Updates 2024-03-12

Welcome back, Folks!

Today is Patch Tuesday for March, 2024.

There were 300+ major hacks, and over 175 application updates this month. It’s a small month, with about 2.3 GB of updates for most users.

This Month in Technology

Ace Air Cargo, Air Methods, Aleo, AlgoSec, Alliance Solutions Group, American Express, American Vision Partners, Android and iOS biometric information (GoldPickaxe), AnyCubic Kobra 3D printers, APK.TW, Apple Shortcuts, Assurance IQ, Auxo, Azure AD/Entra ID (Silver SAML), Baesman Group, Inc., Bangalore One, Bank of America, 61 Brazilian Banks, Bay Area Anesthesia, LLC, Benefit Design Group, Inc., Biomedical Research Institute, BlueCare Plus Tennessee, Booking.com, Bradford-Scott Data, Bright Wires, Capita, CareFirst BlueCross BlueShield Community Health Plan – District of Columbia, CareTree, Inc., Carnet-AMM, Casino Del Sol, Cencora, Centre Hospitalier D’Armentieres, CGM, Inc., Change Healthcare, Cheat-Database, Chunghwa Telecom, CIPC, CISA, Citrus Diagnostic Center, City of Dubuque Fire Department, City of Hamilton, Ontario, City of Oakley, CA, City of Pleasant Hill, CA, Coffee Beyers, Cogdell Memorial Hospital, Coinsquare, Colorado Department of Health Care Policy & Financing, Concord Music Group, Inc., ConnectWise Control/ScreenConnect, Continental Aerospace Technologies, Crossroads Equipment Lease & Finance, LLC, CUSO Financial Services, Cutout.Pro, CVS Pharmacy, Inc., David’s Bridal, Davlyn Investments, Denninger’s, Department of State Hospitals (DSH), DGA-Producer Pension & Health Plans, Dignity Health Welfare Benefits Plan, DiVal Safety Equipment, Inc, DJI, 8,000 major brands’ DNS, Duvel Moortgat Brewery, Eagers Automotive, East Carolina University’s Brody School of Medicine, Eastern Radiologists, Inc, EasyPark, EdisonLearning, Inc., Egyptian Health Department, EKEN cameras, El Al Airline, Election Commission of India, Elemetal, LLC, Empire Fidelity Investments Life Insurance Company, Employee Benefits Corporation of America, ETISALAT, Ewig Group, Facebook Marketplace, Fairway Independent Mortgage, FBI, FBinsure, fckeditor, Federal Communications Commission, Fidelity Investments Life Insurance, Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), FixedFloat, Fortinet FortiOS, Fortinet FortiProxy, Framwellgate School, FullPress, Future Generations Foundation, GCA Nederland, Gilroy Gardens, Gixen, Global Tel*Link, Golden Corral, Grace Lutheran Communities, Group Health Cooperative, Grupo Bimbo, Habib’s, Haivision MCS, Hampton County School District, Harvard Pilgrim Health Care, Hathway Cable & Datacom Limited, HAWITA Group, Health NZ, Hessen Consumer Center, Highland Health Systems, Hochschule Kempten, Hospice of Huntington, Houser LLP, Human Affairs International of California, HWL Ebsworth, Imaging Data Commons libdicom, InfoSys McCamish, Infraestructura Portuaria Mexicana, Insomniac Games, Institute of Food Technologists, Insurance ACE/Humana Inc., INTEGRIS Health, Interventional Pain and Regenerative Medicine, iSoon, Ivanti Pulse Secure, Jaypee University, Jersey’s Financial Services Commission, JFSC, Joomla, Jovani Fashions, Juniper Support Portal, JVC Kenwood, Kick, Kids Care Dental & Orthodontics, KNS Bank, La Bonne Alternance, LDLC, Leicester City Council, Lena Pope Home Inc., LenDenClub, Lindsey Municipal Hospital, Liquid Environmental Solutions, Littleton Regional Healthcare, llama.cpp GGUF library, Llamaya, loanDepot.com, LLC, Loghman Pharmaceuticals, Los Angeles International Airport (LAX), Malawi’s passport system, Maranhao Military Police, Maryville Addiction Treatment Centers, Maryville, Inc., McKenzie County Healthcare System, Inc., MedQ, Inc., Mental Health Center of North Central Alabama, Inc., Merchant.ID, Microsoft (yet again!), Microsoft .NET Framework, Microsoft Azure, 97,000 Microsoft Exchange servers, Microsoft Outlook, Microsoft Streaming Service, MicroStrategy, Ministry of Planning, Minnesota State University-Moorhead, Mirtylla, Motilal Oswal Financial Services, Mr. Green Gaming, NALS Apartment Homes LLC, National Police of Peru, Netgear RAX30, NewGen Administrative Services, LLC, North Hill Employee Dental Plan, North Hill Home Health Care, Inc., North Hill Needham, Inc., Northeast Orthopedics and Sports Medicine, PLLC, Northwestern Mutual Life Insurance, NVIDIA drivers, Oculus Meta, Odette, Online Trade (Онлайн Трейд), Opensea, Orlando VA Medical Center, P-Fleet, Pakistan National Bank, Paragon Technology and Innovation, Paul Davis Restoration, Paysign, Pennsylvania’s State Courts, PetSmart, Philips Respironics, PlayDapp, PowerRail, Prague Regional Memorial Hospital, Prince George’s County Public Schools, Procopio, Cory, Hargreaves & Savitch LLP, Prudential Financial, PSI Software SE, QEMU, QNAP NAS devices, Qualcomm Incorporated, RCI, LLC, Redis servers, Redwood Coast RC, Revolut, Richland Community College, Rio Hondo Community College, RMH Franchise, Robert Half, Roblox, Roku, Inc., Romanian medical facilities (approximately 100), Roswell Park Comprehensive Cancer Center, Royal Canadian Mounted Police (RCMP), Russian Ministry of Defense (Minoborony), SAFE Credit Union, Saint Joseph’s College of Maine, Samsung Electronics, Santa Clarita Community College District, Santa Monica-Malibu Unified School District, SCEVN, Schneider Electric, Seminole County Public Schools, Seneca, Seven Seas Group, Shein, SK Hynix, smartphone voice assistants (VoltSchemer), SolarWinds Access Rights Manager, Sony’s Insomniac Games, South Korean President, Southern Water, Spectrum Vision, SPMundi, Superior Communications, Tangerine, TeamCity, Tehachapi Unified School District, Tesla Phone Key, Texx Offroad, Thai Summit, The Biosig Project, The Northwestern Mutual Life Insurance Company (twice), ThyssenKrupp, Toner-dumping, Tornado Cash, Tracy Unified School District, Trans-Northern Pipelines, Tshwane University Of Technology, TTM Technologies, U-Haul, U.S. Department of the Interior, UAE’s IEMS, Ubiquiti Edge OS routers, UC San Diego Health Hillcrest – Hillcrest Medical Center, Ukraine’s State Environmental Inspector, UniCredit, Unisys, UNITE HERE, University of Cambridge’s Clinical School Computing Service, University of Machester, University of Wolverhampton, US Citizenship and Immigration Services, US Customs Enforcement, Valorem Reply, VARTA AG, Veeco, Vi Senior Living, Victor Valley Union High School District, Victoria Police, Virgin Hotels, Virginia Farm Bureau, VMware Cloud Foundation, VMware ESXi, VMware Fusion, VMware Workstation, VSexShop, Ward Transport & Logistics, Washington County Hospital and Nursing Home, Watson Clinic, WayForward, Webber International University, WebMarketPoint, Welltok, Inc., Western National Group, Western Union, Weston Embedded, Williamson County, TX, Windows AppLocker, Windows Defender SmartScreen, WordPress Brick Builder Theme, WordPress LiteSpeed Cache, WordPress Popup Builder, WordPress Ultimate Member, WoTLabs, Wyze, Yakima Valley Radiology, PC, YX International (2FA provider for Facebook and WhatsApp, Google, TikTok, and others), Zenlayer, Zoom, Zyxel firewalls, and ​​Harvard Pilgrim Health Care​ have reported hacking or compromises this month.

AT&T, Change Healthcare, Facebook, Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Instagram, LinkedIn, Microsoft Outlook Exchange via ActiveSync, Minnesota State University-Moorhead, Royal Canadian Mounted Police (RCMP), US military pharmacies, WhatsApp, and Wyze have suffered from outages this month.

Citrix and Sophos (both companies over 29 years old) suffered from leap year bugs this year.

Microsoft has announced they’re throwing support behind the “privacy-preserving ads API” which is designed to “less uniquely” identify users. The new system is still designed to collect and share all your interests and internet activity (in fact, the one that will be used in Edge will share your desktop/mobile experience as well as activity in other applications, as Edge does now), but it will not be used to “uniquely” identify you, rather it will collect all this information about your activities and assign your profile to various collections through a process known as meta tagging, and these tags will be used to market to you.

In this way, they’ll be able to tell you’re a divorced Christian 40-something year old female with 2 children, dark hair, wears a size 3, prefers red wine, lives within a 2-block radius of Bank of America in Modesto, orders from Papa Johns once per month and only votes every other election cycle, but they won’t know it’s “you.” Please use an ad-blocker and disable all these metric and ad-measurement features.

The “new Outlook” by Microsoft is collecting logins from third-party accounts and storing them in the Microsoft Cloud without telling their users. Email, contacts and other information from third-party accounts, as well.

While I’m on the topic of Microsoft email…after pushing for better validation and spam controls among their industry partners, Microsoft Exchange is still responsible for a large amount of spam.

Microsoft is also making another push to upgrade those still on Windows 10 to Windows 11. For some devices this means they will be aggressively force-upgraded as happened to Windows 7 users win Windows 10 was released and to some Windows 10 users when Windows 11 was released.

Apple has disabled the Epic developer account, again, claiming that they can’t be trusted. Pot, kettle?

Google Pay is shutting down in the US. If you’ve stored money within this platform you need to move it out before early June. They couldn’t keep their own payment platform alive, but Google believes their AI should be trusted with direct access to information about all hacking incidents so it can be used “for defense.” Somehow I’m just not buying it.

The first publicly known AI prompt injection worm has been created and shown to self-propagate by telling the AI to send a copy of itself through to other AI nodes.

Troy Hunt has a great write-up that demonstrates why it is so easy for scammers to get away with text scams. The vendors suck.

Now for the good news:

Bitcoin broke $73,000 yesterday for the first time, which is $30,000 more than it was at the beginning of the year and $50,000 more than it was a year ago. If you’re looking to sell, don’t. But if you must, we still have about a month of growth yet before the bull run is over. I would be surprised if it doesn’t break at least $82,000 by the first week of April.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is small this month. The typical computer should see roughly 2.3 GB in updates today. Let’s get started.

Microsoft released updates to address 69 vulnerabilities in .NET, Azure Data Studio, Azure SDK, Microsoft Authenticator, Microsoft Azure Kubernetes Service, Microsoft Django Backend for SQL Server, Microsoft Dynamics, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Intune, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft QUIC, Microsoft SharePoint Server, Microsoft Teams, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Open Management Infrastructure, Outlook for Android, Role: Windows Hyper-V, Servicing Stack Update, Servicing Stack Updates, Skype for Consumer, Software for Open Networking in the Cloud (SONiC), Visual Studio Code, Windows AllJoyn API, Windows Cloud Files Mini Filter Driver, Windows Composite Image File System, Windows Compressed Folder, Windows Defender, Windows Error Reporting, Windows Installer, Windows Kerberos, Windows Kernel, Windows NTFS, Windows ODBC Driver, Windows OLE, Windows Print Spooler Components, Windows Standards-Based Storage Management Service, Windows Telephony Server, Windows Update Stack, Windows USB Hub Driver, Windows USB Print Driver, Windows USB Serial Driver, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iOS 15.8.2, iOS 16.7.6, iOS 17.4, iPadOS 16.7.6, iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, Safari 17.4, tvOS 17.4, visionOS 1.1, and watchOS 10.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.8.2, 16.7.6 and 17.4 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.6 and 17.4 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.4 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.4 is a security update. Use System, Software Update to install the most current version.

visionOS 1.1 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 120.0.6099.301, 121.0.6167.188 and 122.0.6045.214 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.2.1 improves stability and resolves more than a dozen bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.7.3 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Nvidia Driver 474.89 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.63.169 is a security update.
https://brave.com/

Google Chrome 122.0.6261.111 is a security update.
https://www.google.com/chrome/

Microsoft Edge 122.0.2365.80 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 123.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.8.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Opera 108.0.5067.24 is a security update.
https://www.opera.com/browsers/opera

Opera GX 107.0.5045.60 is a security update.
https://www.opera.com/gx

Vivaldi 6.6.3271.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.14.3.67453 improves AI training process. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.8.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 193.4.5594 resolves stability bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 206.0.0.8.218 is a security update.
https://www.messenger.com/download

FreeFileSync 13.4 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 88.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

MeshCentral 1.1.21 resolves dozens of bugs. This is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.6058 adds several new features. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0.3 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.13.30.8 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.66.0 resolves dozens of bugs. This is not a security update.
https://rclone.org/

Signal 7.1.1 is a major update, adding username support, improved privacy controls, new emoji, and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.0.2 is a major update, adding username support, improved privacy controls, new emoji and resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Skype 8.113.0.210 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.27.4 resolves several bugs. This is not a security update.
https://syncthing.net/

Telegram 4.15.1 adds Telegram Business features and adds emoji. This is not a security update.
https://telegram.org/

Telegram (Android) 10.9.1 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

WinSCP 6.3.2 updates libraries and resolves several bugs. This is a security update.
https://winscp.net/eng/index.php

Zoom 5.17.11.34827 improves AI and resolves several bugs. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.2 improves face detection, lip sync, and resolves several bugs. This is not a security update.
https://en.3tene.com/

darktable 4.6.1 improves performance and resolves dozens of bugs. This is a security update.
https://www.darktable.org/

Grayjay 236 adds cache support, improved performance, adds watch filters, and resolves several cosmetic bugs. This is not a security update. They also announced that Grayjay Desktop will be available in the coming months. Yay! 🙂
https://grayjay.app/index.html

Kodi 20.5 updates libraries and resolves several bugs. This is a security update.
https://kodi.tv/

Plex Desktop 1.88.1.96 improves stability and resolves a cosmetic bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.57.1.100 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

TuneIn 1.28.0 doesn’t provide a change log so should be treated as a security update.
https://tunein.com/radio/home/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2024.2.0.132 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.194 adds notification support, QRCode support, one-click iOS export, resolves several bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.71.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS3 4.91 adds support for the latest BluRay encodings and improves perofrmance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

PS5 24.01-08.60.00 improves Parties, hardware support, and performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-03-07 resolves dozens of bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS 3.5.17 resolves dozens of bugs and improves compatibility and stability. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.4 and 24.0.1 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-19.html

Adobe Bridge 13.0.6 and 14.0.2 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-15.html

Adobe ColdFusion 2021.13 and 2023.7 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html

Adobe Experience Manager 2024.03 and 6.5.20.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html

Adobe Lightroom 7.2 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb24-17.html

Adobe Premiere Pro 23.6.4 and 24.2.1 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb24-12.html

Calibre 7.6.0 adds profile support, merge support, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.5 resolves a tab-to-spaces bug and adds support for notifications coming in the next version of Notepad++. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Ghostscript 10.03.0 resolves several bugs and improves OCR support. This is not a security update.
https://www.ghostscript.com/releases/gsdnld.html

ImageMagick 7.1.1-29 resolves several bugs. This is not a security update.
https://imagemagick.org/

Kdenlive 24.02.0 is a major update, adding native support for DirectX, Metal and Vulkan, Apple Silicon support, and resolves several bugs. This is not a security update.
https://kdenlive.org/

LibreOffice 7.6.5 resolves over 90 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.1 resolves almost 100 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/

Manager 24.3.10.1347 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.12.1 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.6.4 resolves a focus bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.13 resolves a couple bugs and updates libraries. This is a security update.
https://www.getpaint.net/

QuickBooks Pro 2022 20231120-R13_69 no longer provides a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20231107-R9_133 does not provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 4.3.1 adds support for new smart cards, Windows root CAs, and resolves several bugs. This is a security update.
https://www.gpg4win.org/download.html

iOS 17.4 is a security update.
https://support.apple.com/kb/HT204204

iPadOS 17.4 is a security update.
https://support.apple.com/kb/HT204204

macOS 14.4 is a security update.
https://support.apple.com/kb/HT201541

MalwareBytes Anti-Malware 4.6.9 prepares the software for the v5 release. This is not a security update.
https://www.malwarebytes.org/antimalware/

OnionShare 2.6.1 updates dependencies, updates release process, resolves several bugs. This is not a security update.
https://onionshare.org/

ProtonVPN (macOS) 4.1.7 improves stability and resolves several bugs. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.15.3 updates engine, improves exclusion and configuration controls, adds support for multiple threat names and multiple schedules. This is not a security update.
https://www.adlice.com/download/roguekiller/

SanDisk PrivateAccess 6.4.10.0 does not provide a change log so should be treated as a security update.
https://support-en.wd.com/app/answers/detailweb/a_id/48025

Stinger 13.0.0.72 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Symantec Norton Removal Tool 20240303
https://support.norton.com/sp/en/us/home/current/solutions/v60392881

Tails 6.0 is a major update, improving persistent storage support, external mounting, session resumption, and application and library updates. This is a security update.
https://tails.net/install/download/index.en.html

tvOS 17.4 is a security update.
https://support.apple.com/kb/HT202716

uBlock Origin 1.56.0 resolves dozens of bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

watchOS 10.4 is a security update.
https://support.apple.com/kb/HT204641

Wireless Network Watcher 2.41 adds option to scan IPv6 addresses. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.1 updates libraries, improves mute detection, camera mode swapping, and resolves several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.3 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.6.8 improves compabitility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.1.2 improves enlarger and upscaling, improves performance for deinterlacer and denoiser, and resolve several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.35 resolves several bugs, improves compatibility, and updates signature. This should be treated as a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.27 improves compatibility and resolves several bugs. This is not a security update.
https://1password.com/downloads/

Agent Ransack 2022.3425 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2024.3.0 adds passkey support to self-hosted version, improved 2FA, redesigned interface. This is a security update.
https://bitwarden.com/

CalyxOS Device Flasher 1.0.9 doesn’t provide a change log so should be treated as a security update.
https://calyxos.org/install/

CCleaner 6.21.10918 resolves several bugs and improves software udpater. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.5.1-1 resolves several bugs. This should be treated as a security update.
https://cygwin.com/

DesktopOK 11.17 resovles several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.27.0 improves plugin support, adds sticky scrolling, extends date filters, improves installer and resolves several bugs. This is a security update.
https://dngrep.github.io/

ExplorerPatcher 22621.3007.63.2 improves compatibility, resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FileLocator Pro 2022.3425 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FileTypesMan 2.00 adds option to exclude loading of icons which might cause it to hang or crash. This is not a security update.
https://www.nirsoft.net/utils/file_types_manager.html

Fing 3.6.2 updates signature, improves service not found page, and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Git SCM 2.44.0 resolves several bugs and improves syntax. This is not a security update.
https://git-scm.com/

Go 1.22.1 is a security update.
https://go.dev/

GoodSync 12.5.8 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

Hiren’s BootCD PE 1.0.8 updates drivers. This is not a security update.
https://www.hirensbootcd.org/download/

Homedale 2.11 improves channel width display. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.53 adds hardware support. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

MobileFileSearch 1.48 resolves a bug in export content. This is not a security update.
https://www.nirsoft.net/utils/mobile_device_file_search.html

NConvert 7.172 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NetworkOpenedFiles 1.62 adds sort button to toolbar. This is not a security update.
https://www.nirsoft.net/utils/network_opened_files.html

OSFMount 3.1.1003 improves compatibility. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

OSForensics 11.0.1006 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.79.0 rsolves dozens of bugs and updates libraries. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 23.9.10.8817 is a security update.
https://www.connectwise.com/software/control/download

Starwind V2V Converter 9.413 adds support for converting VMs to and from VirtualBox. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

Sysmon 15.14 resolves crash bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

Unity 2023.2.12 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WifiInfoView 2.93 adds support for 8.2.11be. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Windows Migration Assistant 3.0.0.0 doesn’t provide a detailed change log so should be treated as a security update.
https://support.apple.com/en-us/118595

WinGet 1.7.10582 is now officially stable, updating libraries and resolve dozens of bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinRAR 7.00 is a major version, increasing the maximum dictionary size, maximum path length, improved security tagging (MotW), and resolves dozens of bugs. This is not a security update.
https://www.rarlab.com/

WinScan2PDF 8.72 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.19 adds quick and dirty duplicate detection (name patterns only!) and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

XnConvert 1.100.1 improves batch operation. This is not a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2022.2402.1.400 improves tracking, compatibility, and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2023.2402.1.400 improves tracking, compatibility and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.3 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

ADB 35.0.0 resolves compatibility bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2023.2.1.23 updates libraries and resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.11 resolves several bugs. This is not a security update.
https://desktop.github.com/

Node.js 18.19.1 is a security update.
https://nodejs.org/en/

Node.js 20.11.1 is a security update.
https://nodejs.org/en/

Node.js 21.7.1 is a security update.
https://nodejs.org/en/

Rustup 1.27.0 improves compatibility, updates libraries, and resolves several bugs. This is not a security update.
https://www.rust-lang.org/

SQLite 3.45.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.87.2 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Workstation Player 17.5.1 is a security update.
https://customerconnect.vmware.com/downloads/#all_products

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.16 is a security update.
https://invisioncommunity.com/

Joomla 5.0.3 and 4.4.3 are security updates.
https://www.joomla.org/

Piwigo 14.3.0 is a security update.
https://piwigo.org/

Autoptimize 3.1.11 resolves several bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 12.3.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.2 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

My Sticky Bar 2.6.8 is a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Theme My Login 7.1.7 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/

W3 Total Cache 2.7.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.6.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.5 resolves several bugs. This is not a security update.
https://wpbakery.com/

WP Mail SMTP 4.0.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WP Plugin Update Checker 5.4 improves detection and resolves a couple bugs. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2023-10-10

Welcome back, Folks!

Today is Patch Tuesday for October, 2023.

This month brings a new version of macOS, version 14.0/Sonoma, an impending new Windows 11 build, and several very high profile vulnerabilities in shared code that affect thousands of applications. Vendors for some will not even discover that they’re vulnerable until their applications are used in mass hacks. The next few months are going to be ugly as this plays out.

There were 153 major hacks, and over 200 application updates this month. It’s an insane month, with about 6 GB of updates for most users.

This Month in Technology

23andMe, Accusoft ImageGear, Activision, Actors Fund Home, Air Canada, Airbus, Allegheny County, Pennsylvania, Amazon, Amerita, Android, ApexSMS, Apple iOS/iPadOS (several times), Aretis Health LLC, Arkansas Total Care, Inc., Arm chips, Arm Mali GPU drivers, Asian National Power Grid, Atlassian Confluence Data Center and Server, Atrium Health, Auckland Transport, Bermuda, Bienville Orthopaedic Specialists LLC, Bluegrass Care Navigators, BORN Ontario, Bureau van Dijk, Caesars Entertainment, Cascade Family Dental, Catawba Valley Medical Center, Charlotte Radiology, ChildFund New Zealand, Cisco Catalyst SD-WAN Manager, Cisco Emergency Responder, Cisco IOS, Citrix NetScaler, City of Dallas, Texas, Clover Health LLC, CoinEx, Colombian Government, Community First Medical Center, Cyberport, D-Link DAP-X1860 WiFi 6 range extenders, dBforums, Delta Dental of California, District of Columbia Board of Elections, DLP Central Carolina Medical Center, Donald Trump Jr.’s X account, Dr. Patty DiBlasio, PC, Duke University Health System, ECU Health, Erlanger Health, Inc., Exim, FirstHealth, Flagstar Bank, Florida’s First Judicial Circuit Court, Founder Project Rx, Inc., GitLab, glibc ld.so – standard in all modern Linux flavors, GNOME, Google Chrome (again!), all modern GPUs, Health First, Inc., Horse Isle, hotels, booking sites, and travel agencies, hundreds of known apps using Electron due to the webp vulnerability, HWL Ebsworth, indeed.com, India’s National Logistics Portal-Marine, Indiana University Health, International Criminal Court (ICC), JetBrains’ TeamCity, Johnson Controls, Jordan Valley Community Health Center, Juniper SRX firewalls and EX switches, Just Kids Dental, LabCorp, Lakeland Community College,
Lakeview Clinic, libwebp, Linux GNU C library (Looney Tunables), Lone Star Alliance, Inc, Lyca Mobile, MalindoAir, McLaren Health Care, MGM Resorts, Microsoft AI-powered Bing Chat, Microsoft AI, Microsoft Edge, Microsoft Outlook, Microsoft SharePoint Server, Microsoft Skype, Microsoft SQL Servers, Microsoft Teams, Microsoft XboxMission Health System, Mixin Network, MNGI Digestive Health, Mosaic Mental Health, Motel One Group, MOVEit (again), Mt. Graham Regional Medical Center, Nansen, National Student Clearinghouse, Navvis & Company, LLC, New Hanover Regional Medical Center, NorthStar Anesthesia, Northwestern Polytechnical University, Novant Health, NTT Docomo, Nuance Communications, Oak Valley Hospital District, Omnicell Specialty Pharmacy Services (OSPS), Openfire messaging servers, ORBCOMM, OrthoAlaska, LLC, Parkers Chapel School District, PaySystem.tech, Peach State Health Plan, Pharm-Pacc Corporation, Physical Therapy, PLLC, Physicians Insurance Company, Physio Logic Chiropractic, Piilopuoti, Pizza Hut Australia, Prospect Medical Holdings, Inc., Qualcomm GPU and Compute DSP drivers, Retool, Rock County Health Department, Rollbar, Roseman University of Health Sciences, Ryders Health Management LLC, See Tickets, Skype for Desktop, Sony Interactive Entertainment, South Florida Behavioral Health Network, Sutter North Surgery Center, T-Mobile, multiple telecommunication service providers in the Middle East, Western Europe, and South Asia, Temple University Health System, Inc., Texas Medical Insurance Company, Texas Medical Liability Trust, The Hospital for Sick Children (SickKids), TissuPath, TorchServe AI, TransUnion, Trend Micro Apex One, UNC Health, United Healthcare Services, Inc. Single Affiliated Covered Entity, United Kingdom’s Greater Manchester Police, VA Dept. of Medical Assistance Services, Vitalik Buterin’s X account, Wake Radiology Diagnostic Imaging, WakeMed Health & Hospitals, Walmart, Inc. Associates Health and Welfare Plan, WebP, Wellstar Health System, Windows 11 Theme system, 17,000 WordPress sites, and WS_FTP Servers have reportedly been hacked or compromised this month.

Auckland Transport, Bing Chat AI, Caesars, Canadian airports, Discord, Lyca Mobile, MGM, Microsoft Teams, and the Royal Family website have suffered from outages this month.

Google, Amazon, and CloudFlare have been seeing record-breaking numbers of attacks using a weakness in the HTTP/2 protocol.

Last months updates broke BitLocker, Excel, faith in Windows (forcing an incompatible application), Outlook (twice), and USB printing.

The Magecart skimming malware is now abusing online store error pages.

The UK passed the “Online Safety Bill” which, among other things, grants government (and those with an ax to grind – like LOVEINT) mandated access to all private internet conversations.

Microsoft is pushing Edge and Bing in violation of their own policies. If they treated themselves with the same rules they treat others, then microsoft.com would be blocked for distributing the BGAUpsell crapware.

PayPal is finally making news for their complicity in the latest rash of invoice scams. Netcraft is playing it off as PayPal being the victim, but they can hardly be held blameless. They’ve been supporting these scams for years.

Google will be retiring the Basic HTML view in January. Half of the ISPs in Tuolumne County will suffer as a result. Google is also now pushing Passkeys as their default authentication platform, meaning that instead of knowledge of your password, all it will take for new logins to your Google account is possession of one of your devices.

Apple iPhone 12 violates French health laws for exceeding allowable EF radiation. Apple is planning to release an update to reduce the emissions in order to comply.

Even staff in military and defense organizations can’t be trusted to use good passwords.

CISA has been slapped yet again for their government-sponsored censorship. Maybe this time it will take?

Now for the good news:

Google is now (finally!) treating unauthenticated Microsoft 365 email as spam (it is).

Google announced they’ll be supporting all Chromebooks for 10 years — twice as long as was promised before. This should massively reduce e-waste.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 6 GB in updates today. Let’s get started.

Microsoft released updates to address 105 vulnerabilities in Active Directory Domain Services, Azure, Azure DevOps, Azure Real Time Operating System, Azure SDK, Client Server Run-time Subsystem (CSRSS), HTTP/2, Microsoft Common Data Model SDK, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft QUIC, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Media Foundation, Microsoft Windows Search Component, Microsoft WordPad, Skype for Business, SQL Server, Windows Active Template Library, Windows AllJoyn API, Windows Client/Server Runtime Subsystem, Windows Common Log File System Driver, Windows Container Manager Service, Windows Deployment Services, Windows DHCP Server, Windows Error Reporting, Windows HTML Platform, Windows IIS, Windows IKE Extension, Windows Kernel, Windows Layer 2 Tunneling Protocol, Windows Mark of the Web (MOTW), Windows Message Queuing, Windows Microsoft DirectMusic, Windows Mixed Reality Developer Tools, Windows Named Pipe File System, Windows NT OS Kernel, Windows Power Management Service, Windows RDP, Windows Remote Procedure Call, Windows Resilient File System (ReFS), Windows Runtime C++ Template Library, Windows Setup Files Cleanup, Windows TCP/IP, Windows TPM, Windows Virtual Trusted Platform Module, Windows Win32K, and MSRT (~ 1.5 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Sonoma 14.0, macOS Ventura 13.6, macOS Monterey 12.7, iOS 16.7.1, iOS 17.0.3, iPadOS 16.7.1, iPadOS 17.0.3, Safari 16.6.1, Safari 17.0, tvOS 17.0, watchOS 10.0.2, watchOS 9.6.3, Xcode 15.0, Apple Service Utility, and Pro Video Formats 2.2.7. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.1 and 17.0.3 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.1 and 17.0.3 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.6.3 and 10.0.2 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 17.0 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 117.0.5938.157 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.9.3 improves game support and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.6.8 resolves several bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.2.17 resolves several bugs. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Garmin Express 7.18.3 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

GnuCash 5.4 resolves dozens of bugs. This is not a security update.
https://www.gnucash.org/

TP-Link Archer AX73 v2.0 230829 is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.58.137 is a security update.
https://brave.com/

Firefox 118.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.3.1 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 109.0.5414.168 is a security update.
https://www.google.com/chrome/

Google Chrome 117.0.5938.149 is a security update.
https://www.google.com/chrome/

Microsoft Edge 117.0.2045.60 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge WebView2 117.0.2045.60 is a security update.
https://developer.microsoft.com/en-us/microsoft-edge/webview2/

SeaMonkey 2.53.17.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 6.2.3105.58 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.9.0.57590 adds group invitations and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.9.0.57684 adds group invitations and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.3.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.3 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 7.2.2 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 8.3.0 resolves dozens of bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 184.4.6543 is a security update.
https://www.dropbox.com/

Facebook Messenger 196.0.0.4.210 is a security update.
https://www.messenger.com/download

Google Drive 82.0 increases nags and resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.6.00.27573 improves app controls. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 27.1.2 is a security update.
https://nextcloud.com/

Npcap 1.77 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 5.12.7 adds IDS/IPS, support for newer hardware, and resolves dozens of bugs. This is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Signal 6.33.0 adds the ability to edit messages. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.35.3 improves performance. This is not a security update.
https://signal.org/android/apk/

Skype 8.104.0.207 improves performance. This is not a security update.
https://www.skype.com/

Syncthing 1.25.0 resolves several bugs. This is not a security update.
https://syncthing.net/

Telegram 4.10.3 improves stability. This is not a security update.
https://telegram.org/

Telegram (Android) 10.1.0 doesn’t provide a changelog so should be treated as a security update.
https://telegram.org/apps

Trillian 6.5.0.33 is a security update.
https://www.trillian.im/

WinSCP 6.1.2 is a security update.
https://winscp.net/eng/index.php

Zoom 5.16.2.22807 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 5.0.9 improves DAWproject mapping, export, and import, and resolves a couple bugs. This is not a security update.
https://www.bitwig.com/download/

iTunes 12.12.10.1 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.79.1.3984 is a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.48.1.3982 resolves a stability bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.6.7557 resolves a dozen bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.8.2.106 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.2.175 adds collaboration for Cloud projects, simplified variable syntax. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.32.03 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.20.2 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PlayStation PS4 11.00 resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PlayStation PS5 2023.101 adds Dolby Atmos support, increased M.2 SSD size support, and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

SteamOS SteamDeck Update 2023-10-06 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Bridge 13.0.4 and 14.0.0 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb23-49.html

Adobe Commerce and Magento Open Source 2.4.7-beta2, 2.4.6-p3, 2.4.5-p5, 2.4.4-p6, 2.4.3-ext-5, 2.4.2-ext-5, 2.4.1-ext-5, 2.4.0-ext-5, and 2.3.7-p4-ext-5 are security updates.
https://helpx.adobe.com/security/products/magento/apsb23-50.html

Adobe Photoshop 24.7.1 and 25.0 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb23-51.html

Blender 3.6.4 is a security update.
https://www.blender.org/download/

Calibre 6.28.1 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.02.0 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

IcoFX 3.9 resolves several bugs, adds support for PNG, and adds several export options. This is a security update.
https://icofx.ro/

ImageMagick 7.1.1-20 is a security update.
https://imagemagick.org/

Kdenlive 23.08.1 resolves several bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.0.70350 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.5.7 is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.6.2 is a security update. The Fresh line is beta software so most people should avoid it in favor of the Still line.
https://www.libreoffice.org/

Nextcloud Desktop 3.10.0 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Paint.net 5.0.10 is a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.1.1.381 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.8.0 adds support for parsing ESE and SRUM databases, new rules and support for aggregated reports. This is not a security update.
https://github.com/countercept/chainsaw

JShelter 0.16 resolves several bugs. This is not a security update.
https://jshelter.org/install/

LibreJS 7.21.1 is a security update.
https://www.gnu.org/software/librejs/

MalwareBytes Anti-Malware 4.6.4 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.21 adds support for macOS Sonoma. This is not a security update.
https://www.malwarebytes.com/mac/

OpenSSL 3.1.3 is a security update.
https://www.openssl.org/source/

ProtonVPN (macOS) 3.3.3 resolves a couple bugs and improves user interface. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.12.1 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 12.2.0.659 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

uBlock Origin 1.52.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

elementary OS 7.1 improves privacy, color blindness, and keyboard controls, personalization, sideloading, and adds new hardware support. This is not a security update.
https://elementary.io/

Tails 5.18 is a security update.
https://tails.boum.org/install/dvd/index.en.html

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.39 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 24.0.0 is a major update adding ability to combine videos, click animations, capture pinning, and updated stamps. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.17.5 improves reliability and resolves a couple bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.1.4.4 improves compatibility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero (macOS) 6.0.27 adds macOS Sonoma compatibility and resolves a couple bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.16 resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/

Bitwarden 2023.9.1 is a security update.
https://bitwarden.com/

CCleaner 6.16.10662 changes Health Check interface. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.08 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 11.12 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.0.115.0 adds support for Filters, including *.ignore files, and resolves several bugs. This is a security update.
https://dngrep.github.io/

Fing 3.4.1 is a security update.
https://www.fing.com/products/fing-desktop-download-windows
https://www.fing.com/products/fing-desktop-download-mac

FullEventLogView 1.80 adds dark background and resolves a bug with export data. This is not a security update.
https://www.nirsoft.net/utils/full_event_log_view.html

Go 1.21.3 is a security update.
https://go.dev/

GoodSync 12.4.1 resolves several bugs. This is not a security update.
https://www.goodsync.com/

GUIPropView 1.26 adds a WindowsCount action and the ability to run as administrator. This is not a security update.
https://www.nirsoft.net/utils/gui_prop_view.html

Homedale 2.08 adds stream count column and per-monitor DPI support. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 3.93 improves performance. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Mac Migration Assistant 2.4.4.0 adds support for macOS Sonoma. This is not a security update.
https://support.apple.com/en-us/HT204087

MobileFileSearch 1.47 resolves a couple bugs. This is not a security update.
https://www.nirsoft.net/utils/mobile_device_file_search.html

NConvert 7.161 doesn’t provide a changelog so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NTLite 2023.9.9419 adds new controls. This is not a security update.
https://www.ntlite.com/download/

OSFMount 3.1.1002 resolves network access issues. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

OSForensics 10.0.1016 resolves several bugs. This is a security update.
https://www.osforensics.com/download.html

AOMEI Partition Assistant 10.2.0 adds duplicate file finder and resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 6.33 adds keyboard shortcuts. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.74.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcDump 2.2 for Linux resolves memory leaks and adds support for Azure Linux. This is not a security update.
https://sysinternals.com/

ProcessMonitor 3.96 is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

ScreenConnect 23.7.8.8676 is a security update.
https://www.connectwise.com/software/control/download

SDelete 2.05 improves command line reliability and output. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sdelete

Sysmon 1.3.1 for Linux resolves a hash bug. This is not a security update.
https://github.com/Sysinternals/SysmonForLinux/releases/

TaskSchedulerView 1.74 adds dark background support and resolves a data export bug. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

Unity 2023.1.16 adds several new features and resolves dozens of bugs. Unity also announced that they’re changing their licensing model to charge developers for each installation, even pirated installations, so this is going to end up causing a major upset in the industry, then reversed course after the outcry. This is not a security update.
https://unity3d.com/get-unity/download/archive

USBDeview 3.07 adds toolbar sorting and resolves a data export bug. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

Ventoy 1.0.96 resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WinGet 1.6.2771 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinRAR 6.24 is a security update.
https://www.rarlab.com/

WinScan2PDF 8.67 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 7.0.12 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

AutoHotkey 2.0.10 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Android Studio 2022.3.1.2 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.3 is a security update.
https://desktop.github.com/

Godot 4.1.2 resolves over a hundred bugs. This is not a security update.
https://godotengine.org/

Node.js 18.18.1 is a security update.
https://nodejs.org/en/

Node.js 20.8.0 is a security update.
https://nodejs.org/en/

Python 3.12.0 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.43.2 resolves a couple bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.15.0 updates libraries and resolves several bugs. This is a security update.
https://tortoisegit.org/

Visual Studio Code 1.83 adds several new features. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.16.5 resolves a crash bug. This is not a security update.
https://www.ppsspp.org/download/

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.5.11 is a security update.
https://drupal.org/download

HumHub 1.14.4 resolves a dozen bugs. This is not a security update.
https://www.humhub.com/en

OpenCart 4.0.2.3 updates libraries and resolves dozens of bugs. This is not a security update.
https://www.opencart.com/

ownCloud Server 10.13.2 resolves several bugs. This is not a security update.
https://owncloud.com/download-server/

phpList 3.6.14 is a security update.
https://www.phplist.org/

Akismet 5.3 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Antispam Bee 2.11.5 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

Contact Form 7 5.8.1 improves validation, email templates, and adds action hooks. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.6 fixes a couple bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

W3 Total Cache 2.5.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.1.1 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.1 resolves several bugs. This is not a security update.
https://wpbakery.com/

WP Cerber Security 9.5.8 resolves a couple bugs and adds support for auditing password resets. This is not a security update.
https://wpcerber.com/

WPtouch 4.3.54 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Happy Anniversary, my Love. I will miss you more than you’ll ever know.

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/