Updates 2025-02-11

Posted on February 11, 2025 by Shawn K. Hall

Happy Valentines, Folks!

Today is Patch Tuesday for February, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, that time was about 5 weeks ago. Pickin’s are thin right now. 🙁

There were 275+ major hacks, and over 640 application updates this month. It shouldn’t be that bad though, with about 3.5 GB of updates for most users.

This Month in Technology

1win, 9Lives, Addison Northwest School District, Adobe Photoshop, Adopt Me Trading Values, an airline travel integration service, Allegheny Health Network, Alltours, Alpine iLX-507, Alpine IVI, AMD CPUs, American National Insurance Company, Android, AngelSense, Aoki Holdings, Apex Custom Software, Apple Core Media, Apple CPUs, Apple iPad, Apple iPhone, Apple macOS, Apple WebKit, Aprendamos Intervention Team, Arab Civil Aviation Organization, Arlington Westend Dental, Ascension Health, Asheville Eye Associates, AT&T, Autel MaxiCharger, AuthoraCare Collective, Automotive Grade Linux, Avery Products Corporation, AVTECH cameras, Bank Central Asia, Bankers Cooperative Group, Bayhealth Medical Center, BCP Council, Behavioral Health Resources, Benefits Management Group, Berman & Rabin, PA, Big Cheese Studio, Biomedical Caledonia Medical Laboratory Limited, Bitbucket Server, Blacon High School, Cabrillo College, Cacti, Canon imageCLASS MF656Cdw, Casio UK, Catholic Charities of Southern Nevada, ChargePoint EV charger, ChargePoint HomeFlex, Chicago Department of Public Health, Christian Community Aid, Circle K, Cisco, Cisco Identity Services Engine (ISE), City of Hayward, City of McKinney, City of Tarrant, City of Ulster, Cityworks, ClamAV, ClearML, Cleo, Comhairle nan Eilean Siar, Communicare, Community Health Center, Conduent, CR&R Incorporated, Cracked.io, Craft CMS, Crayfish, Crunchyroll, Daytrip, DeepSeek, Delaware Valley School District, Delta County Memorial Hospital District, Dignity Health Lassen Medical Clinic, Django, DogWifTools, Doxbin, DragonNest, E-Benefit Solution, Econet Wireless, Endo Group, ENGlobal, Ethereum, FC Barcelona, FortiOS and FortiProxy, Fota Wildlife Park, Frame & Optic, Frederick Health, Garden of Life, LLC, GeoTools, GitHub Copilot, Globe Life, Google Chrome, Google Gemini AI, Google’s OAuth, Gravy Analytics, GrubHub, H&M, Hakko Corporation, Han Van Duong, MD, Hanover County Public Schools, Harmonyland, Harrison County Schools, Harvard Pilgrim Health Care, HCF Management, Heart Centre, HeatGames, Hewlett Packard Enterprise (HPE), Hikari Seiko, Holdrege Memorial Homes, Hospital El Cruce, Hospital Sisters Health System, Huawei HG532 routers, Iannuzzi Manetta & Co, IMI plc, InterCon Construction, International AIDS Vaccine Initiative, IntraSystems, IPany VPN, Israel Police Systems, Ivanti Avalanche, Ivanti Endpoint Manager, Jefferson School District, Juniper VPN gateways, Kafene, Inc, Kenwood DMX958XR, Kenwood IVI, Kenya’s Business Registration Service, 12,000+ KerioControl firewalls, KraftCPAs, LandAirSea, Laravel Voyager, LCPtracker, Inc, Le Coq Sportif Columbia, Let’s Secure Insurance Brokers Pvt Ltd, LifeBridge Health, Lightning AI, Logsign Unified SecOps, Lucent Health, Magento, Malaysia’s National Tuberculosis Registry, Marina Family Medical, Matagorda County, MedSave Health Insurance, Microsoft Edge, Microsoft Office Word, Microsoft Outlook, Microsoft Windows Installer Service, 13,000 MikroTik routers, Mintty Sixel, Mission Bank, Mity, Inc, Mizuno USA, Mongoose, Moniepoint, Mortgage Investors Group, MSI, NASAMS, Nash County Public Schools, Netgear WiFi routers, New York Blood Center, NI Vision Builder, NoMachine, NorthBay Health, Nulled.to, OneBlood, OnePoint Patient Care, OpenAI ChatGPT, OpenMRS, Oppo, OrthoMinds, Otelier, OU Medicine, over 660,000 Rsync servers, Oxfam Hong Kong, O’Connor Corporation, Palo Alto firewalls, Parallels Desktop, PDF-XChange Editor, PFS Investments, Phemex, Philippines National Bureau of Investigation, Phoenix Contact CHARX SEC-3150, Planet Technology WGS-804HPT, PoinCampus, Portola Valley School District, PowerSchool Group LLC, Puroland, QNAP NAS, Ramona Unified School District, Rebound Orthopedics & Neurosurgery, Regence BlueShield, Republic of Georgia, Rhode Island Health Information Exchange, River Region Cardiology, RM Group of Education, Rochester City School District, Salinas City Elementary School District, San Francisco-Marin Food Bank, Sanrio Entertainment, Sante PACS Server, Santee School District, SAP NetWeaver, Scholastic, Self Esteem Brands, LLC, Siemens Tecnomatix, SimpleHelp RMM, SkilloVilla, Smiths Group, SonicWall SMA1000, Sony IVI, Sony XAV-AX8500, South African Weather Service, Speedio, Spring River Mental Health & Wellness, Square Medical Group, Stark AeroSpace, Sterling Bank, Subaru’s Starlink service, SuperDraft, the Taliban, TalkTalk, Tata Technologies, TD Bank, TeamViewer, Telefónica, Tesla Wall Connector, Texas Health and Human Services, Texas Tech University Health Sciences Center, The O’farrell Charter School, The Reshaping and Nutritional Company LLC, Thermomix Recipe World Forum, Tokio Marine HCC, Tornillo Independent School District, Trump Hotels, Tycon Medical Systems, Ubiquiti charger, UEFI, UFCW Local 135, University Diagnostic Medical Imaging, University of Notre Dame, Upper Canada District School Board, Valio, Valley News Live, Veeam, VMware Avi Load Balancer, VSCode SSH Agent, W3 Total Cache, Wacom, Wavlink AC3000, Welhof, Westend Dental, Wetaskiwin Regional Public Schools, WhoDB, Willow Pays, WinZip, Wolf Haldenstein, WOLFBOX EV charger, WOLFBOX Level 2 EV Charger, WordPress ASE Plugin, Ya-Moon, Yazoo Valley Electric Power Association, YesWiki, York Region District School Board, Young Consulting LLC, Youthmanual, Yubico pam-u2f, ZAR rehab clinics, Zendesk, Zimbra, Zyxel CPE routers, and Zyxel USG Flex and ATP firewalls, have reported hacking or compromises this month.

Bitbucket, Bohemia Interactive (DayZ and Arma Reforger), Cloudflare’s R2 object storage, Conduent, Garmin GPS watches, GitHub, Lee Enterprises, Microsoft 365, and PlayStation Network have suffered from outages this month.

Last months updates broke Microsoft 365 on Windows Server OS, “New” Outlook, Outlook email composition, Outlook search, USB audio drivers, Windows Activation, and Windows Server 2022.

Microsoft is now force-installing “new” Outlook (“Outlook Fred” for those in the know). Recently, Microsoft has been changing the management methods to prevent installation faster than they release updates to the software or tell their customers of the new policy changes, making it an administrative nightmare. I figure it will be either a class-action lawsuit, a federal (or EU) racketeering case, or an enterprise-wide wake-up to switch to Thunderbird that will finally get Microsoft to (briefly) start respecting their customers that have (oft repeatedly) expressly signalled their desire to opt out of this crap.

Microsoft is saying they’re going to stop supporting installing updates for Office apps on Windows 10 after it reaches end-of-life in October. This is probably BS, since they’ve never prevented installing Office updates on previous operating systems when they reached end-of-life, but you should switch from Windows 10 by then for other reasons anyway.

This doesn’t bode well for Let’s Secure Insurance. Ouch.

A year after announcing that it would be imposing a new UEFI signature and mere months before mandatory enforcement, Microsoft has finally released a script to create media that can boot using the new requirements.

Amazon has (finally) improved the default settings for Redshift to reduce the number of data leaks using their platforms.

The FTC has ordered GM to stop selling OnStar customer data (such as precise geolocation and driving behavior) without obtaining express consent.

In a surprise to literally nobody, security researchers learned that if you install bad things on your device, bad things can happen!

Now for the good news:

A lawsuit against automatic license plate readers is allowed to proceed.

Brave now allows you to inject custom JavaScript to tweak websites without an extension. 🙂 This comes only weeks after adding the ability to Rerank websites in the Brave Search engine.

Most importantly: Ross Ulbricht is free.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is not that bad this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released 41 updates to address 67 vulnerabilities in Active Directory Domain Services, Azure Network Watcher, Microsoft AutoUpdate (MAU), Microsoft Digest Authentication, Microsoft Dynamics 365 Sales, Microsoft Edge (Chromium-based), Microsoft Edge for iOS and Android, Microsoft High Performance Compute Pack (HPC) Linux Node Agent, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft PC Manager, Microsoft Streaming Service, Microsoft Surface, Microsoft Windows, Open Source Software, Outlook for Android, Visual Studio, Visual Studio Code, Windows Ancillary Function Driver for WinSock, Windows CoreMessaging, Windows DHCP Client, Windows DHCP Server, Windows Disk Cleanup Tool, Windows DWM Core Library, Windows Installer, Windows Internet Connection Sharing (ICS), Windows Kerberos, Windows Kernel, Windows LDAP, Windows Message Queuing, Windows NTLM, Windows Remote Desktop Services, Windows Resilient File System (ReFS) Deduplication Service, Windows Routing and Remote Access Service (RRAS), Windows Setup Files Cleanup, Windows Storage, Windows Telephony Server, Windows Telephony Service, Windows Update Stack, Windows Win32 Kernel Subsystem, and MSRT. This includes security updates. A reboot is required.

Oracle released 301 security updates this quarter to address vulnerabilities in 109 applications.

Apple released updates for GarageBand 10.4.12, iOS 18.3, iOS 18.3.1, iPadOS 17.7.4, iPadOS 17.7.5, iPadOS 18.3, iPadOS 18.3.1, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, Safari 18.3, tvOS 18.3, visionOS 2.3, and watchOS 11.3. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 18.3 and 18.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7.4, 17.7.5, 18.3 and 18.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.3 is a security update. Use System, Software Update to install the most current version.

visionOS 2.3.1 is a security update. Use System, Software Update to install the most current version.

Google ChromeOS 132.0.6834.98 and Google ChromeOS LTS 126.0.6478.264 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Epson ET-2750 2.71.00 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2750/s/SPT_C11CG22201

Epson ET-3760 2.68.02 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-3760/s/SPT_C11CG20203

Epson ET-3850 3.01 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-3850/s/SPT_C11CJ61201

Epson ET-4800 3.05 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4800/s/SPT_C11CJ65201

Epson ET-5880 3.04.00 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-5880/s/SPT_C11CJ28201

UniFi Network Server 9.0.114 resolves over a dozen bugs and improves Zone controls. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.6.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.75.175 is a security update.
https://brave.com/

Google Chrome 133.0.6943.53 is a security update.
https://www.google.com/chrome/

Firefox 135.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.7.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 7.1.3570.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.15.1 resolves several bugs. This is not a security update.
https://getmailspring.com/

Spark 3.20.4 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.7.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.0.2 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 8.12.0 is a security update.
https://curl.haxx.se/windows/

Discord February 3, 2025 adds several new performance improvements and privacy controls, as well as cosmetic and stability improvements. This is not a security update.
https://discord.com/download

Dropbox 217.4.4417 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

FreeFileSync 14.0 adds dark mode support, improves cosmetics and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 104.0 is a security update.
https://drive.google.com/start

Grocy Desktop 2.12.1 updates the Grocy release and fixes dependencies. This is not a security update.
https://github.com/grocy/grocy-desktop

Microsoft Teams 1.8.00.1362 adds several new management and organizational features. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.5 resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

PuTTY 0.83 resolves several bugs. This is not a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Signal 7.41.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.32.3 improves organization. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.4.1 should be treated as a security update.
https://technitium.com/dns/

Telegram 5.10.7 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 6.3.6.56144 adds a “new and improved” sidebar and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.13 improves rigging motions. This is not a security update.
https://en.3tene.com/

Grayjay 281 resolves compatibility issues. This is not a security update.
https://grayjay.app/index.html

KaraFun Player 3.4.6 improves stability and performance, ARM compatibility, and resolves several bugs. This is not a security update.
https://www.karafun.com/karaoke-windows/

Kodi 21.2 resolves dozens of bugs. This is a security update.
https://kodi.tv/

Plex Desktop 1.107.2.300 resolves a compatibility bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.70.1.303 updates libraries and now improves privacy on Linux. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.60.10 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2025.115 improves performance and usability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.01.28 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Commerce 2.4.8-beta2, 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 1.5.1, 1.4.2-p4, 1.3.5-p9, 1.3.4-p11, 1.3.3-p12, 2.4.8-beta2, 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-08.html

Adobe Illustrator 28.7.4 and 29.2.1 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb25-11.html

Adobe InCopy 19.5.2 and 20.1 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb25-10.html

Adobe InDesign 19.5.2 and 20.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-01.html

Adobe Photoshop Elements 2025.1 is a security update.
https://helpx.adobe.com/security/products/photoshop_elements/apsb25-13.html

Adobe Substance 3D Designer 14.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb25-12.html

Adobe Reader DC 24.005.20399 resolves several crash bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Substance 3D Stager 3.1.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-09.html

Artweaver 8.0.2 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 7.25.0 resolves several bugs and improves compatibility. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.1.5 improves compatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Krita 5.2.9 massively improves text support. This is not a security update.
https://krita.org/en/download/

LibreOffice Fresh 25.2.0 resolves almost 300 bugs. This is a security update. Please do not use the “Fresh” line – use the stable release instead.
https://www.libreoffice.org/

Manager 25.2.9.2075 improves inventory controls. This is not a security update.
https://www.manager.io/

Notepad++ 8.7.7 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.1.3 resolves over a dozen bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.5.1.394 improves cosmetics and resolves over a dozen bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

iOS 18.3.1 is a security update. Use Settings, General, Software Update to get the most current version.

iPadOS 17.7.5 and iPadOS 18.3.1 are security updates. Use Settings, General, Software Update to get the most current version.

macOS 15.3.1 is a security update. Use Settings, General, Software Update to get the most current version.

Tails 6.12 is a security update.
https://tails.net/install/download/index.en.html

tvOS 18.2.1 and tvOS 18.3 are security updates. Use Settings, General, Software Update to get the most current version.

watchOS 11.3.1 is a security update. Use the Watch app from your iPhone to install the current version.

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Runtime 9.0.1 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Java 8u441 is a security update.
https://www.java.com/en/download/manual.jsp

MalwareBytes Desktop Security 5.2.6.163 resolves a quarantine bug. This should be treated as a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 3.5.1 improves stability and performance. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest

RogueKiller 16.0.2 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.283 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1272 adds a new Browser Protection feature and resolves several bugs. This should be treated as a security update.
https://www.superantispyware.com/download.html

Windows Defender Offline 20250119 doesn’t provide a change log so should be treated as a security update.
https://windows.microsoft.com/en-us/windows/what-is-windows-defender-offline

Wireless Network Watcher 2.42 updates the internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 31.0.1 resolves several crash and stability bugs. This is not a security update.
https://obsproject.com/

SnagIt 24.3.2 is a security update.
https://www.techsmith.com/screen-capture.html

VideoCacheView 3.11 improves support for newer Chrome (v132+) cache structure. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.5 adds support for MP4/MKV AV1 output, improved hardware acceleration and resolves an audio quality bug. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 20250204 resolves an SVT-AV1 API compatibility issue. This is not a security update.
https://ffmpeg.org/ffmpeg.html

IsoBuster 5.5.2 resolves compatibility issues with CD-i and macOS generated media, and special characters in file and folder names. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.17.9 changes only the version number. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 5.3.3 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.2.2.0 improves compatibility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.0.5 adds Colorizer support and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.60 resolves several bugs. This is not a security update.
https://1password.com/downloads/

Beyond Compare 5.0.5.30614 updates libraries and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2025.1.4 now imposes 2FA for new sessions and unknown locations, adds ability to generate SSH keys, and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.32.11432 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.14 adds support for newer hardware and resolves a cosmetic bug. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.5.7 resolves several bugs. This is not a security update.
https://cygwin.com/

Dell OS Recovery Tool 2.4.2.2193 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 11.57 improves uninstall and automatic update. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.3.3.0 updates libraries, adds several new features (Show Replacements, Minimize & Restore, Replace dialog layout) and updates translations. This is a security update.
https://dngrep.github.io/

GoodSync 12.8.2 adds a new @file filter, improves compatibility and rearranges job options. This is not a security update.
https://www.goodsync.com/

GUIPropView 1.31 adds several new columns to the display. This is not a security update.
https://www.nirsoft.net/utils/gui_prop_view.html

Homedale 2.16 adds a Japanese translation. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.56 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

LessMSI 2.5.0 adds ability to change languages in the GUI. This is not a security update.
https://lessmsi.activescott.com/

ManageWirelessNetworks 1.15 adds dark mode support. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NTLite 2025.01.10293 modifies more than a dozen Components features and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.1.1001 resolves several bugs. This should be treated as a security update.
https://www.osforensics.com/download.html

osquery 5.15.0 resolves several bugs and improves data collection and display. This is not a security update.
https://osquery.io/downloads

PowerToys 0.88.0 updates libraries and resolves several bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 4.0.5 resolves dozens of bugs. This is not a security update.
https://psappdeploytoolkit.com/

TeamViewer 15.62.4 is a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.46 improves uninstall and automatic update. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Ventoy 1.1.01 adds native remounting capability to support all Linux distros and resolves a couple bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WakeMeOnLan 1.92 updates the internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WinScan2PDF 9.25 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.24 adds several administrative features and cosmetic improvements. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 2.0.19 resolves several bugs. This is a security update.
https://www.autohotkey.com/download/

GDevelop 5.5.224 improves cosmetics and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.16 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.6 is a security update.
https://go.dev/

MySQL ConnectorNet 9.2.0 resolves several bugs. This should be treated as a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 18.20.6 is a security update.
https://nodejs.org/en/

Node.js 20.18.3 is a security update.
https://nodejs.org/en/

Node.js 22.14.0 is a security update.
https://nodejs.org/en/

Node.js 23.7.0 is a security update.
https://nodejs.org/en/

Python 3.13.2 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.49.0 resolves several bugs and improves performance. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.97.1 is a security update.
https://code.visualstudio.com/

WinMerge 2.16.46 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.6 adds support for Linux kernel 6.13 and resolves dozens of bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.20 adds Postmark, Bluesky and Backblaze B2 support. This is not a security update.
https://invisioncommunity.com/

Grocy 4.4.1 adds support for Open Food Facts barcode lookup and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

MailEnable 10.51 is a security update.
https://www.mailenable.com/

ownCloud Client 5.3.2.15463 is a security update.
https://owncloud.com/desktop-app/

phpMyAdmin 5.2.2 is a security update.
https://www.phpmyadmin.net/

WordPress 6.7.2 resolves 35 bugs. This is not a security update.
https://wordpress.org/

Really Simple CAPTCHA 2.4 improves hash strength and compatibility. This is not a security update.
https://wordpress.org/extend/plugins/really-simple-captcha/

Sucuri Security 1.9.8 adds CORS configuration. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WP Cerber Security 9.6.6 resolves several bugs. This is not a security update.
https://wpcerber.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2025-01-14

Posted on January 14, 2025 by Shawn K. Hall

Happy New Year, Folks!

Today is Patch Tuesday for January, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer.
Windows 10 now has only 9 months of support left and I am already seeing availability issues for new computers.

There were 600+ major hacks, and over 300 application updates this month. It’s a “normal” month, with about 4 GB of updates for most users.

This Month in Technology

A Bar A Ranch, A Sensitive Touch Home Health, AAA Environmental, Abrasive Supply Corporation, Access TeleCare, Accolent ERP Software, AEP Texas, Aetna ACE, Akantha, Akumin, Inc, Albert Paper Company, Albion College, Alexandria University, Allen Carr’s Easyway, Allendale Long-Term Care Home, Alliance for Creativity and Entertainment, Allianz Life Insurance Company, Allied Packing And Rubber Inc, AllyScripts, LLC, Alphastar Home Health Care, Alta Resources Corp, American Addiction Centers, American Associated Pharmacies, American Trust Company, Americhek, Anna Jaques Hospital, AnnieMac, AnyDesk, Aosense, Apache HugeGraph-Server, Apache MINA, Apache Tomcat, Apache Traffic Control, ApolloGames, Apple macOS camera, Archie Cochrane Ford, Ardyss, Arena Technical Resources, Argentina Airport, Arista NG Firewall, Arixa Capital Advisors LLC, Arrotex Pharmaceuticals, Artistic Family Dental, Artivion, Ascension Health, Ascension Living, Asheville City Schools, Ashlar-Vellum Graphite, Astaphans, AT&T, Atos, AudioPrints, Autodesk Navisworks Freedom, AutomationDirect C-More, Auxis, Avana Electrotek, Aviatrix Controller, Avira Prime, Avstar Fuel Systems, 4,000 backdoored backdoors, Badger Popcorn And Concession Supply Company, Bangkok Medical Software HOSxP XE, Bank of America, Bank Rakyat Indonesia, Barber Specialties, Bartholomew Consolidated School Corporation, BASC.edu.ph, BayMark Health Services, BCM One, Belen Consolidated Schools, Betterdoor.com, Bettisworth North, Beverly, BeyondTrust, BigCommerce, Billet Precision, Biomedical Caledonia, Bitdefender Virus Scanner, BitView, Black Oak Casino Resort (yes, that one), Blome International, Bluegrass Ingredients, BlueZ Classic HID, Bonneville School District 93, Boone County School District, Borrego Health, Boston University Framingham Heart Study, Brant Catholic school board, Brazilian government, Brighton Jones, Brockton Neighborhood Health Center, Brooklyn Art Library, BrownPacking, Byte Federal Bitcoin ATM platform, Cairo Governorate Education Portal, California Correctional Health Care Services, Cariad, Carrollton Orthopaedic Clinic, Casio, CED Solutions Computer IT Training Centers, Cell C, Center for Child Development, INC, Central Valley Meat Co Inc, Chain And Rope Suppliers LTD, Charlie’s Tax Service, Charter, Christ The Redeemer School, CIRCA, Cisco, City of Corvallis, City of Noblesville, City of West Haven, City of Winston-Salem, Cleo Harmony, Cleo LexiCom, Cleo VLTrader, College Hospital Costa Mesa, Collezione, Colombia court system, Community Alliance, Compliance Solutions Inc, Conceptions Reproductive Associates of Colorado, ConnectOnCall, COROB, Costex, Cottrell Fletcher & Cottrell PC, CR&R Environmental Services, CREFSP, Crimson Wine Group, Crown Mortgage Company, Cyberhaven, D&G Enviro-Group, D-7 Roofing, 250,000 Danish consumer records, DAP Health, Davis Products Company Inc, DBM Global Inc, Delap & Waller, Delhi Public Primary School Itarsi, Dell Avamar, Dell’s Update Package Framework, Delta Electronics CNCSoft-G2, Delta Electronics DRASimuCAD, DEphoto, DigiEver DS-2105 Pro DVRs, Dignity Health Lassen Medical Clinic, Discord, District 65, DMM Bitcoin, Dobie Road, Douglas County Department of Health and Human Services, Downey Hospital, Dragonfly Health, Drivestream, Drupal, Drywall Partitions, Duke Energy, DuxHumanHealth, Dynasty Healthcare Company, E-Tank, Eastern Idaho Public Health, Economy Restaurant Equipment And Supply Company, Effortless Office, Eindhoven University of Technology, Ekonika, Energy Capital Credit Union, Enugu State Government, EPS-MTOSB, Espreso TV, European Space Agency, EVAS Group, Evidn, Ex-Times, Exostar, Facebook, Family Help & Wellness, Farline, Farnesina, Federal Bank of India, Fireproof Contractors Inc, Flamco, FlashFiber, FoodMap, Fortinet Wireless Manager, Forum Architecture & Interior Design, Four-Faith routers, Foxit PDF Reader, Frameworks, Fraunhofer IAO, Free Telecom Raises, Freightliner of Savannah, French Citizens, French Tennis Federation, Fukoku Co, Fullmer Construction, FunFun688, Gammal Tech, Geisinger, General Digital, General Dynamics, Genie Healthcare, GeoVision GV-ASManager, Gerber Life Insurance, GFI Archiver, GFI KerioControl, Gilbarco Veeder-Root Orpak, Giordano, DelCollo, Werb & Gagne, LLC, GLAMIRA, Golden Age Home Health Inc, Golden Hills School, Good Neighbors Credit Union, Good Samaritan Hospital, Google Chrome, GPM Lawn Sprinkler Supply, Granite School District, Gravy Analytics, Great Star Tools USA, Green Bay Packers store, Greene Supply Company, Grocy, Grupo Buddemeyer, Guardian.com, Gunnar Prefab, Habib’s, Halton Long Term Care, Hammons Supply Company, Hapn, Happy Magic Trick Shop, Harley-Davidson, Hartson-Kennedy Inc Group Benefit Plan, HealthEquity, Inc, Heavy Construction Systems Specialists, LLC, Helena Public Schools, HemenBahis, Heritage Bank, Hi-Raise Constructions Holding, Hide-A-Way Lake Club, Holton Public Schools, Hong Kong Food and Environmental Hygiene Department, Hong Kong Insurance Authority, Hong Kong Urban Renewal Authority, Hopamedia, Horizon Oil, Howell Township Public Schools, HRB Tax Group, Inc, Huaxia School, Hunter Taubman Fischer & Li, Huntington Hotel Group, Hyperice, I, Librarian, IHIO, Ikav Global Energy, Illinois Bone & Joint Institute, LLC, Illinois Department of Human Services, Illumina’s iSeq 100 DNA gene sequencer, Imperial Valley Respite, In-Home Attendant Services, INBAL, Indian government websites, 3.69 million Indian property records, Indianapolis Public Schools, Indonesia Government, InfoCert, Informaticarecoleta, Instagram, Insured Recovery, International Coffee & Tea, LLC, Internxt VPN, Inverclyde Council, Israel Defense Forces, Italian banks and government agencies, Italian Foreign Ministry, Ivanti Avalanche, Ivanti Connect Secure, Izmocars, Japan Airlines, Jared Beschel and Associates, Jay Enn Corporation, Jet Edge, Jim Thompson, JRT Automatisation, Kadokawa Corporation, Kadokawa, Kaizen Pharmaceuticals, Kansas City Hospice, Inc, KBanknow, Keeco, LLC, Kenton County School District, Kern Services, Khalil Center, Kilgore Industries, Kiswire, Kitsap Mental Health Services, global Know Your Customer (KYC) account data, Krispy Kreme, Kyndryl, LA Financial Federal Credit Union, Lake Shore Public Schools, Lancaster City Schools, Laramie County Library System, Las Palmas Del Sol Healthcare, Latitude, LCPtracker, Inc, Le Coq Sportif, Lebanese Intelligence Dept, LegalNurse, Lelivrescolaire, Lexington Diagnostic Center, Leyman Manufacturing, Linux Kernel Bluetooth, LKQ Corporation, Lokdal, Luxion KeyShot Viewer, Luxury Yacht Group, Lyons Specialty Co, macOS SIP, Madhya Pradesh’s child welfare agency, over 3,000,000 mail servers, ManageEngine Analytics Plus, Manens-Tifs SpA, Manitou Springs School District, Martin Sprocket & Gear, Inc, Maverick Constructors, MC2 Data, McCormick & Priore, McCray Lumber, McDonald’s, McFarlane, Medusind, Meezan Bank, Megaexit, Menorah Life, Inc, Metalmatrix Clamps, MetLife, mi.edu, Microsoft Azure Data Factory, Microsoft Azure MFA, Microsoft Edge, Microsoft PC Manager, Microsoft Purview, Microvision, Mission Bancorp, MLP Tax & Financial Services, Modern Automotive Network, Modern Dental Group Limited, Mohawk Valley Cardiology, Moneytor, Montreal North, Mossad, Moxa, MSI, MyGiftCardSupply, Nara, Nash Brothers Construction, Nathan American Academy, National Atomic Energy Commission, National Commission of Markets (Spain), National Library of Peru, Natomas Unified School District, Nikki-Universal, Nirjai, Niva Bupa Insurance Group, Nodex, Nominet, North Los Angeles County Regional Center, Northern Lights Electric, Northwest Asthma & Allergy Center, Norwalk La Mirada Unified School District, Norwex USA, Inc, Novati Constructions, Nuclei, NY & WY Orthpaedics Specialists, Obltelecom, OL Products, Omaha Surgical Center, OmniRide, Omnitravel, One Airline, OneBlood, Onecare, OpenWrt, Oppo, Ott Cone & Redpath, PA, Pacific Pulmonary Medical Group, Paessler PRTG Network Monitor, Palo Alto Networks Expedition, Panda Security Dome, ParrotTalks, Path of Exile 2, Patriarche Office of Architecture, Peikko, Pembina Trails School Division, Peruvian University of Applied Sciences, Peugeot Dealership, PharmaNewsOnline, PHG CPAs, Philippine Statistical Association Inc, PhoneMondo, PIH Health, Pinger USA, PingMoney, Pinno Construction, Pittsburgh Regional Transit, Platinum Celebs, Positive Behavior Supports Corporation, PowerSchool (this affects potentially millions of school districts across the globe), PracticeSuite, Press Color, ProCaps Laboratories, Progress Software WhatsUp Gold, Psychogen, PT Pertamina, PT PINS Indonesia, Qualcomm chips, Qualinet, Rainy River public school, Ramos Law, Rancho Santa Fe School District, Randolph Brooks Federal Credit Union, Randys Transmissions, Rapido, Realme, Regional Care, Inc, Relate Infotech, Reliance Connects, Rent-2-Own, ReutOne, Revolution Beauty, Rhode Island’s RIBridges, Richmond University Medical Center, River Region Cardiology, Riverina Medical, Rivers Casino Philadelphia, RM Group, Rockwell Automation Arena Simulation, Rocky Mountain Gastroenterology Associates, RocSearch, Rosreestr, Rozavam, Rspack, Ruby, Ruijie Networks, Rumpke Consolidated Companies, Inc & Affiliates Benefits Plan, Rutherford County Schools, Rydox, SAIC in Brazil, Samsung Devices, schenkYOU, Schneider Electric, Scholastic, Scottish rail network, SeaLandAire Technologies, Self Esteem Brands, LLC, SENATI, Senior Citizens, Inc, Senior Dating, SERGAS Group, Sheyenne Tooling & Manufacturing, Sidney Health Center, Siemens User Management Component, Simcoe Muskoka Catholic School, Skoda cars, Skopos, Slawson Companies, Slovakian land registry, SmartLynx Airlines SIA, Smith Tank & Steel, Solaris Pharma, SolGeo AG Baugelogie and Geotechnik, SonicWALL NSv, Sony XAV-AX8500, Sophos Firewall, Sparkling Smiles Family Dentistry, Spectrum, SpeedLine Solutions, Spelpaus, Sri Lanka Government Printing Department, Sri Lanka Police, SRP Federal Credit Union, Stanford University, Starbucks, Starkville-Oktibbeha Consolidated School District (SOCSD), State Registers of Ukraine, STIIIZY, Stillwater Area Public Schools, Summit Medical Group, PLLC, Sunflower Medical Group, Suno India, SuperDraft, Supreme Court of India, Surface Combustion, Swedish Gambling Authority, Synology, T Smiles Dental, T.Hasegawa USA, T1, Tahoe Truckee Sierra Disposal Co Inc, Talentely, Tarnaise des Panneaux SAS, Tayfa Denizcilik, Tecta America Corporation, Teedy, Telcel, Telecom Namibia, Telefónica, Tenable Nessus update system, Tesla Wall, Teton Orthopaedics, Texas Tech University Health Sciences Center, Thailand Department of Mineral Fuels, Tharisa, The Baker Center for Children and Families, The Coffee Bean & Tea Leaf, Thomas Cook, Thomas J. Henry Law, Tibber, Tibbo Aggregate Network Manager, Toscano Law, Total Patient Care LLC, Town of Ponoka, Town of Webster, Trend Micro Apex One, Trend Micro Deep Security, Trev Deeley Motorcycles, Trifecta, TruBridge, Inc, True World Holdings LLC, Trussville City Schools, Try.gov.hk, Tumeny Payments Limited, Tungsten Automation Power PDF, Turks and Caicos, Tycon Medical Systems, UGKK, Unisource Information Services, United Nations International Civil Aviation Organization (ICAO), University of Baghdad, University of Tasmania, US Committee on Foreign Investments, US EPA, 261,000 US insurance agents, 350,000 US mobile homeowners, US SSA, US Treasury, US Veteran Affairs, UT Southwestern Medical Center (fourth time in 18 months), Uvoice, Valio, Vallianz, Value Dental Center, Vaultwarden, Venki Supravizio BPM, Venntel, Veritas Enterprise, Verizon, Verosa LLC, VESD, Vickers Engineering, Village Community School, Village Fertility Pharmacy Group, VIP, VisionPoint Eye Center, VO Baker, VPNCity, VW Group, Wacom Center WTabletServicePro, Walker County Schools, Warid Telecom, Water Utilities Corporation, Waterstones, Watertown Public Schools, Watsonville Community Hospital, Webmin, Weininger Metall System GmbH, Western Montana Mental Health Center, Westerville City Schools, WhatsApp, Whittier Hospital, WilsonSD, Windows Active Directory Domain Controllers, Windstream, WireGuard Portal, Wood County, Word & Brown Insurance Administrators, Inc, World Leadership Academy, WSO2 API Manager, WY88 Casino, Xanthops, Xstrahl eBt Therapy Equipment, Xtream, XWiki, Yaaka, Yat Siu, Yonéma, YorkTest Laboratories, Young Life, Young Living Essential Oils, Youngs Counseling, PLLC, Youth Eastside Services, ZAGG Inc, and Zeifmans have reported hacking or compromises this month.

Docomo, Facebook, Instagram, MI6, Microsoft Multi-Factor Authentication (MFA) – effectively blocking access to MS 365, Proton, Threads, and WhatsApp have suffered from outages this month.

Last months updates broke Windows updates on new installations, Windows 11 Start Menu, Office 365 activation system, Windows 11 HDR, and Windows Bitlocker.

Microsoft is going to force-install “new” Outlook on Windows PCs within the next month.

“When exposing a crime is treated as committing a crime, you are being ruled by criminals.” — Edward Snowden

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is not that bad this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released 70 updates to address 164 vulnerabilities in .NET, .NET Framework, Active Directory Domain Services, Active Directory Federation Services, Azure Marketplace SaaS Resources, BranchCache, Internet Explorer, IP Helper, Line Printer Daemon Service (LPD), Microsoft AutoUpdate (MAU), Microsoft Azure Gateway Manager, Microsoft Brokering File System, Microsoft Digest Authentication, Microsoft Edge, Microsoft Graphics Component, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office Outlook for Mac, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office Word, Microsoft Purview, Microsoft Windows Search Component, Power Automate, Reliable Multicast Transport Driver (RMCAST), Servicing Stack Updates, System Center, Visual Studio, Windows BitLocker, Windows Boot Loader, Windows Boot Manager, Windows Client-Side Caching (CSC) Service, Windows Cloud Files Mini Filter Driver, Windows COM, Windows Connected Devices Platform Service, Windows Cryptographic Services, Windows Digital Media, Windows Direct Show, Windows DWM Core Library, Windows Event Tracing, Windows Geolocation Service, Windows Hello, Windows Hyper-V NT Kernel Integration VSP, Windows Installer, Windows Kerberos, Windows Kernel Memory, Windows MapUrlToZone, Windows Mark of the Web (MOTW), Windows Message Queuing, Windows NTLM, Windows OLE, Windows PrintWorkflowUserSvc, Windows Recovery Environment Agent, Windows Remote Desktop Services, Windows Secure Boot, Windows Security Account Manager, Windows Smart Card, Windows SmartScreen, Windows SPNEGO Extended Negotiation, Windows Telephony Service, Windows Themes, Windows UPnP Device Host, Windows Virtual Trusted Platform Module, Windows Virtualization-Based Security (VBS) Enclave, Windows Web Threat Defense User Service, Windows Win32K – GRFX, Windows WLAN Auto Config Service, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iOS 18.2, iOS 18.2.1, iPadOS 17.7.3, iPadOS 18.2, iPadOS 18.2.1, macOS 15.2, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, Safari 18.2, tvOS 18.2, visionOS 2.2 and watchOS 11.2. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 18.2.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7.3 and 18.2.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.2 is a security update. Use System, Software Update to install the most current version.

visionOS 2.2 is a security update. Use System, Software Update to install the most current version.

Google ChromeOS 131.0.6778.241 and Google ChromeOS LTS 126.0.6478.261 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

Daemon Tools Lite 12.2.0 resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

UniFi airMAX NanoStation 5AC Loco 8.7.15 is a security update.
https://www.ui.com/download/software/loco5ac

UniFi Network Server 9.0.108 adds zone-based firewall, CyberSecure, Network Application API and resolves several bugs. Thsi is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.5.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Wacom Driver 6.4.8-6 improves compatibility and resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.73.105 is a security update.
https://brave.com/

Google Chrome 131.0.6778.264 is a security update.
https://www.google.com/chrome/

Firefox 134.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.6.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.20 is a security update.
https://www.seamonkey-project.org/

Vivaldi 7.0.3495.29 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.15.0 is a security update.
https://getmailspring.com/

Spark 3.19.2.94903 improves AI controls, user interface improvements and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.19.2.94902 improves AI controls, user interface improvements and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.6.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

curl 8.11.1 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

DNSDataView 1.76 adds DMARC support. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 214.4.5217 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Google Drive 102.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Grocy Desktop 2.11.0 updates Grocy and Barcode Buddy to their latest releases and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.38 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.33761 adds brand filtering and web-based screen controls. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.4 updates libraries and resolves several bugs. This is not a security update.
https://nextcloud.com/

Omada Software Controller 5.15.6.7 adds support for additional hardware, SAML SSO support, DSL Gateway configuration and improvces RADIUS support. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.22.11 improves jury and moderation, and resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.9.107 resolves a dozen bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.69.0 is a security update.
https://rclone.org/

Signal 7.37.0 improves visual feedback and macOS compatibility. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.28.4 adds chat folders and group grouping. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.29.2 improves stability and resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 13.3 resolves several bugs, including stability and denial of service. This should be treated as a security update.
https://technitium.com/dns/

Telegram 5.10.3 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 6.3.6 resolves several bugs, including a fix for a defect in the automatic update system, and makes cosmetic changes. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

darktable 5.0.0 is a major update, including over 1,700 changes, 500 camera model improvements, user interface improvements, performance improvements and much more. This is not a security update.
https://www.darktable.org/

Grayjay 278 adds and removes Apple Podcasts, and resolves several several bugs. This is not a security update.
https://grayjay.app/index.html

KaraFun Player 3.4.6.81 improves stability and resolves several bugs. This is not a security update.
https://www.karafun.com/karaoke-windows/

Plex Desktop 1.106.0.276 adds Share button and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.69.0.264 updates libraries. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.3.9314 is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.51.02 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

SteamOS SteamDeck Update 2024.12.12 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.10 and 24.0.7 are security updates.
https://helpx.adobe.com/security/products/animate/apsb25-05.html

Adobe Illustrator for iPad 3.0.8 is a security update.
https://helpx.adobe.com/security/products/illustrator-mobile-ios/apsb25-04.html

Adobe Photoshop 26.2 and 25.12.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb25-02.html

Adobe Reader DC (Mac) 24.004.20272 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Reader DC 24.005.20320 is a security update.
https://get.adobe.com/reader

Adobe Substance3D Designer 14.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb25-06.html

Adobe Substance3D Stager 3.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-03.html

Audacity 3.7.1 doesn’t provide a change log so should be treated as a security update.
https://www.audacityteam.org/download/

Calibre 7.24.0 adds read-aloud and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

ColdFusion 2021.18 and ColdFusion 2023.12 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-107.html

GnuCash 5.10 resolves dozens of bugs. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.12.1 adds ASS subtitle support, resolves a bunch of bugs, and updates libraries and dependencies. This is not a security update.
https://kdenlive.org/

LibreOffice 24.8.4 resolves over 50 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.8.4 resolves over 50 bugs. This is a security update.
https://www.libreoffice.org/

Manager 25.1.14.2025 improves inventory costing and controls. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.15.3 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7.5 resolves over a dozen bugs and regressions. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.1.2 improves performance and reduces resource requirements, resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.5.0.393 resolves dozens of bugs. This is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20241217-R18_40 resolves a crash bug. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20241217-R15_29 resolves a crash bug. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

Scribus 1.6.3 resolves over a dozen bugs. This is not a security update.
https://www.scribus.net/

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

ChromeOS 131.0.6778.241 is a security update.
https://chromereleases.googleblog.com/search/label/Stable%20updates+ChromeOS

iOS 18.2 and iOS 18.2.1 are security updates.
https://support.apple.com/kb/HT204204

iPadOS 18.2 and iPadOS 18.2.1 are security updates.
https://support.apple.com/kb/HT204204

macOS 15.2 is a security update.
https://support.apple.com/kb/HT201541

Tails 6.11 is a security update.
https://tails.net/install/download/index.en.html

tvOS 18.2 is a security update.
https://support.apple.com/kb/HT202716

watchOS 11.2 is a security update.
https://support.apple.com/kb/HT204641

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.11.0 improves MFT parsing. This is not a security update.
https://github.com/countercept/chainsaw

MalwareBytes Desktop Security 5.2.4.157 rebrands from “Anti-Malware,” improves notification behavior, and now requires autorun for the VPN Kill Switch capability. This is not a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 3.5.0 improves stability and reliability in censored countries. Thsi is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest

Stinger 13.0.0.254 improves detection. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

uBlock Origin 1.62.0 improves syntax and reliability and resovles several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.4 improves NVIDIA AI conversion. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 5.5.1 adds dozens of new features, new media formats and mappings, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

StreamFab 6.2.1.3 updates engine, improves compatibility, and resolves several bugs. Thsi is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.0.1 is a major update and improves upscaling, performance and resolves a couple bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.56 resolves over a dozen bugs. This is not a security update.
https://1password.com/downloads/

GadgetPack 38.0 rebrands from 8GadgetPack, adds Windows 11 support, updates graphics and cosmetics, and resolves a couple bugs. This is not a security update.
https://gadgetpack.net/

Agent Ransack 2022.3503 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AOMEI Partition Assistant 10.7.0 adds 1-click space fix and resolves several bugs. This is not a security update.
https://www.diskpart.com/

BatteryHistoryView 1.06 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/battery_history_view.html

Bitwarden 2024.12.1 resolves several bugs and improves compatibility. This is not a security update.
https://bitwarden.com/

CCleaner 6.31.11415 improves cleanup. Thsi is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.13 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.5.5 resolves over a dozen bugs. Thsi si not a security update.
https://cygwin.com/

DesktopOK 11.51 updates definition file options and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.121.0 updates libraries and resolves a couple bugs. This is not a security update.
https://dngrep.github.io/

ESEDatabaseView 1.76 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html

FileLocator Pro 2022.3503 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.8.0 improves Network Insights feature and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 12.8.0 resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.20 improves hardware support and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

LessMSI 2.4.0 adds xo option to extract and overwrite. This is not a security update.
https://lessmsi.activescott.com/

NTLite 2025.01.10258 updates Windows 11 24H2 support and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Open-Shell 4.4.195 improves Windows 11 24H2 support and resolves several bugs. This is not a security update.
https://github.com/Open-Shell/Open-Shell-Menu

PingInfoView 3.20 adds dark background support and alternating row colors. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PointerStick 6.46 adds a new pointer option and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.87.1 improves stability and resolves issues in many of the included tools. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 4.0.4 resolves dozens of bugs. This is not a security update.
https://psappdeploytoolkit.com/

TeamViewer 15.61.4 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WifiInfoView 2.96 updates the internal MAC database. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 9.19 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

ZoomIt 9.0 adds live draw support. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.2.2.13 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.5.221 improves 3D physics tracking and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.12 resolves a merge bug. This is not a security update.
https://desktop.github.com/

Inno Setup 6.4.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://www.jrsoftware.org/isdl.php

Node.js 22.13.0 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 23.6.0 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.48.0 adds several new features, syntax support, and performance and memory improvements. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.96.2 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Grocy 4.3.0 improves stock management, grouping, recipes, userfields, and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.17.0 resolves over a dozen bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.2.3 is a security update.
https://www.joomla.org/

OpenCart 4.1.0.0 makes over six hundred changes and updates libraries. This should be treated as a security update.
https://www.opencart.com/

Piwigo 15.3.0 resolves a stability bug. This is not a security update.
https://piwigo.org/

Autoptimize 3.1.13 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 6.0.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Sucuri Security 1.9.7 adds CSP reporting header support. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

Theme My Login 7.1.10 resolves several bugs, including a nonce issue. This should be treated as a security update.
https://wordpress.org/extend/plugins/theme-my-login/

WP Cerber Security 9.6.5 removes dependency on wordpress.org, adds several new widgets and improves role support. This is not a security update.
https://wpcerber.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-10-08

Posted on October 8, 2024 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for October, 2024.

Windows 11 24H2 is out. So is macOS 15/Sequoia. iOS 18, iPadOS 18, tvOS 18, watchOS 11, and visionOS 11 are out now. The first set of security updates for each of these are released now, too.

All versions of Windows 11 prior to 23H2 are no longer be supported. Upgrade to 23H2 now, then do not upgrade to 24H2, yet. Let everyone else be the guinea pigs. It’s already showing quite a few issues.

All versions of macOS prior to 13/Ventura are no longer supported. If you can’t upgrade your Mac to Ventura you need to permanently take it offline and/or replace it.

Windows 10 now has only 12 months of support left. If your computer can not be upgraded to Windows 11 either start planning now for a switch to Linux or replacing your computer.

There were 505+ major hacks, and over 395 application updates this month. It’s an enormous month, with about 4 GB of updates for most users.

This Month in Technology

4B Components, 5.11 Tactical, A1 Mobile Locksmith, Access Ambulatory Surgery Center, LLC, Access Sports, Accurate Railroad Construction Ltd, Acuity Advisor, Adobe Acrobat Reader DC, Adobe After Effects, Adobe Audition, Adobe Commerce & Magento stores (5% of all their commerce sites!!!), Adobe Media Encoder, Adobe Photoshop, Adobe Premiere Pro, ADT, Advanced Sterilization Products, Inc, Affirm Agency, AFP, air-gapped government systems, Akromold, Al Rajhi Bank, Albany College of Pharmacy, Alliance, Ally Bank, Alshaya Group, Altman Plants, Alvan Blanch, American Water Works, Amgen Inc, Amplitude Laser, Andamen, Andantex USA, Anniversary Holding, Apache Avro, Apache HugeGraph-Server, Apex Softcell, Aramark myPay, Arc browser, Arelance Group, Around the Clock Companies, Asheville Arthritis and Osteoporosis Center, PA, AT&T, ATG Communications Group, Atrium Health, Autel Maxicharger, Auto Recyclers, AutoCanada, Autodesk Navisworks Freedom DWF, automatic storage tank gauge (ATG) systems (6 models), Avi Resort & Casino, Avis, Balboa Bay Club Ventures LLC, Banana Gun, Bangladeshi government, Barbados Revenue Authority, Barnes & Cohen, Batcom, Battle Lumber Co, Bay Ridge Automotive Management Group, Bazooka, Bel-Air Bay Club, BELL DATA, Inc, Benny Gantz, Bethalto Community Unit School District, Betterhalf, Bharat Petroleum, BingX, Bloom Hearing Specialists, Blundstone USA Inc, BNBuilders, BotSpace, Branhaven Chrysler Dodge Jeep Ram, Brechbuhler Scales Inc, BroadGrain Commodities, Broward Realty Corp, Brown Bottling Group, Brown Integrated Logistics, Brunswick Hospital Center, BSH Soft, BudTrader, C&L Ward, CaleyWray, Calibrated Healthcare, LLC, California Department of Social Services, Cameroon’s pension fund, Canstar Restorations, Capgemini, Capital Printing, Carlile Group, Cascade Columbia Distribution, Casino Fandango, Casio, Caterpillar Inc, Cellular Plus, CentralTickets, CF Medical, Charles Darwin School, Chernan Technology, ChiceDNA, Chinese government, a Chinese government botnet, Chrome, Chunghwa Telecom Data, Cincinnati Public Schools, City of Aberdeen, WA, City of Forest Park, City of Pleasanton, CA, City of Richardson, TX, CK Associates, CKS Packaging, Classic Business Products, CobelPlast, Cohesive Networks VNS3, Comcast Cable Communications, Community Clinic of Maui, Inc, Community Hospital of Anaconda, Compass Group, Concord Management Services, Condere IP, Conductive Containers, Inc, Connally Memorial Medical Center, Control Panels USA, CopySmart LLC, Corantioquia, Creative Consumer Concepts, Creative Playthings, CrediHealth, Crown Mortgage Company, CSG Consultants, D-Link routers, DATASUS, Daughterly Care, David’s Bridal, Del Valle Independent School District, Delaware Library system, Dell (twice in a week), Deloitte, Delta Prime, Department of Foreign Affairs (DFA), Philippines, DETRAN, Detroit Public TV, Diamond Contracting, LLC, Didi Chuxing, digiDirect, Dimensional Merchandising, DINAS Corp, Divine Interprises INC, DJH Jugendherberge, Domain Industries, DotPe, DPC DATA, Dr. Web, DrayTek routers, Dreyfuss + Blackford Architecture, Duopharma Biotech, Dutch Police, EasyMPS, Edge Imaging, eFile.com, EigenLayer, Elgin Separation Solutions, Elitecare Emergency Hospital, Elitecare, Empereon Marketing, English Football League, Enterprise Outsourcing, EnviroNET Inc, Environmental Code Consultants Inc, Erasmus+, ETC Companies, Ethena Labs, Eurobulk, Evans Distribution Systems, Experience Engine, Express Services, Fabrica Industrial Machinery & Equipment, FastStone Imave Viewer, Fazenda Brazil government, FBCS, Fedbank Financial Services, Feeld, Feldstein & Stewart, Fireworks Software, First Choice, Fleet Equipment, FoccoERP, Forshey Prostok LLP, Fortinet, Fortive, Foundation, Foxit PDF Reader, Freshstart Credit Repair, Frigocenter, Fritzøe Engros, FTV Employment Services LLC, Fylde Coast Academy Trust, G/S Solutions, Galloway MacLeod, Games Box, GameVN, Garvey, GenPro Inc, GitLab, GNOME Project G, GoDaddy, Golden Age Nursing Home, Gough Construction, Graminex, Graybill Medical Group, Greene Acres Nursing Home, Guerriere & Halnon, GW Mechanical, Hair Club for Men, Hamel Cranial Chiropractic & Wellness INC, Harvard Pilgrim Health Care, Harvey Nichols, HDI, Hertz, Hezbollah, Hindle Group, Holmes & Brakel, Howard CPAs, HPE Aruba Networking, Hughes Gill Cochrane Tinetti, Hunter Dickinson Inc, HuntStand, I-MED, Ibermutuamur, ICBC London, IDEALEASE INC, Idre Fjäll, Indian Supreme Court, Indodax, Infosys McCamish Systems, Instituto Nacional de Deportes de Chile, Insurance Agency Marketing Services, Inc, InteriorWorx Commercial Flooring, iOS Password Manager, 260,000 IoT devices (Raptor Train), Iron Metals, Isola, Israel Defense Minister, Israel Foreign Affairs Minister, Israel Harel Insurance, Israel Prime Minister, an Israeli analytics company, Israeli defense companies, Israeli Industrial Batteries, Istrail, Italian Ministry, Ivanti Cloud Services Appliance, Ivanti Endpoint Manager, Ivanti Workspace Control, Jackson Paper Manufacturing, Jacobsen Construction Co, Inc Health Plan, Joe Swartz Electric, Johnson & Wales University, JTaylor & Associates LLC, Juice Generation, Kawasaki Motors Europe, Keller Williams Realty Group, Kennedy Funding, Keuka College, Keya Accounting and Tax Services LLC, Kia dealer portal, Kia vehicles (again), KintApp, Kravit, Hovel & Krawczyk SC, KukuFM, Kuwait Health Ministry, LA Financial Federal Credit Union, Labib Funk Associates, Ladov Law Firm, Lakeland Chamber, Lancaster Royal Grammar, three-quarters of law firms (which explains a lot of the hacks this month), Law Offices of Michael J Gurfinkel, Inc, Lawrie Insurance Group, Lee Hoffoss Injury Lawyers, LEGO, Lenovo Service Bridge, Liberty First Credit Union, Local 1964 ILA Health & Insurance Fund, Lumen Technologies, Luso Cuanzа, Lyomark Pharma, MacGillivray Law, macOS graphics driver, macOS video decoder, Magenta Photo Studio, Malwarebytes Antimalware, Markdom Plastic Products, Maryville Academy, Mattson Technology, Inc, Max Shop, MC2 Data, McAbee Construction, Inc, McCarty Company, MCNA Dental, MDSi INC, MediCheck, MedReview, Messe C, Miami Dolphins Forum, Michigan Masonic Home, Michigan Medicine, Microsoft Azure API Management, Microsoft C++ redistributable, Microsoft Pragmatic General Multicast Server, Microsoft SharePoint, Microsoft Windows, Microsoft Windows 10 AllJoyn Router Service, Microsoft Windows Internet Explorer, Microsoft Windows SmartScreen, Mile Hi Foods, MIPS Holding, Inc, Mobility Compare, Model Engineering, Moeller Door and Window, MoneyGram, Mozambique Election System, Mt. Carmel Behavioral Healthcare, Muskogee City County Enhanced 911 Trust Authority, mySCADA myPRO, NASA, New Electric, New River Electrical, New York Sports Club, Noble Environmental, North American Breaker, Nova Sinseg, Nusser Mineralöl GmbH, NVIDIA Container Toolkit, Octapharma Plasma, OffRoadAction, Omega Industries, One Point HR Solutions, Onyx, OpenAI, OpenPLC_v3 Runtime, Optigo Networks ONS-S8, Oracle WebLogic, Pacific Coast Building Products, Pacific Islands Forum, Fiji, Pacific Scientific Energetic Materials Company LLC, Palomar Medical Group, PaperCut NG, Partners Air, Patelco Credit Union, Patrick Sanders Company, PDF-XChange Editor, Pearl Cohen, Peerless Umbrella, Performance Food Centers, Performance Therapies, PetEdge, Pete’s Road Service, PetroChina, Physical Medicine & Rehabilitation Center, Piggly Wiggly, Plaisted Companies, Plastics Plus, Plumbers Stock, Port of Seattle/Seattle-Tacoma International Airport (SEA), Power Torque Services, PRC-Saltillo, Premier Packaging, Prentke Romich Company, Progress Software WhatsUp Gold, Pureform Radiology Center, Qualcomm DSP, Quantum Healthcare, Raaga, Rackspace, Radio Geretsried, 19 UK railway stations, Ranveer Allahbadia, Reading Train Station, Red Barrels, Repsol, Research Electronics International, Reutter, Richland County, WI, Richmond Auto Mall, Richmond Community Schools, Riley Gear Corporation, Rim Country Health and Rehabilitation, Ring Power, River Delta Unified School District, River Region Cardiology Associates, Riverside Resort Casino, Rob Levine & Associates, Robson Planning Group Inc, Rockwell Automation PLC Software, Sacred Heart Catholic School, Sage Home Loans Corporation, SaniRent, Satia Group, Savannah Candy, Schäfer, dein Bäcker GmbH & Co KG, Scranton School District, Sellafield, ServiceNow, Shenango Area School District, Sherr Puttmann Akins Lamb PC, Shezmu, Shin Bet, ShoreMaster, Signature Healthcare Services LLC, siParadigm LLC, Slim CD, Smart Buy, Smart Source, Inc, 2,700 “smart” devices in the Netherlands, SolarWinds Access Rights Manager, Solutii Sistemas, Sono Bello, Southeast Cooler, Southern Bone, SpaceX, Spectrum Industries, Sportstech, spWETH Wallet, Star Blizzard, Star Health (India), Stillwater Mining Company, Storck-Baugesellschaft mbH, Structural Concepts, Sub-Zero, Wolf, and Cove, Sunrise Farms, Synnovis, TANYA Creations, TeamViewer, TeleHealth Center (India), Temu, Tewkesbury Borough Council, Thai Honda Manufacturing, The Gill Corporation, The Maids International, The Rubber Resources, The Superior Court of California, The Tech Interactive, Theresa Gordon Tax Services, Inc, Think Simple, Thomas Lloyd, Thompson Construction Supply, TIAA, Title Financial Corporation, Total Electronics, TOTVS, Toyota, TradeZero America Inc, Transport for London, Transtec SAS, TransUnion Risk and Alternative Data Solutions, Inc, Travel Alberta, TRC Worldwide Engineering, Trend Micro Deep Discovery Inspector, True Family Enterprises, Truflation, Truist Bank, Trump campaign, Tuttle-Click Automotive Group, Twilio, Uber Eats, UCC Retreivals, United Animal Health, Universal Music Group, University Medical Center, University of Minnesota Orthodontics, US Centers for Medicare and Medicaid Services, US Congress, US Dermatology Partners, UT Southwestern Medical Center, Uttarakhand (India) government, Veertu Anka Build, Verizon, Vermilion Parish Schools, Versa Director, VGTRK, Vickers Engineering, Vidisco, Virginia Dare Extract Co, Visionary Homes, Visteon Infotainment System, VMware vCenter Server, Ward Transport, Wayne County, MI, WazirX, We Level Up Treatment Lake Worth, Weiser Memorial Hospital, Weldco-Beales Manufacturing, Wells Fargo, Western Digital MyCloud PR4100, WhatsApp, Wichita Police, Wilmington Convention Center, Wilson & Lafleur, Wisconsin Physicians Service Insurance Corp, Woodard, Hernandez, Roth & Day, WordPress Houzez Login Register plugin, WordPress Houzez theme, WordPress LiteSpeed Cache Plugin, Wright, Moore, DeHart, Dupuis & Hutchinson, LLC, Young Consulting LLC, and Zimbra email servers have reported hacking or compromises this month.

AFP, AT&T, Cloudflare, Confidant Health, Dr. Web, Google CloudImposer, Highline Public Schools, MoneyGram, PlayStation Network, Port of Seattle, Providence Public Schools, State Data Center (India), Verizon, and WP Engine have suffered from outages this month.

Last months updates broke M4 iPad Pro devices, macOS Sequoia VPN & antivirus software, Microsoft 365 apps, Microsoft Outlook mail vs nested folders, Microsoft Word (serious – Word deletes your files if they have mixed case extensions!), Windows 11 24H2 BSODs, Windows 11 24H2 gaming performance, Windows 11 24H2 license activation, Windows reboots, and Windows USB & Bluetooth.

In other news

The Internet backdoor mandated by US federal law has been hijacked by China (Salt Typhoon) and is being actively exploited again across several phone providers. It’s not good.

Almost 3 in 5 of breached UK firms admit to paying ransom on demand. An insane 92% of healthcare firms in the US were hit by cyberattacks this year.

Now that “exploding pagers” (and more) are a thing, will people start to take supply chain and physical security seriously?

Fearing exposure of weak security processes, Apple has moved to dismiss their lawsuit against NSO Group.

Now for the good news

Discord has added end-to-end encryption for audio & video calls.

NIST has finally scrapped their complexity and change frequency recommendations. The math on these recommendations simply doesn’t add up.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is enormous this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released 65 updates to address 121 vulnerabilities in .NET Framework, .NET, Azure CLI, Azure Monitor, Azure Stack, BranchCache, Code Integrity Guard, DeepSpeed, Internet Small Computer Systems Interface (iSCSI), Microsoft ActiveX, Microsoft Configuration Manager, Microsoft Defender for Endpoint, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Management Console, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office, Microsoft Simple Certificate Enrollment Protocol, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Speech, OpenSSH for Windows, Outlook for Android, Power BI, Remote Desktop Client, RPC Endpoint Mapper Service, Service Fabric, Sudo for Windows, Visual C++ Redistributable Installer, Visual Studio Code, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows BitLocker, Windows Common Log File System Driver, Windows Cryptographic Services, Windows cURL Implementation, Windows EFI Partition, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows Kernel-Mode Drivers, Windows Local Security Authority (LSA), Windows Mobile Broadband, Windows MSHTML Platform, Windows Netlogon, Windows Network Address Translation (NAT), Windows NT OS Kernel, Windows NTFS, Windows Online Certificate Status Protocol (OCSP), Windows Print Spooler Components, Windows Remote Desktop Licensing Service, Windows Remote Desktop Services, Windows Remote Desktop, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Scripting, Windows Secure Channel, Windows Secure Kernel Mode, Windows Shell, Windows Standards-Based Storage Management Service, Windows Storage Port Driver, Windows Storage, Windows Telephony Server, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for Apple TV 1.5.0.152 for Windows, iOS 17.7, iOS 18, iOS 18.0.1, iPadOS 17.7, iPadOS 18, iPadOS 18.0.1, macOS Sequoia 15.0.1, macOS Sonoma 14.7, macOS Ventura 13.7, Safari 18, Safari 18.0.1, tvOS 17.6.1, tvOS 18, visionOS 2, visionOS 2.0.1, watchOS 10.6.1, watchOS 11, watchOS 11.0.1, and Xcode 16. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.6.1, 11, and 11.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 18 is a security update. Use System, Software Update to install the most current version.

visionOS 2 and 2.0.1 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 128.0.6613.163, 129.0.6668.80, and ChromeOS LTS 126.0.6478.254 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.9.1 improves hardware compatibility, game support, resolves several bugs and expands Vulkan extensions. This is not a security update.
https://www.amd.com/en/support

TP-Link Archer AX55 v1 240628 improves mesh and configuration controls. This is not a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

goxlr-utility 1.1.4 resolves several compatibility and reliability bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

UniFi Network Server 8.4.62 resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.2.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.70.123 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 129.0.6668.100 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 129.0.2792.79 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 131.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.3.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 6.9.3447.51 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.14.0 is a security update.
https://getmailspring.com/

ProtonMail (Android) 4.0.22.1 resolves a major stability bug. This is not a security update.
https://proton.me/mail/download

Spark 3.17.9.86866 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.9.86865 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.3.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.1.0 resolves dozens of bugs and improves stability. This is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.1.2 is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.58 resolves an export bug. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.10.1 resolves over a dozen bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 209.4.3661 does not provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.6.0.24.211 is a security update.
https://www.messenger.com/download

FileZilla Server 1.9.2 resolves a bug in the update engine. This is not a security update.
https://filezilla-project.org/

Google Drive 98.0 is a security update.
https://drive.google.com/start

MeshCentral 1.1.32 is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.26062 improves onboarding flow and allows external presenters to join from mobile platforms. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.0 is a major update, updating libraries, minimum requirements, and resolving more than a hundred bugs. This is a security update.
https://nextcloud.com/

Npcap 1.80 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Rclone 1.68.1 improves compatibility and resolves several bugs. This is not a security update.
https://rclone.org/

Signal 7.27.0 adds several new display options for media, groups and restores ability to search stored messages from groups you’re no longer part of. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.18.2 adds ability to search for emoji. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.0.2 resolves protocol bugs. v13 adds several other new DNS features and controls including ZONEMD, RP, Catalog Zones and improved logging. This is not a security update.
https://technitium.com/dns/

Telegram 5.6.1 resolves dozens of bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 11.1.3 resolves dozens of bugs. This is not a security update.
https://telegram.org/apps

Zoom 6.2.3.47507 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.10 resolves a couple bugs and improves lip sync. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.4 resolves over 20 bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 264 adds auto-play toggle, allows you to control rotation sensitivity, reverse rotation, and resolves several bugs and compatibility issues. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.3.2 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.102.0.230 resolves a couple bugs and adds an advertising consent notice. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.67.1.233 updates web engine. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.0.8994 adds support for external subtitles, improved ad detection, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.31.04 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 19.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.920 improves stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.09.17 changes the terms of use and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.10.03 improves Wi-Fi 7 compatibility. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.8 and 24.0.5 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-76.html

Adobe Commerce 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11, 1.4.2-p3, 1.3.5-p8, 1.3.4-p10, and 1.3.3-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Magento Open Source 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Adobe Dimension 4.0.4 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb24-74.html

Adobe FrameMaker 2020.7 and 2022.5 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-82.html

Adobe InCopy 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb24-79.html

Adobe InDesign 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-80.html

Adobe Lightroom 7.5, 13.5.1, and 12.5.2 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb24-78.html

Adobe Substance 3D Painter 10.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html

Adobe Substance 3D Stager 3.0.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html

Audacity 3.6.4 doesn’t have a change log so should be treated as a security update.
https://www.audacityteam.org/download/

Blender 4.2.2 resolves dozens of bugs. This is a security update.
https://www.blender.org/download/

Calibre 7.19.0 improves performance and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.04.0 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GnuCash 5.9 resolves several bugs. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.08.1 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Krita 5.2.6 resolves over 50 bugs and improves reliability and stability. This is not a security update.
https://krita.org/en/download/

LibreOffice Fresh 24.8.2 resolves almost 200 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.10.8.1879 adds business templates, FDX support, and resolves several bugs. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.14.1 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7 updates libraries, resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

PDF Candy Desktop 3.13 doesn’t provide a change log so should be treated as a security update.
https://pdfcandy.com/

PDF-XChange Editor 10.4.1.389 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_34 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_39 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

JShelter 0.19.1 improves Manifest V3 compatibility and performance. This is not a security update.
https://jshelter.org/install/

KeePass 2.57.1 is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 5.5.4 doesn’t provide a change log so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

RogueKiller 15.18.3 updates libraries and resolves several bugs. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/

SecurityCheck 2024.9.22 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/securitycheck/dl/123/

Stinger 13.0.0.197 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1268 adds support for new browsers, applications, unicode compatibility and resolves several bugs. This is a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.60.0 adds several new features and resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

QubesOS 4.2.3 is a security update.
https://www.qubes-os.org/downloads/

Tails 6.8 is a security update. 6.8 also signals the merger of Tails and the Tor Project.
https://tails.net/install/download/index.en.html

Zorin OS 17.2 improves customization, updates libraries, and resolves several bugs. This is not a security update.
https://zorin.com/os/mirrors/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.2.4 resolves stability bugs. This is not a security update. This is not a security update.
https://www.techsmith.com/screen-capture.html

VideoCacheView 3.10 improves compatibility with Google Chrome. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.7 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.17.8 improves defect tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.2.0.0 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.5 adds FLAC support and resolves sseveral bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.7 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.46 adds QR code authentication, Wi-Fi QR code sharing, accessibility improvements, and resolved several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.5.0 adds Boot Repair, improves Migrate OS and resolves bugs in the optical media creation flow. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.9.2 improves PDF attachment handling and improves Secrets Manager. This is not a security update.
https://bitwarden.com/

CCleaner 6.28.11297 adds support for new applications. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.11 improves mainboard detection and adds new hardware support. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Deskflow 1.17.0 is a complete rebrand of the upstream Synergy source, pushing the public code base into a useful utility. This is the first one, though, so I’d hold off a little while. This is not a security update.
https://deskflow.org/

DesktopOK 11.44 improves copmatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.84.0 improves cache plug-in to use hash data to reduce network chatter, encoding improvements, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-09-12 adds option to use password as credentials, improves documentation and resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.5.1 improves compatibility, adds RTL support, keyboard shortcuts and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3880.66.6 improves compatibility and adds support for Windows 11 v24H2. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.60 adds support for Windows 11 v24H2 and removes v23H2. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 3.7.1 improves Network Insights and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.9.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.46.1 resolves several bugs and improves documentation. This is not a security update.
https://git-scm.com/

GoodSync 12.7.6 improves logging and compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 2.13 adds channel utilization reporting, Wi-Fi 7 (802.11be) support and filtering improvements. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.12 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.55 adds support for newer hardware and battery information. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 4.11 adds support improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 2.2.0 adds Italian language support. This is not a security update.
https://lessmsi.activescott.com/

MultiMonitorTool 2.11 resolves a mapping bug. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NTLite 2024.9.10073 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1014 resolves over a dozen bugs including performance and reliability issues. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 6.44 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.85.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 24.2 should be avoided. It has had rollout “paused” due to stability issues four times already. Just wait for 24.3 or 24.4 to be stable.
https://screenconnect.connectwise.com/download

TeamViewer 15.58.5 resolves several bugs and implements new cosmetics. This is a security update.
https://www.teamviewer.com/en-us/download/windows/

TestDisk 7.3 doesn’t provide a change log so should be treated as a security update.
https://www.cgsecurity.org/wiki/TestDisk_Download

XnConvert 1.101.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.10 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.2.1.9 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.4.213 adds ability to change opacity within properties panel, tilemap improvements, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.6 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.2 resolves several bugs. This is not a security update.
https://go.dev/

Node.js 20.18.0 updates libraries, resovles several bugs and adds experimental support for network inspection. This is not a security update.
https://nodejs.org/en/

Node.js 22.9.0 updates libraries, adds support for stack trace, disables V8, and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.0 resolves over a dozen bugs. This is a security update.
https://www.python.org/downloads/windows/

Visual Studio Code 1.94 improves Explorer Find, adds filtering options to Source Control Graph, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.2 is a major update, changing style, performance, stability, hardware compatibility and adding many options. It also initially broke older guests and this release fixes that as well as a dozen other bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Duplicator 1.5.11 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Sucuri Security 1.9.5 improves analysis. This should be treated as a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-01-09

Posted on January 9, 2024 by Shawn K. Hall

Happy New Year, Folks!

Today is Patch Tuesday for January, 2024.

There were over 200 major hacks, but only about 130 application updates this month. It’s a very light month, with about 1.3 GB of updates for most users.

This Month in Technology

360 Physical Therapy, LLC, 3CX, 70% of Iran’s gas stations, Academy Mortgage Corporation, AccessDx Laboratory, LLC, AccessOne Medcard, Inc., AI Engine plugin for WordPress, Air Albania, Albanian Parliament, Albanian telecom, Americold, Amerigroup Iowa, Inc, Amwins Group, Inc., Apache OFBiz, Apache RocketMQ, Apache Struts, Asper Biogene, Ateam, Austal USA, Barracuda ESG, Battelle Energy Alliance, LLC, Beirut Airport, BELLIN HEALTH, Bezeq, BlueCross BlueShield of Tennessee, Inc., Booking.com, Box.com, Brown & Streza LLP, Buckley King LPA, Bunker Hill Community College, California Northstate University, Capital Health, Cardiothoracic and Vascular Surgeons, P.A., CareTree, Inc., Cellcom, CertiK on X, Chilean Government, City of Hope, Clay County Social Services, Co-Founder of Nest Wallet, Coin Cloud, Comcast Cable Communications LLC, Comcast/Xfinity, ConsensioHealth, LLC, Cooper Aerobics Enterprises, Inc., Corewell Health, County of Los Angeles Department of Mental Health, Court Services Victoria, Australia, D.C. Board of Elections, defense contractors, Delta Dental of California, Downfall, Drug Emporium, Eagers Automotive, EasyPark, EMSI, Enstar (US) Inc, Erie Family Health Centers, ESO Solutions, ESSEMTEC, Estes Express Lines, Eye Physicians of Central Florida, PLLC, Eyefinity, Inc., Fallon Ambulance Services, Federal Tax Service of Russia, Fidelity National Financial, Fincantieri Marine Group, LLC, First American Financial Corporation, First Choice Dental, Flagstar Bank, N.A., Florida Water Products, Fred Hutchinson Cancer Center, French company, Fresno Regional Workforce Development Board, Fresno Surgical Hospital, Gallery Systems, German H-Hotels, Glendale Community College, Greater Cincinnati Behavioral Health Services, GTKWave, Healix Infusion Therapy, LLC, Health Diagnostic Management, LLC, Health Net Community Solutions, HealthEC LLP, Heart of Texas Behavioral Health Network, Housing Authority of the County of San Bernardino, HTC Global Service, Humana Inc, Hyundai on X, Idaho National Labs, Independent Vision Group, LTD, Insomniac Games, Insurance ACE/Humana Inc., Integris Health, Italian military gear shop, Ivanti Avalanche, Ivanti Endpoint Management, Jell-O, JetBrains TeamCity, Judiciary of Córdoba in Argentina, Katholische Hospitalvereinigung Ostwestfalen, Keenan & Associates, Kimco Staffing Services Inc., Knox Ricksen LLP, Kraft Heinz, Kyivstar, Ledger dApp, LegendasTV, LoanCare, loanDepot, Lone Peak Physical Therapy, Inc., Los Altos Food Products, LLC, Los Angeles County Department of Mental Health, ManageEngine OpManager, Mandiant, Maxco Supply, Inc., Maytronics, Mellow Massage Hollywood, Memorial University of Newfoundland, Merced City School District, Meridian Behavioral Healthcare, Inc., Merrick Bank, Mexican banks, Microsoft Xamarin, Mint Mobile, Molina Healthcare of Ohio, Inc., MongoDB, Mountain Dermatology Specialists, PC, Movistar, Mr. Cooper, Musick, Peeler & Garrett LLP, National Amusements, National Student Clearinghouse, Nationstar Mortgage LLC, Navvis & Company, LLC, Netgear on X, Network180, North Face, North Kansas City Hospital, Norton Healthcare, NYC Health + Hospitals, Ohio Lottery, Orange Spain, Orbit Chain, Orcutt Union School District, Orrick, Herrington & Sutcliffe, Oscar Mayer, Panasonic Avionics Corporation, Pandol Brothers, Inc., Perforce Helix Core Server, pfSense, Philippine credit services provider, Primary Health & Wellness Center, LLC, ProSmile Holdings, LLC, QNAP VioStor NVR, Recology Inc., Regional Family Medicine, Retina Group of Washington, PLLC, Riverside County Office Of Education, Riverside Unified School District, Rockstar Games (GTA5 + GTA6), Rush System for Health, Russian sushi restaurant, Senior Scripts, Shufersal, Sony, Southeastern Orthopaedic Specialists, PA, Supreme, Swedish fintech company, Talus Pay, TaxPlus, The Foleck Center, LTD, The Jacmar Companies, LLC, The Middlefield Banking Company, Thunder Terminal, Tigo Business, Timberland, Tipalti, Toronto Zoo, Toyota Financial Services, Transformative Healthcare, TRISTAR Insurance Group, TTM Technologies, Ubiquiti, Ubisoft, Ukrainian security cameras, University of Buenos Aires, Vans, Velveeta, VF Corp, Vi Living, Vietnamese fashion store, Viking Therapeutics, Wabtec Corporation, Wealth Network, Welltok, Inc. (and many more), WICR Waterproofing and Construction Inc., WordPress Backup Migration plugin, Xerox Business Solutions, Yakult Australia, Yorkshire Wellness Group, Corp., and ZOLL Medical Corporation have reported hacking or compromised this month.

Box.com, Kyivstar, loanDepot, and First American have suffered from outages this month.

Last months updates broke Avira Antivirus, NPS (Radius) servers, various Tesla functions, Windows Explorer & task bar, and Windows Wi-Fi.

Microsoft can’t convince Microsoft to use Microsoft services.

Central authentication services like OAuth and SSO still cause all sorts of problems. And ads are still very very bad for you.

23andMe is blaming their users for exposing the data of almost 7 million users.

LastPass now requires slightly less horrible passwords. (They’re still not good.)

You should assume that software setting-based security will always fail you. Hardware switches are the only reliable method.

Now for the good news:

The FTC has ordered X-Mode to stop selling and preserving cell phone location data, a surprising win for privacy. If this is obeyed, only government agencies, hardware vendors, and operating system vendors will be able to trade in your location information.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is pretty small this month. The typical computer should see roughly 1.3 GB in updates today. Let’s get started.

Microsoft released updates to address 62 vulnerabilities in .NET, .NET Core, .NET Framework, Azure Storage Mover, Microsoft Bluetooth Driver, Microsoft Devices, Microsoft Edge, Microsoft Identity Services, Microsoft Office SharePoint, Microsoft Office, Microsoft Virtual Hard Drive, Remote Desktop Client, Servicing Stack Updates, SQL Server, SQLite, Unified Extensible Firmware Interface (UEFI), Visual Studio, Windows Active Directory, Windows AllJoyn API, Windows Authentication Methods, Windows BitLocker, Windows Cloud Files Mini Filter Driver, Windows Collaborative Translation Framework, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Group Policy, Windows Hyper-V, Windows Kernel, Windows Kernel-Mode Drivers, Windows Libarchive, Windows Local Security Authority Subsystem Service (LSASS), Windows Message Queuing, Windows Nearby Sharing, Windows ODBC Driver, Windows Online Certificate Status Protocol (OCSP) SnapIn, Windows Scripting, Windows Server Key Distribution Service, Windows Subsystem for Linux, Windows TCP/IP, Windows Themes, Windows Win32 Kernel Subsystem, Windows Win32K, and MSRT (~1 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 16.7.4, iOS 17.2.1, iPadOS 16.7.4, Safari 17.2.1, and macOS Sonoma 14.2.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.4 and 17.2.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.4 is a security update. Use Settings, General, Software Update to install the most current update.

Google Chrome OS 119.0.6045.214 and 120.0.6099.203 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Zorin OS 17.0 is a major update, with added hardware and software compatibility, improved design and reduced hardware requirements.
https://zorin.com/os/mirrors/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

DS4Windows 3.3.3 resolves several bugs. This is the final version so you should consider removing it instead of updating.
https://github.com/Ryochan7/DS4Windows/releases/latest

Epson ET-5880 3.04.00 doesn’t provide a changelog so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-5880/s/SPT_C11CJ28201

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.61.114 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 121.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.6.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 120.0.6099.200 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 120.0.2210.121 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.5.3206.50 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.13.3 resolves a couple bugs and adds a new security filter for HTML rendering. This is a security update.
https://getmailspring.com/

OutlookAttachView 3.51 improves warnings. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.12.0.63910 adds Shared Drafts and Email Labels. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.12.0.63909 adds Shared Drafts and Email Labels. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.6.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 189.4.8427 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 202.0.0.15.225 is a security update.
https://www.messenger.com/download

FileZilla Client 3.66.4 is a security update.
https://filezilla-project.org/

FreeFileSync 13.3 resolves several compatibility issues. This is not a security update.
https://www.freefilesync.org/download.php

jq 1.7.1 is a security update.
https://jqlang.github.io/jq/

Nextcloud Server 28.0.1 is a security update.
https://nextcloud.com/

Pocketnet-GUI 0.8.76 adds support for new video servers and a Christmas theme. This is not a security update.
https://pocketnet.app/

PuTTY 0.80 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Rclone 1.65.1 is a security update.
https://rclone.org/

Signal 6.43.2 resolves several bugs. This is not a security update.
https://signal.org/download/

Signal (Android) 6.42.3 updates buttons. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.27.2 is a security update.
https://syncthing.net/

Telegram (Android) 10.5.0 doesn’t provide a change log so should be treated as a security update.
https://telegram.org/apps

Telegram 4.14.4 resolves several bugs. This is not a security update.
https://telegram.org/

Trillian 6.5.0.34 resolves several bugs. This is not a security update.
https://www.trillian.im/

Zoom 5.17.2 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.0 adds several new tracking features. This is not a security update.
https://en.3tene.com/

darktable 4.6.0 improves performance and resolves dozens of bugs. This is not a security update.
https://www.darktable.org/

Grayjay 227 improves stability and resolves dozens of bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.1.3 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.84.1.4069 doesn’t provide a change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.53.0.4063 doesn’t provide a change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

TuneIn 1.28.0 doesn’t provide a change log so should be treated as a security update.
https://tunein.com/radio/home/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.11.1.129 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.186 improves performance and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.51.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2024.104 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2023-12-11 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024-01-03 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Experience Manager Forms 6.5.13.0+ and 6.5.19.1 are security updates.
https://helpx.adobe.com/security/products/aem-forms/apsb23-77.html

Adobe Reader DC Patch 23.008.20458 is a security update.
https://get.adobe.com/reader

Adobe Substance 3D Stager 2.1.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-06.html

Calibre 7.3.0 adds a tag browser, OpenType improvements, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

GnuCash 5.5 resolves over two dozen bugs. This is not a security update.
https://www.gnucash.org/

ImageMagick 7.1.1-26 resolves dozens of bugs. This is not a security update.
https://imagemagick.org/

Kindle for PC 2.3.70673 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Manager 24.1.9.1264 adds the ability to use codes and reference numbers in batch operations. This is not a security update.
https://www.manager.io/

Notepad++ 8.6.1 updates libraries, adds a couple features, and resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.15 is a security update.
http://www.openoffice.org/download/

PDF-XChange Editor 10.2.0.384 improves control for compression, comments and margins, and adds support to search within comments and open email messages in the editor. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20231120-R13_53 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20231107-R9_116 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

ProtonVPN (macOS) 4.1.1 improves stability. This is not a security update.
https://protonvpn.com/download

QubesOS 4.2.0 updates libraries, updates default behaviors, and resolves several bugs. This is a security update.
https://www.qubes-os.org/downloads/

Stinger 12.2.0.709 updates detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 5.21 updates libraries and resolves several bugs. This is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.55.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.7.1 updates notebooks, improves plugins, and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.40.1 resolves a couple minor bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 24.0.4 resolves a couple crash bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.0.9 resolves several bugs and improves compatibility. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.7.2 resolves several bugs. This is not a security update.
https://handbrake.fr/

PDF Creator 5.2.0 adds Outlook Web Access support and resolves several bugs. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.5.8 resolves dozens of bugs and improves reliability. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.0.7 improves performance and stability. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.23 resolves a bug. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.2.2 resolves a couple bugs. This is not a security update.
https://www.diskpart.com/

Bitwarden 2023.12.1 improves auto-fill. This is not a security update.
https://bitwarden.com/

CCleaner 6.19.10858 resolves several stability bugs. This is not a security update.
https://www.ccleaner.com/

CurrPorts 2.77 improves IPv6 compatibility. This is not a security update.
https://www.nirsoft.net/utils/cports.html

DesktopOK 11.15 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.0.189.0 resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2023-12-19 is a security update.
https://github.com/simonrob/email-oauth2-proxy

ExplorerPatcher 22621.2861.62.2 resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.54 adds support for Windows 11 23H2v2. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 3.6.0 resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync and GoodSync2Go 12.5.3 improves compatibility, stability and security. This is not a security update.
https://www.goodsync.com/

Homedale 2.09 adds MAC grouping and improves oui.txt support. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 7.68 doesn’t provide a detailed change log so should be treated as a security update.
https://www.hwinfo.com/download/

Kingston SSD Manager 1.5.3.4 doesn’t provide a detailed change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

Memtest86+ 7.00 adds support for new hardware, improves debugging and resolves several bugs. This is not a security update.
https://www.memtest.org/

NTLite 2023.12.9552 improves controls and resolves a couple bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.77.0 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ripgrep 14.1.0 resolves several bugs. This is not a security update.
https://github.com/BurntSushi/ripgrep/releases/latest

TcpLogView 1.41 adds support for setting CaptureInterval in cfg file. This is not a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

WifiInfoView 2.92 adds an option to start as hidden. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinGet 1.6.3482 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.1 is a security update. Expect well-maintained applications that package .NET Runtime with them to release new versions in the near future.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.1.1.27 resolves a couple bugs. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.11 resovles several bugs. This is not a security update.
https://www.autohotkey.com/download/

Node.js 21.5.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

TortoiseSVN 1.14.6 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.85.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.2 resolves over a dozen bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.0.2 and 4.4.2 resolve several bugs. This is not a security update.
https://www.joomla.org/

Piwigo 14.1.0 improves compatibility and resolves several bugs. This is not a security update.
https://piwigo.org/

Contact Form 7 5.8.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

My Sticky Bar 2.6.7 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Redirection 5.4.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Social Post Feed 4.2.1 improves reliability. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.40 improves cleanup. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WooCommerce 8.4.0 resolves dozens of bugs and provides almost 100 improvements. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Cerber Security 9.6.1 fixes a 2FA bug and a crash bug. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.11.0 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2023-12-12

Posted on December 12, 2023 by Shawn K. Hall

Merry Christmas, Folks!

Today is Patch Tuesday for December, 2023.

There were 200+ major hacks, and over 215 application updates this month. Even with all that, it’s actually a pretty small month, with only about 2.5 GB of updates for most users.

This Month in Technology

1st Source Bank, 23andMe, 4 Over LLC, Aadhaar, Acuity, Advantis Global, Inc., Alps Alpine North America, Inc., AMD & Intel CPUs, AMD CPUs, American University of Antigua College of Medicine, Americold Logistics LLC, Apache Struts 2, Ardent Health Services, Austal USA, AutoZone, Avito, Beaverton School District, Big Brothers Big Sisters of America, Bleach Anime Forum, Bloomberg Crypto, Blue Shield of California, Blue Shield of California Promise Health Plan, Bluetooth 4.2 to 5.4 hardware (BLUFFS), British Library, Brodart Co, Brookfield Global Relocation Services, Butte School District, Cadence Bank, California Physicians Service, Cambridge NHS, Capital Health, CareTree, Inc., CBIZ KA, Citrix NetScaler Application Delivery Controller, Citrix NetScaler Gateway, CKF Addiction Treatment, Inc., Clark County School District, Clear Spring Life and Annuity Insurance Company, Coin Cloud, Community Health Network, Inc., Community Healthcare Network, Inc., Counter-Strike 2, CrushFTP, CTS, CVC Holding Corp, CyberLink, Deanco Healthcare LLC, Deer Oaks Behavioral Health, Delaware Life Insurance Company, DePauw University, Detroit Chassis, LLC, Dollar Tree, Dragon Touch, East River Medical Imaging, EMS Management and Consultants Inc., Endocrine and Psychiatry Center, Enstar (US) Inc., Equality Health, LLC, Erris water, Estante Virtual, Ethyrial, Experian, Fenway Community Health Center, Inc., Fidelity National Financial, Financial Risk Mitigation, Inc., FortiSIEM, Foursquare Healthcare, Ltd., Foxit Reader, Fred Hutchinson Cancer Center, Gemplex, General Electric, Gerber Life Insurance Company, Go Ninja, Google Calendar, Gunster, Yoakley & Steward, PA, Hackensack Meridian Health, Hal Turner Radio Show, Hampton-Newport News CSB, Hendersonville, Henry Schein, Holding Slovenske Elektrarne, HSKS Greenhalgh Chartered Accountants and Business Advisors, HTC Global Services, Idaho National Laboratory, IDF, Indian Hotels Company, IndiHome, Industrial and Commercial Bank of China, InflateVids, Inline Plastics Corp., Intel CPUs, International Paper Company, International Paper Company Group Health and Welfare Plan, Jam Tangan, Japan’s Space Agency JAXA, JoyGames, Kaneva, Kansas state court system, KitchenPal, Koeller Nebeker Calrson & Haluk LLP, KyberSwap, Kyivstar, Leggett & Platt Incorporated Employee Benefit Fund, Livermore Amador Valley Transit Authority, Long Beach, California, McLaren Health Care, Medical College of Wisconsin, Medical Eye Services, Inc., MeridianLink, MGM Resorts International, Microsoft DHCP servers, Microsoft Exchange, Midwest Gaming & Entertainment, LLC, Molina Healthcare of Iowa, Inc., Montrose Behavioral Health Hospital, Inc., Morrison Community Hospital District, Movie Forums, Municipal Water Authority of Aliquippa, NASCO, NEWAG trains, Nissan Australia & New Zealand, Nissan Financial Services, Nonstop Administration and Insurance Services, Inc., Norsk Hydro, Northwest Eye Care Professionals, Norton Healthcare, NSC Technologies, NXP, Oak Street Health, Okta, OMGPOP, ownCloud, Pahl & McCay, Pan-American Life Insurance Group, Inc., password managers on Android, Perry Johnson & Associates, pfSense servers, Philippine Government, Poloniex, Postmeds/Truepill, Proliance Surgeons, PruittHealth Network, Psychiatry Associates of Kansas City, Qlik Sense, RailYatri, Redcliffe Labs, Rock Valley Physical Therapy, Rosaviatsia, Rusnak, Saisystems International, Inc., Samsung Electronics, Sellafield, Serbian Civil Society, Shadowfax, Shoval, Sierra County, Sierra OT/IoT routers, SIRVA Worldwide Relocation & Moving Services, SoarGames, Sophos Firewalls, South Korean defense companies, Southwest Behavioral Health Center, Stanley Steemer International, Inc., Staples, State of Maine, Stevedore DP World, Systems East, Inc., Taylor University, TGI Direct, Inc., The Charles Lea Center, Tipalti, Toronto Public Library, Toyota Financial Services, TransUnion, Tri Counties Bank, Troutman Pepper Hamilton Sanders LLP, U.S. Drug Mart, Inc., UEFI on just about every platform, Unitronics PLCs, University of Manchester, US Department of Health and Human Services, US government agencies, Valrhona Inc., Vanderbilt University Medical Center, VMware Cloud Director, Warren General Hospital, Welltok, West Central District Health Department, Weston Embedded uC-HTTP Server, Westside Community Services, Wichita Urology Group, Windows Hello fingerprint authentication, WordPress Backup Migration plugin, WordPress, WP Fastest Cache, Wyoming County Community Health System, Yakima Valley Radiology PC, Yamaha Motor’s Philippines, Yanfeng Automotive Interiors, Zeroed-In Technologies, and Zyxel NAS have reported hacking or compromises this month.

ALPHV, Blender, British Library, Fidelity National Financial, Industrial and Commercial Bank of China, Kyivstar, Optus, Rumble, and Staples have suffered from outages this month.

Last months updates broke Google Drive, USB C compatibility, Microsoft 365 Outlook, trust in the Windows Store, Microsoft 365 authentication, and they’re installing HP Smart on millions of computers without any HP hardware.

Apple introduced a new feature (NameDrop) that allows it to easily share your contact information with someone nearby. While the feature is designed to share information only when the popup is selected, Apple has a history of weak or defective controls on new features. Apple’s AirTags can be silenced to make stalking easier.

Hackers claim they can use expired Google auth cookies to gain access to accounts. A new AI is designed to crack your password by listening to your typing.

Rumble has sued Check My Ads.

The EV death toll is rising and “green lie” is being exposed.

Now for the good news:

The FISA Reform and Reauthorization Act is due to be renewed (like, tomorrow), and information is out that exposes how it can be abused even further. There’s still time to contact your congress critters and ask them to reject it.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is pretty small this month. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates to address 42 vulnerabilities in Azure Connected Machine Agent, Azure Machine Learning, Microsoft Bluetooth Driver, Microsoft Dynamics, Microsoft Edge, Microsoft Office Outlook, Microsoft Office Word, Microsoft Power Platform Connector, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Windows Cloud Files Mini Filter Driver, Windows Defender, Windows DHCP Server, Windows DPAPI (Data Protection Application Programming Interface), Windows Internet Connection Sharing (ICS), Windows Kernel, Windows Kernel-Mode Drivers, Windows Local Security Authority Subsystem Service (LSASS), Windows Media, Windows MSHTML Platform, Windows ODBC Driver, Windows Telephony Server, Windows USB Mass Storage Class Driver, Windows Win32K, XAML Diagnostics, AMD Chipsets, and MSRT. This includes security updates. A reboot is required.

Apple released updates for macOS Monterey 12.7.2, macOS Sonoma 14.1.2, macOS Sonoma 14.2, macOS Ventura 13.6.3, iOS 16.7.3, iOS 17.1.2, iOS 17.2, iPadOS 16.7.3, iPadOS 17.1.2, iPadOS 17.2, Safari 17.1.2, Safari 17.2, tvOS 17.2, watchOS 10.2, and Pro Video Formats 2.3. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.3, 17.1.2 and 17.2 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.3, 17.1.2 and 17.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.2 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 114.0.5735.343 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.12.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 9.09 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.7.0 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Drivers by Seagull 2023.4 adds support for 200 new printers. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

DS4Windows 3.2.21 resolves several bugs and updates libraries. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Epson ET-2800 3.01 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2800/s/SPT_C11CJ66202

Epson ET-3760 2.68.02 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-3760/s/SPT_C11CG20203

Epson ET-4800 3.01 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4800/s/SPT_C11CJ65201

Epson ET-4850 3.02.00 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4850/s/SPT_C11CJ60202

Epson ET-5880 3.02 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-5880/s/SPT_C11CJ28201

Epson WF-4820 3.04.00 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/WorkForce-Series/Epson-WorkForce-Pro-WF-4820/s/SPT_C11CJ06201

TP-Link Archer AX55 v1 231130 resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

TP-Link Archer AX73 v2.0 231023 is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.61.101 is a security update.
https://brave.com/

Firefox 120.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.5.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 120.0.6099.71 is a security update.
https://www.google.com/chrome/

Microsoft Edge 120.0.2210.61 is a security update.
https://www.microsoft.com/en-us/edge/business/download

SeaMonkey 2.53.18 is a security update.
https://www.seamonkey-project.org/

Vivaldi 6.4.3160.47 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.13.2 resolves several bugs. This is a security update.
https://getmailspring.com/

Spark 3.10.6.61878 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.10.6.61877 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.5.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 7.3.0 resolves several bugs and improves address book. This is not a security update.
https://anydesk.com/en/downloads

aria2 1.37.0 resolves dozens of bugs and updates libraries. This is not a security update.
https://aria2.github.io/

curl 8.5.0 resolves more than 180 bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 188.4.6302 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 201.0.0.9.336 is a security update.
https://www.messenger.com/download

FileZilla Server 1.8.0 is a security update.
https://filezilla-project.org/

FreeFileSync 13.2 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Microsoft Teams 1.6.00.33567 is a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0 resolves dozens of bugs and updates libraries. This should be treated as a security update.
https://nextcloud.com/

Omada Software Controller 5.13.22 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.22.0 is a major update improving performance and optimizing storage. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.74 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.65.0 adds dozens of new features, resolves several bugs, and improves performance and reliability. This is not a security update.
https://rclone.org/

Signal 6.41.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.41.3 resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.27.1 resolves several bugs. This is not a security update.
https://syncthing.net/

Telegram 4.12.2 resolves several bugs and improves compatibility. This is not a security update.
https://telegram.org/

Telegram (Android) 10.3.2 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

Wget2 2.1.0 resolves a couple dozen bugs. This is not a security update.
https://gitlab.com/gnuwget/wget2/-/releases

Zoom 5.16.10.26186 updates the icon and adds dozens of new features. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.14 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1 adds several new characters and dozens of new controls and improvements. This is not a security update.
https://www.bitwig.com/download/

Plex Desktop 1.83.1.4061 improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.52.1.4035 updates libraries. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.8.7639 updates libraries and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.11.0.121 doesn’t provide a detailed change log so should be treated as a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.183 vastly improves startup performance and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.50.03 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.20.4 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 17.0.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

SteamOS SteamDeck Update 3.5.7 improves stability and USB connectivity. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Dimension 3.4.11 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb23-71.html

Adobe Experience Manager 2023.11 and 6.5.19.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html

Adobe Illustrator 28.1 and 27.9.1 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb23-68.html

Adobe InDesign 19.1 and 18.5.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb23-70.html

Adobe Prelude 22.6.1 is a security update.
https://helpx.adobe.com/security/products/prelude/apsb23-67.html

Adobe Reader DC Patch 23.008.20421 resolves several bugs. This is not a security update. Use Help, Check for updates to install the most current version.
https://get.adobe.com/reader

Adobe Reader DC Patch for MacOS 23.008.20423 resolves several bugs. This is not a security update. Use Menu, Check for updates to install the most current version.
https://get.adobe.com/reader

Adobe Substance3D After Effects 24.1 and 23.6.2 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb23-75.html

Adobe Substance3D Designer 13.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb23-76.html

Adobe Substance3D Sampler 4.2.2 is a security update.
https://helpx.adobe.com/security/products/substance3d-sampler/apsb23-74.html

Adobe Substance3D Stager 2.1.3 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb23-73.html

Audacity 3.4.2 resolves dozens of bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.1.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

ImageMagick 7.1.1-23 resolves dozens of bugs. This is a security update.
https://imagemagick.org/

Inkscape 1.3.2 resolves dozens of bugs. This should be treated as a security update.
https://inkscape.org/release/

Kdenlive 23.08.4 resolves a dozen stability and reliability bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.2.70623 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Krita 5.2.2 fixes more than a dozen bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice 7.5.9 resolves a couple bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.6.4 resolves more than 150 bugs. This should be treated as a security update. Remember that the Fresh line is beta software and the “Still” line should be used by most users.
https://www.libreoffice.org/

Manager 23.12.12.1221 resolves more than a dozen bugs and adds several new features, including global inventory transfer and custom depreciation and amortization fields. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.11.0 resolves dozens of bugs and improves compatibility. This is not a security update.
https://nextcloud.com/

Notepad++ 8.6 improves multi-edit, inaccessible file access, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.12 resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.1.3.383 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 R13_33 resolves several bugs. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 R9_104 resolves several bugs. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2024 R4_15 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.8.1 updates dependencies and resolves a couple bugs. This is not a security update.
https://github.com/countercept/chainsaw

HTTP Toolkit 1.14.8 doesn’t provide a change log so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.6.6 resolves a couple bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.2.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.0.1 improves the user interface. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.13.1 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SuperAntiSpyware 10.0.1260 resolves several bugs and adds a Chrome and Edge extension. This is not a security update.
https://www.superantispyware.com/download.html

Tails 5.20 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.54.0 adds differential updates for filter lists and resolves a dozen bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 1.0.0 is the first official release version. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.0.2 resolves a dozen bugs. This is a security update.
https://obsproject.com/

ScreenToGif 2.40 improves theming, updates dependencies and resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 24.0.2 resolves a couple bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.0.7 adds support for new encodings, improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.7.1 adds support for new output formats and resolves several bugs. This is not a security update.
https://handbrake.fr/

IsoBuster 5.3 adds support for new hardware, new encodings, new partition schemes, and several bug fixes. This is not a security update.
https://www.isobuster.com/download.php

StreamFab 6.1.5.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.0.6 improves compatibility and performance. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.22 adds reminders to imported passwords and resolves more than a dozen bugs. This is a security update.
https://1password.com/downloads/

Agent Ransack 2022.3418 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AMD Ryzen Master 2.12.0.2806 adds support for new hardware and voltage reporting. This is not a security update.
https://www.amd.com/en/technologies/ryzen-master

Beyond Compare 4.4.7.28397 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 2023.12.0 resolves several bugs and adds Elastic integration and CLI event logs. This is not a security update.
https://bitwarden.com/

CalyxOS Device Flasher 1.0.8 doesn’t provide a change log so should be treated as a security update.
https://calyxos.org/install/

CCleaner 6.18.10838 resolves several bugs. This is a security update.
https://www.ccleaner.com/

dnGrep 4.0.151.0 adds several new features and controls. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2023-11-18 resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

ExplorerPatcher 22621.2506.60.1 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.53 adds new UEFI Shell and updates versions. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3418 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.43.0 resolves dozens of bugs. This is not a security update.
https://git-scm.com/

Go 1.21.5 is a security update.
https://go.dev/

GoodSync 12.4.8 improves compatibility. This is not a security update.
https://www.goodsync.com/

ImageUSB 1.5.1006 improves logging. This is not a security update.
https://www.osforensics.com/tools/write-usb-images.html

Mac Migration Assistant 2.4.5.0 doesn’t provide a change log so should be treated as a security update.
https://support.apple.com/en-us/HT204087

NTLite 2023.11.9515 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.76.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcDump 3.0 for Linux adds memory leak reporting. This is not a security update.
https://live.sysinternals.com/

ripgrep 14.0.3 resolves several bugs. This is not a security update.
https://github.com/BurntSushi/ripgrep/releases/latest

RoboForm 9.5.6 resolves a couple bugs. This is not a security update.
https://www.roboform.com/

ScreenConnect 23.8.6.8735 is a security update.
https://www.connectwise.com/software/control/download

Sysmon 1.3.2 for Linux is a security update.
https://live.sysinternals.com/

WinGet 1.6.3421 updates the app installer and adds Configure command to improve consistency. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WirelessKeyView 2.23 improves QR Code generation and improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

XnConvert 1.99 doesn’t provide a detailed change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2023 2023.2311.20.400 resolves several bugs.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2024 is a new major version adding several new mouse and cursor controls, performance improvements, and improved keyboard controls. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2023.1.1.26 resolves several bugs and improves compatibility. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.6 resolves several bugs. This is not a security update.
https://desktop.github.com/

Godot 4.2.1 resolves over 1,800 bugs. This is not a security update.
https://godotengine.org/

Node.js 18.19.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.10.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 21.4.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.12.1 resolves dozens of bugs. This is a security update.
https://www.python.org/downloads/windows/

SQLite 3.44.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.85 adds dozens of new features. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.36 resolves several bugs. This is not a security update.
https://winmerge.org/

Web Package Updates

These are likely to be of interest only to web developers.

Joomla 5.0.1 is a security update.
https://www.joomla.org/

ownCloud Client 5.2.0.12726 resolves a couple bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 14.0.0 improves search, index, media support, album editor and performance, and resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.4.2 is a security update.
https://wordpress.org/

BuddyPress 12.0.0 is a major update, replacing the rewrite API and resolving dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.8.4 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.7.1 is a security update.
https://wordpress.org/plugins/duplicator/#developers

Postie 1.9.68 adds an option to suppress the postie div. This is not a security update.
https://wordpress.org/extend/plugins/postie/

NextScripts Social Networks Auto-Poster 4.4.3 is a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

W3 Total Cache 2.6.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.3.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.3 resolves a couple bugs. This is not a security update.
https://wpbakery.com/

WP Cerber Security 9.6 adds 2FA support and improves compatibility. This is not a security update.
https://wpcerber.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/