Updates 2024-10-08

Welcome back, Folks!

Today is Patch Tuesday for October, 2024.

Windows 11 24H2 is out. So is macOS 15/Sequoia. iOS 18, iPadOS 18, tvOS 18, watchOS 11, and visionOS 11 are out now.  The first set of security updates for each of these are released now, too.

All versions of Windows 11 prior to 23H2 are no longer be supported. Upgrade to 23H2 now, then do not upgrade to 24H2, yet. Let everyone else be the guinea pigs. It’s already showing quite a few issues.

All versions of macOS prior to 13/Ventura are no longer supported. If you can’t upgrade your Mac to Ventura you need to permanently take it offline and/or replace it.

Windows 10 now has only 12 months of support left. If your computer can not be upgraded to Windows 11 either start planning now for a switch to Linux or replacing your computer.

There were 505+ major hacks, and over 395 application updates this month. It’s an enormous month, with about 4 GB of updates for most users.

This Month in Technology

4B Components, 5.11 Tactical, A1 Mobile Locksmith, Access Ambulatory Surgery Center, LLC, Access Sports, Accurate Railroad Construction Ltd, Acuity Advisor, Adobe Acrobat Reader DC, Adobe After Effects, Adobe Audition, Adobe Commerce & Magento stores (5% of all their commerce sites!!!),  Adobe Media Encoder, Adobe Photoshop, Adobe Premiere Pro, ADT, Advanced Sterilization Products, Inc, Affirm Agency, AFP, air-gapped government systems, Akromold, Al Rajhi Bank, Albany College of Pharmacy, Alliance, Ally Bank, Alshaya Group, Altman Plants, Alvan Blanch, American Water Works, Amgen Inc, Amplitude Laser, Andamen, Andantex USA, Anniversary Holding, Apache Avro, Apache HugeGraph-Server, Apex Softcell, Aramark myPay, Arc browser, Arelance Group, Around the Clock Companies, Asheville Arthritis and Osteoporosis Center, PA, AT&T, ATG Communications Group, Atrium Health, Autel Maxicharger, Auto Recyclers, AutoCanada, Autodesk Navisworks Freedom DWF, automatic storage tank gauge (ATG) systems (6 models), Avi Resort & Casino, Avis, Balboa Bay Club Ventures LLC, Banana Gun, Bangladeshi government, Barbados Revenue Authority, Barnes & Cohen, Batcom, Battle Lumber Co, Bay Ridge Automotive Management Group, Bazooka, Bel-Air Bay Club, BELL DATA, Inc, Benny Gantz, Bethalto Community Unit School District, Betterhalf, Bharat Petroleum, BingX, Bloom Hearing Specialists, Blundstone USA Inc, BNBuilders, BotSpace, Branhaven Chrysler Dodge Jeep Ram, Brechbuhler Scales Inc, BroadGrain Commodities, Broward Realty Corp, Brown Bottling Group, Brown Integrated Logistics, Brunswick Hospital Center, BSH Soft, BudTrader, C&L Ward, CaleyWray, Calibrated Healthcare, LLC, California Department of Social Services, Cameroon’s pension fund, Canstar Restorations, Capgemini, Capital Printing, Carlile Group, Cascade Columbia Distribution, Casino Fandango, Casio, Caterpillar Inc, Cellular Plus, CentralTickets, CF Medical, Charles Darwin School, Chernan Technology, ChiceDNA, Chinese government, a Chinese government botnet, Chrome, Chunghwa Telecom Data, Cincinnati Public Schools, City of Aberdeen, WA, City of Forest Park, City of Pleasanton, CA, City of Richardson, TX, CK Associates, CKS Packaging, Classic Business Products, CobelPlast, Cohesive Networks VNS3, Comcast Cable Communications, Community Clinic of Maui, Inc, Community Hospital of Anaconda, Compass Group, Concord Management Services, Condere IP, Conductive Containers, Inc, Connally Memorial Medical Center, Control Panels USA, CopySmart LLC, Corantioquia, Creative Consumer Concepts, Creative Playthings, CrediHealth, Crown Mortgage Company, CSG Consultants, D-Link routers, DATASUS, Daughterly Care, David’s Bridal, Del Valle Independent School District, Delaware Library system, Dell (twice in a week),  Deloitte, Delta Prime, Department of Foreign Affairs (DFA), Philippines, DETRAN, Detroit Public TV, Diamond Contracting, LLC, Didi Chuxing, digiDirect, Dimensional Merchandising, DINAS Corp, Divine Interprises INC, DJH Jugendherberge, Domain Industries, DotPe, DPC DATA, Dr. Web, DrayTek routers, Dreyfuss + Blackford Architecture, Duopharma Biotech, Dutch Police, EasyMPS, Edge Imaging, eFile.com, EigenLayer, Elgin Separation Solutions, Elitecare Emergency Hospital, Elitecare, Empereon Marketing, English Football League, Enterprise Outsourcing, EnviroNET Inc, Environmental Code Consultants Inc, Erasmus+, ETC Companies, Ethena Labs, Eurobulk, Evans Distribution Systems, Experience Engine, Express Services, Fabrica Industrial Machinery & Equipment, FastStone Imave Viewer, Fazenda Brazil government, FBCS, Fedbank Financial Services, Feeld, Feldstein & Stewart, Fireworks Software, First Choice, Fleet Equipment, FoccoERP, Forshey Prostok LLP, Fortinet, Fortive, Foundation, Foxit PDF Reader, Freshstart Credit Repair, Frigocenter, Fritzøe Engros, FTV Employment Services LLC, Fylde Coast Academy Trust, G/S Solutions, Galloway MacLeod, Games Box, GameVN, Garvey, GenPro Inc, GitLab, GNOME Project G, GoDaddy, Golden Age Nursing Home, Gough Construction, Graminex, Graybill Medical Group, Greene Acres Nursing Home, Guerriere & Halnon, GW Mechanical, Hair Club for Men, Hamel Cranial Chiropractic & Wellness INC, Harvard Pilgrim Health Care, Harvey Nichols, HDI, Hertz, Hezbollah, Hindle Group, Holmes & Brakel, Howard CPAs, HPE Aruba Networking, Hughes Gill Cochrane Tinetti, Hunter Dickinson Inc, HuntStand, I-MED, Ibermutuamur, ICBC London, IDEALEASE INC, Idre Fjäll, Indian Supreme Court, Indodax, Infosys McCamish Systems, Instituto Nacional de Deportes de Chile, Insurance Agency Marketing Services, Inc, InteriorWorx Commercial Flooring, iOS Password Manager, 260,000 IoT devices (Raptor Train), Iron Metals, Isola, Israel Defense Minister, Israel Foreign Affairs Minister, Israel Harel Insurance, Israel Prime Minister, an Israeli analytics company, Israeli defense companies, Israeli Industrial Batteries, Istrail, Italian Ministry, Ivanti Cloud Services Appliance, Ivanti Endpoint Manager, Ivanti Workspace Control, Jackson Paper Manufacturing, Jacobsen Construction Co, Inc Health Plan, Joe Swartz Electric, Johnson & Wales University, JTaylor & Associates LLC, Juice Generation, Kawasaki Motors Europe, Keller Williams Realty Group, Kennedy Funding, Keuka College, Keya Accounting and Tax Services LLC, Kia dealer portal, Kia vehicles (again), KintApp, Kravit, Hovel & Krawczyk SC, KukuFM, Kuwait Health Ministry, LA Financial Federal Credit Union, Labib Funk Associates, Ladov Law Firm, Lakeland Chamber, Lancaster Royal Grammar, three-quarters of law firms (which explains a lot of the hacks this month), Law Offices of Michael J Gurfinkel, Inc, Lawrie Insurance Group, Lee Hoffoss Injury Lawyers, LEGO, Lenovo Service Bridge, Liberty First Credit Union, Local 1964 ILA Health & Insurance Fund, Lumen Technologies, Luso Cuanzа, Lyomark Pharma, MacGillivray Law, macOS graphics driver, macOS video decoder, Magenta Photo Studio, Malwarebytes Antimalware, Markdom Plastic Products, Maryville Academy, Mattson Technology, Inc, Max Shop, MC2 Data, McAbee Construction, Inc, McCarty Company, MCNA Dental, MDSi INC, MediCheck, MedReview, Messe C, Miami Dolphins Forum, Michigan Masonic Home, Michigan Medicine, Microsoft Azure API Management, Microsoft C++ redistributable, Microsoft Pragmatic General Multicast Server, Microsoft SharePoint, Microsoft Windows, Microsoft Windows 10 AllJoyn Router Service, Microsoft Windows Internet Explorer, Microsoft Windows SmartScreen, Mile Hi Foods, MIPS Holding, Inc, Mobility Compare, Model Engineering, Moeller Door and Window, MoneyGram, Mozambique Election System, Mt. Carmel Behavioral Healthcare, Muskogee City County Enhanced 911 Trust Authority, mySCADA myPRO, NASA, New Electric, New River Electrical, New York Sports Club, Noble Environmental, North American Breaker, Nova Sinseg, Nusser Mineralöl GmbH, NVIDIA Container Toolkit, Octapharma Plasma, OffRoadAction, Omega Industries, One Point HR Solutions, Onyx, OpenAI, OpenPLC_v3 Runtime, Optigo Networks ONS-S8, Oracle WebLogic, Pacific Coast Building Products, Pacific Islands Forum, Fiji, Pacific Scientific Energetic Materials Company LLC, Palomar Medical Group, PaperCut NG, Partners Air, Patelco Credit Union, Patrick Sanders Company, PDF-XChange Editor, Pearl Cohen, Peerless Umbrella, Performance Food Centers, Performance Therapies, PetEdge, Pete’s Road Service, PetroChina, Physical Medicine & Rehabilitation Center, Piggly Wiggly, Plaisted Companies, Plastics Plus, Plumbers Stock, Port of Seattle/Seattle-Tacoma International Airport (SEA), Power Torque Services, PRC-Saltillo, Premier Packaging, Prentke Romich Company, Progress Software WhatsUp Gold, Pureform Radiology Center, Qualcomm DSP, Quantum Healthcare, Raaga, Rackspace, Radio Geretsried, 19 UK railway stations, Ranveer Allahbadia, Reading Train Station, Red Barrels, Repsol, Research Electronics International, Reutter, Richland County, WI, Richmond Auto Mall, Richmond Community Schools, Riley Gear Corporation, Rim Country Health and Rehabilitation, Ring Power, River Delta Unified School District, River Region Cardiology Associates, Riverside Resort Casino, Rob Levine & Associates, Robson Planning Group Inc, Rockwell Automation PLC Software, Sacred Heart Catholic School, Sage Home Loans Corporation, SaniRent, Satia Group, Savannah Candy, Schäfer, dein Bäcker GmbH & Co KG, Scranton School District, Sellafield, ServiceNow, Shenango Area School District, Sherr Puttmann Akins Lamb PC, Shezmu, Shin Bet, ShoreMaster, Signature Healthcare Services LLC, siParadigm LLC, Slim CD, Smart Buy, Smart Source, Inc, 2,700 “smart” devices in the Netherlands, SolarWinds Access Rights Manager, Solutii Sistemas, Sono Bello, Southeast Cooler, Southern Bone, SpaceX, Spectrum Industries, Sportstech, spWETH Wallet, Star Blizzard, Star Health (India), Stillwater Mining Company, Storck-Baugesellschaft mbH, Structural Concepts, Sub-Zero, Wolf, and Cove, Sunrise Farms, Synnovis, TANYA Creations, TeamViewer, TeleHealth Center (India), Temu, Tewkesbury Borough Council, Thai Honda Manufacturing, The Gill Corporation, The Maids International, The Rubber Resources, The Superior Court of California, The Tech Interactive, Theresa Gordon Tax Services, Inc, Think Simple, Thomas Lloyd, Thompson Construction Supply, TIAA, Title Financial Corporation, Total Electronics, TOTVS, Toyota, TradeZero America Inc, Transport for London, Transtec SAS, TransUnion Risk and Alternative Data Solutions, Inc, Travel Alberta, TRC Worldwide Engineering, Trend Micro Deep Discovery Inspector, True Family Enterprises, Truflation, Truist Bank, Trump campaign, Tuttle-Click Automotive Group, Twilio, Uber Eats, UCC Retreivals, United Animal Health, Universal Music Group, University Medical Center, University of Minnesota Orthodontics, US Centers for Medicare and Medicaid Services, US Congress, US Dermatology Partners, UT Southwestern Medical Center, Uttarakhand (India) government, Veertu Anka Build, Verizon, Vermilion Parish Schools, Versa Director, VGTRK, Vickers Engineering, Vidisco, Virginia Dare Extract Co, Visionary Homes, Visteon Infotainment System, VMware vCenter Server, Ward Transport, Wayne County, MI, WazirX, We Level Up Treatment Lake Worth, Weiser Memorial Hospital, Weldco-Beales Manufacturing, Wells Fargo, Western Digital MyCloud PR4100, WhatsApp, Wichita Police, Wilmington Convention Center, Wilson & Lafleur, Wisconsin Physicians Service Insurance Corp, Woodard, Hernandez, Roth & Day, WordPress Houzez Login Register plugin, WordPress Houzez theme, WordPress LiteSpeed Cache Plugin, Wright, Moore, DeHart, Dupuis & Hutchinson, LLC, Young Consulting LLC, and Zimbra email servers have reported hacking or compromises this month.

AFP, AT&T, Cloudflare, Confidant Health, Dr. Web, Google CloudImposer, Highline Public Schools, MoneyGram, PlayStation Network, Port of Seattle, Providence Public Schools, State Data Center (India), Verizon, and WP Engine have suffered from outages this month.

Last months updates broke M4 iPad Pro devices, macOS Sequoia VPN & antivirus software, Microsoft 365 apps, Microsoft Outlook mail vs nested folders, Microsoft Word (serious – Word deletes your files if they have mixed case extensions!), Windows 11 24H2 BSODs, Windows 11 24H2 gaming performance, Windows 11 24H2 license activation, Windows reboots, and Windows USB & Bluetooth.

In other news

The Internet backdoor mandated by US federal law has been hijacked by China (Salt Typhoon) and is being actively exploited again across several phone providers. It’s not good.

Almost 3 in 5 of breached UK firms admit to paying ransom on demand. An insane 92% of healthcare firms in the US were hit by cyberattacks this year.

Now that “exploding pagers” (and more) are a thing, will people start to take supply chain and physical security seriously?

Fearing exposure of weak security processes, Apple has moved to dismiss their lawsuit against NSO Group.

Now for the good news

Discord has added end-to-end encryption for audio & video calls.

NIST has finally scrapped their complexity and change frequency recommendations. The math on these recommendations simply doesn’t add up.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is enormous this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released 65 updates to address 121 vulnerabilities in .NET Framework, .NET, Azure CLI, Azure Monitor, Azure Stack, BranchCache, Code Integrity Guard, DeepSpeed, Internet Small Computer Systems Interface (iSCSI), Microsoft ActiveX, Microsoft Configuration Manager, Microsoft Defender for Endpoint, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Management Console, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office, Microsoft Simple Certificate Enrollment Protocol, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Speech, OpenSSH for Windows, Outlook for Android, Power BI, Remote Desktop Client, RPC Endpoint Mapper Service, Service Fabric, Sudo for Windows, Visual C++ Redistributable Installer, Visual Studio Code, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows BitLocker, Windows Common Log File System Driver, Windows Cryptographic Services, Windows cURL Implementation, Windows EFI Partition, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows Kernel-Mode Drivers, Windows Local Security Authority (LSA), Windows Mobile Broadband, Windows MSHTML Platform, Windows Netlogon, Windows Network Address Translation (NAT), Windows NT OS Kernel, Windows NTFS, Windows Online Certificate Status Protocol (OCSP), Windows Print Spooler Components, Windows Remote Desktop Licensing Service, Windows Remote Desktop Services, Windows Remote Desktop, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Scripting, Windows Secure Channel, Windows Secure Kernel Mode, Windows Shell, Windows Standards-Based Storage Management Service, Windows Storage Port Driver, Windows Storage, Windows Telephony Server, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for Apple TV 1.5.0.152 for Windows, iOS 17.7, iOS 18, iOS 18.0.1, iPadOS 17.7, iPadOS 18, iPadOS 18.0.1, macOS Sequoia 15.0.1, macOS Sonoma 14.7, macOS Ventura 13.7, Safari 18, Safari 18.0.1, tvOS 17.6.1, tvOS 18, visionOS 2, visionOS 2.0.1, watchOS 10.6.1, watchOS 11, watchOS 11.0.1, and Xcode 16. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.6.1, 11, and 11.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 18 is a security update. Use System, Software Update to install the most current version.

visionOS 2 and 2.0.1 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 128.0.6613.163, 129.0.6668.80, and ChromeOS LTS 126.0.6478.254 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.9.1 improves hardware compatibility, game support, resolves several bugs and expands Vulkan extensions. This is not a security update.
https://www.amd.com/en/support

TP-Link Archer AX55 v1 240628 improves mesh and configuration controls. This is not a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

goxlr-utility 1.1.4 resolves several compatibility and reliability bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

UniFi Network Server 8.4.62 resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.2.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.70.123 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 129.0.6668.100 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 129.0.2792.79 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 131.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.3.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 6.9.3447.51 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.14.0 is a security update.
https://getmailspring.com/

ProtonMail (Android) 4.0.22.1 resolves a major stability bug. This is not a security update.
https://proton.me/mail/download

Spark 3.17.9.86866 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.9.86865 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.3.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.1.0 resolves dozens of bugs and improves stability. This is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.1.2 is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.58 resolves an export bug. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.10.1 resolves over a dozen bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 209.4.3661 does not provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.6.0.24.211 is a security update.
https://www.messenger.com/download

FileZilla Server 1.9.2 resolves a bug in the update engine. This is not a security update.
https://filezilla-project.org/

Google Drive 98.0 is a security update.
https://drive.google.com/start

MeshCentral 1.1.32 is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.26062 improves onboarding flow and allows external presenters to join from mobile platforms. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.0 is a major update, updating libraries, minimum requirements, and resolving more than a hundred bugs. This is a security update.
https://nextcloud.com/

Npcap 1.80 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Rclone 1.68.1 improves compatibility and resolves several bugs. This is not a security update.
https://rclone.org/

Signal 7.27.0 adds several new display options for media, groups and restores ability to search stored messages from groups you’re no longer part of. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.18.2 adds ability to search for emoji. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.0.2 resolves protocol bugs. v13 adds several other new DNS features and controls including ZONEMD, RP, Catalog Zones and improved logging. This is not a security update.
https://technitium.com/dns/

Telegram 5.6.1 resolves dozens of bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 11.1.3 resolves dozens of bugs. This is not a security update.
https://telegram.org/apps

Zoom 6.2.3.47507 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.10 resolves a couple bugs and improves lip sync. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.4 resolves over 20 bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 264 adds auto-play toggle, allows you to control rotation sensitivity, reverse rotation, and resolves several bugs and compatibility issues. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.3.2 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.102.0.230 resolves a couple bugs and adds an advertising consent notice. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.67.1.233 updates web engine. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.0.8994 adds support for external subtitles, improved ad detection, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.31.04 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 19.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.920 improves stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.09.17 changes the terms of use and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.10.03 improves Wi-Fi 7 compatibility. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.8 and 24.0.5 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-76.html

Adobe Commerce 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11, 1.4.2-p3, 1.3.5-p8, 1.3.4-p10, and 1.3.3-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Magento Open Source 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Adobe Dimension 4.0.4 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb24-74.html

Adobe FrameMaker 2020.7 and 2022.5 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-82.html

Adobe InCopy 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb24-79.html

Adobe InDesign 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-80.html

Adobe Lightroom 7.5, 13.5.1, and 12.5.2 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb24-78.html

Adobe Substance 3D Painter 10.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html

Adobe Substance 3D Stager 3.0.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html

Audacity 3.6.4 doesn’t have a change log so should be treated as a security update.
https://www.audacityteam.org/download/

Blender 4.2.2 resolves dozens of bugs. This is a security update.
https://www.blender.org/download/

Calibre 7.19.0 improves performance and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.04.0 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GnuCash 5.9 resolves several bugs. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.08.1 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Krita 5.2.6 resolves over 50 bugs and improves reliability and stability. This is not a security update.
https://krita.org/en/download/

LibreOffice Fresh 24.8.2 resolves almost 200 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.10.8.1879 adds business templates, FDX support, and resolves several bugs. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.14.1 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7 updates libraries, resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

PDF Candy Desktop 3.13 doesn’t provide a change log so should be treated as a security update.
https://pdfcandy.com/

PDF-XChange Editor 10.4.1.389 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_34 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_39 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

JShelter 0.19.1 improves Manifest V3 compatibility and performance. This is not a security update.
https://jshelter.org/install/

KeePass 2.57.1 is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 5.5.4 doesn’t provide a change log so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

RogueKiller 15.18.3 updates libraries and resolves several bugs. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/

SecurityCheck 2024.9.22 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/securitycheck/dl/123/

Stinger 13.0.0.197 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1268 adds support for new browsers, applications, unicode compatibility and resolves several bugs. This is a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.60.0 adds several new features and resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

QubesOS 4.2.3 is a security update.
https://www.qubes-os.org/downloads/

Tails 6.8 is a security update. 6.8 also signals the merger of Tails and the Tor Project.
https://tails.net/install/download/index.en.html

Zorin OS 17.2 improves customization, updates libraries, and resolves several bugs. This is not a security update.
https://zorin.com/os/mirrors/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.2.4 resolves stability bugs. This is not a security update. This is not a security update.
https://www.techsmith.com/screen-capture.html

VideoCacheView 3.10 improves compatibility with Google Chrome. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.7 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.17.8 improves defect tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.2.0.0 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.5 adds FLAC support and resolves sseveral bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.7 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.46 adds QR code authentication, Wi-Fi QR code sharing, accessibility improvements, and resolved several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.5.0 adds Boot Repair, improves Migrate OS and resolves bugs in the optical media creation flow. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.9.2 improves PDF attachment handling and improves Secrets Manager. This is not a security update.
https://bitwarden.com/

CCleaner 6.28.11297 adds support for new applications. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.11 improves mainboard detection and adds new hardware support. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Deskflow 1.17.0 is a complete rebrand of the upstream Synergy source, pushing the public code base into a useful utility. This is the first one, though, so I’d hold off a little while. This is not a security update.
https://deskflow.org/

DesktopOK 11.44 improves copmatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.84.0 improves cache plug-in to use hash data to reduce network chatter, encoding improvements, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-09-12 adds option to use password as credentials, improves documentation and resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.5.1 improves compatibility, adds RTL support, keyboard shortcuts and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3880.66.6 improves compatibility and adds support for Windows 11 v24H2. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.60 adds support for Windows 11 v24H2 and removes v23H2. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 3.7.1 improves Network Insights and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.9.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.46.1 resolves several bugs and improves documentation. This is not a security update.
https://git-scm.com/

GoodSync 12.7.6 improves logging and compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 2.13 adds channel utilization reporting, Wi-Fi 7 (802.11be) support and filtering improvements. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.12 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.55 adds support for newer hardware and battery information. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 4.11 adds support improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 2.2.0 adds Italian language support. This is not a security update.
https://lessmsi.activescott.com/

MultiMonitorTool 2.11 resolves a mapping bug. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NTLite 2024.9.10073 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1014 resolves over a dozen bugs including performance and reliability issues. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 6.44 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.85.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 24.2 should be avoided. It has had rollout “paused” due to stability issues four times already. Just wait for 24.3 or 24.4 to be stable.
https://screenconnect.connectwise.com/download

TeamViewer 15.58.5 resolves several bugs and implements new cosmetics. This is a security update.
https://www.teamviewer.com/en-us/download/windows/

TestDisk 7.3 doesn’t provide a change log so should be treated as a security update.
https://www.cgsecurity.org/wiki/TestDisk_Download

XnConvert 1.101.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.10 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.2.1.9 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.4.213 adds ability to change opacity within properties panel, tilemap improvements, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.6 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.2 resolves several bugs. This is not a security update.
https://go.dev/

Node.js 20.18.0 updates libraries, resovles several bugs and adds experimental support for network inspection. This is not a security update.
https://nodejs.org/en/

Node.js 22.9.0 updates libraries, adds support for stack trace, disables V8, and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.0 resolves over a dozen bugs. This is a security update.
https://www.python.org/downloads/windows/

Visual Studio Code 1.94 improves Explorer Find, adds filtering options to Source Control Graph, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.2 is a major update, changing style, performance, stability, hardware compatibility and adding many options. It also initially broke older guests and this release fixes that as well as a dozen other bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Duplicator 1.5.11 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Sucuri Security 1.9.5 improves analysis. This should be treated as a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-06-11

Welcome back, Folks!

Today is Patch Tuesday for June, 2024.

There were 460+ major hacks, and over 270 application updates this month.
It’s an average month, with about 2.5 GB of updates for most users.

This Month in Technology

4LEAF, Inc, A123Systems, Abbott, AbbVie Inc, ABN Amro, ABS-CBN Broadcasting, Absolute Telecom, AC Financial, AC Propulsion, Inc, Acadia Pharmaceuticals Inc, Access Sports Medicine & Orthopaedics, Accounting Professionals LLC Price Breazeale Chastang, ADCOM911, Adobe Acrobat Reader, Advance Auto Parts, Advance Press, Adventist Health Tulare, Affiliated Dermatologists, Agrani Bank, AirAsia Group, Akdenizchemson, Al-Rajhi Bank, Allied Mechanical Services Inc, Allied Telesis, ALN Medical Management, ALO diamonds, Aloft, Alpha Capital Group, Amazon, AmerisourceBergen Specialty Group, Amgen Inc, Amsterdam Schools, Anchorage Daily News, Anderson Mikos Architects, Android, Archi Hives, Architecture Lejeune Giovanelli, Ardenbrook, ARRL, Ascension Healthcare Network, Association of California School Administrators, Asst Rhodense, Astagiudiziaria, Aston Villa, Astra Daihatsu Motor, Atlas Oil, Atlassian Confluence, Audubon Nature Institute, Ausgrid, Aussizz Group, Avelina, Ayoub Associates CPA Firm, B&G Foods, Banco de Crédito del Perú, Barclays, Bausch Health Companies Inc, Bayer Corporation, BBC Pension Scheme, Berge Bulk, Billericay School, Birmingham Children’s Trust, BlockTower Capital, Bluewater Health, BNB Chain, BreachForums, BreingAir, Brett Slater Solicitors, Brick Court Chambers, Bring Me the Horizon’s website, Bristol Myers Squibb, British Columbia Government, Brockton Area Multi-Services, Brovedani Group, Bruno generators, Bulgarian Ports Infrastructure Company, Café Soluble, California Highway Patrol, California Northstate University, Call 4 Health, Inc, Catch News, CDU, Cencora (11 big pharma companies), Center Line schools, Central Contra Costa Transit Authority, CentroMed, Centurion University, Check Point VPN, Chicago Fire Football Club, Christie’s, Cinterion Modems, Cisco Webex, City of Clarksville, City of Helsinki, City of St. Cloud, Clevo, CoinGecko, College Ahuntsic, Columbus Regional Healthcare System, Comwave Networks, Continuing Healthcare Solutions, Cooler Master, Coplosa, Corr Corr, Corse GSM, Cortina Watch, Costa Edutainment SpA, Cox WiFi routers, Crandall ISD, Credit Central, Crescent Point Energy, Cressex Community School, Crooker, Crossroads Equipment Lease & Finance, LLC, Cryptonary, Cushman Contracting Corporation, Cylance, D-Link EXO AX4800 routers, Daniel E. Fitzgerald, CPA, Decathlon, Delano Adult School, Dendreon Pharmaceuticals LLC, DFINITY, DG3 North America, Inc, DGT traffic authority, Digital Pix & Composites, Discovery Insure, Disney, Dkhoon Emirates, DMM, Dohman, Akerlund & Eddy, Dollmar, Doral, Florida, Dota2, DreamWall, Drive Sally, LLC, Driver Group, DRMS, Dubai government, Dynasafe, E-T-A, Easterseals Central Illinois, Eden Project Ltd, Egyptian Universities, Eigen crypto, Electronic Arts, Elk Grove Unified School District, Elmhurst Group, Elutia, EmailGPT, Embellir, Endo Pharmaceuticals Inc, Ernest Health Facilities, ES Pack Euro, Especialistas Contacto Directo, EU Parliament, Everbridge, Ewing Marion Kauffman School, Excel Security Corp, Experis Technology Group, Facebook, Family Guardian, Faultless Brands, FEI Systems, Fic Expertise, Financial Business and Consumer Solutions (FBCS), Fincasrevuelta, First American, FIRST Heritage Co-operative Credit Union, First Nations Health Authority, First Priority Restoration, Firstmac, Fiskars, Fluent Bit, Form I-9 Compliance, Formosa Plastics, Foxit PDF Reader, FPL Food, France Solar, Frontier Communications, Frotcom International, Fulcrum, Gala Games, Gantan Beauty Industry, Gapbuster Worldwide Pty Ltd, GE HealthCare ultrasound devices, Genentech, Inc, Georgia University System, Gestion Kronos, GitLab, GlaxoSmithKline Patient Health, Google (thousands of times), Google Chrome, Google Document AI Warehouse, Granville Food Care Limited, Graphic Solutions Group Inc, Gravetye Manor, Greater Amsterdam School District, Grupo Cadarso, Guardian Analytics, Guardian Childcare Victoria, Gulp, Hamburg Airport, Hatari Electric Co, HawkEye, Hedbergs, Heineken, Helapet Ltd, Heron Therapeutics, Inc, Hit Promotional Products, HopSkipDrive, Hotel Kiosks, HSBC, Hugging Face Spaces, Iberdrola, IBM Cloud, IBM Neural Compressor AI, Illinois Secretary of State, Incyte Corporation, Indigo ENT Group, Interactive Brokers, Inventum Øst, Iranian Hajj, Iranian Pilgrims, Iress, Isaacs Odinocki, Iseto Corporation, Islamabad’s Safe City Authority, Israel-made industrial devices, Israeli Government and Military Infrastructure, ISTA International GmbH, Ivanti EPMM, IZOMAT Praha, J & N Stone, JAVS Courtroom Recording Software, Johnson & Johnson Patient Assistance Foundation, Inc, Johnson & Johnson Services, Inc, Jordano’s Inc, Jumbo Group, Kaiser Permanente, Keytronic, Klein ISD, Knowmad Mood, Kyber Post-Quantum Key Encapsulation Mechanism (KEM), Lactanet, Lane Gorman Trubitt, Lash Group, Laxmi Capital, Lee Shau Kee School of Creativity, LEMKEN, LenelS2 NetBox, Les Miroirs St Antoine Inc, Levin Porter Associates, Lintas Nusa, LivaNova, Live Nation, London Drugs, London Hospitals, Los Angeles Department of Mental Health (LACDMH), Los Angeles Unified School District (LAUSD), M2EConsulting Engineers, MagicLand, MAH Machine, Mainline Health Systems, Malaysia’s Railway Assets Corporation (RAC), Malone & Co, Malouf Companies, Manurewa Marae, NZ census, Marathon Pharmaceuticals, LLC, Marigin, Mariposa Landscapes Inc, Matusima, McLean Hospital, MediSecure, medQ, Inc, MF Group, Microsoft Exchange Server, Microsoft India, Microsoft Quick Assist, Midwest Covenant Home, Morton Williams, My Daily Choice, Inc, Myersville, Maryland, Mālama I Ke Ola Health Center, National Records of Scotland, Native American Health Center, NATO, Natsume Tax Accountant Corporation, Navvis & Company, LLC, Neovia Company, Netflix Genie, New Boston Dental Care, New Hampshire Public Radio, New York Times, Newfoundland Broadcasting Company Limited, Newman Ferrara, Nidec Motor Corporation, Nissan North America, Inc, Normie Meme Coin, North Texas Municipal Water District, Northeast Rehabilitation Hospital Network, Northern Minerals, Novartis Pharmaceuticals Corporation, Ntv, OakBend Medical, OmniVision, OneVue, OpenSea, Oracle WebLogic Server, Osaka Motorcycle Business Cooperative, OTR, Otsuka America Pharmaceutical, Inc, Oxford Global Resources, LLC, PAN-OS, Panasonic Australia, PandaBuy, Panorama Eyecare, Pantana CPA, Patriot Mobile, Patties Foods, pcTattletale, Peak Design, Pendle Token, PepsiCo, Pezesha, Pfizer Inc, Philippine National Police (PNP), Philips Respironics, PHP, Pope & Conner Consulting, Inc, Providence Hospital, PSG Banatski Dvor, Pulse Connect Secure VPN, QNAP NAS, QNAP QTS, Qualitas, QuoteWizard, R3 Education Inc, Rayner Surgical Inc, RDI-USA, Real Madrid CF, Red Bull, Red Cross, Regeneron Pharmaceuticals, Inc, Regional Obstetrical Consultants, Rex Signature Services, LLC, Richland, Washington, Rio Technology, Riyadh Airport, Robinsons Land, Robson, Rockford Public Schools, Rockwell Automation ICS, Royal Star & Garter, Räddningstjänsten Vä stra Blekinge, Samco, Sandoz Inc, Sanok Rubber Company Spólka Akcyjna, Santa Barbara Systems, Santander, Sav-Rx, Scanda, Schuette Metals, Science Po Paris, Seattle Public Library, Semicore Equipment, Service public de Wallonie, Servicio Móvil, Shirasaki, Shore Regional High School District, Sigmund Espeland AS, SLB Transit Inc, Smith and Caughey’s, Snchez-Betances Sifre & Muñoz-Noya, Snowflake, Solana Meme Coin, SonicWALL SSL-VPN, Sonne Finance, Southwark hospitals, Specialty Market Managers, Sree Hotels, SSI World, St. Landry Parish School, State Grid Corporation of China (SGCC), Sterling Transportation Services, Sumitomo Pharma America, Inc, Sumo, Superior Air-Ground Ambulance Service, Sysmex America, Takeda Pharmaceuticals USA, Inc, Talalay Global, Talley Group, Tamil Nadu, Tech in Asia, Telangana Police, Telefónica, Tesla’s Ultra-Wideband, Thayer Academy, The Egyptian-Sudanese Company, The Kelly Group, ThinkPHP, Ticketek Australia, Ticketmaster, Tietoevry, TikTok, Tinyproxy, Tobii Dynavox, Toshiba America, Town of Westlock, Toyota Philippines, TP-Link Archer C5400X, TRC Talent Solutions, Trib Total Media, TriLiteral, Trionfo Solutions, TruGreen, TSCOP App, UAE Ministry of Education, UK Armed Forces, United Urology Group, Universidad Nacional de Entre Ríos, University of Chicago Medical Center, University of Delhi, University of Hyderabad, University of Siena, US Environmental Protection Agency (EPA), Vannguard Utility Partners, Vasitam, Veeam Backup Enterprise Manager, Velocore, Victoria Eye Center, Victorian Freight Specialists, Vietnam Post, Visa Lighting, VIT Bhopal University, VWholesaleTour, Walmart pension plan, Walser Automotive Group, Walton County, Watt Carmicheal, WD Associates, Wealth Depot LLC, WebTPA, Welsh Rugby Union, Western Dovetail, Western Saw Inc, Western Sydney University, William S Hein & Co, Windows Defender, WIS Sicherheit, WordPress, WP Copymatic, WP Country State City Dropdown CF7 Plugin, WP Dessky Snippets, WP Easy Listing Directories, WP Fluent Forms Contact Form, WP Hash Form Drag & Drop Form Builder, WP LiteSpeed Cache, WP Meta SEO, WP Pie Register, WP Slider Revolution, WP Statistics, WP UserPro Plugin, WP Web Directory Free, WP WooCommerce, WPZOOM, XLink Bitcoin Bridge, Zuber Gardner CPA, and Zyxel NAS have reported hacking or compromises this month.

ARRL, TRAM Barcelona, Internet Archive, Queen Alia International Airport, LastPass, and Copilot have suffered from outages this month.

According to a recent study from Kaspersky, 59% of multi-site business experience monthly outages.

Last months updates broke Windows Taskbar, File Explorer, Windows Server 2019 updates, and Microsoft Outlook again, of course.

AI bots are ridiculously easy to convince to share sensitive information.

Apple is releasing a new password manager for macOS, iOS and iPadOS. But…to get an idea of how concerned Apple is about security, they’ve recently exposed that Wi-Fi on their devices can be used to geolocate any device around the globe.

Google is making it harder and harder to get help.

ICQ, my favorite messaging app from the 90s, has shut down after 28 years.

VBscript is on its deathbed.

FTX paid off whistleblowers.

Now for the good news:

Microsoft has reversed course on Windows Recall and is now making it “optional” even though it isn’t actually resolving most of the security issues or privacy risks.

Let’s Get Busy

Patch Tuesday is about average this month. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates to address 58 vulnerabilities in Azure Data Science Virtual Machines, Azure File Sync, Azure Monitor, Azure SDK, Azure Storage Library, Chrome, Dynamics Business Central, GitHub, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Streaming Service, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows, Microsoft Windows Speech, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows Container Manager Service, Windows Cryptographic Services, Windows DHCP Server, Windows Distributed File System (DFS), Windows Event Logging Service, Windows Kernel, Windows Kernel-Mode Drivers, Windows Link Layer Topology Discovery Protocol, Windows NT OS Kernel, Windows Perception Service, Windows Remote Access Connection Manager, Windows Routing and Remote Access Service (RRAS), Windows Server Service, Windows Standards-Based Storage Management Service, Windows Storage, Windows Themes, Windows Wi-Fi Driver, Windows Win32 Kernel Subsystem, Windows Win32K – GRFX, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for tvOS 17.5.1, iOS 17.5.1, iPadOS 17.5.1, and visionOS 1.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 17.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 17.5.1 is a security update. Use System, Software Update to install the most current version.

visionOS 1.2 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 125.0.6422.169 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.5.1 improves stability and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Nvidia Driver 475.06 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Samsung DeX 2.4.1.23 doesn’t provide a change log so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

UniFi airMAX NanoStation 5AC Loco 8.7.13 resolves several bugs. This is not a security update.
https://www.ui.com/download/software/loco5ac

UniFi Network Server 8.2.93 adds ACL rules, DNS records, MLO, BGP and Inspection support. This is not a security update.
https://www.ui.com/download/releases/network-server

Wacom Driver 6.4.6-2 adds support for newer hardware, improved reliability, and resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.66.118 is a security update.
https://brave.com/

Firefox 127.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.12.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 125.0.6422.141 is a security update.
https://www.google.com/chrome/

Microsoft Edge 125.0.2535.92 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.7.3329.39 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.16.2.75403 adds calendar support. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.16.2.75440 adds calendar support. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.11.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 8.1.0 improves performance and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Facebook Messenger 213.0.0.22.228 is a security update.
https://www.messenger.com/download

Microsoft Teams 1.7.00.13456 resolves several bugs and improves user controls. This is not a security update.
https://teams.microsoft.com/downloads

Mumble 1.5.634 adds over a dozen new features and resolves several bugs. This should be treated as a security update.
https://www.mumble.info/

Signal 7.11.1 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.8.1 doesn’t provide a detailed change log so should be treated as a security update.
https://signal.org/android/apk/

Telegram 5.1.5 improves stability and resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.13.1 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

Tigase Server 8.4.0 adds RBL support, portable export format, improved user management and resolves dozens of bugs. This should be treated as a security update.
https://github.com/tigase/tigase-server/releases/latest

curl 8.8.0 resolves over 200 bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 200.4.7134 resolves several bugs. This is not a security update.
https://www.dropbox.com/

MeshCentral 1.1.23 resolves dozens of bugs. This should be treated as a security update.
https://meshcentral.com/info/downloads.html

Nextcloud Server 29.0.2 resolves over a dozen bugs. This should be treated as a security update.
https://nextcloud.com/

Omada Software Controller 5.14.20.9 adds several new filters, features and controls. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Syncthing 1.27.8 resolves a couple bugs. This is not a security update.
https://syncthing.net/

Zoom 6.0.11.39959 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.5 improves cosmetics and resolves several bugs. This is not a security update.
https://en.3tene.com/

Grayjay 244 improves compatibility and resolves several bugs.
https://grayjay.app/index.html

Plex Desktop 1.94.1.155 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.62.1.152 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

VLC Media Player 3.0.21 improves hardware compatibility and resolves several bugs. This is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Java) 1.20.6 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 18.1.0 removes X/Twitter and social media integration and improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.522 improves performance and stability and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-05-21 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat Android 24.5.0.33694 is a security update.
https://helpx.adobe.com/security/products/acrobat-android/apsb24-50.html

Adobe Audition 23.6.6 and 24.4.1 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-32.html

Adobe ColdFusion 2021.14 and 2023.8 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-41.html

Adobe Commerce 2.4.0-ext-8, 2.4.1-ext-8, 2.4.2-ext-8, 2.4.3-ext-8, 2.4.4-p9, 2.4.5-p8, 2.4.6-p6 and 2.4.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Adobe Commerce Webhooks Plugin 1.5.0 is a security update.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Adobe Creative Cloud Desktop 6.2.0.554 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb24-44.html

Adobe Experience Manager 2024.5 and 6.5.21 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-28.html

Adobe FrameMaker Publishing Server 2022.3 is a security update.
https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-38.html

Adobe Media Encoder 23.6.6 and 24.4.1 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb24-34.html

Adobe Photoshop 24.7.4 and 25.9 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-27.html

Adobe Substance 3D Stager 3.0.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-43.html

Calibre 7.12.0 improves conversion, media support and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.1.2 improves performance, stability, and reliability, and adds a Timestamps and resolves a couple bugs. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Ghostscript 10.03.1 doesn’t provide a change log so should be treated as a security update.
https://www.ghostscript.com/releases/gsdnld.html

Kdenlive 24.05.0 reimplements audio capture, adds group effects and automatic subtitle translation, performance improvements and resolves several bugs. This is not a security update.
https://kdenlive.org/

LibreOffice Fresh 24.2.4 resolves over 70 bugs. This is not a security update.
https://www.libreoffice.org/

Magento Open Source 2.3.7-p4-ext-8, 2.4.4-p9, 2.4.5-p8, 2.4.6-p6 and 2.4.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Manager 24.6.11.1637 resolves several bugs but does not have current release notes so should be treated as a security update.
https://www.manager.io/

Notepad++ 8.6.8 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

QuickBooks Pro 2022 20240529-R16_8 resolves several bugs. This should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240529-R13_6 doesn’t provide a detailted change log. This should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

KeePass 2.57 improves privacy and security or
https://keepass.info/

OpenSSL 3.3.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.3.0 improves stability and resolves several bugs. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.17.0 improves detection and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.127 adds new detections and improves others. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.3 is a security update.
https://tails.net/install/download/index.en.html

uBlock Origin 1.58.0 resolves over a dozen bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

YARA 4.5.1 resolves several bugs. This is not a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.4 improves compression, video combine, and resolves several bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.9 improves subtitle support and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.8.0 updates libraries and resolves dozens of bugs. This is a security update.
https://handbrake.fr/

IsoBuster 5.4.1 adds support for new formats and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.17.7 updates license date. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 5.2.2 updates libraries. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.8.2 improves reliability, compatibility, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.3 improves performance, quality, and AI integration. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.34 resolves over a dozen bugs. This is not a security update.
https://1password.com/downloads/

7-Zip 24.06 improves reliability and resolves several bugs. This is not a security update.
https://www.7-zip.org/

Agent Ransack 2022.3435 resolves a crash bug. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitcoin 27.0 resolves several bugs and improves performance. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 2024.5.0 adds organization item cloning and begins the manifest v3 compatibility roll-out. This is not a security update.
https://bitwarden.com/

CCleaner 6.24.11060 improves cleanup and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

DesktopOK 11.24 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.6.0 adds several new features and updates libraries. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-05-25 adds JWT and resolves a python compatibility bug. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Etcher 1.19.21 resolves dependency bugs. This is not a security update.
https://www.balena.io/etcher/

Fido 1.56 adds 24H1 ISO UEFI support. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3435 resolves a crash bug. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.6.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.7.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Free Virtual Serial Ports 6.01.00.1309 adds several more controls. This is not a security update.
https://freevirtualserialports.com/

Git SCM 2.45.2 is a security update.
https://git-scm.com/

Go 1.22.4 is a security update.
https://go.dev/

GoodSync 12.6.9 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.1 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

GUIPropView 1.30 adds two new action commands. This is not a security update.
https://www.nirsoft.net/utils/gui_prop_view.html

NTLite 2024.5.9946 resolves several bugs and improves compatibility. This is not a security update.
https://www.ntlite.com/download/

osquery 5.12.2 is a security update.
https://osquery.io/downloads

PowerToys 0.81.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcDump 3.3 for Linux improves container support. This is not a security update.
https://github.com/Sysinternals/ProcDump-for-Linux

Process Explorer 17.06 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

RoboForm 9.6.1 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 4.5 updates libraries, adds UEFI validation, and resolves several bugs. This is a security update.
https://rufus.ie/en_US/

ScreenConnect 24.1.9.8915 improves compatibility, reliability, and stability, and resolves several bugs. This should be treated as a security update.
https://screenconnect.connectwise.com/download

SetUserFTA 1.8.1 implements a workaround for the new UCPD “security feature”. This is not a security update.
https://kolbi.cz/blog/2017/10/25/setuserfta-userchoice-hash-defeated-set-file-type-associations-per-user/

Ventoy 1.0.99 updates EFI binaries and resolves a couple bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WinRAR 7.01 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WizFile 3.10 adds include and exclude filters, adds more feature controls, and resolves several bugs. This is not a security update.
https://antibody-software.com/wizfile/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.6 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.3.1.20 is a security update.
https://developer.android.com/studio

AutoHotkey 2.0.17 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

cx_Freeze 7.1 updates libraries and resolves dozens of bugs. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GitHub Desktop 3.4.1 resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.3.1 improves compatibility and resolves dozens of bugs. This version also removes support for older operating systems. This is not a security update.
https://www.jrsoftware.org/isdl.php

Microsoft Visual C++ 2022 Redistributable 14.40.33810.0 doesn’t provide a change log so should be treated as a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Node.js 18.20.3 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.14.0 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 22.2.0 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.12.4 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.46.0 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.90 adds several new features. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.6 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Invision Community 4.7.17 resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

Joomla 5.1.1 resolves dozens of bugs. This is not a security update.
https://www.joomla.org/

ownCloud Client 5.3.0.13987 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

WordPress 6.5.4 resolves several bugs. This is not a security update.
https://wordpress.org/

BuddyPress 12.5.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.5 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Multisite Enhancements 1.7.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/multisite-enhancements/

Social Post Feed 4.2.5 resolves a couple menu bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

WooCommerce 8.9.2 is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.7 resolves several bugs. This is a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-02-13

Happy Valentine’s Day, Folks!

Today is Patch Tuesday for February, 2024. There were 230+ major hacks and over 200 application updates this month. It’s a big month, with about 3.5 GB of updates for most users.

This Month in Technology

23andMe, Inc., Academy Mortgage Corporation, AHS Management Company, Inc., Air Methods, LLC, Alkem Laboratories, AlmerysAlpine Halo9 iLX-F509, American Meat Companies, Android TV and eCos set-top boxes, Android, Ann & Robert H. Lurie Children’s Hospital, AnyDesk, Apple iPhone, Apple Mac, Apple Vision Pro, Apple Watch, AppleTV, Ashford, Inc., Autel MaxiCharger AC Wallbox Commercial, Automotive Grade Linux, Azura Vascular Care, Azusa Unified School District, Bake ‘N Joy Foods, Inc., Bank of America, Bankers Life and Casualty Company, Blink Mobility, Bosch Thermostats, Brady Martz & Associates PC, 3 million Breathless toothbrushes, BrightStar Care, Buildkit, Burr & Forman LLP, Cadence Bank, California Public Employees Retirement System (CalPERS), Calvià City Council, Canterbury County Council, Carnegie Mellon University, Catholic Charities of the Archdiocese of Miami, Inc., ChargePoint Home Flex, a China-based financial MNC, Chuze Fitness, Citrix Netscaler, Cloudflare, CNO ACE, Coastal Hospice & Palliative Care, Coastal Plains Community Mental Health Mental Retardation Center, Colorado Ophthalmology Associates, PC, Columbus Life Insurance Company, Columbus Regional Healthcare System, Concentra Health Services, Concord Music Group, Inc., Connecticut College, Coppola Physical Therapy and Fitness Gyms, Covenant Care California, LLC, Coventry school, Crace Medical Centre, Des Moines Orthopaedic Surgeons, P.C., Dickinson County Health Department, Docker, Dover District Council, Dutch Ministry of Defence, ElGuindy, Meyer & Koegel, APC, Emmanuel College, EMPORIA EV Charger Level 2, EquiLend Holdings, Europcar, ExpressVPN, Family Healthcare Center, FedEx  Corporation Group Health Plan, Fidelity National Financial, First Financial Security, Inc.,
FortinetFortiOS SSL VPN, FortiSIEM, Fortra GoAnywhere MFT, Framework Computer, Freehold Township schools, Fullerton Joint Union High School District, Gamma Strategies, GEICO Corporation, Georgia’s Fulton County, 5,300+ GitLab instances, Glendale Unified School District, Global Affairs CanadaGlow, Goledo Finance, Google Bazel, Google Chrome, Hair Club for Men, Ltd., Inc., Halara, Hampton-Newport News Community Services Board, Hanmi Bank, Hathway, Health Alliance Medical Plans, Hewlett Packard Enterprise (HPE), Hipocrate Information System, HMG Healthcare, HopSkipDrive, HORNE, LLP, HP ink cartridges, Hyundai Motor Europe, Infosys McCamish Systems LLC, InHealth Technologies, INTEGRIS Health, Islamic Charity in Saudi Arabia, ITITAN Hosting, Ivanti Avalanche, Ivanti Connect Secure VPN, Ivanti Policy Secure Gateway, J.D. Gilmour, Jason’s Deli, 45,000+ Jenkins instances, JetBrains TeamCity, 65 job listing sites, JuiceBox 40 Smart EV Charging Station, Juniper, Kansas City Area Transportation Authority, Kansas State University, Keenan & Associates, Kern Regional Center, Kyocera printers, Liberty Hospital, Lineage, Inc, Livall, LoanDepot, Lutheran World Federation, Marywood Nursing Care Center, Mastodon, McCarthy & Holthus, LLP, Medical Eye Services, Inc., Mercedes-Benz, Microbe & Lab, Microsoft (again!), Microsoft SharePoint, Microsoft SQL servers, Multi-Fineline Electronix, Inc., Musick, Peeler & Garrett LLP, MyPertamina, Nabholz Construction Company Employee Welfare Health Plan, NASCO, National Advisors Holdings, Inc., Nautic Partners, LLC, Navvis & Company, LLC, Naz.API, Oak View Group, Omaha Firefighters Healthcare Trust, Orange Spain, Orange Unified School District, OrthoArkansas, PA Employee Benefit Plan, Ozys, Parkovy, Payoneer, Pennsylvania Emergency Dispatch, Perry Johnson & Associates, Inc., Phoenix Contact CHARX SEC-3100, Pioneer DMH-WT7600NEX, Planet Home Lending, Planeta, PLUS FIVE FIVE, Prestige Care, Inc., Radiant Capital, Rajasthan government (India), Rebekah Children’s Services, Ripple, Romanian Chamber of Deputies, Roundcube email server, Saint Anthony Hospital, Schneider Electric Sustainability, SendGrid, Singing River Gulfport, Singing River Health System, SinglePoint Outsourcing, Inc., Socket, Somesing, SonicWall next-generation firewalls, Sony XAV-AX5500, Spoutible, Summit Medical Group, PLLC, Sun Pain Management, LLC, Tesla Infotainment System, Tesla Modem, Tesla, TGI Direct, Thanet District Council, The Burton Corporation, TIC Hosting, Tietoevry, Tigo, Torchbyte, TP-Link Omada, Trello, Trezor, Trinity Universal Insurance Company, TRISTAR Insurance  Group, U.S. Renal Care, Inc., Ubiquiti Connect EV Station, UEFI Firmware, United Regional Health Care System, Unitronics PLCs, US Department of Health and Human Services, US GSA, US military, Ventura County Credit Union, Veolia North America, Verizon Communications Inc., Verizon, Viamedis, VMware vCenter Server, Walker Therapeutic & Educational Programs, Washington National Insurance Company, Webber Chiropractic Sports Clinic, Inc., Weslend Financial, Windows SmartScreen, WinStar, Wise Lending, and WPS Office have reported hacking or compromises this month.

Atlassian Jira, Microsoft Teams (twice), Parkovy, Tietoevry, and T-Mobile have suffered from outages this month.

Last months updates broke spellcheck in Microsoft Teams, the ability to install updates directly for Microsoft Teams without enabling Delivery Optimization, search in OutlookGoogle Pixel phones, Outlook.com via Outlook, Windows Sysprep, Windows updates.

There is a new “flaw” in the Windows 11 installer, which allows incompatible hardware to be installed to and activated. The Microsoft ms-appinstaller protocol handler is being exploited again to install malware.

The German railway system still uses MS-DOS and Windows 3.11 to manage their displays. Wrenches and toothbrushes are the latest victims in hijacking efforts. A new study demonstrates that the new trend of using AI to write code generates less secure code. SIM swapping is still quite popular.

Google is resuming their migration to Manifest V3, which will result in many content and ad filters failing, as well as many other browser extensions, in only 5 short months.

Amazon AWS is now charging for IPv4 addresses.

While unlikely to make a difference, CA is now suing streaming media services for violating the CCPA. The UN is pushing for a “cybercrime” treaty designed to criminalize all efforts to research malware, security, and vulnerability testing, even when the target of the research has requested it. The treaty would also allow international courts to be used to target anyone using encryption for private communication channels, such as PGP, Telegram, or Signal.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is a big one this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released updates to address 79 vulnerabilities in .NET, .NET Framework, ASP.NET, Azure Active Directory, Azure Connected Machine Agent, Azure DevOps, Azure File Sync, Azure Site Recovery, Azure Stack, Internet Connection Sharing (ICS), Internet Shortcut Files, Microsoft ActiveX, Microsoft Azure Kubernetes Service, Microsoft Defender for Endpoint, Microsoft Dynamics 365, Microsoft Dynamics, Microsoft Edge, Microsoft Entra Jira, Microsoft Exchange Server, Microsoft Message Queuing (MSMQ), Microsoft ODBC Driver, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office Word, Microsoft Office, Microsoft Power Platform Connector, Microsoft SQL Data Provider, Microsoft Teams for Android, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Microsoft Windows, Servicing Stack Update, Skype for Business, SQL Server, Trusted Compute Base, Visual Studio, Win32k, Windows AppX, Windows DNS Client, Windows DNS Server, Windows Hyper-V, Windows Kernel, Windows LDAP, Windows Network Address Translation (NAT), Windows OLE, Windows Pragmatic General Multicast (PGM), Windows Printing Service, Windows SmartScreen, Windows USB Generic Parent Driver, Windows USB Serial Driver, and MSRT (~ 2.0 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.8.1, iOS 16.7.5, iOS 17.3, iOS 17.3.1, iPadOS 15.8.1, iPadOS 16.7.5, iPadOS 17.3, iPadOS 17.3.1, macOS 14.3, macOS 14.3.1, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, Magic Keyboard Firmware 2.0.6, Safari 17.3.1, tvOS 17.3, visionOS 1.0.3, watchOS 10.3, and watchOS 10.3.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.8.1, 16.7.5 and 17.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.8.1, 16.7.5 and 17.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.3 is a security update. Use System, Software Update to install the most current version.

visionOS 1.0.3 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 120.0.6099.235 and 121.0.6167.159 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.1.1 adds support for new hardware, AFMF and upscaling improvements, and resolves several bugs. AMD Link is being discontinued with this version. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.7.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Wacom Driver 6.4.5-5 improves reliability. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.62.162 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 122.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.7.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 121.0.6167.160 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 121.0.2277.113 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

SeaMonkey 2.53.18.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 6.5.3206.61 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

DavMail Gateway 6.2.1 is a security update.
https://davmail.sourceforge.net/

Spark 3.13.4.66391 adds deep link email sharing and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark for macOS 3.13.4.66401 adds deep link email sharing and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.7.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.8 is a security update.
https://anydesk.com/en/downloads

AnyDesk 8.0.0 for macOS is a security update.
https://anydesk.com/en/downloads

curl 8.6.0 resolves over 100 bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 192.4.4605 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 205.0.0.11.228 is a security update.
https://www.messenger.com/download

FileZilla Client 3.66.5 is a security update.
https://filezilla-project.org/

FileZilla Server 1.8.1 is a security update.
https://filezilla-project.org/

Google Drive 86.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Grocy Desktop 2.9.0 updates library and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.20 resolves over a dozen bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.1864 adds several new features, including improved domain & email integration. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0.2 resolves more than 100 bugs. This is a security update.

Homepage

Npcap 1.79 resolves a couple reliability bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 5.13.23 resolves several bugs. This is not a security udpate.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.22.1 resolves over a dozen bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.77 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.65.2 updates libraries and resolves a couple important reliability bugs. This should be treated as a security update.
https://rclone.org/

Signal 6.47.0 makes several improvements to emoji and emoticon support. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.46.7 doesn’t have a detailed changelog so should be treated as a security update.
https://signal.org/android/apk/

Skype 8.110.0.218 improves stability and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.27.3 resolves several bugs and improves CLI complettion. This is not a security update.
https://syncthing.net/

Technitium DNS Server 12.0.1 moves to .NET 8, resolves more than a dozen bugs. This is a security update.
https://technitium.com/dns/

Telegram 4.14.15 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.6.1 resolves several bugs. This is not a security update.
https://telegram.org/apps

Tigase Server 8.3.1 resolves several bugs. This is not a security update.
https://github.com/tigase/tigase-server/releases/latest

Trillian 6.5.0.38 resolves a mute bug. This should be treated as a security update.
https://www.trillian.im/

Zoom 5.17.7.31859 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.1 improves tracking, compatibility, and resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.3 adds a few new filters and modules, and resolves several bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 233 resolves several crashes and improves stability. This is not a security update.
https://grayjay.app/index.html

Kodi 20.4 resolves dozens of bugs and improves compatibility. This is a security update.
https://kodi.tv/

MediaMonkey 5.2 resolves a cosmetic bug. This is not a security update.
https://www.mediamonkey.com/windows#download

Plex Desktop 1.86.1.4076 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.55.1.4084 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.0.7998 improves native tagging, music filtering, resolves several bugs. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GDevelop 5.3.189 resolves over 20 bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.61.01 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2024.206 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-01-13 resolves dozens of bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 23.008.20533 is a security update.
https://get.adobe.com/reader

Adobe Commerce 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.3-ext-6, 2.4.2-ext-6, 2.4.1-ext-6, 2.4.0-ext-6, and 2.3.7-p4-ext-6 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-03.html

Magento Open Source 2.4.6-p4, 2.4.5-p6, and 2.4.4-p7 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-03.html

Adobe Substance 3D Painter 9.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html

Adobe Acrobat 23.008.20533 and 20.005.30574 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-07.html

Adobe FrameMaker Publishing Server 2022.2 is a security update.
https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-10.html

Adobe Audition 24.2 and 23.6.4 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-11.html

Adobe Substance 3D Designer 13.1.1 iis a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-13.html

Calibre 7.5.1 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.2 resolves a critical stability bug. This should be treated as a security update.
https://github.com/Coises/ColumnsPlusPlus

ImageMagick 7.1.1-28 updates libraries and resolves over a dozen bugs. This should be treated as a security update.
https://imagemagick.org/

Kindle for PC 2.3.70682 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 24.2.0 is the first version released with the new numbering scheme (year and month of release). This version resolves almost 300 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/

Manager 24.2.13.1295 doesn’t have any detailed changes in the changelog for the most recent several versions over the last month, so this should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.11.1 updates libraries and resolves over a dozen bugs. This is a security update.

Homepage

Notepad++ 8.6.2 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.2.1.385 resolves over a dozen bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20231120-R13_63 doesn’t provide a detailed changelog so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20231107-R9_121 doesn’t provide a detailed changelog so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

uniCenta oPOS 5.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://unicenta.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 4.3.0 resolves dozens of bugs. This is a security update.
https://www.gpg4win.org/download.html

Java 8u401 is a security update.
https://www.java.com/en/download/manual.jsp

KeePass 2.56 improves integration and search feature, resolves more than a dozen bugs. This is not a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.6.8.311 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

Microsoft Edge Policy 2024.02.06 adds blocklist for extension install types and the ability to preserve Manifest v2 availability. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

OpenSSL 3.2.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN 3.3.5 improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.14.0 is a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.64 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Symantec Norton Removal Tool 20240206 improves removal. This is not a security update.
https://support.norton.com/sp/en/us/home/current/solutions/v60392881

Tails 5.22 updates libraries, included apps, and resolves several bugs. This is a security update.
https://tails.net/install/download/index.en.html

YARA 4.5.0 resolves a dozen bugs. This is not a security update.
https://github.com/VirusTotal/yara/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.1 adds support for new encodings and resolves a couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.7.3 resolves over a dozen bugs. This is not a security update.
https://handbrake.fr/

MakeMKV 1.17.6 improves tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.1.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.1.1 adds support for denoise, improves upscaling performance, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.24 resolves several bugs, improves idle behavior, and improves integration. This should be treated as a security update.
https://1password.com/downloads/mac/
https://1password.com/downloads/windows/

Agent Ransack 2022.3420 resolves several bugs. This is not a security update.

Agent Ransack – Download

AMD Ryzen Master 2.13.0.2908 adds support for new hardware and improves Curve Optimizer settings. This is not a security update.
https://www.amd.com/en/technologies/ryzen-master

AOMEI Partition Assistant 10.3.0 adds Bitlocker support and resolves several bugs. This is not a security update.
https://www.diskpart.com/

Autoruns 14.11 fixes a parameter parsing bug. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

balenaEtcher 1.18.11 resolves a couple bugs. This is not a security update.
https://etcher.balena.io/

Bitwarden 2024.2.0 improves self-hosting controls, TOTP capture and import. This is not a security update.
https://bitwarden.com/

CCleaner 6.20.10897 improves cleaning, adds bookmark backup removal, and improves compatibility. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.09 adds support for new hardware and adds the ability to benchmark a single coreset/cluster. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.5.0 drops support for older Windows versions, adds several new raw maps, API calls, and mixer control. This is not a security update.
https://cygwin.com/

Dell Command Update 5.2.0 improves controls and notifications. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 11.16 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.7.0 improves PDF search, date-time display, adds mutliple custom editor support, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-01-20 adds support for GWS Cloud Service accounts, and resolves several bugs. This is a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything CLI 1.1.0.27 improves performance and adds x64 build. This is not a security update.
https://www.voidtools.com/

Fido 1.55 improves compatibility. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3420 resolves several bugs. This is not a security update.

FileLocator Pro – Download

Fing 3.6.1 resolves a couple bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Go 1.22.0 adds several new language constructs, improved auditing and performance, adds go/version, and enhanced routing. This is not a security update.
https://go.dev/

GoodSync 12.5.5 improves compatibility and resolves more than a dozen bugs. This is not a security update.
https://www.goodsync.com/

Hiren’s BootCD PE 1.0.4 adds several new utilities, updates libraries and applications, adds hundreds of new drives, and resolves several bugs. This is a security update.

Download

Homedale 2.10 adds support for MU-MIMO detection. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 7.72 doesn’t provide a detailed changelog so should be treated as a security update.

Download HWiNFO

Inkchip WIC 1.17 doesn’t provide a changelog so should be treated as a security update.
https://inkchip.net/wic/

Kingston SSD Manager 1.5.3.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

MS Printer Metadata Troubleshooter 1.0.0.1 is a security update.
https://support.microsoft.com/en-us/topic/kb5034510-microsoft-printer-metadata-troubleshooter-tool-december-2023-b3197f24-fd25-430d-96d2-70f2044ce6a1

OSForensics 11.0.1004 improves compatibility and resolves dozens of bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.11.0 updates libraries, adds support for new tables, and resolves several bugs. This is a security update.
https://osquery.io/downloads

PowerToys 0.78.0 updates libraries and resolves several bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

Rufus 4.4 updates libraries and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.9.7.8804 is a security update.
https://www.connectwise.com/software/control/download

SearchMyFiles 3.24 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Sysmon 15.12 resolves several stability and reliability bugs. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

Ventoy 1.0.97 adds support for FreeBSD 14.0 and resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WhyNotWin11 2.6.0.0 improves detection and resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WizTree 4.18 improves scan performance and filter behavior, improves Copy/Cut/Delete, progress bar and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomIt 8.01 adds DemoType (autotyping) support and fixes a crash. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2023.1.1.28 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.8 resolves more than a dozen bugs. This is not a security update.
https://desktop.github.com/

Microsoft Visual C++ 2022 Redistributable 14.38.33135.0 doesn’t provide a changelog so should be treated as a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

MySQL ConnectorNet 8.3.0 is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.36 is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 21.6.1 updates libraries and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/

Node.js 20.11.0 is a security update.
https://nodejs.org/en/

Python 3.12.2 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.45.1 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.86.1 resolves dozens of bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.38 improves BOM detection and resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.17.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.ppsspp.org/download/

VirtualBox 7.0.14 resolves more than a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.26 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Grocy 4.1.0 updates library and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.15.3 resolves several bugs. This is not a security update.

Home

Invision Community 4.7.15 resolves over 50 bugs. This is a security update.
https://invisioncommunity.com/

MailEnable 10.48 resolves more than a dozen bugs. This is not a security update.
https://www.mailenable.com/

ownCloud Client 5.2.1.13040 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 14.2.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.4.3 is a security update.
https://wordpress.org/

Akismet 5.3.1 resolves several bugs and improves reliability. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

BuddyPress 12.2.0 is a minor security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.8.7 improves compatibility and resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.8.1 resolves a couple bugs. This is not a security update.

Duplicator – WordPress Migration & Backup Plugin

Email Log 2.4.9 adds controls to limit actions. This is a security update.
https://wordpress.org/extend/plugins/email-log/

Redirection 5.4.2 removes Geo IP and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Social Post Feed 4.2.2 is a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.41 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WooCommerce 8.5.2 resolves a dozen bugs. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Importer 0.8.2 updates documentation and improves workflow. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

WP Cerber Security 9.6.2 updates design, adds event insights, and resolves a couple bugs. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.11.1 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WPBakery 7.4 adds built-in SEO toolkit and improves social media controls. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2023-10-10

Welcome back, Folks!

Today is Patch Tuesday for October, 2023.

This month brings a new version of macOS, version 14.0/Sonoma, an impending new Windows 11 build, and several very high profile vulnerabilities in shared code that affect thousands of applications. Vendors for some will not even discover that they’re vulnerable until their applications are used in mass hacks. The next few months are going to be ugly as this plays out.

There were 153 major hacks, and over 200 application updates this month. It’s an insane month, with about 6 GB of updates for most users.

This Month in Technology

23andMe, Accusoft ImageGear, Activision, Actors Fund Home, Air Canada, Airbus, Allegheny County, Pennsylvania, Amazon, Amerita, Android, ApexSMS, Apple iOS/iPadOS (several times), Aretis Health LLC, Arkansas Total Care, Inc., Arm chips, Arm Mali GPU drivers, Asian National Power Grid, Atlassian Confluence Data Center and Server, Atrium Health, Auckland Transport, Bermuda, Bienville Orthopaedic Specialists LLC, Bluegrass Care Navigators, BORN Ontario, Bureau van Dijk, Caesars Entertainment, Cascade Family Dental, Catawba Valley Medical Center, Charlotte Radiology, ChildFund New Zealand, Cisco Catalyst SD-WAN Manager, Cisco Emergency Responder, Cisco IOS, Citrix NetScaler, City of Dallas, Texas, Clover Health LLC, CoinEx, Colombian Government, Community First Medical Center, Cyberport, D-Link DAP-X1860 WiFi 6 range extenders, dBforums, Delta Dental of California, District of Columbia Board of Elections, DLP Central Carolina Medical Center, Donald Trump Jr.’s X account, Dr. Patty DiBlasio, PC, Duke University Health System, ECU Health, Erlanger Health, Inc., Exim, FirstHealth, Flagstar Bank, Florida’s First Judicial Circuit Court, Founder Project Rx, Inc., GitLab, glibc ld.so – standard in all modern Linux flavors, GNOME, Google Chrome (again!), all modern GPUs, Health First, Inc., Horse Isle, hotels, booking sites, and travel agencies, hundreds of known apps using Electron due to the webp vulnerability, HWL Ebsworth, indeed.com, India’s National Logistics Portal-Marine, Indiana University Health, International Criminal Court (ICC), JetBrains’ TeamCity, Johnson Controls, Jordan Valley Community Health Center, Juniper SRX firewalls and EX switches, Just Kids Dental, LabCorp, Lakeland Community College,
Lakeview Clinic, libwebp, Linux GNU C library (Looney Tunables), Lone Star Alliance, Inc, Lyca Mobile, MalindoAir, McLaren Health Care, MGM Resorts, Microsoft AI-powered Bing Chat, Microsoft AI, Microsoft Edge, Microsoft Outlook, Microsoft SharePoint Server, Microsoft Skype, Microsoft SQL Servers, Microsoft Teams, Microsoft XboxMission Health System, Mixin Network, MNGI Digestive Health, Mosaic Mental Health, Motel One Group, MOVEit (again), Mt. Graham Regional Medical Center, Nansen, National Student Clearinghouse, Navvis & Company, LLC, New Hanover Regional Medical Center, NorthStar Anesthesia, Northwestern Polytechnical University, Novant Health, NTT Docomo, Nuance Communications, Oak Valley Hospital District, Omnicell Specialty Pharmacy Services (OSPS), Openfire messaging servers, ORBCOMM, OrthoAlaska, LLC, Parkers Chapel School District, PaySystem.tech, Peach State Health Plan, Pharm-Pacc Corporation, Physical Therapy, PLLC, Physicians Insurance Company, Physio Logic Chiropractic, Piilopuoti, Pizza Hut Australia, Prospect Medical Holdings, Inc., Qualcomm GPU and Compute DSP drivers, Retool, Rock County Health Department, Rollbar, Roseman University of Health Sciences, Ryders Health Management LLC, See Tickets, Skype for Desktop, Sony Interactive Entertainment, South Florida Behavioral Health Network, Sutter North Surgery Center, T-Mobile, multiple telecommunication service providers in the Middle East, Western Europe, and South Asia, Temple University Health System, Inc., Texas Medical Insurance Company, Texas Medical Liability Trust, The Hospital for Sick Children (SickKids), TissuPath, TorchServe AI, TransUnion, Trend Micro Apex One, UNC Health, United Healthcare Services, Inc. Single Affiliated Covered Entity, United Kingdom’s Greater Manchester Police, VA Dept. of Medical Assistance Services, Vitalik Buterin’s X account, Wake Radiology Diagnostic Imaging, WakeMed Health & Hospitals, Walmart, Inc. Associates Health and Welfare Plan, WebP, Wellstar Health System, Windows 11 Theme system, 17,000 WordPress sites, and WS_FTP Servers have reportedly been hacked or compromised this month.

Auckland Transport, Bing Chat AI, Caesars, Canadian airports, Discord, Lyca Mobile, MGM, Microsoft Teams, and the Royal Family website have suffered from outages this month.

Google, Amazon, and CloudFlare have been seeing record-breaking numbers of attacks using a weakness in the HTTP/2 protocol.

Last months updates broke BitLocker, Excel, faith in Windows (forcing an incompatible application), Outlook (twice), and USB printing.

The Magecart skimming malware is now abusing online store error pages.

The UK passed the “Online Safety Bill” which, among other things, grants government (and those with an ax to grind – like LOVEINT) mandated access to all private internet conversations.

Microsoft is pushing Edge and Bing in violation of their own policies. If they treated themselves with the same rules they treat others, then microsoft.com would be blocked for distributing the BGAUpsell crapware.

PayPal is finally making news for their complicity in the latest rash of invoice scams. Netcraft is playing it off as PayPal being the victim, but they can hardly be held blameless. They’ve been supporting these scams for years.

Google will be retiring the Basic HTML view in January. Half of the ISPs in Tuolumne County will suffer as a result. Google is also now pushing Passkeys as their default authentication platform, meaning that instead of knowledge of your password, all it will take for new logins to your Google account is possession of one of your devices.

Apple iPhone 12 violates French health laws for exceeding allowable EF radiation. Apple is planning to release an update to reduce the emissions in order to comply.

Even staff in military and defense organizations can’t be trusted to use good passwords.

CISA has been slapped yet again for their government-sponsored censorship. Maybe this time it will take?

Now for the good news:

Google is now (finally!) treating unauthenticated Microsoft 365 email as spam (it is).

Google announced they’ll be supporting all Chromebooks for 10 years — twice as long as was promised before. This should massively reduce e-waste.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 6 GB in updates today. Let’s get started.

Microsoft released updates to address 105 vulnerabilities in Active Directory Domain Services, Azure, Azure DevOps, Azure Real Time Operating System, Azure SDK, Client Server Run-time Subsystem (CSRSS), HTTP/2, Microsoft Common Data Model SDK, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft QUIC, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Media Foundation, Microsoft Windows Search Component, Microsoft WordPad, Skype for Business, SQL Server, Windows Active Template Library, Windows AllJoyn API, Windows Client/Server Runtime Subsystem, Windows Common Log File System Driver, Windows Container Manager Service, Windows Deployment Services, Windows DHCP Server, Windows Error Reporting, Windows HTML Platform, Windows IIS, Windows IKE Extension, Windows Kernel, Windows Layer 2 Tunneling Protocol, Windows Mark of the Web (MOTW), Windows Message Queuing, Windows Microsoft DirectMusic, Windows Mixed Reality Developer Tools, Windows Named Pipe File System, Windows NT OS Kernel, Windows Power Management Service, Windows RDP, Windows Remote Procedure Call, Windows Resilient File System (ReFS), Windows Runtime C++ Template Library, Windows Setup Files Cleanup, Windows TCP/IP, Windows TPM, Windows Virtual Trusted Platform Module, Windows Win32K, and MSRT (~ 1.5 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Sonoma 14.0, macOS Ventura 13.6, macOS Monterey 12.7, iOS 16.7.1, iOS 17.0.3, iPadOS 16.7.1, iPadOS 17.0.3, Safari 16.6.1, Safari 17.0, tvOS 17.0, watchOS 10.0.2, watchOS 9.6.3, Xcode 15.0, Apple Service Utility, and Pro Video Formats 2.2.7. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.1 and 17.0.3 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.1 and 17.0.3 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.6.3 and 10.0.2 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 17.0 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 117.0.5938.157 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.9.3 improves game support and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.6.8 resolves several bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.2.17 resolves several bugs. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Garmin Express 7.18.3 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

GnuCash 5.4 resolves dozens of bugs. This is not a security update.
https://www.gnucash.org/

TP-Link Archer AX73 v2.0 230829 is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.58.137 is a security update.
https://brave.com/

Firefox 118.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.3.1 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 109.0.5414.168 is a security update.
https://www.google.com/chrome/

Google Chrome 117.0.5938.149 is a security update.
https://www.google.com/chrome/

Microsoft Edge 117.0.2045.60 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge WebView2 117.0.2045.60 is a security update.
https://developer.microsoft.com/en-us/microsoft-edge/webview2/

SeaMonkey 2.53.17.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 6.2.3105.58 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.9.0.57590 adds group invitations and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.9.0.57684 adds group invitations and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.3.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.3 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 7.2.2 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 8.3.0 resolves dozens of bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 184.4.6543 is a security update.
https://www.dropbox.com/

Facebook Messenger 196.0.0.4.210 is a security update.
https://www.messenger.com/download

Google Drive 82.0 increases nags and resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.6.00.27573 improves app controls. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 27.1.2 is a security update.
https://nextcloud.com/

Npcap 1.77 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 5.12.7 adds IDS/IPS, support for newer hardware, and resolves dozens of bugs. This is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Signal 6.33.0 adds the ability to edit messages. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.35.3 improves performance. This is not a security update.
https://signal.org/android/apk/

Skype 8.104.0.207 improves performance. This is not a security update.
https://www.skype.com/

Syncthing 1.25.0 resolves several bugs. This is not a security update.
https://syncthing.net/

Telegram 4.10.3 improves stability. This is not a security update.
https://telegram.org/

Telegram (Android) 10.1.0 doesn’t provide a changelog so should be treated as a security update.
https://telegram.org/apps

Trillian 6.5.0.33 is a security update.
https://www.trillian.im/

WinSCP 6.1.2 is a security update.
https://winscp.net/eng/index.php

Zoom 5.16.2.22807 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 5.0.9 improves DAWproject mapping, export, and import, and resolves a couple bugs. This is not a security update.
https://www.bitwig.com/download/

iTunes 12.12.10.1 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.79.1.3984 is a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.48.1.3982 resolves a stability bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.6.7557 resolves a dozen bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.8.2.106 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.2.175 adds collaboration for Cloud projects, simplified variable syntax. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.32.03 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.20.2 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PlayStation PS4 11.00 resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PlayStation PS5 2023.101 adds Dolby Atmos support, increased M.2 SSD size support, and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

SteamOS SteamDeck Update 2023-10-06 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Bridge 13.0.4 and 14.0.0 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb23-49.html

Adobe Commerce and Magento Open Source 2.4.7-beta2, 2.4.6-p3, 2.4.5-p5, 2.4.4-p6, 2.4.3-ext-5, 2.4.2-ext-5, 2.4.1-ext-5, 2.4.0-ext-5, and 2.3.7-p4-ext-5 are security updates.
https://helpx.adobe.com/security/products/magento/apsb23-50.html

Adobe Photoshop 24.7.1 and 25.0 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb23-51.html

Blender 3.6.4 is a security update.
https://www.blender.org/download/

Calibre 6.28.1 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.02.0 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

IcoFX 3.9 resolves several bugs, adds support for PNG, and adds several export options. This is a security update.
https://icofx.ro/

ImageMagick 7.1.1-20 is a security update.
https://imagemagick.org/

Kdenlive 23.08.1 resolves several bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.0.70350 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.5.7 is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.6.2 is a security update. The Fresh line is beta software so most people should avoid it in favor of the Still line.
https://www.libreoffice.org/

Nextcloud Desktop 3.10.0 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Paint.net 5.0.10 is a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.1.1.381 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.8.0 adds support for parsing ESE and SRUM databases, new rules and support for aggregated reports. This is not a security update.
https://github.com/countercept/chainsaw

JShelter 0.16 resolves several bugs. This is not a security update.
https://jshelter.org/install/

LibreJS 7.21.1 is a security update.
https://www.gnu.org/software/librejs/

MalwareBytes Anti-Malware 4.6.4 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.21 adds support for macOS Sonoma. This is not a security update.
https://www.malwarebytes.com/mac/

OpenSSL 3.1.3 is a security update.
https://www.openssl.org/source/

ProtonVPN (macOS) 3.3.3 resolves a couple bugs and improves user interface. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.12.1 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 12.2.0.659 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

uBlock Origin 1.52.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

elementary OS 7.1 improves privacy, color blindness, and keyboard controls, personalization, sideloading, and adds new hardware support. This is not a security update.
https://elementary.io/

Tails 5.18 is a security update.
https://tails.boum.org/install/dvd/index.en.html

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.39 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 24.0.0 is a major update adding ability to combine videos, click animations, capture pinning, and updated stamps. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.17.5 improves reliability and resolves a couple bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.1.4.4 improves compatibility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero (macOS) 6.0.27 adds macOS Sonoma compatibility and resolves a couple bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.16 resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/

Bitwarden 2023.9.1 is a security update.
https://bitwarden.com/

CCleaner 6.16.10662 changes Health Check interface. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.08 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 11.12 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.0.115.0 adds support for Filters, including *.ignore files, and resolves several bugs. This is a security update.
https://dngrep.github.io/

Fing 3.4.1 is a security update.
https://www.fing.com/products/fing-desktop-download-windows
https://www.fing.com/products/fing-desktop-download-mac

FullEventLogView 1.80 adds dark background and resolves a bug with export data. This is not a security update.
https://www.nirsoft.net/utils/full_event_log_view.html

Go 1.21.3 is a security update.
https://go.dev/

GoodSync 12.4.1 resolves several bugs. This is not a security update.
https://www.goodsync.com/

GUIPropView 1.26 adds a WindowsCount action and the ability to run as administrator. This is not a security update.
https://www.nirsoft.net/utils/gui_prop_view.html

Homedale 2.08 adds stream count column and per-monitor DPI support. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 3.93 improves performance. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Mac Migration Assistant 2.4.4.0 adds support for macOS Sonoma. This is not a security update.
https://support.apple.com/en-us/HT204087

MobileFileSearch 1.47 resolves a couple bugs. This is not a security update.
https://www.nirsoft.net/utils/mobile_device_file_search.html

NConvert 7.161 doesn’t provide a changelog so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NTLite 2023.9.9419 adds new controls. This is not a security update.
https://www.ntlite.com/download/

OSFMount 3.1.1002 resolves network access issues. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

OSForensics 10.0.1016 resolves several bugs. This is a security update.
https://www.osforensics.com/download.html

AOMEI Partition Assistant 10.2.0 adds duplicate file finder and resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 6.33 adds keyboard shortcuts. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.74.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcDump 2.2 for Linux resolves memory leaks and adds support for Azure Linux. This is not a security update.
https://sysinternals.com/

ProcessMonitor 3.96 is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

ScreenConnect 23.7.8.8676 is a security update.
https://www.connectwise.com/software/control/download

SDelete 2.05 improves command line reliability and output. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sdelete

Sysmon 1.3.1 for Linux resolves a hash bug. This is not a security update.
https://github.com/Sysinternals/SysmonForLinux/releases/

TaskSchedulerView 1.74 adds dark background support and resolves a data export bug. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

Unity 2023.1.16 adds several new features and resolves dozens of bugs. Unity also announced that they’re changing their licensing model to charge developers for each installation, even pirated installations, so this is going to end up causing a major upset in the industry, then reversed course after the outcry. This is not a security update.
https://unity3d.com/get-unity/download/archive

USBDeview 3.07 adds toolbar sorting and resolves a data export bug. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

Ventoy 1.0.96 resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WinGet 1.6.2771 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinRAR 6.24 is a security update.
https://www.rarlab.com/

WinScan2PDF 8.67 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 7.0.12 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

AutoHotkey 2.0.10 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Android Studio 2022.3.1.2 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.3 is a security update.
https://desktop.github.com/

Godot 4.1.2 resolves over a hundred bugs. This is not a security update.
https://godotengine.org/

Node.js 18.18.1 is a security update.
https://nodejs.org/en/

Node.js 20.8.0 is a security update.
https://nodejs.org/en/

Python 3.12.0 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.43.2 resolves a couple bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.15.0 updates libraries and resolves several bugs. This is a security update.
https://tortoisegit.org/

Visual Studio Code 1.83 adds several new features. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.16.5 resolves a crash bug. This is not a security update.
https://www.ppsspp.org/download/

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.5.11 is a security update.
https://drupal.org/download

HumHub 1.14.4 resolves a dozen bugs. This is not a security update.
https://www.humhub.com/en

OpenCart 4.0.2.3 updates libraries and resolves dozens of bugs. This is not a security update.
https://www.opencart.com/

ownCloud Server 10.13.2 resolves several bugs. This is not a security update.
https://owncloud.com/download-server/

phpList 3.6.14 is a security update.
https://www.phplist.org/

Akismet 5.3 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Antispam Bee 2.11.5 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

Contact Form 7 5.8.1 improves validation, email templates, and adds action hooks. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.6 fixes a couple bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

W3 Total Cache 2.5.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.1.1 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.1 resolves several bugs. This is not a security update.
https://wpbakery.com/

WP Cerber Security 9.5.8 resolves a couple bugs and adds support for auditing password resets. This is not a security update.
https://wpcerber.com/

WPtouch 4.3.54 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Happy Anniversary, my Love. I will miss you more than you’ll ever know.

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2023-06-13

Welcome back, Folks!

Today is Patch Tuesday for June, 2023.

This month brings critical security updates for all supported Apple products, the end of all non-LTS versions of Windows 10 other than v22H2 (if you aren’t sure whether you are using LTS, you aren’t), and new security updates for every browser every single week since last month. That’s on top of the 180+ major hacks, and over 220 application updates this month.

Prepare yourself, there will be about 4.5 GB of updates for most devices this month.

This Month in Technology

Accellion FTA, Aer Lingus, airBaltic, Albany ENT & Allergy Services, Alvaria, Inc., Android, 60,000 malicious Android apps, millions of Android-based devices have been  pre-infected, Apria Healthcare, ASAS Health, Ascension Providence, Ascension Seton, Asian Health Services, Atomic Wallet, Augusta, Georgia, Bank Syariah Indonesia, Barracuda Email Security Gateway appliances (since 2022), BBC, Bluefield University, Boots, Brightline, Inc., Brightly Software SchoolDude, British Airways, Builders FirstSource Flex Plan, Bukkit and CurseForge Minecraft mods, Burton Snowboards, Capita, Casepoint (used by SEC, DOD and Pentagon), Celer, Children’s Health Insurance Program, Chilean army, Cisco Secure Client (formerly AnyConnect), Cisco Small Business Series Switches, City of Dallas, Texas, Clarke County Hospital, Credit Control Corp, Culbertson Memorial Hospital, D-Link D-View 8, Discord, Earlens Corporation, thousands of eCommerce sites, Eisai, Elgon Information Systems, Emby, Enzo Biochem, Essen Medical Associates, Extreme Networks, Farmalink, Fertility Specialists Medical Group, FortiOS, Franklin Templeton Canada, Franklin, Tennessee, GIGABYTE PCs, GitLab, Globalcaja, Goodwill Industries of Greater New York and Northern NJ, Inc., Google Chrome, over 30 Chrome extensions, Grant Regional Health Center, Great Expressions Dental Centers, Harvard Pilgrim Health Care, Hillsborough County Supervisors of Elections Office, Honda, HWL Ebsworth, Idaho Falls Community Hospital, Illinois Department of Healthcare and Family Services, Illinois Department of Human Services, IMA Financial Group, Inc., Infotel JSC, Intellihartx, iOS, Iowa Department of Health and Human Services (again!), iPhones, iSpace, Inc., Israeli organizations, ITx Companies, JD Group, Jimbos Protocol, Kaspersky, KeePass, Kiddowares Parental Control – Kids Place, L3Harris, Lacroix, Lancaster Orthopedic Group, Latitude Financial Services, Lehigh Valley Health Network, Luxottica, macOS, Madhya Pradesh Power Management Co, Managed Care of North America (MCNA) Dental, Marshall Information Services, LLC dba Primary Solutions, Martinique, MedInform, Inc., MEO, Mercy Home, Mercy Medical Center – Clinton, Inc., Microsoft Azure, Microsoft Exchange, Microsoft Visual Studio, Minnesota Department of Education, Mountain View Hospital, Mountain View RediCare, MOVEit Transfer (since 2021 – and more coming almost daily), MSI, NextGen Healthcare, North Shore Medical Labs, Norton Healthcare, Nova Scotia government, Onix Group LLC, Orbiter Finance, Oyate Health Center, Pacific Union College, thousands of PaperCut servers, PartsSource, Inc. Welfare Benefit Plan, Pearland ISD, Texas, PharMerica, Amazon PillPack, Pioneer Valley Ophthalmic Consultants, PC, 30 Portuguese financial institutions, R&B Corporation of Virginia, the defunct RaidForums, RenderDoc, RentoMojo, ReportLab, Rheinmetall AG, Ruckus Wireless Admin, Sacramento County, Salesforce ‘Ghost Sites’, Samsung mobile devices, Scandinavian Airlines, ScanSource, Seoul National University Hospital, Sesame, Inc., Shell Recharge, SimpleTire, Skolkovo Foundation, Solutran, South and Southeast Asia government, aviation, and telecommunication organizations, South East Regional Organised Crime Unit, Sparta Community Hospital District, State of Illinois, Strava, Swiss government, Synergy Hematology Oncology Medical Associates, T. Rowe Price Group, Inc., Tennessee Orthopaedic Clinics, The CSC Generation Holdings, Inc. Health and Welfare Plan, The Philadelphia Inquirer, Topcon Healthcare Solutions, Inc., Tornado Cash, Toyota Motor Corporation (over a decade), TP-Link routers, Trezor T Hardware Wallet, Tron, UI Community Home Care, Uintah Basin Healthcare, United Healthcare Services, Inc. Single Affiliated Covered Entity, University of Manchester, University of Rochester, Uranium Finance, “critical US infrastructure” since 2021, US communications infrastructure, US Department of Transportation, US government contractor ABB, Valley Orthopaedic Specialists, Vascular Center of Intervention, VMware Aria Operations for Networks, VMware ESXi servers, WhizComms, Windows 10 WordPad, Windows Internet Information Services, Windows XP activation, WordPress Advanced Custom Fields, WordPress Beautiful Cookie Consent Banner, WordPress Essential Addons for Elementor, WordPress Gravity Forms, WordPress Jetpack, Zacks Investment Research, Zellis, Zimbra, and Zyxel have reportedly been hacked or compromised this month.

ASUS routers, ChatGPT, GitHub, Microsoft 365, Microsoft Azure Portal, Microsoft OneDrive, Microsoft’s Outlook.com, Reddit, and ScanSource have suffered from outages this month.

Last months updates broke HP Office Jet printers, Surface laptop cameras, VPN performance, Windows Defender, Windows file copy, and Windows printing and audio playback.

30% of all internet traffic is malicious. Is anyone really surprised? Facebook has actually made progress against phishing by suing a registrar used primarily to create phishing domains.  The .zip TLD was released this month and it is already being used for malicious purposesMozilla was pushing full-screen ads for their VPN service. Google Ads remain one of the most common sources for malware.

Amazon has been fined $30 million over Ring and Alexa privacy violations. Microsoft will pay a mere $20 million for illegally collecting data on children in violation of COPPA. Meta (Facebook) has been fined $1.3 billion for moving data to US servers.

Call of Duty players can be identified on any platform violating their privacy. The American Hospital Association (AHA) doesn’t respect your privacy. People are sacrificing their tech, crypto and privacy in hopes of 15 minutes of fame.

Ford is so concerned about their spontaneous combustion issues, they’re advising owners of their vehicles to park outside.

While I’m not a big fan of Reddit, their new API rates and policies are going to be the death of many subreddits, since they’ll result in less automation by the good guys while not reducing the automation used by the bad guys.

Apple introduced Rapid Security Response (fast patching for security issues) last month, and have already caused panic among users.

The FDA has once-again expanded its own authority in what can only result in shrinking the food supply.

As expected, OAuth provides a fancy new “watering hole” target for attackers.

Now for the good news:

Microsoft will be killing Cortana later this year.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 4.5 GB in updates today. Let’s get started.

Windows 10 and Windows 11 versions 22H2 should now be installed on all supported hardware as all prior non-LTS versions are no longer supported.

Microsoft released updates to address 1,378 bugs including 73 vulnerabilities in .NET and Visual Studio, .NET Core, .NET Framework, ASP .NET, Azure DevOps, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Power Apps, Microsoft Printer Drivers, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Codecs Library, NuGet Client, Remote Desktop Client, Role: DNS Server, SysInternals, Visual Studio, Visual Studio Code, Windows Authentication Methods, Windows Bus Filter Driver, Windows Cloud Files Mini Filter Driver, Windows Collaborative Translation Framework, Windows Container Manager Service, Windows CryptoAPI, Windows DHCP Server, Windows Filtering, Windows GDI, Windows Geolocation Service, Windows Group Policy, Windows Hello, Windows Hyper-V, Windows Installer, Windows iSCSI, Windows Kernel, Windows NTFS, Windows ODBC Driver, Windows OLE, Windows PGM, Windows Remote Procedure Call Runtime, Windows Resilient File System (ReFS), Windows Server Service, Windows SMB, Windows TPM Device Driver, Windows Win32K, and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Ventura 13.4, macOS Monterey 12.6.6, macOS Big Sur 11.7.7, iOS 15.7.6, iOS 16.5, iPadOS 15.7.6, iPadOS 16.5, tvOS 16.5, watchOS 9.5.1, Safari 16.5, iTunes 12.12.9 for Windows, and Pro Video Formats 2.2.5. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.7.6 and 16.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.7.6 and 16.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.5.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 16.5 is a security update. Use System, Software Update to install the most current version.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Ventura (13.x) means that macOS Catalina (10.15) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.5.2 resolves several bugs and improves reliability. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 9.01 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.6.4 adds command-line arguments to optimize removal and improves cleanup for AMD. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.2.11 resolves several bugs and updates libraries. This should be treated as a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Garmin Express 7.17.2 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Wacom Driver 6.4.2-3 adds training, help bar tips, and resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.52.122 is a security update.
https://brave.com/

Google Chrome 114.0.5735.133 is a security update.
https://www.google.com/chrome/

Google Chrome 109.0.5414.149 (for Windows Server 2012) is a security update.
https://www.google.com/chrome/

Microsoft Edge 113.0.1774.57 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge 109.0.1518.100 (for Windows Server 2012) is a security update.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge WebView2 114.0.1823.43 is a security update.
https://developer.microsoft.com/en-us/microsoft-edge/webview2/

Firefox 114.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Vivaldi 6.1.3035.75 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

ProtonMail (Android) 3.0.15 is a security update.
https://proton.me/mail/download

Spark 3.6.0.50235 improves stability and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.6.0.50236 improves stability and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.12.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.1.12 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 7.1.0 adds User Account support. This is not a security update.
https://anydesk.com/en/downloads

curl 8.1.2 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

DNSDataView 1.71 resolves a cosmetic bug. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 175.4.5569 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 188.0.11.164 is a security update.
https://www.messenger.com/download

FileZilla Server 1.7.2 resolves several bugs and improves Let’s Encrypt compatibility. This is not a security update.
https://filezilla-project.org/

FreeFileSync 12.3 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 76.0 is a security update.
https://drive.google.com/start

IPInfoOffline 1.70 adds support for additional IP location databases. This is not a security update.
https://www.nirsoft.net/utils/ip_country_info_offline.html

MailEnable 10.46 is a security update.
https://www.mailenable.com/

MeshCentral 2.11.7849.20089 resolves several bugs and updates libraries. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.6.00.12455 resolves several bugs and adds lobby bypass, virtual front desk, and QR code sign-in for hotdesks. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 27.0 is a major update, with updates to libraries and resolves several bugs. This is a security update.
https://nextcloud.com/

Nmap 7.94 resolves several bugs, updates libraries, and adds dozens of new signatures. This is a security update.
https://nmap.org/

Pocketnet-GUI 0.8.49 improves IPFS support, adds option to purge local storage, and resolves several bugs. This is not a security update.
https://pocketnet.app/

PushBullet 501 doesn’t provide a changelog so should be treated as a security update.
https://www.pushbullet.com/

Signal 6.20.2 improves stability and adds scroll-to for mentions. This is not a security update.
https://signal.org/download/windows/
https://signal.org/download/macos/

Signal (Android) 6.22.8 doesn’t provide a changelog so should be treated as a security update.
https://signal.org/android/apk/

Skype 8.97.0.204 resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.23.5 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 11.2 adds support for SVCB and HTTPS and unknown record types, PTR App, Weighted Round Robin App and resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 4.8.3 resolves several bugs. This is not a security update.
https://telegram.org/

USB Drive Log 1.12 adds sort-by. This is not a security update.
https://www.nirsoft.net/utils/usb_drive_log.html

Wget 1.21.4 is a security update.
https://eternallybored.org/misc/wget/

WinSCP 6.1 is a major update. This adds many features and resolves several bugs. This is a security update.
https://winscp.net/eng/index.php

Zoom 5.14.11.17466 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.9 resolves several bugs and improves tracking and interaction controls. This is not a security update.
https://en.3tene.com/

iTunes 12.12.9.4 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.70.2.3845 resolves several bugs and adds discover together. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.39.2.3822 adds sign-out and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.3.7192 adds support for new hardware and resolves several bugs. This is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GDevelop 5.1.164 resolves several bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.23.5.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

PS5 23.01-07.40.00 resolves several bugs and improves stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 22.0.10 and 23.0.2 are security updates.
https://helpx.adobe.com/security/products/animate/apsb23-36.html

Adobe Commerce and Magento Commerce 2.3.7-p4-ext-3, 2.4.0-ext-3, 2.4.1-ext-3, 2.4.2-ext-3, 2.4.3-ext-3, 2.4.4-p4, 2.4.5-p3, and 2.4.6-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb23-35.html

Adobe Experience Manager 2023.4 and 6.5.17.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb23-31.html

Adobe Substance 3D Designer 13.0.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb23-39.html

Audacity 3.3.3 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

ImageMagick 7.1.1-11 resolves dozens of bugs. This is a security update.
https://imagemagick.org/

Kdenlive 23.04.1 resolves several bugs. This is not a security update.
https://kdenlive.org/

LibreOffice Fresh 7.5.4 resolves 80 bugs. This is not a security update. Remember that the “Fresh” line is beta software so should be avoided by most users.
https://www.libreoffice.org/

LibreOffice 7.4.7 resolves over 50 bugs. While the 7.4 “Still” branch is now end of life, this should be used for the next 6 weeks before 7.5 is released as “Still.”
https://www.libreoffice.org/

Nextcloud Desktop 3.9.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.5.3 resolves over a dozen bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.6 improves cosmetics and resolves several bugs. This is not a security update.
https://www.getpaint.net/

Calibre 6.21.0 resolves several bugs and adds output formats. This is not a security update.
https://calibre-ebook.com/

Adobe Reader DC 23.003.20201 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Reader DC Patch 23.001.20174 resolves a stability bug. This is not a security update.
https://get.adobe.com/reader

Adobe Reader DC Patch (Mac) 23.001.20177 resolves a stability bug. This is not a security update.
https://get.adobe.com/reader

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.6.2 resolves a rule parsing bug. This is not a security update.
https://github.com/countercept/chainsaw

KeePass 2.54 adds triggers, global URL overrides, password generator profiles, improvements to exports and reporting, and resolves several bugs. This is not a security update.
https://keepass.info/

OpenSSL 3.1.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

OpenSSL 1.1.1u is a security update.
https://www.openssl.org/source/

ProtonVPN (macOS) 3.1.4 resolves several bugs. This should be treated as a security update.
https://protonvpn.com/download

Radmin VPN 1.3.4570.5 doesn’t provide a changelog so should be treated as a security update.
https://www.radmin-vpn.com/

RogueKiller 15.10.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SuperAntiSpyware 10.0.1252 is a security update.
https://www.superantispyware.com/download.html

Stinger 12.2.0.614 should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 5.14 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.50.0 resolves dozens of bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.6.9 should be treated as a security update.
https://github.com/Velocidex/velociraptor/releases/latest

YARA 4.3.2 is a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 29.1.2 resolves dozens of bugs. This is not a security update.
https://obsproject.com/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.1.0.8 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.9 doesn’t provide a changelog so should be treated as a security update.
https://imazing.com/heic

MakeMKV 1.17.4 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 5.1.1 resolves a couple bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.2.6 adds support for new sources and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 1.0.2.0 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.10.7 resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.10.7 resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/windows/

7-Zip 23.00 resolves several bugs and improves performance in some situations. This is not a security update.
https://www.7-zip.org/

AppResourcesUsageView 1.05 adds sort-by option. This is not a security update.
https://www.nirsoft.net/utils/app_resources_usage_view.html

BatteryHistoryView 1.05 adds sort-by option. This is not a security update.
https://www.nirsoft.net/utils/battery_history_view.html

Bitwarden 2023.5.0 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.12.10490 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

ControlMyMonitor 1.37 adds support for abbreviated IDs and improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

CurrPorts 2.75 adds support for additional IP location databases. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Dell Command Update 4.9.0 resolves several bugs and improves stability. This should be treated as a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

Dell OS Recovery Tool 2.3.7515 doesn’t provide a changelog so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

dnGrep 3.2.330.0 resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2023-05-18 resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

ESEDatabaseView 1.72 adds sort-by and open recent file support. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html

Everything 1.4.1.1024 is a security update.
https://www.voidtools.com/

Everything Toolbar 1.1.1 resolves a couple bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.50 removes inactive downloads and adds UEFI Shell 2.2 23H1. This is not a security update.
https://github.com/pbatard/Fido/releases

FileTypesMan 1.97 resolves a support annoyance. This is not a security update.
https://www.nirsoft.net/utils/file_types_manager.html

Fing 3.3.1 resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FullEventLogView 1.78 adds full screen mode. This is not a security update.
https://www.nirsoft.net/utils/full_event_log_view.html

Git SCM 2.41.0 resolves dozens of bugs. This is a security update.
https://git-scm.com/

Go 1.20.5 is a security update.
https://go.dev/

GoodSync 12.2.5 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.0.15 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

GUIPropView 1.25 adds sort-by and black background support. This is not a security update.
https://www.nirsoft.net/utils/gui_prop_view.html

Homedale 2.06 resolves a crash bug. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 7.46 resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

InstalledAppView 1.07 adds sort-by support and resolves a high-DPI bug. This is not a security update.
https://www.nirsoft.net/utils/installed_app_view.html

LastActivityView 1.37 resolves a stability bug. This is not a security update.
https://www.nirsoft.net/utils/computer_activity_view.html

LiveTcpUdpWatch 1.50 adds ASN and Organization columns, and support for additional IP location databases. This is not a security update.
https://www.nirsoft.net/utils/live_tcp_udp_watch.html

ManageWirelessNetworks 1.11 adds sort by support. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

MobileFileSearch 1.45 adds the ability to cancel search with Esc. This is not a security update.
https://www.nirsoft.net/utils/mobile_device_file_search.html

MultiMonitorTool 2.10 adds abbreviated ID support. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NetRouteView 1.40 adds several new columns and option to copy as route. This is not a security update.
https://www.nirsoft.net/utils/network_route_view.html

NetworkOpenedFiles 1.60 adds support for folder, user and computer filters. This is not a security update.
https://www.nirsoft.net/utils/network_opened_files.html

NTLite 2023.5.9257 resolves several bugs and improves compatibility. This is not a security update.
https://www.ntlite.com/download/

OpenToonz 1.7.1 resolves a stability bug. This is not a security update.
https://github.com/opentoonz/opentoonz/

OSForensics 10.0.1013 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

AOMEI Partition Assistant 10.0 is a major update with cosmetic and functional changes. This is not a security update.
https://www.diskpart.com/

PingInfoView 2.30 adds high-resolution ping time support and the ability to hide disabled items. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PointerStick 6.26 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.70.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.94 resolves a stability bug and restores Copy All functionality. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

PropertySystemView 1.20 adds CopyProperty command-line support. This is not a security update.
https://www.nirsoft.net/utils/windows_property_system_view.html

Recuva 1.53.2096 resolves a detection bug. This is not a security update.
https://www.ccleaner.com/recuva

RoboForm 9.4.8 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 4.1 resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

SimpleWMIView 1.54 adds full screen and sort-by support. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

TeamViewer 15.42.7 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.3.1 resolves dozens of bugs. This is a security update.
https://unity3d.com/get-unity/download/archive

WakeMeOnLan 1.91 updates the internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WhyNotWin11 2.5.0.5 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinGet 1.4.11071 resolves dozens of bugs and updates libraries. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinRAR 6.22 improves reliability and resolves stability bugs. This is not a security update.
https://www.rarlab.com/

WizTree 4.14.0.1 resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomIt 7.0 adds several new features including screen recording, annotation and editing. This is not a security update.
https://learn.microsoft.com/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2022.2.1.20 resolves several bugs. This is not a security update.
https://developer.android.com/studio

cx_Freeze 6.15 resolves several bugs and improves compatibility. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

Get-IMAPAccessToken 2023.5.22 resolves a bug. This is not a security update.
https://github.com/DanijelkMSFT/ThisandThat/blob/main/Get-IMAPAccessToken.ps1

GitHub Desktop 3.2.4 resolves several bugs. This is not a security update.
https://desktop.github.com/

Godot 4.0.3 provides resolution for hundreds of bugs and feature issues. This is not a security update.
https://godotengine.org/

Node.js 20.3.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Python 3.11.4 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.42.0 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Unreal Engine 5.2 adds dozens of new features and resolves several bugs. This is not a security update.
https://unrealengine.com/en-US/

Visual Studio Code 1.79.1 adds read-only, automatic copy, Git branch naming, and several other features. This is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.15.4 resolves several bugs. This is not a security update.
https://www.ppsspp.org/download/

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.10 adds Courses, improved email bounce handling, and resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

HumHub 1.14.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en

ISPConfig 3.2.10p1 resolves several bugs. This is not a security update.
https://www.ispconfig.org/ispconfig/download/

Joomla 4.3.2 is a security update.
https://www.joomla.org/

jQuery 3.7.0 resolves several bugs and integrates Sizzle directly into jQuery. This is not a security update.
https://code.jquery.com/

ownCloud Client 4.0.0.10896 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

phpList 3.6.13 improves updater process and resolves several bugs. This is not a security update.
https://www.phplist.org/

Piwigo 13.7.0 is a security update.
https://piwigo.org/

SMF 2.1.4 updates libraries and resolves several bugs. This is not a security update.
https://www.simplemachines.org/

WordPress 6.2.2 is a security update.
https://wordpress.org/

BuddyPress 11.2.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.7.7 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

myStickymenu 2.6.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Really Simple CAPTCHA 2.2 updates minimum requirements and Apache directives. This is not a security update.
https://wordpress.org/extend/plugins/really-simple-captcha/

WooCommerce 7.7.2 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Plugin Update Checker 5.1 improves GitHub and GitLab parsing and resolves a couple bugs. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

WPBakery 6.13.0 is a security update.
https://wpbakery.com/

WPtouch 4.3.53 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/