.

iTunes x64 10.4 is a stability and performance update. Use the Apple Updater to install this update. This is not a security update.

MPC HC 1.5.2.3456 adds fp32 support, BluRay chapters, timeline presentation options, display settings, a couple dozen other options and bugfixes, and updated libraries. This should be treated as a security update.
http://mpc-hc.sourceforge.net/

VLC Media Player 1.1.11 corrects a security issue in the AVI demuxer. This is a security update.
http://www.videolan.org/vlc/download-windows.html

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 5.9.3 adds a vertical file switcher, active folding area highlighting, recent file list configuration option and a couple minor bug fixes. This is not a security update.
http://notepad-plus-plus.org/

Kindle for PC 1.6.1 Build 32800 adds “collections” and Book Extras, which allows access to reviews, character profiles, quotes, themes and glossaries from Shelfari. This is not a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes’ Anti-Malware 1.51.1 corrects minor update, various cosmetic, and permissions-related issues. This should be treated as a security update.
http://www.malwarebytes.org/products/malwarebytes_free

Wireshark 1.6.1 fixes a number of bugs. This is not a security update.
http://www.wireshark.org/

Capture Updates

These are unlikely to be of interest to most people.

Fraps 3.4.6 fixes several minor bugs. This is not a security update.
http://www.fraps.com/

VideoCacheView 1.97 adds tray icon support, accelerator keys and process selection. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 8.1.1.2 adds hybrid disc support, improves conversion speed, updates libraries and corrects several minor bugs. This is not a security update.
http://www.dvdfab.com/download.htm

Utility Updates

These are unlikely to be of interest to most people.

CCleaner 3.09.1493 adds OS X support, Firefox 6, wildcard folders, improved performance, and minor UI tweaks. This is not a security update.
http://www.piriform.com/ccleaner

Daemon Tools Lite 4.41.3 adds APE image file support, SPTD 1.78, and bugfixes for application compatibility with Power2Go and PowerDVD. This is not a security update.
http://www.daemon-tools.cc/eng/products/dtLite

Hamachi 2.1.0.122 adds IPv6 support, and corrects bugs in network connectivity when changes occur. This is not a security update.
http://help.logmein.com/SelfServiceDownloads

Process Explorer 15.01 is a major update, and adds GPU utilization and memory monitoring on Vista and higher. It also adds the ability to restart services, has a smaller memory footprint, and has visually cleaner performance graphs. This is not a security update.

RoboForm 7.4.1 adds Firefox 6 support, merges installers for RF Desktop and Everywhere, discontinues support for U3, and changes licensing rules. Bugfixes in Chrome and Opera adapaters. This is not a security update.
https://12pd.com/click?rf

Goodsync 8.7.6 corrects S3, UPNP, UI, GSTP behaviors and fixes RoboForm integration. This is not a security update.
https://12pd.com/click?goodsync

Wireless Network Watcher 1.15 adds background scanning, new device alert and custom tagging options. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

Developer Updates

These are unlikely to be of interest to most people.

MySQL 5.5.15 corrects a number of bugs, most notably a couple memory leaks in CREATE INDEX under InnoDB, data corruption in MyISAM when using GEOMETRY columns, and data consistency bugs when using ALTER TABLE. This is not a security update.
http://www.mysql.com/downloads/mysql/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 4.1.0 is a major update, adding cloning support, improved wizard processes, WDDM for Windows guests, SATA hdd hotplugging, and dozens of other bugfixes and improvements. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 3.4.3.2 corrects several exploitable bugs. This is a security update.
http://www.phpmyadmin.net/home_page/news.php

bbPress 2.0-rc-2 is released, which fixes a bunch of bugs, adds BuddyPress and Multisite integration. This is not a “release” version, but it does signal that bbPress 2 will be released VERY soon. Yay!
http://wordpress.org/extend/plugins/bbpress/

Cookies For Comments 0.5.4 adds a rejection message and reduces code complexity (WP 3.1+ only). This is not a security update.
http://wordpress.org/extend/plugins/cookies-for-comments/

WPtouch 1.9.33 improves security checks throughout the plugin. This is a security update.
http://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2010-09-05

Hey folks!

Microsoft has released a registry changeset that enables Windows PC’s to alter the search order for DLL’s, eliminating the current working directory from the search path. This will very effectively eliminate the vast majority of the vulnerabilities that might be exploited from the current series of errant DLL calls in popular applications. While this specific issue has been known for over a decade, it is only recently that this mehodology has been widely exploited. Using the registry changes at the link below CAN break existing applications, so MAKE A BACKUP! However, the altered behavior really is how DLL’s have been used in most applications for years, so it is unlikely that it will negatively affect your computing environment. Use the “Fix It” at the link below to install or change this behavior.
  http://support.microsoft.com/kb/2264107

MacBook firmware corrects freeze and crash issues. This is not a security update. Use the Apple Updater to install this update.

iWork 9.0.4 fixes several issues, particularly within table formatting and certain other layout issues. This is not a security update. Use the Apple Updater to install this update.

Adobe Shockwave 11.5.8.612 is a security update. If you have Shockwave installed (and you probably do), please update ASAP. This is a security update. Be sure to UNCHECK any optional toolbars and addons both during download AND during installation.
  http://get.adobe.com/shockwave

Silverlight 4.0.50826.0 corrects several stability and performance issues, and a potential security vulnerability when used through RDP. This is a security update. You’ll need to close ALL browsers before installing the update.
  http://www.microsoft.com/getsilverlight/

Time Lost is Never Recovered

I’ve been using a password management tool for about a year now that I truly doubt I could live without. When I initially learned of Roboform, I was very hesitant to even give it a chance. After all, I already have all my passwords recorded, painstakingly, and extremely well organized. And this didn’t allow me to add other information to the records that I might someday need (like the specific email address tied to an account). Nevertheless, I gave it a chance, just in case it really did make my web working any faster. You should too.

I now have over 400 logins stored within Roboform. Website management is greatly eased – instead of having to retype my username (if I can remember it) and password, I’m now using completely (and I mean COMPLETELY) random passwords generated by Roboform, storing the passwords in an encrypted vault and in a free backup online. I can login to any of these sites with literally one click. If I don’t remember the URL for one of the sites I need to access, that information is stored within the ‘login’, as are any other ‘notes’ you wish to include as well.

You can also add other details, contacts, notes, bookmarks, identity profiles and more – all within the same interface. If you are filling out a form online (such as creating an account on a site), it’ll actually prompt you to save the information. The next time you’re back to the site it provides direct access to the stored login you created minutes, or even years before. Click it, you’re logged in. Whew.

That’s all cool, but what if you’re one of us that uses multiple computers and devices. Great! Roboform is cross-platform, works in most browsers (Internet Explorer, Firefox, Chrome and others), works on most mobiles (iPhone, BlackBerry, Windows Mobile, Android and more), and directly within any web browser that supports JavaScript. Yes, seriously. Did I mention it actually synchronizes the data between each device for you? Talk about a time saver!

Check it out!
  https://12pd.com/click?roboform

Yes, there is a free version – and it supports up to ten logins. If you need more than that, the full version is on sale this holiday weekend.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Driver Updates

If you’re using this hardware – these updates are for you.

ATI Catalyst 10.8 adds OpenGL ES 2.0 support, and other performance improvements. This is not a security update.
  http://game.amd.com/us-en/drivers_catalyst.aspx

MS IntelliPoint 8.0.225.0 (MS mouse drivers) is a major version update, but with little along the details. Due to timing, I expect this to be a security update related to the DLL hijacking issues seen prominently today. Treat as a security update.
  http://www.microsoft.com/hardware/download/download.aspx?category=MK

MS IntelliType 8.0.225.0 (MS keyboard drivers) is a major version update. Like IntelliPoint, I expect this to be a security update related to the DLL hijacking issues. Treat as a security update.
  http://www.microsoft.com/hardware/download/download.aspx?category=MK

Email Updates

One or more of these are likely to be of interest to everyone.

Redemption 5.0.0.2174 adds 64-bit support, and a dozen other nifty developer capabilities, such as an onProgress event and account ordering. This is not a security update.
  http://www.dimastr.com/redemption/

Internet Updates

One or more of these are likely to be of interest to everyone.

uTorrent 2.0.4 fixes a DLL hijack exploit, peer exchange exploit, WebUI security issues, adds grouping, and other cosmetic changes. This is a security update.
  http://www.utorrent.com/downloads

Google Earth 5.2 improves embeddable functionality, adds track, multitrack functions, elevation profiles and improves file import capabilities. This is not a security update.
  http://earth.google.com/

Codec Updates

One or more of these are likely to be of interest to everyone.

Win x64 Codec Support 2.6.6 updates included codecs and corrects several bugs. This is likely a fix related to the popular DLL injection security issues going on, so should be treated as a security update. This applies only to 64-bit computers, and requires either the Win7 Codec Package or the Windows Vista Codec package.
  http://shark007.net/x64components.html

Win7 Codec Package 2.6.2 updates included codecs and corrects several bugs. This is likely a fix related to the popular DLL injection security issues going on, so should be treated as a security update. To install the update, you must uninstall and reinstall the application.
  http://shark007.net/win7codecs.html

Media Updates

These are unlikely to be of interest to most people.

iTunes 10.0 is a major version release, and adds several long-awaited features, including Win7 taskbar support (about time!), album grouping, and native media key support. Finally, these features offered in competing products for the last decade grace the “cosmetically” superior iTunes interface. This is a security update. Use the Apple Updater to obtain and install the most recent version.

ImgBurn 2.5.2.0 adds dozens of new features, performance, reliability and cosmetic improvements, including the removal of the ‘forced’ Uniblue marketing, and a couple potential security vulnerabilities. This is a security update.
  http://imgburn.com/index.php?act=download

VLC Media Player 1.1.4 fixes the DLL security issue facing many applications today. This is a security update.
  http://www.videolan.org/vlc/download-windows.html

Google Sketchup 8.0 adds geo-location modeling, color terrain maps, photo-matching, and a Building Maker plugin that helps speed the process of modeling buildings. This is not a security update.
  http://www.sketchup.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

SuperAntiSpyware 4.42.1000 resolves a compatibility issue with McAfee, updates detection libraries. This is not a security update.
  http://www.superantispyware.com/download.html

Utility Updates

These are unlikely to be of interest to most people.

CCleaner 2.35.1223 adds session cleaning, additional browser variants and newer applications, improves include/exclude, startup functionality, and accuracy, as well as other minor changes. This is not a security update.
  http://www.piriform.com/ccleaner

Speccy 1.04.173 adds 64-bit support, multiple-user installation option, improved version detection and better stability on Win7. This is not a security update.
  http://www.piriform.com/speccy

Goodsync & Goodsync2Go 8.3.3.3 adds several options to facilitate cleanup of the archive data, corrects multiple crash bugs, improves performance and adds several additional tracking options. This is not a security update.
  http://www.goodsync.com/download/affs/goodsync-x12pd.exe

GPU-Z 0.4.6 corrects temperature detection, broken BIOS parsing and improves support for various hardware. This is not a security update.
  http://www.techpowerup.com/downloads/SysInfo/GPU-Z/

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 3.3.6 corrects several minor bugs. This is not a security update.
  http://www.phpmyadmin.net/home_page/news.php
That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2010-02-06

Hey folks!

Microsoft has released an out-of-cycle update for Windows 7 and Windows 2008, correcting a privilege escalation bug that would enable an existing user of a machine to gain additional rights if successfully exploited. This is a security update. A reboot is required. These are both security updates. You should visit Microsoft Update immediately to install them. Depending on what you have open at the time of installation, a reboot may be required.
  http://update.microsoft.com/

Apple released iTunes 9.0.3, iPhone/iPod touch OS 3.1.3, Keyboard Firmware updates, and iMac Display Firmware updates this week. iTunes and the iPhone/iPod OS are security updates. The iPhone/iPod Touch OS update finally adds the ability to sync immediately upon connecting your device. Use the “Apple Updater” to get the most recent versions of the Mac software, but iTunes and the iPhone/iPod OS updates can be updated through iTunes, “Help”, “Check for Updates”.


Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you ALREADY have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.


Driver Updates
If you’re using this hardware – these updates are for you.

IntelliType Pro 7.1 resolves some (but not all) custom key-mapping issues, improves stability and support for Windows 7. This is not a security update.
  http://www.microsoft.com/hardware/download/download.aspx?category=MK

ATI Catalyst Drivers 10.1 fix a number of bugs from previous versions, most notably an incompatibility with Flash on Firefox and certain other hardware. This is not a security update.
  http://support.amd.com/us/gpudownload/Pages/index.aspx


Internet Updates
One or more of these are likely to be of interest to everyone.

Firefox 3.6 improves stability, javascript performance, HTML5 and other newer technology support, and adds a better security model for plugins, which should help to minimize future exploitation through plugins. This is a security update.
  http://www.mozilla.com/en-US/

Trillian for Mac is in Alpha testing right now. If you haven’t yet fallen in love with an instant messaging platform for your Mac, check it out!
  https://www.trillian.im/labs/


Security Software Updates
One or more of these is likely to be of interest to most people.

Avast! Free Antivirus 5.0.396 corrects a number of blue screen crash bugs, and adds additional language support. This is a security update.
  http://www.avast.com/free-antivirus-download

Spyware Terminator 2.6.6.196 incorporates an updated system files database, helping to eliminate false positives on Windows files. This is a security update.
  http://www.spywareterminator.com/download/download.aspx


Media Updates
These are unlikely to be of interest to most people.

Any Video Converter 3.03 updates the engine to provide faster conversion and adds support for two new output formats. This is not a security update.
  http://www.any-video-converter.com/products/for_video_free/

VLC Media Player 1.0.5 includes various fixes, speed improvements and translations updates. This is not a security update.
  http://www.videolan.org/vlc/

K-Lite Codec Pack 5.7.0 updates several codecs, MPC and various optimizations. This is not a security update.
  http://www.free-codecs.com/K_lite_codec_pack_download.htm

Vista Codec Package 5.5.6 updates several codecs and filters, and corrects a bug in TrueHD audio. This is not a security update.
  http://shark007.net/vistacodecpackage.html


Utility Updates
These are unlikely to be of interest to most people.

Notepad++ 5.6.5 corrects several issues with find/replace, adds a new find text/next feature and JSP support. This is not a security update.
  http://sourceforge.net/projects/notepad-plus/files/

Recuva 1.35.472 improves scanning performance, startup time and memory management. This is not a security update.
  http://www.piriform.com/recuva

TortoiseSVN 1.6.7 corrects a dozen reliability bugs, including two potential security vulnerabilities. This is a security update.
  http://tortoisesvn.net/downloads

GoodSync 8.1.3.5 corrects multiple performance issues and adds a couple scripting handlers for better automation. This is not a security update.
  http://www.goodsync.com/download/update

CCleaner 2.28.1091 corrects several minor bugs and adds several new usability features. This is not a security update.
  http://www.ccleaner.com/

That’s all for now folks. Keep it clean out there. 😉

And stay tuned: Patch Tuesday is the 9th!

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2009-08-26

Hey folks!

Since Windows 7 is finally being released (yay!), expect many hardware manufacturers to launch a huge series of driver updates over the next month or two. I’m already seeing updates for Logitech mice & keyboards, nVidia video cards, and Microsoft input devices (everything from webcams, headsets, mice and keyboards). While normally I encourage driver updates as soon as they’re released, unless you’re a hard-core gamer or are experiencing stability issues with your current hardware, you will probably want to hold off at least until mid-September, as most of those companies releasing updates today will release fixes for those updates again over the course of the next month.

Speaking of Windows 7…I’ve been using it for several months now and am very impressed. The performance issues Vista imposed are gone, and it is a far smoother experience than I would have expected. While there will be some issues that are hard to cope with (currently DQSD isn’t natively supported, nor are several other applications I *require*, like Spambayes and Trillian Astra, Annette “needs” her Zuma to work better than it does now, and the concept of “quick launch” is redesigned, causing a bit of a struggle for many) initially, I think it’s a huge improvement over both Windows XP and Vista, and on better video cards there are plenty of new user-interface improvements that will help task users work faster. This will be an operating system I’m happy to install across my computers again.

One last note: Over the last week I’ve seen another surge in “AVXP” malware infections from some of the “safe” top-ten search results pages in both Google and Bing. Be VERY careful out there right now! If you are browsing a WEB PAGE and a popup tells you that it has discovered “security risks” or other issues with your computer DO NOT install anything! Close the window (it’s safest to use ALT+F4) and perform manual scans with your anti-virus and anti-spyware applications immediately.

Now, onto the updates…

Microsoft released an out of cycle security patch for Windows today, a revision for the existing Autorun patch released several months ago. Microsoft has labeled this a critical update, but if nobody you do not trust has physical access to your computer it is not urgent. This patch minimizes the chances that a device (like a USB-stick, external drive or CD) could be used to execute arbitrary programs on your computer without your knowledge or consent.
  http://update.microsoft.com/
For most users this update does not require a reboot, so if your computer was on all night long, it’s probalby already installed.

For Mac users, Apple has released reliability updates for Apple Remote Desktop client and server, an important firmware update for hard drives in MacBook Pro machines, a firmware update for Bluetooth for several Apple input devices, and a feature update for iPhoto. Most of these can be accessed through Apple Update, or through:
  http://support.apple.com/downloads/

Sun Microsystems is currently testing a release for Java version 6u16. Among other things, this includes several security patches for the sandboxing feature intruduced earlier this year. While it is not currently being pushed, it will probably happen in the next few days, in your computer tray with the orange icon.
  http://www.java.com/en/download/installed.jsp?detect=jre&try=1
Don’t forget to UNCHECK the crapware options during installation!

Mozilla released Thunderbird 2.0.0.23 this week, correcting a security issue that applied only to secure email. Oops. If you use Thunderbird, this is a very important update.
  http://www.mozillamessaging.com/en-US/thunderbird/

Google released Chrome 2.0.172.43 today, which has several security updates, most importantly with the Javascript engine and SSL parser. The existing vulnerabilities could have been used to forge content as though it were coming from another domain through a secure connection or execute arbitrary javascript with the rights of the current logged in user, both of which are considered critical. If you are using Chrome already, it should update itself the next time you open it, or you can get the most current version here:
  http://chrome.google.com/

CDBurnerXP 4.2.5.1490 was released last week, providing automatic-updates, overburning, and stability improvements. If you’re using CDBXP, get this update!
  http://cdburnerxp.se/

I released Syncaid 1.0.0.48 over the weekend. This version has several new features, including clipboard parsing, extended logging, filetype assertion, and an option (overwrite=0) to check for an existing download of the target name and bypass downloading a new version if it’s found. This feature is especially useful if you use FileHippo, since it can now be used to create a cached directory of installation packages.
  https://saferpc.info/syncaid/
Another new feature expected to be implemented before Patch Tuesday is FileHippo category parsing – which will be able to sync an entire category of packages from FileHippo (such as “browsers” or “developer tools”), and avoid duplicate downloads for existing versions, saving time and bandwidth. For a sample Synfig builder for this, check out:
  https://saferpc.info/syncaid/filehippo.asp
Create the Synfig, copy it, then run Syncaid without an associated INI file – it’ll run the Synfig directly from the clipboard.

FileZilla FTP 3.2.7 and 3.2.7.1 have been released this week, providing stability improvements, and better TLS support. If you’re using FileZilla, you’ll want to get the update:
  http://filezilla-project.org/

Defraggler 1.13 was released Monday, as a reliability update which claims to increase performance as well. If you’re using Defraggler, or are looking for a fast and effective defragmentation application, look no further than  Defraggler:
  http://www.defraggler.com/

For developers:

TortoiseSVN 1.6.5.16974, a bugfix release that greatly improves stability, was released yesterday. So far it’s resolved several of the huge performance issues I had been having when navigating a local SVN repository – so I would definitely consider this an important update. If you’re using SVN, this is a must:
  http://tortoisesvn.tigris.org/

VMware released a security update to the VMware Player to version 2.5.3-185404, and also includes better support for Ubuntu as a guest and new support for Ubuntu as a host OS. Better stability on ATI graphics cards, better mouse event handling (preventing a security vulnerability related to drag & drop operations from host to guest). If you’re using the VMware Player, get the update:
  http://www.vmware.com/download/player/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/