Happy Valentine’s Day, Folks!
Today is Patch Tuesday for February, 2026.
If your Windows 10 computer can not be upgraded to Windows 11 then you should either replace your device or use the Windows 10 ESU program to get another year 8 months out of it.
There were 1530+ major hacks, and over 530 application updates this month. It’s a large month, with about 4.5 GB of updates for most users.
Welcome back, Folks!
Today is Patch Tuesday for October, 2025.
If your Windows 10 computer can not be upgraded to Windows 11 then you should either replace your device or use the Windows 10 ESU program to get another year out of it.
Windows 11 25H2 is now available and Windows 11 23H2 and older are no longer supported. Treat Windows 11 25H2 as beta software and wait a few months before upgrading.
macOS 26 Tahoe is now available and macOS 13 Ventura and older are no longer supported. Treat macOS 26 as beta software and wait a few months before upgrading.
There were 560+ major hacks, and over 390 application updates this month. It’s a very large month, with about 4.5 GB of updates for most users.
2GO Group, 7-Zip, Action Property Management, Inc, Acuna Fombona, Adobe Acrobat Reader, Adobe Analytics, Adpost, AES Clean Technology, AGETIC Bolivia, AIP Asset Management, Airspan Networks, Akulaku, Albany Gastroenterology Consultants, Alexander McQueen, Allegra DatabaseBackupBL, Allgäu Stern Hotel, Allianz Life Insurance Company of North America, Allied Services Division Welfare Fund, Altos, AMD SEV-SNP, Amelia Overhead Doors, American Archive of Public Broadcasting, American First Finance, American Income Life Insurance, Amos Space, AMS Fulfillment, Anchorage Neighborhood Health Center, Animeify, Ansell, António Belém & António Gonçalve, AOS, Inc, ApolloMD Business Services, AppFolio, Inc, Apple, Apple macOS, Aquarium of the Pacific, Archer Health, Archway Cookies, ARINC, Armalife, Artists&Clients, Asahi, Assaf Harofeh Medical Center, Asserson, Assisted Living Pharmacy Service, Astra Otoparts, AT&T, Atlas Pressed Metals, Aurora Emergency Physicians, Australia NSW Reconstruction Authority, Autodesk AutoCAD, Autodesk Revit, AutohausMalin, AV Services Barcelona, Avalara, Inc, Avira Prime, Avnet, AZpro Group, Bader Gruppe, Balenciaga, BAM, BancoCapital Ecuador, Batesky Law Office, BBOT, BCR Recouvrement, Belkorp Ag, LLC, Benworth Capital Partners, Bignault & Carter, BK Technologies, Black Hills Regional Eye Institute, BMW Group, BNB Chain, Bortolazzo Group, Bouygues Telecom, Boyd Gaming Corporation, Brancosoft, Braun Electric Company, Inc, Brightstar Lottery, Brunei Postal Services Department, Burlingame School District, Business Integra, BW-RF, Bykea, California Golf Club of San Francisco, California International Bank, NA, Cancel the Hate, Cardinal Machinery, Cascade Pacific Pulp LLC, Cayetano Heredia National Hospital of Peru, CCI Financial, Inc, CCleaner, CCMC, Cell Journal, Centers Laboratory, Central Valley Regional Center, Cesanta Mongoose, Chapter 13 Texas, ChatGPT Deep Research, Chess.com, Chicago Botanic, China’s Great Firewall, Chroma ATE, CIC Vietnam, Cineplanet, Circle K, Cisco Adaptive Security Appliance, City of Pittsburg, California, City of St Joseph, MO Health Department, City of Sugar Land, Texas, ClaimPix, Clarins, Clifford Paper Inc, CNH Industrial, Cobra Rolamentos, Cofiex Asesoría de Empresas, Coinbase, College Hometown Pharmacy, College Parkside Pharmacy, Collins Aerospace, Collins Systems, Comcast, Community Health Network, ComTec Systems, Conduent Business Services, LLC, Cookeville Regional Medical Center, Corban OneSource, Cornwall Council, Cornwell Quality Tools, County of Orange Office of Care Coordination, County of Stanislaus, CA, Credera, Crenshaw Community Hospital, occupied Crimea, Crypto.com, Cultura, Cyprus Post, Daily Printing, Dana-Farber Cancer Institute, Dassault Systèmes eDrawings Viewer, Dataforth, DDR5 Memory (Phoenix RowHammer), Decisely Insurance, Delek Group, Delta Electronics COMMGR, Delta Electronics DIALink, Department of Information and Communications Technology, Derriford Hospital, Digilent WaveForms, Digital Charging Solutions, Dimensional Control Systems, Discord, Django, DNC, Doctors Imaging Group, Dorset Council, DraftKings, DrayTek Vigor routers, E3 Site Supervisor, Earthadelic, EBA Engineering, eCapital Corp, Eckerd Connects, Edro Real Estate, Electoral Court of Uruguay, ELS Surveying, Emergency Responders Health Center, EMPIRE Distribution Inc, Episource, LLC, European airports, FAI Aviation Group, Fairmont Federal Credit Union, Falco Electronics, Family & Community Services, Fast Track, Feathers.ae, Ferus Smit, Field and Goldberg, FinWise Bank, Five Star Mechanical Inc, Flowise, Fort Wayne Medical Education Program, Fortra GoAnywhere MFT, Franklin Dermatology Group, PLC, FreeOnes, FreshRSS, Friedrich-Alexander-Universität, Friends of National Rifle Association of America (NRA), FTCS Forage, Fuji Electric FRENIC-Loader, Fundline Finance Corporation of the Philippines, Future Generali, FysioRoadmap, Gaylord Specialty Healthcare, General Directorate of Taxes and Estates, Generali Central Life Insurance, GIMP, GitHub Copilot, GitHub, GITSIT Solutions, LLC, Gladinet CentreStack and Triofox, Glenwood Management, Global Sumud Flotilla, GloboTech Communications, Google Chrome, Google Gemini, Google Law Enforcement Request System (LERS), Goosehead Insurance Agency, LLC, Goshen Medical Center, Grupo Serex, Gucci, Hacienda La Puente Unified School District, Hamdard Pakistan, Hampton Regional Medical Center, Hana Financial Inc, Harbor Diesel & Equipment, Harris Health, Harrods, Harvard University, Hathijobs, Hauts-de-France, HE Parks, Healthcare Interactive, Helity Copter Airlines, Hello Cake, Inc, HIEC, Hillside Library, Hitachi HTA, HomeRefill, Huawei Technologies, Hub Asset Management, Ideal Bathrooms, IMSS, Indian government’s tax authority, Indonesia Ministry of Education, Indonesian National Police, Insight Partners, Insightin Health, Insightly, Institute of Culinary Education, Integrity Testing & Safety Administrators, Intelliloan, Invoicely, IONODES, Israeli Nuclear Program, Ivanti Endpoint Manager, J E Stacey & Co, J Lorber, JASCO Applied Sciences, Jaspersoft Jasper Reports, K Shipbuilding, Kanal ZERO, Kering, Kevmor Trade Supplies, Key 4 Energy, Keys Pathology Associates, KFC Venezuela, Khan Academy, Kido nurseries, KillSec, Kiple, Kitevuc, Kronospan, Kstati, KT Corp, Kubernetes elections.k8s.io, a major Kuwaiti Construction Firm, La Perouse Medical Billing, Lake Haven, LAMMCO, Latest Pilot Jobs, Lautrec, Law Offices of James Scott Farrin, Lawrence Berkeley National Laboratory, Legacy 5, Legal Practice Board of Western Australia, Leprohon, LGB, Liberty Dental Town, Libraesva, LIC India, Linux Kernel, Linxx Global Solutions, Lipapromet, LiteLLM, Liverpool City Council, LNER, Lorain Emergency Physicians, Loteria de Medellin, Lotte Card, Ludlow Construction, Lux Actuaries & Consultants, LWG Inc, Maida.health, Main Electric Supply Company, Marshall County Schools, Maruji & Raines, Maryland Transit Administration, Mavis Tire Supply, MCBS, LLC, McDonald’s, Mecklenburg County Public Schools, Medical Associates of Brevard, Medicare Compare, Medkar, Medstar Health, Melis Platform CMS, Memphis Millwork, Meridian Valley Laboratories, MetalSoft, Methodist University, MFO ITALIA, Michael Strain Builders, Michigan City, Indiana, Microsoft, Microsoft .NET, Microsoft Entra ID, Microsoft IE mode, Mid South Rehab Services, Migración Colombia, Milesight Industrial Cellular Routers, Miljödata, Mill Bay Marine Group, Milliman Financial Risk Management LLC, MindManager, Mission City Community Network, MLflow, Mobydick Asset Management, Monero, Monterey Mushrooms, LLC, Motility Software Solutions, MPM Imports, MSB, MyHomemadePorn, Naftali Group, Namibia Student Financial Assistance Fund, Natoli Engineering, Neon, New York Blood Center Enterprises, News-Press & Gazette, Nintendo, Normandy, North America Construction (NAC), North Oaks Health System, Northern Rivers Resilient Homes Program, Northwest Medical Specialties, NP3 Benefícios, Nurture Care, Nvidia Merlin, OC Maine, Olive Branch Emergency Physicians, Omise, OneBlood, OneLogin, OnePlus OxygenOS, Open Practice Solutions, LTD, OpenPLC, Oracle E-Business Suite, Organon, Orion Engineering, Orwell Housing Association, OutcomesOne, Panama’s Ministry of Economy and Finance, Pangborn, Parivesh, Passaic Hospitalist Services, Passaic River Physicians, Paul Rossi Law Offices, Payactiv, Inc, Pays de la Loire, Peavey Electronics Corporation, Pediatric Otolaryngology Head & Neck Surgery Associates, Pennsylvania Attorney General’s Office, Pennsylvania Hospitalist Group, Pensacola Hospitalist, People Encouraging People, Perennial, Perplexity’s Comet AI browser, Perth Operationnal Technology, Pestbusters, Petro-Diamond, PGA Development, Inc, Pharmacie.ma, PHI Centre, Philippine Department of the Interior and Local Government, Philippine Land Transportation Office, Planet WGR-500, Plex, Podo Asset Management, PortSwigger Burp Suite MCP, PowerSchool, Preccs, Print Media Association, Professional Trust Company, Promchimexport, Prospect, Prosper, PS&KP Motor, PTR Asset Management, Pulkovo Airport, Pyramid Global Hospitality, R3 Consulting, Radiology Associates of San Luis Obispo, Razer Synapse 3, Red Coats Inc, Red Hat, Redis, Regal Mold, RemoteCOM, Renault, Reportage Empire Properties, Retina Group, River Learning Trust, Rocket TRUfusion Enterprise, Rockhill Women’s Care, Rockstar Games, Rogue Valley Door, Rosco Vision Systems, Roush Fenway Keselowski Racing, LLC, RTX Corporation, S&P Global, Sacada, Salesforce AgentForce, SalesLoft, Salud Consultorios, Samsung devices, Sanatorio Esperanza, Sanatorio Privado Punilla, Sapp Bros, SD Soluciones Digitales, Shamir Medical Center, Sharp Community Medical Group (SCMG), Sheheen, Hancock & Godwin, LLP, Sher Tremonte LLP, Shibarium, Shondeck, Shuffle, SI-Bone, Inc, Siemens Simcenter, SimonMed, Singburi Hospital, Sky Airline, SMP Europe, Software Unlimited Corp, SolarWinds Web Help Desk, SonicWall Firewalls, SonicWall SSLVPN, South Lyon Schools, Sri Lanka Ministry of Finance, SSA Group, St. John Ambulance Canada, Standard Fiber, State Bank of Vietnam, State of California, Department of Industrial Relations, Statewide Enterprises, Inc, Stellantis, Steve Basso Plumbing Heating, STMicroelectronics, Studio Legale Tisot Iuris, Study Gate, Sturgis Hospital, Suffolk County Council, Sunnyvale Elementary School District, SuperEd, Superior Vision Benefit Provider, Superior Vision Service, Survival Flight, Systeme AG, T Choithram And Sons, T-Mobile, Teamsters Union 25 Health Services & Insurance Plan, Tekni-Plex, Inc, Telstra, Texas Center for Infectious Disease Associates, Thai Future, The Daily Sentinel, The Institute of Culinary Education, The Job Shop, The Methodist Church of Southern Africa, The Moinian Group, The Property Business Australia, The Science Fiction Forum, Thomas M Hughes, Tiffany & Co, TLD Law, TOTOLINK X6000R, TransUnion, TraxNYC, Treasure Coast Hospice, Trinity Emergency Physicians, True World Group, Trustar Capital Management, Trusteed Plans Service Corporation, Tucows, Twin Cities Pain Clinic, UAE Society of Engineers, UHL, UNC Hospitals, Union County, Ohio, Unity game engine, University of North Carolina at Chapel Hill – School of Medicine, Uruguayan Government, US Air Force, US Customs and Border Protection (CBP), US Defense Advanced Research Projects Agency (DARPA), US Department of Homeland Security (DHS), US Federal Emergency Management Agency (FEMA), US Firms Heritage Growth Partners, US GeoServer, US HealthConnect, Uvalde Consolidated Independent School District, Valparaiso University, Vantage Finance, Vastaamo psychotherapy, Veradigm, Verily, Victor A. Campanile Insurance Agency, Viessmann Vitogate, Vietnam Airlines, VIM Technologies, VIR, Virtual Projects, VIVA Health, VMware NSX, Volvo Group North America, Vtenext, Vurbis Interactive, WagnerTech UG, Washington Prime Group, WatchGuard Firebox firewalls, Waterborne Environmental, Watsonville Community Hospital, Wayne Memorial Hospital, Webville, WEST Inc, Western Digital My Cloud NAS, Western Orthopaedics, Western Skies Wellness LLC, WestJet, WhatsApp, Williams & Connolly, win-cli-mcp-server, Wondershare Repairit, WordPress bbPress plugin, WordPress Community Events plugin, WordPress Ovatheme Events Manager plugin, WordPress RestroPress plugin, WordPress Service Finder theme, WordPress WooCommerce Designer Pro plugin, WordPress WP Freeio plugin, WordPress WP Travel Engine plugin, X (Twitter), XCAssociates, XChief, Yooshin Engineering Corporation and Zimbra Collaboration Suite have reported hacking or compromises this month.
Azure, Belgorod, Russia, Bermuda, Gaza, Palestine, Guinea, Kandahar, Afghanistan, Kyiv, Ukraine, Mexico, Microsoft 365 (more than once), Oblast, Ukraine, Odessa, Ukraine, Outlook encrypted messages, Spectrum, Starlink, Truth Social, Uttar Pradesh, India and Vodafone UK have suffered from outages this month.
Last months updates broke DRM video playback, Windows 11 Media Creation Tool, Windows Server 2025 Active Directory trust relationships, Windows SMVv1 shares (a good thing).
Michigan is trying to make it illegal for people to kiss on television.
Microsoft will be force-installing Microsoft 365 Copilot this month. Microsoft will be providing the ESU to everyone in the EU without requiring action on their part. Microsoft has confirmed that running multiple Office applications will cause problems with Copilot. Microsoft Office 2016 and 2019 are now end of life. Microsoft Exchange 2016 and 2019 are also now end of life.
Steam is going to end support for 32-bit hardware in January 2026.
A company refuses to do what their techs and consultants recommend (blaming costs, labor and training), then they get hacked, and ultimately the insurance company sues the techs instead of the executives? Dude. Just…dude.
Brave now has over 100 million active users. If you haven’t switched yet, you should.
Now back to our regularly scheduled program.
Patch Tuesday is very large this month. The typical computer should see roughly
GB in updates today. Let’s get started.
Microsoft released 101 updates to address 196 vulnerabilities in .NET, .NET Framework, Visual Studio, Active Directory Federation Services, Agere Windows Modem Driver, AMD Restricted Memory Page, ASP.NET Core, Azure Connected Machine Agent, Azure Entra ID, Azure Local, Azure Monitor, Azure Monitor Agent, Azure PlayFab, Confidential Azure Container Instances, Connected Devices Platform Service (Cdpsvc), Copilot, Data Sharing Service Client, Games, GitHub, Inbox COM Objects, Internet Explorer, JDBC Driver for SQL Server, Microsoft Brokering File System, Microsoft Configuration Manager, Microsoft Defender for Linux, Microsoft Edge, Microsoft Exchange Server, Microsoft Failover Cluster Virtual Driver, Microsoft Graphics Component, Microsoft Office, Microsoft Office Excel, Microsoft Office PowerPoint, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office Word, Microsoft PowerShell, Microsoft Windows, Microsoft Windows Codecs Library, Microsoft Windows Search Component, Microsoft Windows Speech, Network Connection Status Indicator (NCSI), NtQueryInformation Token function (ntifs.h), Redis Enterprise, Remote Desktop Client, Software Protection Platform (SPP), Storport.sys Driver, TCG TPM2.0, Virtual Secure Mode, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows Authentication Methods, Windows BitLocker, Windows Bluetooth Service, Windows Cloud Files Mini Filter Driver, Windows COM, Windows Connected Devices Platform Service, Windows Core Shell, Windows Cryptographic Services, Windows Device Association Broker service, Windows Digital Media, Windows DirectX, Windows DWM, Windows DWM Core Library, Windows Error Reporting, Windows ETL Channel, Windows Failover Cluster, Windows File Explorer, Windows Health and Optimized Experiences Service, Windows Hello, Windows High Availability Services, Windows Hyper-V, Windows Kernel, Windows Local Session Manager (LSM), Windows Management Services, Windows MapUrlToZone, Windows NDIS, Windows NTFS, Windows NTLM, Windows PrintWorkflowUserSvc, Windows Push Notification Core, Windows Remote Access Connection Manager, Windows Remote Desktop, Windows Remote Desktop Protocol, Windows Remote Desktop Services, Windows Remote Procedure Call, Windows Resilient File System (ReFS), Windows Resilient File System (ReFS) Deduplication Service, Windows Routing and Remote Access Service (RRAS), Windows Secure Boot, Windows Server Update Service, Windows SMB Client, Windows SMB Server, Windows SSDP Service, Windows StateRepository API, Windows Storage Management Provider, Windows Taskbar Live, Windows USB Video Driver, Windows Virtualization-Based Security (VBS) Enclave, Windows WLAN Auto Config Service, Xbox, XBox Gaming Services, and MSRT. This includes security updates. A reboot is required.
Apple released updates for iTunes 12.13.8.3, iOS 15.8.5, iOS 16.7.12, iOS 18.7.1, iOS 26.0.1, iPadOS 15.8.5, iPadOS 16.7.12, iPadOS 18.7.1, iPadOS 26.0.1, macOS Sequoia 15.7.1, macOS Sonoma 14.8.1, macOS Tahoe 26.0.1, Safari 26, tvOS 26.0.1, visionOS 26.0.1, watchOS 26.0.2, and Xcode 26. This includes security updates. Use Apple Software Update to install the most current versions.
iOS 15.8.5, 16.7.12, 18.7.1, and 26.0.1 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 15.8.5, 16.7.12, 18.7.1, and 26.0.1 are security updates. Use Settings, General, Software Update to install the most current update.
watchOS 26.0.2 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 26.0.1 is a security update. Use System, Software Update to install the most current version.
visionOS 26.0.1 is a security update. Use System, Software Update to install the most current version.
Google ChromeOS 140.0.7339.242, ChromeOS LTC 138.0.7204.293, and ChromeOS LTS 132.0.6834.245 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Tahoe (26.x) means that macOS Ventura (13.x) and older are no longer supported. If you can not install at least macOS Sonoma (14) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The current — and final — release of the Windows 10 (v22H2) is end of life (EOL). All non-LTS versions of Windows 10 without ESU are now out of support, with the sole alternatives being to upgrade to Windows 11 or enable Extended Service Updates (ESU). If you aren’t sure whether you are using LTS, you aren’t. Enable the ESU now.
https://12pd.com/s/win10esu
The current release of the Windows 11 (v25H2) is very large (30% larger than any previous release) so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, drivers for hardware you’re not using (like old printers), and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
GoXLR Utility 1.2.3 resolves several bugs and improves sampling and hardware support. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/
Plustek ePhoto Z300 6.7.0.4 resolves a Google Drive upload bug. This is not a security update.
https://plustek.com/us/products/film-photo-scanners/ephoto-z300/support.php
RICOH IM C4510 1.4.0.0 resolves a minor bug. This is not a security update.
https://support.ricoh.com/bb/html/dr_ut_e/rc3/model/imc4510/imc4510.htm
TP-Link Archer AX21 v1.20 250424 is a security update.
https://www.tp-link.com/us/support/download/archer-ax21/v1.20/#Firmware
UniFi Network Server 9.5.21 adds channel AI, multicast filtering, VLAN bridging, improved port management, and resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server
Xerox Smart Start 2.1.23.0 doesn’t provide a change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617
One or more of these are likely to be of interest to everyone.
Brave 1.83.112 is a security update.
https://brave.com/
Firefox 144.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 140.4.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Google Chrome 141.0.7390.76 is a security update.
https://www.google.com/chrome/
Microsoft Edge 141.0.3537.71 is a security update.
https://www.microsoft.com/en-us/edge/business/download
Vivaldi 7.6.3797.63 is a security update.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
Spark 3.26.0.117234 adds Slack, Outlook, and Microsoft 365 integration, resolves several bugs. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.26.0.117233 adds Slack, Outlook, and Microsoft 365 integration, resolves several bugs. This is not a security update.
https://sparkmailapp.com/
Thunderbird 143.0.1 is a security update.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
AnyDesk 9.6.2 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads
curl 8.16.0 adds a couple new features, updates libraries and dependencies, and resolves over 250 bugs. This is a security update.
https://curl.haxx.se/windows/
Discord October 7, 2025 slows the forced update cycle and resolves dozens of bugs. This is not a security update.
https://discord.com/download
Dropbox 234.4.5591 resolves several stability bugs. This is not a security update.
https://www.dropbox.com/
FileZilla Server 1.11.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/
FreeFileSync 14.5 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php
Google Drive 115.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start
MeshCentral 1.1.51 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html
Microsoft Teams 1.8.00.27654 adds slide controls, threading improvements and rich query for search. This is not a security update.
https://teams.microsoft.com/downloads
Nextcloud Server 32.0.0 is a major update that makes almost 3,000 changes to the server, including new features, improved responsiveness, and updating libraries and dependencies. This is a security update.
https://nextcloud.com/
Npcap 1.84 resolves several bugs. This is not a security update.
https://nmap.org/npcap/
OneDrive 25.159.0817.0003 improves reliability and performance, and renames the offline mode process. This is not a security update.
https://support.microsoft.com/en-us/onedrive
Rclone 1.71.1 resolves several bugs and improves stability. This is not a security update.
https://rclone.org/
Signal 7.74.0 improves performance and resolves several bugs. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.58.2 improves performance. This is not a security update.
https://signal.org/android/apk/
Syncthing 2.0.10 resolves several bugs. This is not a security update.
https://syncthing.net/
Telegram 6.2.3 resolves over a dozen bugs including stability issues. This is not a security update.
https://telegram.org/
Zoom 6.6.1.15968 resolves several bugs. This is not a security update.
https://zoom.us/
These are unlikely to be of interest to most people.
Grayjay 340 resolves several reliability bugs. This is not a security update.
https://grayjay.app/index.html
iTunes 12.13.8.3 doesn’t provide a change log so should be treated as a security update.
https://www.apple.com/itunes/download/
Plex Media Server 1.42.2.10156 resolves several bugs (including credit detection) and improves transcoding options. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
These are unlikely to be of interest to most people.
Minecraft Server (Bedrock) 1.21.113.1 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
Minecraft Server (Java) 1.21.10 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server
Nintendo Switch 20.5.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
PS5 2025.924 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
Steam 2025.10.03 is a security update.
https://store.steampowered.com/news/app/593110
SteamOS SteamDeck Update 2025.10.01 is a security update.
https://store.steampowered.com/news/app/1675200/
One or more of these are likely to be of interest to most people.
Adobe Reader DC 25.001.20756 resolves integration bugs. This is a security update.
https://get.adobe.com/reader
Calibre 8.12.0 adds support for newer hardware, resolves several bugs, and adds optional AI integration. This is not a security update.
https://calibre-ebook.com/
GIMP 3.0.6 resolves over a dozen bugs. This is a security update.
https://www.gimp.org/
GnuCash 5.13 resolves several bugs. This is not a security update.
https://www.gnucash.org/
Kindle for PC 2.8.70980 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc
Krita 5.2.13 resolves several bugs. This is a security update.
https://krita.org/en/download/
LibreOffice Fresh 25.8.2 resolves 70 bugs. This is a security update.
https://www.libreoffice.org/
Nextcloud Desktop 3.17.3 resolves over a dozen bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.8.6 resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/
PDF-XChange Editor 10.7.3.401 resolves several bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.
ChromeOS 140.0.7339.242 is a security update.
https://chromereleases.googleblog.com/search/label/Stable%20updates+ChromeOS
iOS 15.8.5, 16.7.12, 18.7.1, and 26.0.1 are security updates. Use Settings, General, Software Update to install the most current version.
iPadOS 15.8.5, 16.7.12, 18.7.1, and 26.0.1 are security updates. Use Settings, General, Software Update to install the most current version.
macOS Sequoia 15.7.1 is a security update. Use Settings, General, Software Update to install the most current version.
macOS Sonoma 14.8.1 is a security update. Use Settings, General, Software Update to install the most current version.
macOS Tahoe 26.0.1 is a security update. Use Settings, General, Software Update to install the most current version.
Tails 7.1 is a major update. This version improves startup and performance, and updates all included software and libraries. Hardware requirements have also changed. This is a security update.
https://tails.net/install/download/index.en.html
tvOS 26.0.1 is a security update. Use Settings, General, Software Update to install the most current version.
visionOS 26.0.1 is a security update. Use Settings, General, Software Update to install the most current version.
watchOS 26.0.2 is a security update. Use Settings, General, Software Update to install the most current version.
Zorin OS 18.0 is a major update offering cosmetic improvements, window arrangement and tiling options, web app support, M365 and OneDrive support (yuck!), and more. This is not a security update.
https://zorin.com/os/mirrors/
One or more of these is likely to be of interest to most people.
Chainsaw 2.13.1 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw
OpenSSL 3.6.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html
ProtonVPN 4.3.1 improves compatibility and reliability. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest
Radmin VPN 2.0.4899.9 doesn’t provide a change log so should be treated as a security update.
https://www.radmin-vpn.com/
RogueKiller 16.4.1 is a security update.
https://www.adlice.com/download/roguekiller/
Stinger 13.0.0.547 improves detection. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
uBlock Origin 1.66.4 resolves a resource bug. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
VT-CLI 1.2.0 adds “–private” syntax option. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest
These are unlikely to be of interest to most people.
Open Broadcaster Software 32.0.1 resolves several bugs and improves performance. This is not a security update.
https://obsproject.com/
These are unlikely to be of interest to most people.
DVDFab 13.0.4.9 adds support for new encodings and improves UHD Creator design. This is not a security update.
https://www.dvdfab.cn/download.htm
MakeMKV 1.18.2 improves reliability and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/
StreamFab 6.2.5.7 improves reliability and compatibility, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm
UniFab 3.0.2.9 improves performance and hardware compatibility. This is not a security update.
https://www.dvdfab.cn/unifab.htm
One or more of these are likely to be of interest to most people.
Zotero 7.0.26 resolves a bug in plugin installation. This is not a security update.
https://www.zotero.org/
These are unlikely to be of interest to most people.
1Password 8.11.14 resolves several bugs and improves biometrics, QR code scanning and JSON parsing. This is not a security update.
https://1password.com/downloads/
Agent Ransack 2022.3536 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/
AOMEI Partition Assistant 10.9.1 adds virtual disk support and resolves several bugs. This is not a security update.
https://www.diskpart.com/
Bitwarden 2025.9.0 improves performance, adds support for organization keys, and biometrics improvements. This is a security update.
https://bitwarden.com/
CCleaner 7.00.984 adds package uninstaller support, ARM64 support and improved duplicate identification. This is not a security update.
https://www.ccleaner.com/
CPU-Z Installer 2.17 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html
DesktopOK 12.14 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.6.7.0 improves CLI and search result copy. This is a security update.
https://dngrep.github.io/
email-oauth2-proxy 2025-10-04 resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy
ESEDatabaseView 1.79 adds option to perform case sensitive searches. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html
Everything 1.4.1.1029 improves msi installation, shell extension compatibility and localization. This is not a security update.
https://www.voidtools.com/
Everything SDK 1.4.1.1029 improves shell extension compatibility. This is not a security update.
https://www.voidtools.com/support/everything/sdk/
Everything Toolbar 2.1.0 adds ARM64 support and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/
ExplorerPatcher 26100.4946.69.4 resolves over a dozen bugs and improves compatibility. This is not a security update.
https://github.com/valinet/ExplorerPatcher/
Fido 1.66 adds support for Windows 11 25H2. This is not a security update.
https://github.com/pbatard/Fido/releases
FileLocator Pro 2022.3536 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download
Free Virtual Serial Ports 7.05.00.1623 adds the CLI app the distribution and improves stability. This is not a security update.
https://freevirtualserialports.com/
GadgetPack 39.0 updated outdated gadgets and resolves several bugs. This is not a security update.
https://8gadgetpack.net/
Git SCM 2.51 improves compatibility and resolves a dozen bugs. This is not a security update.
https://git-scm.com/
GoodSync 12.9.11 resolves several bugs. This is not a security update.
https://www.goodsync.com/
grepWin 2.1.12 resolves context menu bug. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest
Homedale 2.21 improves user interface. This is not a security update.
https://www.the-sz.com/products/homedale/
HWMonitor 1.60 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html
IsMyHdOK 4.44 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK
Kingston SSD Manager 1.5.6.0
https://www.kingston.com/us/support/technical/ssdmanager
LessMSI 2.10.3 improves help, layout, and adds Japanese translation. This is not a security update.
https://lessmsi.activescott.com/
NTLite 2025.10.10631 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/
OSForensics 11.1.1011 enables forensic image creation, password collection, and resolves a couple bugs. This is not a security update.
https://www.osforensics.com/download.html
PowerToys 0.94.2 resolves stability issues. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
Remotly Android 2.0 improves connectivity and controls, adds hardware support, and adds Multi-Join support. This is not a security update.
https://remotly.com/
RoboForm 9.8.2 resolves several bugs and improves import. This is not a security update.
https://www.roboform.com/
Rufus 4.11 adds support for Windows 11 25H2, adds dark mode support, drive conversion, UEFI improvements and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/
SpaceSniffer 2.0.5.18 improves cosmetics and Hi-DPI support, improved OS integration, and resolves several bugs. This is not a security update.
https://www.uderzo.it/main_products/space_sniffer/
WhyNotWin11 2.7.0 improves hardware detection and resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11
WinGet 1.11.510 removes 32-bit ARM support, adds Microsoft DSC v3 support, and resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest
WinScan2PDF 9.41 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
XnConvert 1.106.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/
ZoomIt 9.10 adds image smoothing. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit
These are unlikely to be of interest to most people.
Android 2025.1.4.8 resolves large APK redeployment and resolves several bugs. This is not a security update.
https://developer.android.com/studio
Docker Desktop 4.48.0 updates libraries and resolves several bugs. This is a security update.
https://www.docker.com/products/docker-desktop
GDevelop 5.5.243 resolves several bugs. This is not a security update.
https://gdevelop.io/download
GitHub Desktop 3.5.3 adds support for Ptyxis shell, upgrades libraries and resolves several bugs. This is not a security update.
https://desktop.github.com/
Go 1.25.3 is a security update.
https://go.dev/
Godot 4.5 improves accessibility, precomposition, backtracing, logging and more. This is not a security update.
https://godotengine.org/
Inno Setup 6.5.4 resolves several bugs. This is not a security update.
https://www.jrsoftware.org/isdl.php
NASM 3.01 is a major update adding support for APX, preprocessing and resolves more than a dozen bugs. This is not a security update.
https://www.nasm.us/index.php
Node.js 22.20.0 updates libraries and resolves dozens of bugs. This is a security update.
https://nodejs.org/en/
Node.js 24.10.0 updates libraries and resolves dozens of bugs. This is a security update.
https://nodejs.org/en/
Python 3.14.0 is a security update.
https://www.python.org/downloads/macos/
Visual Studio Code 1.105 resolves several bugs. This is not a security update.
https://code.visualstudio.com/
These are unlikely to be of interest to most people.
VirtualBox 7.2.2 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads
These are likely to be of interest only to web developers.
Adminer 5.4.1 resolves several bugs. This is not a security update.
https://www.adminer.org/en/
Joomla 5.4 is a security update.
https://www.joomla.org/
Joomla 6.0.0 is a new major release with many new features, options and controls. This is not a security update.
https://www.joomla.org/
phpMyAdmin 5.2.3 resolves several bugs. This is not a security update.
https://www.phpmyadmin.net/
WordPress 6.8.3 is a security update.
https://wordpress.org/
BuddyPress 14.4.0 is a security update.
https://wordpress.org/extend/plugins/buddypress/
Contact Form 7 6.1.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/
Duplicator 1.5.14 improves settings layout. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers
My Sticky Bar 2.8.3 resolves a cosmetic bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/
Postie 1.9.73 improves error handling. This is not a security update.
https://wordpress.org/extend/plugins/postie/
Sucuri Security 2.5 adds support for 2FA, QR code generation, and updates ignore list. This should be treated as a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/
Theme My Login 7.1.14 resolves a bug. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/
WordPress Importer 0.9.4 resolves a coupls bugs. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/
WP Cerber Security 9.6.10 resolves a couple bugs. This is not a security update.
https://wpcerber.com/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/
Happy New Year, Folks!
Today is Patch Tuesday for January, 2025.
It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.
If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer.
Windows 10 now has only 9 months of support left and I am already seeing availability issues for new computers.
There were 600+ major hacks, and over 300 application updates this month. It’s a “normal” month, with about 4 GB of updates for most users.
A Bar A Ranch, A Sensitive Touch Home Health, AAA Environmental, Abrasive Supply Corporation, Access TeleCare, Accolent ERP Software, AEP Texas, Aetna ACE, Akantha, Akumin, Inc, Albert Paper Company, Albion College, Alexandria University, Allen Carr’s Easyway, Allendale Long-Term Care Home, Alliance for Creativity and Entertainment, Allianz Life Insurance Company, Allied Packing And Rubber Inc, AllyScripts, LLC, Alphastar Home Health Care, Alta Resources Corp, American Addiction Centers, American Associated Pharmacies, American Trust Company, Americhek, Anna Jaques Hospital, AnnieMac, AnyDesk, Aosense, Apache HugeGraph-Server, Apache MINA, Apache Tomcat, Apache Traffic Control, ApolloGames, Apple macOS camera, Archie Cochrane Ford, Ardyss, Arena Technical Resources, Argentina Airport, Arista NG Firewall, Arixa Capital Advisors LLC, Arrotex Pharmaceuticals, Artistic Family Dental, Artivion, Ascension Health, Ascension Living, Asheville City Schools, Ashlar-Vellum Graphite, Astaphans, AT&T, Atos, AudioPrints, Autodesk Navisworks Freedom, AutomationDirect C-More, Auxis, Avana Electrotek, Aviatrix Controller, Avira Prime, Avstar Fuel Systems, 4,000 backdoored backdoors, Badger Popcorn And Concession Supply Company, Bangkok Medical Software HOSxP XE, Bank of America, Bank Rakyat Indonesia, Barber Specialties, Bartholomew Consolidated School Corporation, BASC.edu.ph, BayMark Health Services, BCM One, Belen Consolidated Schools, Betterdoor.com, Bettisworth North, Beverly, BeyondTrust, BigCommerce, Billet Precision, Biomedical Caledonia, Bitdefender Virus Scanner, BitView, Black Oak Casino Resort (yes, that one), Blome International, Bluegrass Ingredients, BlueZ Classic HID, Bonneville School District 93, Boone County School District, Borrego Health, Boston University Framingham Heart Study, Brant Catholic school board, Brazilian government, Brighton Jones, Brockton Neighborhood Health Center, Brooklyn Art Library, BrownPacking, Byte Federal Bitcoin ATM platform, Cairo Governorate Education Portal, California Correctional Health Care Services, Cariad, Carrollton Orthopaedic Clinic, Casio, CED Solutions Computer IT Training Centers, Cell C, Center for Child Development, INC, Central Valley Meat Co Inc, Chain And Rope Suppliers LTD, Charlie’s Tax Service, Charter, Christ The Redeemer School, CIRCA, Cisco, City of Corvallis, City of Noblesville, City of West Haven, City of Winston-Salem, Cleo Harmony, Cleo LexiCom, Cleo VLTrader, College Hospital Costa Mesa, Collezione, Colombia court system, Community Alliance, Compliance Solutions Inc, Conceptions Reproductive Associates of Colorado, ConnectOnCall, COROB, Costex, Cottrell Fletcher & Cottrell PC, CR&R Environmental Services, CREFSP, Crimson Wine Group, Crown Mortgage Company, Cyberhaven, D&G Enviro-Group, D-7 Roofing, 250,000 Danish consumer records, DAP Health, Davis Products Company Inc, DBM Global Inc, Delap & Waller, Delhi Public Primary School Itarsi, Dell Avamar, Dell’s Update Package Framework, Delta Electronics CNCSoft-G2, Delta Electronics DRASimuCAD, DEphoto, DigiEver DS-2105 Pro DVRs, Dignity Health Lassen Medical Clinic, Discord, District 65, DMM Bitcoin, Dobie Road, Douglas County Department of Health and Human Services, Downey Hospital, Dragonfly Health, Drivestream, Drupal, Drywall Partitions, Duke Energy, DuxHumanHealth, Dynasty Healthcare Company, E-Tank, Eastern Idaho Public Health, Economy Restaurant Equipment And Supply Company, Effortless Office, Eindhoven University of Technology, Ekonika, Energy Capital Credit Union, Enugu State Government, EPS-MTOSB, Espreso TV, European Space Agency, EVAS Group, Evidn, Ex-Times, Exostar, Facebook, Family Help & Wellness, Farline, Farnesina, Federal Bank of India, Fireproof Contractors Inc, Flamco, FlashFiber, FoodMap, Fortinet Wireless Manager, Forum Architecture & Interior Design, Four-Faith routers, Foxit PDF Reader, Frameworks, Fraunhofer IAO, Free Telecom Raises, Freightliner of Savannah, French Citizens, French Tennis Federation, Fukoku Co, Fullmer Construction, FunFun688, Gammal Tech, Geisinger, General Digital, General Dynamics, Genie Healthcare, GeoVision GV-ASManager, Gerber Life Insurance, GFI Archiver, GFI KerioControl, Gilbarco Veeder-Root Orpak, Giordano, DelCollo, Werb & Gagne, LLC, GLAMIRA, Golden Age Home Health Inc, Golden Hills School, Good Neighbors Credit Union, Good Samaritan Hospital, Google Chrome, GPM Lawn Sprinkler Supply, Granite School District, Gravy Analytics, Great Star Tools USA, Green Bay Packers store, Greene Supply Company, Grocy, Grupo Buddemeyer, Guardian.com, Gunnar Prefab, Habib’s, Halton Long Term Care, Hammons Supply Company, Hapn, Happy Magic Trick Shop, Harley-Davidson, Hartson-Kennedy Inc Group Benefit Plan, HealthEquity, Inc, Heavy Construction Systems Specialists, LLC, Helena Public Schools, HemenBahis, Heritage Bank, Hi-Raise Constructions Holding, Hide-A-Way Lake Club, Holton Public Schools, Hong Kong Food and Environmental Hygiene Department, Hong Kong Insurance Authority, Hong Kong Urban Renewal Authority, Hopamedia, Horizon Oil, Howell Township Public Schools, HRB Tax Group, Inc, Huaxia School, Hunter Taubman Fischer & Li, Huntington Hotel Group, Hyperice, I, Librarian, IHIO, Ikav Global Energy, Illinois Bone & Joint Institute, LLC, Illinois Department of Human Services, Illumina’s iSeq 100 DNA gene sequencer, Imperial Valley Respite, In-Home Attendant Services, INBAL, Indian government websites, 3.69 million Indian property records, Indianapolis Public Schools, Indonesia Government, InfoCert, Informaticarecoleta, Instagram, Insured Recovery, International Coffee & Tea, LLC, Internxt VPN, Inverclyde Council, Israel Defense Forces, Italian banks and government agencies, Italian Foreign Ministry, Ivanti Avalanche, Ivanti Connect Secure, Izmocars, Japan Airlines, Jared Beschel and Associates, Jay Enn Corporation, Jet Edge, Jim Thompson, JRT Automatisation, Kadokawa Corporation, Kadokawa, Kaizen Pharmaceuticals, Kansas City Hospice, Inc, KBanknow, Keeco, LLC, Kenton County School District, Kern Services, Khalil Center, Kilgore Industries, Kiswire, Kitsap Mental Health Services, global Know Your Customer (KYC) account data, Krispy Kreme, Kyndryl, LA Financial Federal Credit Union, Lake Shore Public Schools, Lancaster City Schools, Laramie County Library System, Las Palmas Del Sol Healthcare, Latitude, LCPtracker, Inc, Le Coq Sportif, Lebanese Intelligence Dept, LegalNurse, Lelivrescolaire, Lexington Diagnostic Center, Leyman Manufacturing, Linux Kernel Bluetooth, LKQ Corporation, Lokdal, Luxion KeyShot Viewer, Luxury Yacht Group, Lyons Specialty Co, macOS SIP, Madhya Pradesh’s child welfare agency, over 3,000,000 mail servers, ManageEngine Analytics Plus, Manens-Tifs SpA, Manitou Springs School District, Martin Sprocket & Gear, Inc, Maverick Constructors, MC2 Data, McCormick & Priore, McCray Lumber, McDonald’s, McFarlane, Medusind, Meezan Bank, Megaexit, Menorah Life, Inc, Metalmatrix Clamps, MetLife, mi.edu, Microsoft Azure Data Factory, Microsoft Azure MFA, Microsoft Edge, Microsoft PC Manager, Microsoft Purview, Microvision, Mission Bancorp, MLP Tax & Financial Services, Modern Automotive Network, Modern Dental Group Limited, Mohawk Valley Cardiology, Moneytor, Montreal North, Mossad, Moxa, MSI, MyGiftCardSupply, Nara, Nash Brothers Construction, Nathan American Academy, National Atomic Energy Commission, National Commission of Markets (Spain), National Library of Peru, Natomas Unified School District, Nikki-Universal, Nirjai, Niva Bupa Insurance Group, Nodex, Nominet, North Los Angeles County Regional Center, Northern Lights Electric, Northwest Asthma & Allergy Center, Norwalk La Mirada Unified School District, Norwex USA, Inc, Novati Constructions, Nuclei, NY & WY Orthpaedics Specialists, Obltelecom, OL Products, Omaha Surgical Center, OmniRide, Omnitravel, One Airline, OneBlood, Onecare, OpenWrt, Oppo, Ott Cone & Redpath, PA, Pacific Pulmonary Medical Group, Paessler PRTG Network Monitor, Palo Alto Networks Expedition, Panda Security Dome, ParrotTalks, Path of Exile 2, Patriarche Office of Architecture, Peikko, Pembina Trails School Division, Peruvian University of Applied Sciences, Peugeot Dealership, PharmaNewsOnline, PHG CPAs, Philippine Statistical Association Inc, PhoneMondo, PIH Health, Pinger USA, PingMoney, Pinno Construction, Pittsburgh Regional Transit, Platinum Celebs, Positive Behavior Supports Corporation, PowerSchool (this affects potentially millions of school districts across the globe), PracticeSuite, Press Color, ProCaps Laboratories, Progress Software WhatsUp Gold, Psychogen, PT Pertamina, PT PINS Indonesia, Qualcomm chips, Qualinet, Rainy River public school, Ramos Law, Rancho Santa Fe School District, Randolph Brooks Federal Credit Union, Randys Transmissions, Rapido, Realme, Regional Care, Inc, Relate Infotech, Reliance Connects, Rent-2-Own, ReutOne, Revolution Beauty, Rhode Island’s RIBridges, Richmond University Medical Center, River Region Cardiology, Riverina Medical, Rivers Casino Philadelphia, RM Group, Rockwell Automation Arena Simulation, Rocky Mountain Gastroenterology Associates, RocSearch, Rosreestr, Rozavam, Rspack, Ruby, Ruijie Networks, Rumpke Consolidated Companies, Inc & Affiliates Benefits Plan, Rutherford County Schools, Rydox, SAIC in Brazil, Samsung Devices, schenkYOU, Schneider Electric, Scholastic, Scottish rail network, SeaLandAire Technologies, Self Esteem Brands, LLC, SENATI, Senior Citizens, Inc, Senior Dating, SERGAS Group, Sheyenne Tooling & Manufacturing, Sidney Health Center, Siemens User Management Component, Simcoe Muskoka Catholic School, Skoda cars, Skopos, Slawson Companies, Slovakian land registry, SmartLynx Airlines SIA, Smith Tank & Steel, Solaris Pharma, SolGeo AG Baugelogie and Geotechnik, SonicWALL NSv, Sony XAV-AX8500, Sophos Firewall, Sparkling Smiles Family Dentistry, Spectrum, SpeedLine Solutions, Spelpaus, Sri Lanka Government Printing Department, Sri Lanka Police, SRP Federal Credit Union, Stanford University, Starbucks, Starkville-Oktibbeha Consolidated School District (SOCSD), State Registers of Ukraine, STIIIZY, Stillwater Area Public Schools, Summit Medical Group, PLLC, Sunflower Medical Group, Suno India, SuperDraft, Supreme Court of India, Surface Combustion, Swedish Gambling Authority, Synology, T Smiles Dental, T.Hasegawa USA, T1, Tahoe Truckee Sierra Disposal Co Inc, Talentely, Tarnaise des Panneaux SAS, Tayfa Denizcilik, Tecta America Corporation, Teedy, Telcel, Telecom Namibia, Telefónica, Tenable Nessus update system, Tesla Wall, Teton Orthopaedics, Texas Tech University Health Sciences Center, Thailand Department of Mineral Fuels, Tharisa, The Baker Center for Children and Families, The Coffee Bean & Tea Leaf, Thomas Cook, Thomas J. Henry Law, Tibber, Tibbo Aggregate Network Manager, Toscano Law, Total Patient Care LLC, Town of Ponoka, Town of Webster, Trend Micro Apex One, Trend Micro Deep Security, Trev Deeley Motorcycles, Trifecta, TruBridge, Inc, True World Holdings LLC, Trussville City Schools, Try.gov.hk, Tumeny Payments Limited, Tungsten Automation Power PDF, Turks and Caicos, Tycon Medical Systems, UGKK, Unisource Information Services, United Nations International Civil Aviation Organization (ICAO), University of Baghdad, University of Tasmania, US Committee on Foreign Investments, US EPA, 261,000 US insurance agents, 350,000 US mobile homeowners, US SSA, US Treasury, US Veteran Affairs, UT Southwestern Medical Center (fourth time in 18 months), Uvoice, Valio, Vallianz, Value Dental Center, Vaultwarden, Venki Supravizio BPM, Venntel, Veritas Enterprise, Verizon, Verosa LLC, VESD, Vickers Engineering, Village Community School, Village Fertility Pharmacy Group, VIP, VisionPoint Eye Center, VO Baker, VPNCity, VW Group, Wacom Center WTabletServicePro, Walker County Schools, Warid Telecom, Water Utilities Corporation, Waterstones, Watertown Public Schools, Watsonville Community Hospital, Webmin, Weininger Metall System GmbH, Western Montana Mental Health Center, Westerville City Schools, WhatsApp, Whittier Hospital, WilsonSD, Windows Active Directory Domain Controllers, Windstream, WireGuard Portal, Wood County, Word & Brown Insurance Administrators, Inc, World Leadership Academy, WSO2 API Manager, WY88 Casino, Xanthops, Xstrahl eBt Therapy Equipment, Xtream, XWiki, Yaaka, Yat Siu, Yonéma, YorkTest Laboratories, Young Life, Young Living Essential Oils, Youngs Counseling, PLLC, Youth Eastside Services, ZAGG Inc, and Zeifmans have reported hacking or compromises this month.
Docomo, Facebook, Instagram, MI6, Microsoft Multi-Factor Authentication (MFA) – effectively blocking access to MS 365, Proton, Threads, and WhatsApp have suffered from outages this month.
Last months updates broke Windows updates on new installations, Windows 11 Start Menu, Office 365 activation system, Windows 11 HDR, and Windows Bitlocker.
Microsoft is going to force-install “new” Outlook on Windows PCs within the next month.
“When exposing a crime is treated as committing a crime, you are being ruled by criminals.” — Edward Snowden
Now back to our regularly scheduled program.
Patch Tuesday is not that bad this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.
Microsoft released 70 updates to address 164 vulnerabilities in .NET, .NET Framework, Active Directory Domain Services, Active Directory Federation Services, Azure Marketplace SaaS Resources, BranchCache, Internet Explorer, IP Helper, Line Printer Daemon Service (LPD), Microsoft AutoUpdate (MAU), Microsoft Azure Gateway Manager, Microsoft Brokering File System, Microsoft Digest Authentication, Microsoft Edge, Microsoft Graphics Component, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office Outlook for Mac, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office Word, Microsoft Purview, Microsoft Windows Search Component, Power Automate, Reliable Multicast Transport Driver (RMCAST), Servicing Stack Updates, System Center, Visual Studio, Windows BitLocker, Windows Boot Loader, Windows Boot Manager, Windows Client-Side Caching (CSC) Service, Windows Cloud Files Mini Filter Driver, Windows COM, Windows Connected Devices Platform Service, Windows Cryptographic Services, Windows Digital Media, Windows Direct Show, Windows DWM Core Library, Windows Event Tracing, Windows Geolocation Service, Windows Hello, Windows Hyper-V NT Kernel Integration VSP, Windows Installer, Windows Kerberos, Windows Kernel Memory, Windows MapUrlToZone, Windows Mark of the Web (MOTW), Windows Message Queuing, Windows NTLM, Windows OLE, Windows PrintWorkflowUserSvc, Windows Recovery Environment Agent, Windows Remote Desktop Services, Windows Secure Boot, Windows Security Account Manager, Windows Smart Card, Windows SmartScreen, Windows SPNEGO Extended Negotiation, Windows Telephony Service, Windows Themes, Windows UPnP Device Host, Windows Virtual Trusted Platform Module, Windows Virtualization-Based Security (VBS) Enclave, Windows Web Threat Defense User Service, Windows Win32K – GRFX, Windows WLAN Auto Config Service, and MSRT. This includes security updates. A reboot is required.
Apple released updates for iOS 18.2, iOS 18.2.1, iPadOS 17.7.3, iPadOS 18.2, iPadOS 18.2.1, macOS 15.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, Safari 18.2, tvOS 18.2, visionOS 2.2 and watchOS 11.2. This includes security updates. Use Apple Software Update to install the most current versions.
iOS 18.2.1 is a security update. Use Settings, General, Software Update to install the most current update.
iPadOS 17.7.3 and 18.2.1 are security updates. Use Settings, General, Software Update to install the most current update.
watchOS 11.2 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 18.2 is a security update. Use System, Software Update to install the most current version.
visionOS 2.2 is a security update. Use System, Software Update to install the most current version.
Google ChromeOS 131.0.6778.241 and Google ChromeOS LTS 126.0.6478.261 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
Daemon Tools Lite 12.2.0 resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite
UniFi airMAX NanoStation 5AC Loco 8.7.15 is a security update.
https://www.ui.com/download/software/loco5ac
UniFi Network Server 9.0.108 adds zone-based firewall, CyberSecure, Network Application API and resolves several bugs. Thsi is not a security update.
https://www.ui.com/download/releases/network-server
VIISAN OfficeCam 7.2.5.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html
Wacom Driver 6.4.8-6 improves compatibility and resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers
One or more of these are likely to be of interest to everyone.
Brave 1.73.105 is a security update.
https://brave.com/
Google Chrome 131.0.6778.264 is a security update.
https://www.google.com/chrome/
Firefox 134.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 128.6.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
SeaMonkey 2.53.20 is a security update.
https://www.seamonkey-project.org/
Vivaldi 7.0.3495.29 is a security update.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
Mailspring 1.15.0 is a security update.
https://getmailspring.com/
Spark 3.19.2.94903 improves AI controls, user interface improvements and resolves several bugs. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.19.2.94902 improves AI controls, user interface improvements and resolves several bugs. This is not a security update.
https://sparkmailapp.com/
Thunderbird 128.6.0 is a security update.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
curl 8.11.1 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/
DNSDataView 1.76 adds DMARC support. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html
Dropbox 214.4.5217 resolves several bugs. This is not a security update.
https://www.dropbox.com/
Google Drive 102.0 resolves several bugs. This is not a security update.
https://drive.google.com/start
Grocy Desktop 2.11.0 updates Grocy and Barcode Buddy to their latest releases and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy-desktop
MeshCentral 1.1.38 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html
Microsoft Teams 1.7.00.33761 adds brand filtering and web-based screen controls. This is not a security update.
https://teams.microsoft.com/downloads
Nextcloud Server 30.0.4 updates libraries and resolves several bugs. This is not a security update.
https://nextcloud.com/
Omada Software Controller 5.15.6.7 adds support for additional hardware, SAML SSO support, DSL Gateway configuration and improvces RADIUS support. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/
Pocketnet-Core 0.22.11 improves jury and moderation, and resolves several bugs. This is not a security update.
https://pocketnet.app/
Pocketnet-GUI 0.9.107 resolves a dozen bugs. This is not a security update.
https://pocketnet.app/
Rclone 1.69.0 is a security update.
https://rclone.org/
Signal 7.37.0 improves visual feedback and macOS compatibility. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.28.4 adds chat folders and group grouping. This is not a security update.
https://signal.org/android/apk/
Syncthing 1.29.2 improves stability and resolves several bugs. This is not a security update.
https://syncthing.net/
Technitium DNS Server 13.3 resolves several bugs, including stability and denial of service. This should be treated as a security update.
https://technitium.com/dns/
Telegram 5.10.3 resolves several bugs. This is not a security update.
https://telegram.org/
Zoom 6.3.6 resolves several bugs, including a fix for a defect in the automatic update system, and makes cosmetic changes. This is not a security update.
https://zoom.us/
These are unlikely to be of interest to most people.
darktable 5.0.0 is a major update, including over 1,700 changes, 500 camera model improvements, user interface improvements, performance improvements and much more. This is not a security update.
https://www.darktable.org/
Grayjay 278 adds and removes Apple Podcasts, and resolves several several bugs. This is not a security update.
https://grayjay.app/index.html
KaraFun Player 3.4.6.81 improves stability and resolves several bugs. This is not a security update.
https://www.karafun.com/karaoke-windows/
Plex Desktop 1.106.0.276 adds Share button and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Home Theater 1.69.0.264 updates libraries. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Media Server 1.41.3.9314 is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
These are unlikely to be of interest to most people.
Minecraft Server (Bedrock) 1.21.51.02 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
SteamOS SteamDeck Update 2024.12.12 is a security update.
https://store.steampowered.com/news/app/1675200/
One or more of these are likely to be of interest to most people.
Adobe Animate 23.0.10 and 24.0.7 are security updates.
https://helpx.adobe.com/security/products/animate/apsb25-05.html
Adobe Illustrator for iPad 3.0.8 is a security update.
https://helpx.adobe.com/security/products/illustrator-mobile-ios/apsb25-04.html
Adobe Photoshop 26.2 and 25.12.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb25-02.html
Adobe Reader DC (Mac) 24.004.20272 resolves several bugs. This is not a security update.
https://get.adobe.com/reader
Adobe Reader DC 24.005.20320 is a security update.
https://get.adobe.com/reader
Adobe Substance3D Designer 14.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb25-06.html
Adobe Substance3D Stager 3.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-03.html
Audacity 3.7.1 doesn’t provide a change log so should be treated as a security update.
https://www.audacityteam.org/download/
Calibre 7.24.0 adds read-aloud and resolves several bugs. This is not a security update.
https://calibre-ebook.com/
ColdFusion 2021.18 and ColdFusion 2023.12 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-107.html
GnuCash 5.10 resolves dozens of bugs. This is not a security update.
https://www.gnucash.org/
Kdenlive 24.12.1 adds ASS subtitle support, resolves a bunch of bugs, and updates libraries and dependencies. This is not a security update.
https://kdenlive.org/
LibreOffice 24.8.4 resolves over 50 bugs. This is a security update.
https://www.libreoffice.org/
LibreOffice Fresh 24.8.4 resolves over 50 bugs. This is a security update.
https://www.libreoffice.org/
Manager 25.1.14.2025 improves inventory costing and controls. This is not a security update.
https://www.manager.io/
Nextcloud Desktop 3.15.3 resolves several bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.7.5 resolves over a dozen bugs and regressions. This is not a security update.
https://notepad-plus-plus.org/
Paint.net 5.1.2 improves performance and reduces resource requirements, resolves several bugs. This is not a security update.
https://www.getpaint.net/
PDF-XChange Editor 10.5.0.393 resolves dozens of bugs. This is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
QuickBooks Pro 2022 20241217-R18_40 resolves a crash bug. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products
QuickBooks Pro 2023 20241217-R15_29 resolves a crash bug. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products
Scribus 1.6.3 resolves over a dozen bugs. This is not a security update.
https://www.scribus.net/
These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.
ChromeOS 131.0.6778.241 is a security update.
https://chromereleases.googleblog.com/search/label/Stable%20updates+ChromeOS
iOS 18.2 and iOS 18.2.1 are security updates.
https://support.apple.com/kb/HT204204
iPadOS 18.2 and iPadOS 18.2.1 are security updates.
https://support.apple.com/kb/HT204204
macOS 15.2 is a security update.
https://support.apple.com/kb/HT201541
Tails 6.11 is a security update.
https://tails.net/install/download/index.en.html
tvOS 18.2 is a security update.
https://support.apple.com/kb/HT202716
watchOS 11.2 is a security update.
https://support.apple.com/kb/HT204641
One or more of these is likely to be of interest to most people.
Chainsaw 2.11.0 improves MFT parsing. This is not a security update.
https://github.com/countercept/chainsaw
MalwareBytes Desktop Security 5.2.4.157 rebrands from “Anti-Malware,” improves notification behavior, and now requires autorun for the VPN Kill Switch capability. This is not a security update.
https://www.malwarebytes.org/antimalware/
ProtonVPN 3.5.0 improves stability and reliability in censored countries. Thsi is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest
Stinger 13.0.0.254 improves detection. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
uBlock Origin 1.62.0 improves syntax and reliability and resovles several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
These are unlikely to be of interest to most people.
DVDFab 13.0.3.4 improves NVIDIA AI conversion. This is not a security update.
https://www.dvdfab.cn/download.htm
IsoBuster 5.5.1 adds dozens of new features, new media formats and mappings, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php
StreamFab 6.2.1.3 updates engine, improves compatibility, and resolves several bugs. Thsi is not a security update.
https://www.dvdfab.cn/downloader-new.htm
UniFab 3.0.0.1 is a major update and improves upscaling, performance and resolves a couple bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm
These are unlikely to be of interest to most people.
1Password 8.10.56 resolves over a dozen bugs. This is not a security update.
https://1password.com/downloads/
GadgetPack 38.0 rebrands from 8GadgetPack, adds Windows 11 support, updates graphics and cosmetics, and resolves a couple bugs. This is not a security update.
https://gadgetpack.net/
Agent Ransack 2022.3503 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/
AOMEI Partition Assistant 10.7.0 adds 1-click space fix and resolves several bugs. This is not a security update.
https://www.diskpart.com/
BatteryHistoryView 1.06 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/battery_history_view.html
Bitwarden 2024.12.1 resolves several bugs and improves compatibility. This is not a security update.
https://bitwarden.com/
CCleaner 6.31.11415 improves cleanup. Thsi is not a security update.
https://www.ccleaner.com/
CPU-Z Installer 2.13 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html
Cygwin 3.5.5 resolves over a dozen bugs. Thsi si not a security update.
https://cygwin.com/
DesktopOK 11.51 updates definition file options and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.2.121.0 updates libraries and resolves a couple bugs. This is not a security update.
https://dngrep.github.io/
ESEDatabaseView 1.76 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html
FileLocator Pro 2022.3503 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download
Fing 3.8.0 improves Network Insights feature and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows
GoodSync 12.8.0 resolves several bugs. This is not a security update.
https://www.goodsync.com/
HWiNFO 8.20 improves hardware support and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/
LessMSI 2.4.0 adds xo option to extract and overwrite. This is not a security update.
https://lessmsi.activescott.com/
NTLite 2025.01.10258 updates Windows 11 24H2 support and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/
Open-Shell 4.4.195 improves Windows 11 24H2 support and resolves several bugs. This is not a security update.
https://github.com/Open-Shell/Open-Shell-Menu
PingInfoView 3.20 adds dark background support and alternating row colors. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html
PointerStick 6.46 adds a new pointer option and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick
PowerToys 0.87.1 improves stability and resolves issues in many of the included tools. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
PSAppDeploy 4.0.4 resolves dozens of bugs. This is not a security update.
https://psappdeploytoolkit.com/
TeamViewer 15.61.4 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/
WifiInfoView 2.96 updates the internal MAC database. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html
WinScan2PDF 9.19 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
ZoomIt 9.0 adds live draw support. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit
These are unlikely to be of interest to most people.
Android Studio 2024.2.2.13 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio
GDevelop 5.5.221 improves 3D physics tracking and resolves several bugs. This is not a security update.
https://gdevelop.io/download
GitHub Desktop 3.4.12 resolves a merge bug. This is not a security update.
https://desktop.github.com/
Inno Setup 6.4.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://www.jrsoftware.org/isdl.php
Node.js 22.13.0 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/
Node.js 23.6.0 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/
SQLite 3.48.0 adds several new features, syntax support, and performance and memory improvements. This is not a security update.
https://www.sqlite.org/download.html
Visual Studio Code 1.96.2 resolves several bugs. This is not a security update.
https://code.visualstudio.com/
These are likely to be of interest only to web developers.
Grocy 4.3.0 improves stock management, grouping, recipes, userfields, and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy
HumHub 1.17.0 resolves over a dozen bugs. This is not a security update.
https://www.humhub.com/en
Joomla 5.2.3 is a security update.
https://www.joomla.org/
OpenCart 4.1.0.0 makes over six hundred changes and updates libraries. This should be treated as a security update.
https://www.opencart.com/
Piwigo 15.3.0 resolves a stability bug. This is not a security update.
https://piwigo.org/
Autoptimize 3.1.13 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/
Contact Form 7 6.0.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/
Sucuri Security 1.9.7 adds CSP reporting header support. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/
Theme My Login 7.1.10 resolves several bugs, including a nonce issue. This should be treated as a security update.
https://wordpress.org/extend/plugins/theme-my-login/
WP Cerber Security 9.6.5 removes dependency on wordpress.org, adds several new widgets and improves role support. This is not a security update.
https://wpcerber.com/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/
Welcome back, Folks!
Today is Patch Tuesday for October, 2024.
Windows 11 24H2 is out. So is macOS 15/Sequoia. iOS 18, iPadOS 18, tvOS 18, watchOS 11, and visionOS 11 are out now. The first set of security updates for each of these are released now, too.
All versions of Windows 11 prior to 23H2 are no longer be supported. Upgrade to 23H2 now, then do not upgrade to 24H2, yet. Let everyone else be the guinea pigs. It’s already showing quite a few issues.
All versions of macOS prior to 13/Ventura are no longer supported. If you can’t upgrade your Mac to Ventura you need to permanently take it offline and/or replace it.
Windows 10 now has only 12 months of support left. If your computer can not be upgraded to Windows 11 either start planning now for a switch to Linux or replacing your computer.
There were 505+ major hacks, and over 395 application updates this month. It’s an enormous month, with about 4 GB of updates for most users.
4B Components, 5.11 Tactical, A1 Mobile Locksmith, Access Ambulatory Surgery Center, LLC, Access Sports, Accurate Railroad Construction Ltd, Acuity Advisor, Adobe Acrobat Reader DC, Adobe After Effects, Adobe Audition, Adobe Commerce & Magento stores (5% of all their commerce sites!!!), Adobe Media Encoder, Adobe Photoshop, Adobe Premiere Pro, ADT, Advanced Sterilization Products, Inc, Affirm Agency, AFP, air-gapped government systems, Akromold, Al Rajhi Bank, Albany College of Pharmacy, Alliance, Ally Bank, Alshaya Group, Altman Plants, Alvan Blanch, American Water Works, Amgen Inc, Amplitude Laser, Andamen, Andantex USA, Anniversary Holding, Apache Avro, Apache HugeGraph-Server, Apex Softcell, Aramark myPay, Arc browser, Arelance Group, Around the Clock Companies, Asheville Arthritis and Osteoporosis Center, PA, AT&T, ATG Communications Group, Atrium Health, Autel Maxicharger, Auto Recyclers, AutoCanada, Autodesk Navisworks Freedom DWF, automatic storage tank gauge (ATG) systems (6 models), Avi Resort & Casino, Avis, Balboa Bay Club Ventures LLC, Banana Gun, Bangladeshi government, Barbados Revenue Authority, Barnes & Cohen, Batcom, Battle Lumber Co, Bay Ridge Automotive Management Group, Bazooka, Bel-Air Bay Club, BELL DATA, Inc, Benny Gantz, Bethalto Community Unit School District, Betterhalf, Bharat Petroleum, BingX, Bloom Hearing Specialists, Blundstone USA Inc, BNBuilders, BotSpace, Branhaven Chrysler Dodge Jeep Ram, Brechbuhler Scales Inc, BroadGrain Commodities, Broward Realty Corp, Brown Bottling Group, Brown Integrated Logistics, Brunswick Hospital Center, BSH Soft, BudTrader, C&L Ward, CaleyWray, Calibrated Healthcare, LLC, California Department of Social Services, Cameroon’s pension fund, Canstar Restorations, Capgemini, Capital Printing, Carlile Group, Cascade Columbia Distribution, Casino Fandango, Casio, Caterpillar Inc, Cellular Plus, CentralTickets, CF Medical, Charles Darwin School, Chernan Technology, ChiceDNA, Chinese government, a Chinese government botnet, Chrome, Chunghwa Telecom Data, Cincinnati Public Schools, City of Aberdeen, WA, City of Forest Park, City of Pleasanton, CA, City of Richardson, TX, CK Associates, CKS Packaging, Classic Business Products, CobelPlast, Cohesive Networks VNS3, Comcast Cable Communications, Community Clinic of Maui, Inc, Community Hospital of Anaconda, Compass Group, Concord Management Services, Condere IP, Conductive Containers, Inc, Connally Memorial Medical Center, Control Panels USA, CopySmart LLC, Corantioquia, Creative Consumer Concepts, Creative Playthings, CrediHealth, Crown Mortgage Company, CSG Consultants, D-Link routers, DATASUS, Daughterly Care, David’s Bridal, Del Valle Independent School District, Delaware Library system, Dell (twice in a week), Deloitte, Delta Prime, Department of Foreign Affairs (DFA), Philippines, DETRAN, Detroit Public TV, Diamond Contracting, LLC, Didi Chuxing, digiDirect, Dimensional Merchandising, DINAS Corp, Divine Interprises INC, DJH Jugendherberge, Domain Industries, DotPe, DPC DATA, Dr. Web, DrayTek routers, Dreyfuss + Blackford Architecture, Duopharma Biotech, Dutch Police, EasyMPS, Edge Imaging, eFile.com, EigenLayer, Elgin Separation Solutions, Elitecare Emergency Hospital, Elitecare, Empereon Marketing, English Football League, Enterprise Outsourcing, EnviroNET Inc, Environmental Code Consultants Inc, Erasmus+, ETC Companies, Ethena Labs, Eurobulk, Evans Distribution Systems, Experience Engine, Express Services, Fabrica Industrial Machinery & Equipment, FastStone Imave Viewer, Fazenda Brazil government, FBCS, Fedbank Financial Services, Feeld, Feldstein & Stewart, Fireworks Software, First Choice, Fleet Equipment, FoccoERP, Forshey Prostok LLP, Fortinet, Fortive, Foundation, Foxit PDF Reader, Freshstart Credit Repair, Frigocenter, Fritzøe Engros, FTV Employment Services LLC, Fylde Coast Academy Trust, G/S Solutions, Galloway MacLeod, Games Box, GameVN, Garvey, GenPro Inc, GitLab, GNOME Project G, GoDaddy, Golden Age Nursing Home, Gough Construction, Graminex, Graybill Medical Group, Greene Acres Nursing Home, Guerriere & Halnon, GW Mechanical, Hair Club for Men, Hamel Cranial Chiropractic & Wellness INC, Harvard Pilgrim Health Care, Harvey Nichols, HDI, Hertz, Hezbollah, Hindle Group, Holmes & Brakel, Howard CPAs, HPE Aruba Networking, Hughes Gill Cochrane Tinetti, Hunter Dickinson Inc, HuntStand, I-MED, Ibermutuamur, ICBC London, IDEALEASE INC, Idre Fjäll, Indian Supreme Court, Indodax, Infosys McCamish Systems, Instituto Nacional de Deportes de Chile, Insurance Agency Marketing Services, Inc, InteriorWorx Commercial Flooring, iOS Password Manager, 260,000 IoT devices (Raptor Train), Iron Metals, Isola, Israel Defense Minister, Israel Foreign Affairs Minister, Israel Harel Insurance, Israel Prime Minister, an Israeli analytics company, Israeli defense companies, Israeli Industrial Batteries, Istrail, Italian Ministry, Ivanti Cloud Services Appliance, Ivanti Endpoint Manager, Ivanti Workspace Control, Jackson Paper Manufacturing, Jacobsen Construction Co, Inc Health Plan, Joe Swartz Electric, Johnson & Wales University, JTaylor & Associates LLC, Juice Generation, Kawasaki Motors Europe, Keller Williams Realty Group, Kennedy Funding, Keuka College, Keya Accounting and Tax Services LLC, Kia dealer portal, Kia vehicles (again), KintApp, Kravit, Hovel & Krawczyk SC, KukuFM, Kuwait Health Ministry, LA Financial Federal Credit Union, Labib Funk Associates, Ladov Law Firm, Lakeland Chamber, Lancaster Royal Grammar, three-quarters of law firms (which explains a lot of the hacks this month), Law Offices of Michael J Gurfinkel, Inc, Lawrie Insurance Group, Lee Hoffoss Injury Lawyers, LEGO, Lenovo Service Bridge, Liberty First Credit Union, Local 1964 ILA Health & Insurance Fund, Lumen Technologies, Luso Cuanzа, Lyomark Pharma, MacGillivray Law, macOS graphics driver, macOS video decoder, Magenta Photo Studio, Malwarebytes Antimalware, Markdom Plastic Products, Maryville Academy, Mattson Technology, Inc, Max Shop, MC2 Data, McAbee Construction, Inc, McCarty Company, MCNA Dental, MDSi INC, MediCheck, MedReview, Messe C, Miami Dolphins Forum, Michigan Masonic Home, Michigan Medicine, Microsoft Azure API Management, Microsoft C++ redistributable, Microsoft Pragmatic General Multicast Server, Microsoft SharePoint, Microsoft Windows, Microsoft Windows 10 AllJoyn Router Service, Microsoft Windows Internet Explorer, Microsoft Windows SmartScreen, Mile Hi Foods, MIPS Holding, Inc, Mobility Compare, Model Engineering, Moeller Door and Window, MoneyGram, Mozambique Election System, Mt. Carmel Behavioral Healthcare, Muskogee City County Enhanced 911 Trust Authority, mySCADA myPRO, NASA, New Electric, New River Electrical, New York Sports Club, Noble Environmental, North American Breaker, Nova Sinseg, Nusser Mineralöl GmbH, NVIDIA Container Toolkit, Octapharma Plasma, OffRoadAction, Omega Industries, One Point HR Solutions, Onyx, OpenAI, OpenPLC_v3 Runtime, Optigo Networks ONS-S8, Oracle WebLogic, Pacific Coast Building Products, Pacific Islands Forum, Fiji, Pacific Scientific Energetic Materials Company LLC, Palomar Medical Group, PaperCut NG, Partners Air, Patelco Credit Union, Patrick Sanders Company, PDF-XChange Editor, Pearl Cohen, Peerless Umbrella, Performance Food Centers, Performance Therapies, PetEdge, Pete’s Road Service, PetroChina, Physical Medicine & Rehabilitation Center, Piggly Wiggly, Plaisted Companies, Plastics Plus, Plumbers Stock, Port of Seattle/Seattle-Tacoma International Airport (SEA), Power Torque Services, PRC-Saltillo, Premier Packaging, Prentke Romich Company, Progress Software WhatsUp Gold, Pureform Radiology Center, Qualcomm DSP, Quantum Healthcare, Raaga, Rackspace, Radio Geretsried, 19 UK railway stations, Ranveer Allahbadia, Reading Train Station, Red Barrels, Repsol, Research Electronics International, Reutter, Richland County, WI, Richmond Auto Mall, Richmond Community Schools, Riley Gear Corporation, Rim Country Health and Rehabilitation, Ring Power, River Delta Unified School District, River Region Cardiology Associates, Riverside Resort Casino, Rob Levine & Associates, Robson Planning Group Inc, Rockwell Automation PLC Software, Sacred Heart Catholic School, Sage Home Loans Corporation, SaniRent, Satia Group, Savannah Candy, Schäfer, dein Bäcker GmbH & Co KG, Scranton School District, Sellafield, ServiceNow, Shenango Area School District, Sherr Puttmann Akins Lamb PC, Shezmu, Shin Bet, ShoreMaster, Signature Healthcare Services LLC, siParadigm LLC, Slim CD, Smart Buy, Smart Source, Inc, 2,700 “smart” devices in the Netherlands, SolarWinds Access Rights Manager, Solutii Sistemas, Sono Bello, Southeast Cooler, Southern Bone, SpaceX, Spectrum Industries, Sportstech, spWETH Wallet, Star Blizzard, Star Health (India), Stillwater Mining Company, Storck-Baugesellschaft mbH, Structural Concepts, Sub-Zero, Wolf, and Cove, Sunrise Farms, Synnovis, TANYA Creations, TeamViewer, TeleHealth Center (India), Temu, Tewkesbury Borough Council, Thai Honda Manufacturing, The Gill Corporation, The Maids International, The Rubber Resources, The Superior Court of California, The Tech Interactive, Theresa Gordon Tax Services, Inc, Think Simple, Thomas Lloyd, Thompson Construction Supply, TIAA, Title Financial Corporation, Total Electronics, TOTVS, Toyota, TradeZero America Inc, Transport for London, Transtec SAS, TransUnion Risk and Alternative Data Solutions, Inc, Travel Alberta, TRC Worldwide Engineering, Trend Micro Deep Discovery Inspector, True Family Enterprises, Truflation, Truist Bank, Trump campaign, Tuttle-Click Automotive Group, Twilio, Uber Eats, UCC Retreivals, United Animal Health, Universal Music Group, University Medical Center, University of Minnesota Orthodontics, US Centers for Medicare and Medicaid Services, US Congress, US Dermatology Partners, UT Southwestern Medical Center, Uttarakhand (India) government, Veertu Anka Build, Verizon, Vermilion Parish Schools, Versa Director, VGTRK, Vickers Engineering, Vidisco, Virginia Dare Extract Co, Visionary Homes, Visteon Infotainment System, VMware vCenter Server, Ward Transport, Wayne County, MI, WazirX, We Level Up Treatment Lake Worth, Weiser Memorial Hospital, Weldco-Beales Manufacturing, Wells Fargo, Western Digital MyCloud PR4100, WhatsApp, Wichita Police, Wilmington Convention Center, Wilson & Lafleur, Wisconsin Physicians Service Insurance Corp, Woodard, Hernandez, Roth & Day, WordPress Houzez Login Register plugin, WordPress Houzez theme, WordPress LiteSpeed Cache Plugin, Wright, Moore, DeHart, Dupuis & Hutchinson, LLC, Young Consulting LLC, and Zimbra email servers have reported hacking or compromises this month.
AFP, AT&T, Cloudflare, Confidant Health, Dr. Web, Google CloudImposer, Highline Public Schools, MoneyGram, PlayStation Network, Port of Seattle, Providence Public Schools, State Data Center (India), Verizon, and WP Engine have suffered from outages this month.
Last months updates broke M4 iPad Pro devices, macOS Sequoia VPN & antivirus software, Microsoft 365 apps, Microsoft Outlook mail vs nested folders, Microsoft Word (serious – Word deletes your files if they have mixed case extensions!), Windows 11 24H2 BSODs, Windows 11 24H2 gaming performance, Windows 11 24H2 license activation, Windows reboots, and Windows USB & Bluetooth.
The Internet backdoor mandated by US federal law has been hijacked by China (Salt Typhoon) and is being actively exploited again across several phone providers. It’s not good.
Almost 3 in 5 of breached UK firms admit to paying ransom on demand. An insane 92% of healthcare firms in the US were hit by cyberattacks this year.
Now that “exploding pagers” (and more) are a thing, will people start to take supply chain and physical security seriously?
Fearing exposure of weak security processes, Apple has moved to dismiss their lawsuit against NSO Group.
Discord has added end-to-end encryption for audio & video calls.
NIST has finally scrapped their complexity and change frequency recommendations. The math on these recommendations simply doesn’t add up.
Now back to our regularly scheduled program.
Patch Tuesday is enormous this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.
Microsoft released 65 updates to address 121 vulnerabilities in .NET Framework, .NET, Azure CLI, Azure Monitor, Azure Stack, BranchCache, Code Integrity Guard, DeepSpeed, Internet Small Computer Systems Interface (iSCSI), Microsoft ActiveX, Microsoft Configuration Manager, Microsoft Defender for Endpoint, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Management Console, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office, Microsoft Simple Certificate Enrollment Protocol, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Speech, OpenSSH for Windows, Outlook for Android, Power BI, Remote Desktop Client, RPC Endpoint Mapper Service, Service Fabric, Sudo for Windows, Visual C++ Redistributable Installer, Visual Studio Code, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows BitLocker, Windows Common Log File System Driver, Windows Cryptographic Services, Windows cURL Implementation, Windows EFI Partition, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows Kernel-Mode Drivers, Windows Local Security Authority (LSA), Windows Mobile Broadband, Windows MSHTML Platform, Windows Netlogon, Windows Network Address Translation (NAT), Windows NT OS Kernel, Windows NTFS, Windows Online Certificate Status Protocol (OCSP), Windows Print Spooler Components, Windows Remote Desktop Licensing Service, Windows Remote Desktop Services, Windows Remote Desktop, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Scripting, Windows Secure Channel, Windows Secure Kernel Mode, Windows Shell, Windows Standards-Based Storage Management Service, Windows Storage Port Driver, Windows Storage, Windows Telephony Server, Winlogon, and MSRT. This includes security updates. A reboot is required.
Apple released updates for Apple TV 1.5.0.152 for Windows, iOS 17.7, iOS 18, iOS 18.0.1, iPadOS 17.7, iPadOS 18, iPadOS 18.0.1, macOS Sequoia 15.0.1, macOS Sonoma 14.7, macOS Ventura 13.7, Safari 18, Safari 18.0.1, tvOS 17.6.1, tvOS 18, visionOS 2, visionOS 2.0.1, watchOS 10.6.1, watchOS 11, watchOS 11.0.1, and Xcode 16. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.
iOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.
watchOS 10.6.1, 11, and 11.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.
tvOS 18 is a security update. Use System, Software Update to install the most current version.
visionOS 2 and 2.0.1 are security updates. Use System, Software Update to install the most current version.
Google Chrome OS 128.0.6613.163, 129.0.6668.80, and ChromeOS LTS 126.0.6478.254 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.
The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
AMD Adrenalin 24.9.1 improves hardware compatibility, game support, resolves several bugs and expands Vulkan extensions. This is not a security update.
https://www.amd.com/en/support
TP-Link Archer AX55 v1 240628 improves mesh and configuration controls. This is not a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware
goxlr-utility 1.1.4 resolves several compatibility and reliability bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/
UniFi Network Server 8.4.62 resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server
VIISAN OfficeCam 7.2.2.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html
One or more of these are likely to be of interest to everyone.
Brave 1.70.123 is a security update. Use Help, About to install the most current version.
https://brave.com/
Google Chrome 129.0.6668.100 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/
Microsoft Edge 129.0.2792.79 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download
Firefox 131.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 128.3.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/
Vivaldi 6.9.3447.51 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
Mailspring 1.14.0 is a security update.
https://getmailspring.com/
ProtonMail (Android) 4.0.22.1 resolves a major stability bug. This is not a security update.
https://proton.me/mail/download
Spark 3.17.9.86866 resolves several bugs. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.17.9.86865 resolves several bugs. This is not a security update.
https://sparkmailapp.com/
Thunderbird 128.3.0 is a security update.
https://www.thunderbird.net/en-US/
One or more of these are likely to be of interest to everyone.
AnyDesk 8.1.0 resolves dozens of bugs and improves stability. This is a security update.
https://anydesk.com/en/downloads
AnyDesk (macOS) 8.1.2 is a security update.
https://anydesk.com/en/downloads
BrowsingHistoryView 2.58 resolves an export bug. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html
curl 8.10.1 resolves over a dozen bugs. This is not a security update.
https://curl.haxx.se/windows/
Dropbox 209.4.3661 does not provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/
Facebook Messenger 215.6.0.24.211 is a security update.
https://www.messenger.com/download
FileZilla Server 1.9.2 resolves a bug in the update engine. This is not a security update.
https://filezilla-project.org/
Google Drive 98.0 is a security update.
https://drive.google.com/start
MeshCentral 1.1.32 is a security update.
https://meshcentral.com/info/downloads.html
Microsoft Teams 1.7.00.26062 improves onboarding flow and allows external presenters to join from mobile platforms. This is not a security update.
https://teams.microsoft.com/downloads
Nextcloud Server 30.0.0 is a major update, updating libraries, minimum requirements, and resolving more than a hundred bugs. This is a security update.
https://nextcloud.com/
Npcap 1.80 resolves several bugs. This is not a security update.
https://nmap.org/npcap/
Rclone 1.68.1 improves compatibility and resolves several bugs. This is not a security update.
https://rclone.org/
Signal 7.27.0 adds several new display options for media, groups and restores ability to search stored messages from groups you’re no longer part of. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.18.2 adds ability to search for emoji. This is not a security update.
https://signal.org/android/apk/
Technitium DNS Server 13.0.2 resolves protocol bugs. v13 adds several other new DNS features and controls including ZONEMD, RP, Catalog Zones and improved logging. This is not a security update.
https://technitium.com/dns/
Telegram 5.6.1 resolves dozens of bugs. This is not a security update.
https://telegram.org/
Telegram (Android) 11.1.3 resolves dozens of bugs. This is not a security update.
https://telegram.org/apps
Zoom 6.2.3.47507 resolves several bugs. This is not a security update.
https://zoom.us/
These are unlikely to be of interest to most people.
3tene 4.0.10 resolves a couple bugs and improves lip sync. This is not a security update.
https://en.3tene.com/
Bitwig Studio 5.2.4 resolves over 20 bugs. This is not a security update.
https://www.bitwig.com/download/
Grayjay 264 adds auto-play toggle, allows you to control rotation sensitivity, reverse rotation, and resolves several bugs and compatibility issues. This is not a security update.
https://grayjay.app/index.html
iTunes 12.13.3.2 is a security update.
https://www.apple.com/itunes/download/
Plex Desktop 1.102.0.230 resolves a couple bugs and adds an advertising consent notice. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Home Theater 1.67.1.233 updates web engine. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Media Server 1.41.0.8994 adds support for external subtitles, improved ad detection, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
These are unlikely to be of interest to most people.
Minecraft Server (Bedrock) 1.21.31.04 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
Nintendo Switch 19.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
PS5 2024.920 improves stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
Steam 2024.09.17 changes the terms of use and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
SteamOS SteamDeck Update 2024.10.03 improves Wi-Fi 7 compatibility. This is not a security update.
https://store.steampowered.com/news/app/1675200/
One or more of these are likely to be of interest to most people.
Adobe Animate 23.0.8 and 24.0.5 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-76.html
Adobe Commerce 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11, 1.4.2-p3, 1.3.5-p8, 1.3.4-p10, and 1.3.3-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html
Magento Open Source 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html
Adobe Dimension 4.0.4 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb24-74.html
Adobe FrameMaker 2020.7 and 2022.5 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-82.html
Adobe InCopy 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb24-79.html
Adobe InDesign 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-80.html
Adobe Lightroom 7.5, 13.5.1, and 12.5.2 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb24-78.html
Adobe Substance 3D Painter 10.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html
Adobe Substance 3D Stager 3.0.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html
Audacity 3.6.4 doesn’t have a change log so should be treated as a security update.
https://www.audacityteam.org/download/
Blender 4.2.2 resolves dozens of bugs. This is a security update.
https://www.blender.org/download/
Calibre 7.19.0 improves performance and resolves several bugs. This is not a security update.
https://calibre-ebook.com/
Ghostscript 10.04.0 is a security update.
https://www.ghostscript.com/releases/gsdnld.html
GnuCash 5.9 resolves several bugs. This is not a security update.
https://www.gnucash.org/
Kdenlive 24.08.1 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/
Krita 5.2.6 resolves over 50 bugs and improves reliability and stability. This is not a security update.
https://krita.org/en/download/
LibreOffice Fresh 24.8.2 resolves almost 200 bugs. This is a security update.
https://www.libreoffice.org/
Manager 24.10.8.1879 adds business templates, FDX support, and resolves several bugs. This is not a security update.
https://www.manager.io/
Nextcloud Desktop 3.14.1 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.7 updates libraries, resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/
PDF Candy Desktop 3.13 doesn’t provide a change log so should be treated as a security update.
https://pdfcandy.com/
PDF-XChange Editor 10.4.1.389 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
QuickBooks Pro 2022 20240726-R17_34 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products
QuickBooks Pro 2023 20240726-R14_39 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products
One or more of these is likely to be of interest to most people.
JShelter 0.19.1 improves Manifest V3 compatibility and performance. This is not a security update.
https://jshelter.org/install/
KeePass 2.57.1 is a security update.
https://keepass.info/
MalwareBytes Anti-Malware 5.5.4 doesn’t provide a change log so should be treated as a security update.
https://www.malwarebytes.org/antimalware/
RogueKiller 15.18.3 updates libraries and resolves several bugs. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/
SecurityCheck 2024.9.22 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/securitycheck/dl/123/
Stinger 13.0.0.197 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
SuperAntiSpyware 10.0.1268 adds support for new browsers, applications, unicode compatibility and resolves several bugs. This is a security update.
https://www.superantispyware.com/download.html
uBlock Origin 1.60.0 adds several new features and resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.
QubesOS 4.2.3 is a security update.
https://www.qubes-os.org/downloads/
Tails 6.8 is a security update. 6.8 also signals the merger of Tails and the Tor Project.
https://tails.net/install/download/index.en.html
Zorin OS 17.2 improves customization, updates libraries, and resolves several bugs. This is not a security update.
https://zorin.com/os/mirrors/
These are unlikely to be of interest to most people.
SnagIt 24.2.4 resolves stability bugs. This is not a security update. This is not a security update.
https://www.techsmith.com/screen-capture.html
VideoCacheView 3.10 improves compatibility with Google Chrome. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html
These are unlikely to be of interest to most people.
DVDFab 13.0.2.7 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm
MakeMKV 1.17.8 improves defect tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/
StreamFab 6.2.0.0 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm
UniFab 2.0.3.5 adds FLAC support and resolves sseveral bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm
One or more of these are likely to be of interest to most people.
Zotero 7.0.7 resolves several bugs. This is not a security update.
https://www.zotero.org/
These are unlikely to be of interest to most people.
1Password 8.10.46 adds QR code authentication, Wi-Fi QR code sharing, accessibility improvements, and resolved several bugs. This is not a security update.
https://1password.com/downloads/
AOMEI Partition Assistant 10.5.0 adds Boot Repair, improves Migrate OS and resolves bugs in the optical media creation flow. This is not a security update.
https://www.diskpart.com/
Bitwarden 2024.9.2 improves PDF attachment handling and improves Secrets Manager. This is not a security update.
https://bitwarden.com/
CCleaner 6.28.11297 adds support for new applications. This is not a security update.
https://www.ccleaner.com/
CPU-Z Installer 2.11 improves mainboard detection and adds new hardware support. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html
Deskflow 1.17.0 is a complete rebrand of the upstream Synergy source, pushing the public code base into a useful utility. This is the first one, though, so I’d hold off a little while. This is not a security update.
https://deskflow.org/
DesktopOK 11.44 improves copmatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.2.84.0 improves cache plug-in to use hash data to reduce network chatter, encoding improvements, and resolves several bugs. This is not a security update.
https://dngrep.github.io/
email-oauth2-proxy 2024-09-12 adds option to use password as credentials, improves documentation and resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy
Everything Toolbar 1.5.1 improves compatibility, adds RTL support, keyboard shortcuts and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/
ExplorerPatcher 22621.3880.66.6 improves compatibility and adds support for Windows 11 v24H2. This is not a security update.
https://github.com/valinet/ExplorerPatcher/
Fido 1.60 adds support for Windows 11 v24H2 and removes v23H2. This is not a security update.
https://github.com/pbatard/Fido/releases
Fing 3.7.1 improves Network Insights and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows
FoneTool 2.9.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html
Git SCM 2.46.1 resolves several bugs and improves documentation. This is not a security update.
https://git-scm.com/
GoodSync 12.7.6 improves logging and compatibility. This is not a security update.
https://www.goodsync.com/
Homedale 2.13 adds channel utilization reporting, Wi-Fi 7 (802.11be) support and filtering improvements. This is not a security update.
https://www.the-sz.com/products/homedale/
HWiNFO 8.12 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/
HWMonitor 1.55 adds support for newer hardware and battery information. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html
IsMyHdOK 4.11 adds support improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK
Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager
LessMSI 2.2.0 adds Italian language support. This is not a security update.
https://lessmsi.activescott.com/
MultiMonitorTool 2.11 resolves a mapping bug. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html
NTLite 2024.9.10073 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/
OSForensics 11.0.1014 resolves over a dozen bugs including performance and reliability issues. This is not a security update.
https://www.osforensics.com/download.html
PointerStick 6.44 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick
PowerToys 0.85.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
ScreenConnect 24.2 should be avoided. It has had rollout “paused” due to stability issues four times already. Just wait for 24.3 or 24.4 to be stable.
https://screenconnect.connectwise.com/download
TeamViewer 15.58.5 resolves several bugs and implements new cosmetics. This is a security update.
https://www.teamviewer.com/en-us/download/windows/
TestDisk 7.3 doesn’t provide a change log so should be treated as a security update.
https://www.cgsecurity.org/wiki/TestDisk_Download
XnConvert 1.101.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/
These are unlikely to be of interest to most people.
.NET Runtime 8.0.10 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet
Android Studio 2024.2.1.9 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio
GDevelop 5.4.213 adds ability to change opacity within properties panel, tilemap improvements, and resolves several bugs. This is not a security update.
https://gdevelop.io/download
GitHub Desktop 3.4.6 resolves several bugs. This is not a security update.
https://desktop.github.com/
Go 1.23.2 resolves several bugs. This is not a security update.
https://go.dev/
Node.js 20.18.0 updates libraries, resovles several bugs and adds experimental support for network inspection. This is not a security update.
https://nodejs.org/en/
Node.js 22.9.0 updates libraries, adds support for stack trace, disables V8, and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/
Python 3.13.0 resolves over a dozen bugs. This is a security update.
https://www.python.org/downloads/windows/
Visual Studio Code 1.94 improves Explorer Find, adds filtering options to Source Control Graph, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/
These are unlikely to be of interest to most people.
VirtualBox 7.1.2 is a major update, changing style, performance, stability, hardware compatibility and adding many options. It also initially broke older guests and this release fixes that as well as a dozen other bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads
These are likely to be of interest only to web developers.
Duplicator 1.5.11 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers
Sucuri Security 1.9.5 improves analysis. This should be treated as a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/
Welcome back, Folks!
Today is Patch Tuesday for April, 2022.
It’s another big one. Sprinkle a little disaster and angst on a world war, give script kiddies a megaphone and encourage them to hack strangers and you end up with the perfect storm of malice.
2FA/MFA implementations, Advanced Medical Practice Management, Alacrity Solutions Group, LLC, Alberta vaccine passport system, American Express, ASUS routers, Atlassian, Ballad Health, a large banking platform, Bank of Ireland, Bernards Township School District, Bet9ja, Black River Falls School District, Bradley Airport, Bridgestone Americas, CafePress, Caisse nationale d’assurance maladie, Cancer and Hematology Centers of Western Michigan, Capital Region Medical Center, Cash App, CDEK, Central Indiana Orthopedics, Central Minnesota Mental Health Center, Central Vermont Eye Care, Charleston Area Medical Center, Inc., Chelan Douglas Health District, Christie Clinic, Clinic of North Texas, LLP, Colorado Physician Partners, PLLC, Creative Services Inc, Cytometry Specialists, Denso, Dialyze Direct, LLC, Doctors Me, Duncan Regional Hospital, East Tennessee Children’s Hospital, East Windsor Township, Electoral Services Department of Wandsworth Council, EMC National Life Insurance, Emma Sleep Company, Englewood Health, Ermenegildo Zegna, Finland Department of Defense, Fox, Gainwell Technologies, LLC, GitLab, Globant, hundreds of GoDaddy’s Managed WordPress sites, Google Chrome (over 40 security vulnerabilities fixed in the last month), Grand Coloane Resort, H.P. Hood Dairy, Harris County Jail, Hellenic Post, Highmark Inc, Honda and Acura cars, Horizon Actuarial Services LLC, hundreds of HP printer models, HubSpot, Iberdrola, Isle of Wight EV chargers, Israeli government, Jefferson Dental and Orthodontics, l’Assurance, Labette Health, Law Enforcement Health Benefits, Inc., Local 295 IBT Employer Group Welfare Fund, Lutheran Social Services of Illinois, MailChimp, Major League Baseball Players Benefit Plan, Mansfield company, Medical Surgical Eye Care, Mercado Libre, Microsoft, MikroTik routers, Miratorg Agribusiness Holding, MN District 518, Morgan Stanley Wealth Management, National Rifle Association, New Jersey Brain and Spine, New York City public schools, Nordex, Northern Ireland TrustFord, Norwood Clinic, Okta (though they initially claimed otherwise, then backtracked), Palo Alto Networks, Palo Alto Networks hardware, Parker Hannifin Corp, Partnership HealthPlan of California, PhySynergy, LLC, PressReader, QNAP, Ronin, Rosaviatsia, Roskomnadzor, Rostec, Royal Enfield, Russia’s Federal Security Service (FSB), Russian Lipetsk Mechanical Plant, Russian Orthodox Church, Samsung Electronics, Scottish Association for Mental Health, Scottish Power, Sea Mar Community Health Center, Shutterfly, Snap-On, Sophos Security, South Denver Cardiology Associates, Spokane Regional Health District, Spring Framework for Java, SummaCare, SuperCare, Taylor Regional Hospital, Tennessee Pediatric Hospital, Texas Department of Insurance, The Works, Thomas Allen, Inc., Toei, Toyota, Transneft, TransUnion, Travelio, Trend Micro Apex Central, Trezor, Trinity Home Care, Inc., Ubisoft, Ukrainian IT Army, Ukrtelecom, Valley View Hospital Association, Veeam products, Viasat modems, Virginia Mason Medical Center, Vodafone, WatchGuard, Western Digital My Cloud, Wheeling Health Right Inc, Wynn Palace, Wyze Cam, ZAP-Hosting, and Zyxel hardware were hacked or compromised this month.
Now for the good news:
Internet Explorer is finally going to be going away in only two months. While this will eliminate a program that nobody should be using, it will have some side-effects for businesses that rely on Active-X objects. Still, net win.
Now back to our regularly scheduled program.
Patch Tuesday this month is smaller than it has been in months. The typical computer should see roughly 2.7 GB in updates today. Let’s get started.
Microsoft released updates for .NET Framework, Active Directory Domain Services, Azure SDK, Azure Site Recovery, LDAP, Microsoft Bluetooth Driver, Microsoft Dynamics, Microsoft Edge, Microsoft Graphics Component, Microsoft Local Security Authority Server, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Microsoft Windows Media Foundation, Power BI, Role: DNS Server, Role: Windows Hyper-V, Skype for Business, Visual Studio, Visual Studio Code, Windows Ancillary Function Driver for WinSock, Windows App Store, Windows AppX Package Manager, Windows Cluster Client Failover, Windows Cluster Shared Volume, Windows Common Log File System Driver, Windows Defender, Windows DWM Core Library, Windows Endpoint Configuration Manager, Windows Fax Compose Form, Windows Feedback Hub, Windows File Explorer, Windows File Server, Windows Installer, Windows iSCSI Target Service, Windows Kerberos, Windows Kernel, Windows Local Security Authority Subsystem Service, Windows Media, Windows Network File System, Windows PowerShell, Windows Print Spooler Components, Windows RDP, Windows Remote Procedure Call Runtime, Windows schannel, Windows SMB, Windows Telephony Server, Windows Upgrade Assistant, Windows User Profile Service, Windows Win32K, Windows Work Folder Service, YARP reverse proxy and MSRT (~2 GB). This includes security updates. A reboot is required.
Apple released updates for iOS 15.4.1, iPadOS 15.4.1, macOS Big Sur 11.6.5, macOS Monterey 12.3.1, Security Update 2022-003 Catalina, GarageBand 10.4.6, iTunes 12.12.3 for Windows, Logic Pro X 10.7.3, tvOS 15.4, watchOS 8.5.1, Xcode 13.3. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.
iOS 15.4.1 is a security update. Use Settings, General, Software Update to install the most current update.
iPadOS 15.4.1 is a security update. Use Settings, General, Software Update to install the most current update.
tvOS 15.4 is a security update. Use System, Software Update to install the most current version.
watchOS 8.5.1 are security updates. Use the Watch app on your iPhone to install the most current version.
Google Chrome OS 100.0.4896.82 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every year and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
If you’re using this hardware – these updates are for you.
Hundreds of HP printer models have new firmware security updates or advise disabling the LLMNR protocol. While you’re there consider disabling IPv6, WSD, DHCPv6, as well as SLP unless you’re in a corporate environment, and Bonjour unless you need to print from Apple mobile devices.
https://support.hp.com/us-en/document/ish_5948778-5949142-16/hpsbpi03780
Drivers by Seagull 2022.1 adds support for over 190 new printer models, improves GUI for Driver Wizard and resolves a bug with the GS1 Datamatrix AI 11. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/
One or more of these are likely to be of interest to everyone.
Brave 1.37.113 is a security update.
https://brave.com/
Google Chrome 100.0.4896.88 is a security update.
https://www.google.com/chrome/
Microsoft Edge 100.0.1185.39 is a security update.
https://www.microsoft.com/en-us/edge/business/download
Firefox 99.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 91.8.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
SeaMonkey 2.53.11.1 is a security update.
https://www.seamonkey-project.org/
Vivaldi 5.2.2623.33 is a security update.
https://vivaldi.com/
One or more of these are likely to be of interest to everyone.
Mailspring 1.10.2 is a security update.
https://getmailspring.com/
Thunderbird 91.8.0 is a security update.
https://www.thunderbird.net/en-US/
NK2Edit 3.43 adds an option to copy the contents of the selected cell. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html
One or more of these are likely to be of interest to everyone.
AnyDesk 7.0.7 resolves several bugs, and improves reliability. This is not a security update.
https://anydesk.com/en/downloads
AnyDesk for macOS 6.5.0 adds permission profiles and resolves a layout bug. This is the last version to support EOL macOS versions. This is not a security update.
https://anydesk.com/en/downloads
Dropbox 145.4.4921 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/
FileZilla Client 3.59.0 updates libraries. This is a security update.
https://filezilla-project.org/
Google Drive 56.0 resolves several bugs. This is not a security update.
https://drive.google.com/start
Nextcloud Server 23.0.3 updates libraries and resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/
ownCloud Client 2.10.1.7187 resolves many bugs. This is not a security update.
https://owncloud.com/desktop-app/
Prosody 0.12.0 resolves several bugs and improves security defaults. This should be treated as a security update.
https://prosody.im/download/start
Rclone 1.58.0 adds several new backends and resolves dozens of bugs. This is a security update.
https://rclone.org/
Skype 8.82.0.403 resolves several bugs and makes cosmetic improvements. This is not a security update.
https://www.skype.com/
Syncthing 1.19.2 updates error messaging. This is not a security update.
https://syncthing.net/
Technitium DNS Server 8.0.2 is a major update adding several new features, updates libraries and apps, and resolves several bugs. This is not a security update.
https://technitium.com/dns/
Telegram 3.6.1 resolves several bugs. This is not a security update.
https://telegram.org/
Trillian Mac 6.5.0.11 adds native support for M1, new emoji and history features, and resolves many bugs. This is not a security update.
https://www.trillian.im/
WGet 1.21.3 updates libraries. This is a security update.
https://eternallybored.org/misc/wget/
Zoom 5.10.1.4420 is a security update.
https://zoom.us/
These are unlikely to be of interest to most people.
FastStone Viewer 7.6 adds several new display controls and improves performance. This is not a security update.
https://www.faststone.org/FSViewerDetail.htm
Plex Desktop 1.43.3.2951 improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Home Theater 1.14.0.2935 adds a couple new features and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Media Server 1.25.9.5721 updates scanning behavior, adds support for plexmatch files, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
These are unlikely to be of interest to most people.
Epic Games 14.0.3 resolves several bugs. This is not a security update.
https://www.epicgames.com/
GameMaker Studio 2022.3.0.625 makes cosmetic and localization changes, adds several new features, and resolves dozens of bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker
Nintendo Switch 14.1.0 adds PPN. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
PS5 22.01-05.00.00 provides many changes to the user interface and nomenclature. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
RetroPie 4.8 updates libraries and apps. This is not a security update.
https://retropie.org.uk/
Steam 2022.03.16 resolves cosmetic issues. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0
One or more of these are likely to be of interest to most people.
Adobe Commerce 2.3.7-p3, 2.4.3-p2, and 2.4.4 are security updates.
https://helpx.adobe.com/security/products/magento/apsb22-13.html
Adobe Acrobat and Reader 22.001.20117, 22.001.20112, 20.005.30334, 20.005.30331, 17.012.30229, and 17.012.30227 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb22-16.html
Adobe After Effects 22.3 and 18.4.6 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb22-19.html
Adobe Photoshop 22.5.7 and 23.3 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-20.html
Blender 3.1 vastly improves performance and adds several new features and controls. This is not a security update.
https://www.blender.org/download/
Calibre 5.40.0 adds new features, news sources, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/
IcoFX 3.7.1 resolves several bugs. This is not a security update.
https://icofx.ro/
Kindle for PC 1.35.64251 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc
LibreOffice Still 7.2.6 resolves over 50 bugs. This is not a security update.
https://www.libreoffice.org/
LibreOffice Fresh 7.3.2 resolves over 70 bugs, including stability and crash bugs. This should be treated as a security update. The “Fresh” line is beta software so should be avoided by most users.
https://www.libreoffice.org/
Nextcloud Desktop 3.4.4 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/
Notepad++ 8.3.3 resolves a crash bug. This is not a security update.
https://notepad-plus-plus.org/
Paint.net 4.3.10 resolves a resize bug. This is not a security update.
https://www.getpaint.net/
PDF-XChange Editor 9.3.360.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor
One or more of these is likely to be of interest to most people.
Chainsaw 1.1.7 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw
MalwareBytes Anti-Malware 4.5.7 is a security update.
https://www.malwarebytes.org/antimalware/
OpenSSL 3.0.2 is a security update.
https://curl.se/windows/
OSFClone 1.3.1001 updates operating system. This is not a security update.
https://www.osforensics.com/tools/create-disk-images.html
Tails 4.29 is a security update.
https://tails.boum.org/install/dvd/index.en.html
uBlock Origin 1.42.4 improves reliability. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
VT-CLI 0.10.1 improves organization. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest
YARA 4.2.0 updates syntax and resolves several bugs. This is a security update.
https://github.com/countercept/chainsaw
Zorin OS 16.1 updates libraries, apps, improves hardware support, and performance. This is not a security update.
https://zorin.com/os/mirrors/
These are unlikely to be of interest to most people.
Elgato Game Capture HD (macOS) 2.11.14 improves Twitch API support. This is not a security update.
https://help.elgato.com/hc/en-us/articles/360027963512
Open Broadcaster Software 27.2.4 resolves several bugs. This is not a security update.
https://obsproject.com/
These are unlikely to be of interest to most people.
DVDFab 12.0.6.9 adds support for new encodings.
https://www.dvdfab.cn/download.htm
PDF Creator 4.4.2 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator
One or more of these are likely to be of interest to most people.
Zotero 6.0.4 is a major update that adds several new features and resolves two dozen bugs. This is not a security update.
https://www.zotero.org/
These are unlikely to be of interest to most people.
1Password for Mac 7.9.4 resolves several bugs and improves performance. This is a security update.
https://1password.com/downloads/mac/
Agent Ransack 2022.3314 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/
Beyond Compare 4.4.2.26348 improves command line support. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4
Bitwarden 1.32.1 updates Safari extension and resolves several bugs. This is not a security update.
https://bitwarden.com/
Dell Command Update 4.5 improves startup and SRP performance and adds deferral, session management, and WER handling. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en
DesktopOK 9.81 improves dark theme. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
DevManView 1.76 adds new quick filter option. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html
dnGrep 3.0.42.0 improves regular expressions and boolean testing and resolves several bugs. This is not a security update.
https://dngrep.github.io/
dupeGuru 4.2.1 resolves several bugs and updates libraries. This should be treated as a security update.
https://dupeguru.voltaicideas.net/
Etcher 1.7.8 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/
FileLocator Pro 2022.3314 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download
GoodSync 11.10.8 resolves dozens of bugs. This is a security update.
https://www.goodsync.com/
NTLite 2.3.4.8658 adds YubiKey compatibility, upgrades components and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/
PowerToys 0.57.2 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
Recuva 1.53.2078 improves licensing controls. This is not a security update.
https://www.ccleaner.com/recuva
RoboForm 9.2.5 is a security update.
https://www.roboform.com/
Rufus 3.18 is a security update.
https://rufus.ie/en_US/
ScreenConnect 22.3.7487.8130 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download
SearchMyFiles 3.17 adds folder background context option. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html
SimpleWMIView 1.51 updates the /columns command line switch behavior. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html
Ookla Speedtest CLI 1.1.1 doesn’t provide a changelog so should be treated as a security update.
https://www.speedtest.net/apps/cli
TeamViewer 15.28.9 resolves a reliability bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/
Unity 2021.3.0 resolves many bugs and updates libraries. This is not a security update.
https://unity3d.com/get-unity/download/archive
USBDeview 3.03 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html
Wazuh Agent 4.2.6 updates Kibana plugin and Splunk app and resolves a bug. This is a security update.
https://wazuh.com/start/
WifiInfoView 2.76 resolves a marking bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html
These are unlikely to be of interest to most people.
ADB 33.0.1 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools
Docker Desktop 4.7.0 is a security update.
https://www.docker.com/products/docker-desktop
GitHub Desktop 2.9.12 adds support for Brackets Editor, JetBrains RubyMine, JetBrains GoLand, and Android Studio, and resolves several bugs. This is not a security update.
https://desktop.github.com/
Godot 3.4.4 resolves several bugs. This is not a security update.
https://godotengine.org/
Node.js 12.22.12 is a security update. This is the final release of the 12.x line.
https://nodejs.org/en/
Node.js 14.19.1 is a security update.
https://nodejs.org/en/
Node.js 16.14.2 is a security update.
https://nodejs.org/en/
Node.js 17.9.0 is a security update.
https://nodejs.org/en/
SQLite 3.38.2 resolves several bugs, improves compatibility and CLI support. This is not a security update.
https://www.sqlite.org/download.html
TortoiseSVN 1.14.3 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html
Visual Studio Code 1.66.1 updates libraries and resolves several bugs. This is not a security update.
https://code.visualstudio.com/
These are likely to be of interest only to web developers.
Coppermine Gallery 1.6.18 improves compatibility. This is not a security update.
https://coppermine-gallery.net/
Drupal 9.3.9 is a security update.
https://drupal.org/download
Joomla 4.1.2 is a security update.
https://www.joomla.org/
MailEnable 10.39 resolves several bugs and improves security defaults. This is a security update.
https://www.mailenable.com/
WordPress 5.9.3 resolves several bugs. This is not a security update.
https://wordpress.org/
Autoptimize 3.0.2 improves stability. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/
BuddyPress 10.2.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/
Slider Revolution 6.5.19 resolves a couple bugs. This is not a security update.
https://revolution.themepunch.com/
WooCommerce 6.3.1 is a security update.
https://wordpress.org/extend/plugins/woocommerce/
WPBakery 6.9.0 improves compatibility and resolves several bugs. This is not a security update.
https://wpbakery.com/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/