Updates 2010-09-09

Hey folks!

Important Notes

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Browser Updates

One or more of these are likely to be of interest to everyone.

Firefox 3.6.9 corrects nearly a dozen security issues, the worst of which could potentially be used to gain complete control over the computer. This is a security update.
  http://www.mozilla.com/en-US/firefox/

SeaMonkey 2.0.7 uses the same codebase as Firefox, so it, too, includes nearly a dozen security fixes. This is a security update.
  http://www.seamonkey-project.org/releases/

Safari 5.0.2 & 4.1.2 correct multiple security issues, with the potential for a website to execute random code on the visiting computer. This is a security update. Use the Apple Updater, or download the installer directly from the URL below.
  http://www.apple.com/safari/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 3.1.3 uses much of the same codebase as Firefox, and thus includes multiple security updates, as well as user interface and stability issues. This is a security update.
  http://www.mozillamessaging.com/en-US/thunderbird/

Codec Updates

One or more of these are likely to be of interest to everyone.

Vista Codec Package 5.8.2 updates included codecs. To install the update, you must uninstall and reinstall the application. This version works for both Windows XP and Windows Vista. Be sure to uninstall the included Bing toolbar after installing the update.
  http://shark007.net/vistacodecpackage.html

Office Updates

One or more of these are likely to be of interest to most people.

iWeb 3.0.2 updates comment and search handling, as well as other issues related to MobileMe. This is not a security update. Use the Apple updater to get the most recent updates.

Security Software Updates

One or more of these is likely to be of interest to most people.

Avast! Home Edition 5.0.677 corrects several major issues, including multiple security issues. This is a security update. If you use Avast!, get this update immediately! Use the Avast! updater, or download the update from the link below:
  http://www.avast.com/free-antivirus-download

Developer Updates

These are unlikely to be of interest to most people.

ActivePerl 5.12.2.1202 corrects multiple security issues with SSL, CGI and Safe modules, adds Y2038 compatibility and updates the bundled modules. This is a security update.
  http://www.activestate.com/activeperl/downloads

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 3.3.7 provides several minor bug fixes. This is not a security update.
  http://www.phpmyadmin.net/home_page/news.php

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2010-03-31

Hey folks!

Before I begin this time I’d like to take a moment to point out the prescient Dilbert comic from Monday. This Tuesday there were more updates released in any single day, throughout the day, than since last Fall. Many, unfortunately, will require reboots.
  http://www.dilbert.com/strips/comic/2010-03-29

Microsoft has released an out-of-cycle security update for Internet Explorer. One of the vulnerabilities it corrects is actively being exploited against IE6 and IE7, though this includes updates to IE8 as well. This is a security update. A reboot is required.
  http://update.microsoft.com/

Apple has been busy this month:

OSX 10.6.3 and update 2010-002, iPhone Configuration Utility, Final Cut Studio, iMovie, Aperture, Logic Express & Pro, and more than a dozen printer drivers (including a Bounjour Print Services client). This includes several security updates, at least four of which are remotely exploitable and in the wild now. The most common flaw within these vulnerabilities is an overrun within TIFF image processing, which effectively allows an attacker to do anything they like with your Mac if ANY of the flawed applications are installed on your machine, simply by getting you to visit a webpage. This is a security update. Use the “Apple Updater” to get the most recent versions of all affected software. If that doesn’t work (errors are raised during download, for example) use the following link to individually download and install each update (using the Apple Updater as a guide to which downloads are required):
  http://support.apple.com/downloads/

iTunes 9.1 and Quicktime 7.6.6 were also released today. These are both security updates. The vulnerabilities can be exploited simply by opening an evil site (or a trusted site with ads on it) within any browser on your computer. Ideally, you should use the Apple Updater, but if that doesn’t work for you (or you didn’t install it), you can obtain the updates at the links below. If you have iTunes installed, use:
  http://apple.com/download/itunes
Otherwise, install only the QuickTime update, and ONLY if you already have Quicktime installed:
  http://apple.com/download/quicktime

Java Runtime 6u19 adds a couple dozen bugfixes, including “mitigating” (though not exactly eliminating) more than one significant security issue. This is a security update. All users should update ASAP:
  http://www.java.com/en/download/installed.jsp?detect=jre&try=1
If you’re using a 64bit machine and use both 32bit and 64bit browsers, you should also install the 64bit version, available here:
  http://www.java.com/en/download/manual.jsp


Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.


Driver Updates
If you’re using this hardware – these updates are for you.

NVIDIA Forceware 197.13 increases performance and exposed features for several newer games. This is not a security update.
  http://www.nvidia.com/Download/index5.aspx?lang=en-us

ATI Catalyst Drivers 10.3 introduces support for various additional hardware and mobility support under Windows 7, as well as optimizations for recent games. This is not a security update.
  http://support.amd.com/us/gpudownload/Pages/index.aspx

IntelliPoint 7.1 corrects several bugs and enables repeating macros, configured through custom button assignments. This is not a security update.
  http://www.microsoft.com/hardware/download/download.aspx?category=MK


Internet Updates
One or more of these are likely to be of interest to everyone.

Firefox 3.6.2 corrects a half dozen security issues, as well as several other stability bugs. This is a security update. If you have firefox installed, update NOW!
  http://www.mozilla.com/en-US/firefox/

Hamachi 2.0.2.84 provides the simplest VPN setup I’ve ever seen. As no changelog is provided, this should be considered a security update.
  https://secure.logmein.com/products/hamachi2/

Skype 4.2.0.155 fixes a URL security bug as well as a payment issue. This is a security update.
  http://www.skype.com/getconnected/

Safari 4.0.5 is a security and stability release. This is a security update.
  http://apple.com/download/safari

Opera 10.51 corrects over 2 dozen bugs in the 10.50 version, including two remotely exploitable security bugs. This is a security update.
  http://www.opera.com/browser/

Trillian for Mac 1.0 Build 105: Universal binary and Facebook/XMPP integration! This is not a security update.
  http://trillian.im/

Trillian 1.1 for iPhone: Landscape, Facebook Chat, 7-day signout, various filters, UI improvements and more consistent connection preferences pulled from the desktop application. This is not a security update.
  Get it from the App Store.

Yahoo! Messenger 10.0.0.1258 corrects several unidentified security bugs. This is a security update.
  http://messenger.yahoo.com/

GoodSync 8.1.9 fixes a crash on uninstall, logoff issues, provides the ability to sync on a schedule, network queuing for enterprise distribution, adds a new “Good Explorer” system for navigating the remote structure, batch activations, FTP syncing fixes, SFTP security update, and adds a “Sync on Logoff” feature. This is a security update.
  http://www.goodsync.com/download/goodsync.exe

uTorrent 2.0 Build 18620 fixes a minor settings bug. This is not a security update.
  http://www.utorrent.com/

FileZilla 3.3.2.1 corrects a half-dozen bugs, including issues with site-specific bookmarks & file-renaming. This is not a security update.
  http://filezilla-project.org/download.php?type=client

SmartFTP 4.0.1085.0 fixes several issues in “find” functionality, as well as a remote browser sorting bug. This is not a security update.
  http://www.smartftp.com/download/

Miranda 0.8.17 provides two new minor features and several fixes to Gadu-Gadu, MSN Messenger and Jabber protocol handling. This is a security update.
  http://www.miranda-im.org/download/


Office Updates
One or more of these are likely to be of interest to most people.

Intuit released a 235mb update to QuickBooks that, among other things, corrects a really annoying PDF printing compatibility issue on 64bit machines, as well as Payroll and Sales Tax bug fixes (if you’ve experienced them, you know exactly what I’m talking about). This is not a security update.
  http://support.quickbooks.intuit.com/support/ProductUpdates.aspx

Scribus 1.3.6 adds new scripting functionality, usability improvements and broader color palettes, in addition to much anticipated documentation updates. This is not a security update.
  http://www.scribus.net/?q=downloads

Adobe released a security update to Premiere Elements, which should be installed by any Adobe Premier users. This is a security update. Use Help, Check for Updates, or download the updater from the link below:
  http://www.adobe.com/support/downloads/detail.jsp?ftpID=4653


Security Software Updates
One or more of these is likely to be of interest to most people.

Malwarebytes Anti-Malware 1.45 adds an update scheduler, new flash scan option, web policy blocking, stability and performance improvements, and heuristics engine updates. This is a security update.
  http://www.malwarebytes.org/mbam.php

SuperAntiSpyware 4.35.1000 introduces “Rootkit Uncover” to help detect and remove deeply hidden malware, as well as engine updates. This version also incorporates a 32/64 merged installer so if you’re downloading for multiple computers you no longer have to worry about whether it’s the right install package. This is a security update.
  http://www.superantispyware.com/superantispywarefreevspro.html
Note that SAS now provides a portable scanner, too, available here:
  http://www.superantispyware.com/portablescanner.html

AntiVir Personal 10.0.0.561 is a major update for Avira AntiVir. Several additional features (a “pile” of features according to Avira) are included in this releas, including “generic repair” (which attempts to make additional repairs to a system instead of simply deleting the infected files), ProActiv (behavior tracking), improved installation process, and (for the premium version) extensive parental control features. This is a security update.
  http://www.free-av.com/en/download/index.html


Media Updates
These are unlikely to be of interest to most people.

Picasa 3.6 Build 105.56 corrects numerous crash bugs and a couple translation errors. This is not a security update.
  http://google.com/picasa/

CDBurnerXP 4.3.0.1977 adds additional functionality, as well as a dozen bugs. This is not a security update.
  http://www.cdburnerxp.se/

ImgBurn 2.5.1.0 adds numerous features, and corrects dozens of bugs. This is not a security update.
  http://www.imgburn.com/index.php?act=download

Any Video Converter 3.04 incorporates newer codecs and hardware support. This is not a security update.
  http://www.any-video-converter.com/

Windows 7 Codec Package 2.4.5 updates several codecs, corrects several MKV handling issues, and fixes a couple interface bugs. This is not a security update.
  http://shark007.net/win7codecs.html

Vista Codec Package 5.6.5 updates several codecs and fixes a couple interface bugs. This is not a security update. Note that Vista Codec Package DOES support Windows XP. If you’re having trouble on an older machine getting web or downloaded audio or video to play, try this Codec package!
  http://shark007.net/vistacodecpackage.html


Utility Updates
These are unlikely to be of interest to most people.

VirtualBox 3.1.6.59338, the first release since the Oracle buyout of Sun, provides several dozen fixes, including stability and performance changes. This is not a security update.
  http://www.virtualbox.org/wiki/Downloads

iPhone Configuration Utility 2.2 and MobileMe Control Panel 1.5.1 both add support for the iPad, as well as correcting other issues, including the TIFF security issue detailed above. If you don’t use these applications, don’t install them. 🙂  This is a security update.
  http://support.apple.com/kb/DL926 (iPhone Config)
  http://support.apple.com/kb/DL769 (MobileMe CP)

CPU-Z 1.54 provides additional hardware detection support. This is not a security update.
  http://www.cpuid.com/cpuz.php

GPU-Z 0.4.0 includes support for newer hardware, as well as correcting a couple minor bugs. This is not a security update.
  http://www.techpowerup.com/downloads/1781/TechPowerUp_GPU-Z_v0.4.0.html

CCleaner 2.30.1130 improves performance and reliability for cleaning. This is not a security update.
  http://www.piriform.com/ccleaner/download

Microsoft has released updates to several SysInternals tools, including Process Explorer (expands upon the categorical details within each process), VMMap (correcting a mathematical error under 64bit) and DiskView (providing better disk mapping performance). This is not a security update.
  http://www.sysinternals.com/


Web Package Updates
These are likely to be of interest only to web developers.

phpMyAdmin 3.3.1 corrects a handful of bugs, primarily related to the recent user interface changes. This is not a security update.
  http://www.phpmyadmin.net/home_page/downloads.php

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2009-09-15

Hey folks!

Mozilla released an update to Firefox, to version 3.5.3, a few days ago. This update includes primarily security fixes, including remote exploits. If you have Firefox installed, you are advised to update ASAP.
  Mozilla Firefox: Help > Check for Updates
  http://www.mozilla.com/en-US/firefox/

Opera 10.0 is gold, and introduces a number of new stylization and cosmetic enhancements, as well as tools specifically designed for web developers. The’re still pushing the “Opera is all you need” stuff, though, so it will likely remain a “fringe” browser for at least the foreseeable future. That said, if you’re one of the very few actually using Opera, you should update to this most-current stable release:
  http://www.opera.com/browser/

Apple iTunes 9.0 was released over the weekend, shortly after Patch Tuesday, as Apple has become prone to doing with their cross-platform applications. This update provides a number of bug fixes, a new interface, integration of the WebKit engine (meaning that it’s essentially including a complete browser now – with all the security considerations that engenders), and now adds features like “watched folders” that have been a staple of competing products (like WinAMP and Windows Media Player) for at least a couple years. If you have iTunes *installed*, you need to install this update since it won’t be long before updates to previous versions are no longer provided or supported.
  http://www.apple.com/itunes/download/
Or use the “Apple Updater” to get the most recent version:
  Start, (All) Programs, Apple Software Update
Check everything at the TOP, but leave the bottom options unchecked.

Quicktime 7.6.4 was released concurrently, including almost exclusively security updates. If you have Quicktime installed, you need this update ASAP. You can install it by using the Apple Updater:
  Start, (All) Programs, Apple Software Update
Check everything at the TOP, but leave the bottom options unchecked. Do not install iTunes now if you do not already have it installed! Likewise, don’t install Bonjour, Safari or any other applications if they appear in the bottom half of the window – if you don’t have it already, you probably don’t need it. Alternatively, you can download the installer here:
  http://www.apple.com/quicktime/download/
Only select the option to download “QuickTime … with iTunes” if you already have iTunes installed, otherwise select the option to download only “QuickTime …” UNCHECK the two boxes below “Sign-up”, then
click the “free download now” option WITHOUT entering your email address.

If you’re using the Apple Updater you’ll also find two other new update packages:
  iPhone Configuration Utility 2.1
  MobileMe Control Panel 1.5
These packages are both designed for people using iPhone/iPod devices with their computers. If you don’t have that type of device or use it with your computer, you do not need these updates. If you *are* using an iPhone/iPod with your computer, you’ll find that these options both significantly expand the computer-based configuration options for your device(s), and will be greatly worth the time to install and learn to use them. For example, multiple devices and device profiles are now supported so you can share your computer with your spouse, without worrying that she’ll mess up your iPhone playlist. 🙂

For you Mac people, there’s another 15+ stability, security, firmware and driver updates for OSX that you should obtain through Mac Update as well, released over the course of the last week. Check back often, as this seems to be an increasing trend during the last month since the Snow Leopard release.

Sun released VirtualBox 3.0.6.52128 over the weekend, including almost exclusively stability and automation improvements. When you install the update, don’t forget to update your Virtual Machine Additions! This update is only necessary if you’re using the VirtualBox system already:
  http://www.virtualbox.org/wiki/Downloads

Miranda IM 0.8.6 was released yesterday, including primarily stability fixes with various networking protocols. While not a security update, if you use Miranda IM as your instant messaging solution, this will probably reduce the number and severity of crashes and other frustrations:
  http://www.miranda-im.org/download/

Malwarebytes Anti-Malware 1.41 was released yesterday as well, consisting primarily of performance improvements. If you have MBAM installed, this is an important update that will reduce the memory footprint as well as speed of scans & removals.
  http://www.malwarebytes.org/mbam.php

uTorrent 1.8.4 Build 16442 was released yesterday, fixing a crash with certain types of links. If you’re using uTorrent, this update will install through the automatic update feature, or you can get it here:
  http://www.utorrent.com/downloads/

For you web people…

phpMyAdmin 3.2.2 was released over the weekend, including several bugfixes and one security update, focusing almost exclusively on export functionality.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/