Updates 2023-11-14

Happy Thanksgiving, Folks!

Today is Patch Tuesday for November, 2023. It’s ugly.

This month brings a new version of Windows 11 (v23H2), critical security updates for all supported Apple products, and (literally) new security updates for every browser every single week since the last update cycle on October 10th. That’s on top of the 190+ major hacks, and over 205 application updates this month. Prepare yourself, there will be about 5 GB of updates for most devices this month.

The new Windows Copilot AI feature is now enabled by default in Windows 10 and 11, but can be disabled either in the deep settings or within group policy.

This Month in Technology

1Password, 23andMe, Accenture, Ace Hardware, Advarra, Air Canada, Air Europa, Allen & Overy, Allied Pilots Association, AlohaCare, American Family Insurance, Ampersand, Android 13, AndroidLista, Apache ActiveMQ, Apple Safari, Apple “Find My”, Atlas Healthcare CT, Atlassian Confluence, Avito, BHI Energy Health and Welfare Benefits Plan, BHI Energy I Specialty Services LLC, BHS Physician Network, Inc., Boeing, British Library, Bukalapak, BulletProftLink, Bureau van Dijk, Cadence Bank, Caesars Entertainment, Inc., Casio, CCleaner, Chess, Cisco IOS XE, City of Philadelphia, City of Victorville, California, Clark County School District (CCSD), Colonial Pipeline, Counseling and Recovery Services of Oklahoma, Crum & Forster, D-Link, Dakota Eye Institute, Deer Oaks Behavioral Health, 22 companies overseeing energy infrastructure in Denmark, District of Columbia Board of Elections, DP World Australia, Drug Free Workplaces USA, LLC, Edward C. Taylor, PhD., PL, eleHealth, Ethereum wallet system, European government email servers, F5 BIG-IP, Fidelity National Information Services, Inc., Financial Asset Management Systems, First Judicial Circuit, Fitmart, Five Guys Enterprises, LLC, Frax Outsourcing, Frazier & Deeter, LLC, Fredericksburg Foot & Ankle Center, PLC, GameSprite, GamingMonk, GPD Holdings LLC (CoinFlip), Grammarly, Greater Rochester Independent Practice Association, Inc., Growers Express, LLC, Grupo GTD, Healthsoft LLC, Helping the Aging Needy and Disabled Inc, Henry Schein, Hill International, Inc, Hospital & Medical Foundation of Paris, Inc, Hospital Sisters Health System, Indian state government, Industrial and Commercial Bank of China (ICBC)…which paid the ransom, International Criminal Court, IPM Healthcare DBA Boomerang Healthcare, Jeffco Public Schools, Juniper devices, Jupyter Notebooks, JustSystems Corporation Ichitaro, Kansas Supreme Court, Kwik Trip, Kyocera AVX Components Corporation (KAVX), La Red Health Center, LastPass, LCS Financial Services, LDLC ASVEL, Lennar Corporation, Life Generations Healthcare LLC, Lobel Financial Corporation, Longhorn Village, macOS, Marina Bay Sands, Mattson Technology, Inc., McLaren Health Care, MemeChat, Microsoft Exchange, Morrison Community Hospital, Mozi IoT Botnet, Mr. Cooper, Napa Integrated Medicine PC, NASCO, NetScaler ADC and NetScaler Gateway appliances, New York Life Insurance Company, Northern Iowa Therapy PC, Okta (again and again), OrthoAlaska, LLC, Oscar Insurance Company of Florida, Pacific Clear Vision Institute, Pacific Union College, Peerstar LLC, Pennsylvania General Store, peplink Surf SOHO, Perry Johnson & Associates, Personify Care, Pharmacy Group of Mississippi, LLC, Phoenix, Pisenti & Brinker LLP, Postmeds, Inc./Truepill, Progress Software MOVEit, Progressive Leasing, Prolific Puma, Pypl, QNAP QTS, Radius Global Solutions, RagnarLocker ransomware, Redcliffe Labs, Refresco Beverages US Inc., Resort Data Processing, Inc., Revival Animal Health, Riverside County Office of Education, Roundcube Webmail, Royal Elementor, Samsung Galaxy S23, San Diego PACE, San Francisco Jazz Organization, Sberbank, Seiko, Shadow PC, Simpson Manufacturing, Singing River Health System, 1 million Windows and Linux hosts using SMBv1, SoftEther VPN, SolarWinds Access Rights Manager, South River Technologies Titan MFT and Titan SFTP, Sphero, Stanford University, Stars Arena, State of Maine, Sumo Logic, Sun Life Financial, Sutter Health, SysAid, Taylored Service Parent Co., TeamCity, The Chattanooga Heart Institute, The Commerce Insurance Company (MAPFRE Insurance), The Hilb Group Operating Company, LLC, The Newtron Group, LLC, Toronto Public Library, Toumei, Town of Iowa, Louisiana, Transaction Data Systems, TransForm, Tri Counties Bank, Tri-City Medical Center, Trigona ransomware gang, Trust Benefit Technologies, LLC, Tunngle, 11 Ukrainian telcos, University Federal Credit Union, University of Michigan, University of Missouri, User Submitted Posts WordPress plugin, Veeam ONE IT, Vidio, VMware vCenter Server, VMware vRealize Log Insight, WACOSA, Wescom Central Credit Union, West Texas Gas, Westat, Inc., Western Washington Medical Group, Weston Embedded uC-HTTP HTTP Server, Women Political Leaders Summit, WS_FTP, Wyze Cam v3, Yifan YF325, Zhefengle have reportedly been hacked or compromised this month.

In what should be no surprise to 40,000 people, yes, leaving the default “admin” password will get you hacked.

Cloudflare, OpenAI/ChatGPT, Outlook.com, and the Toronto Public Library have suffered from outages this month.

Last months updates broke .NET 6.0 security patches, .NET 7.0 security patches, Apple device integration with Enterprise Single Sign On, Hosted Exchange, HP motherboards, Hyper-V, Microsoft 365 admin system, Microsoft 365, MS Office, Outlook Desktop, Rivian infotainment systems, Veeam RCT, VMware ESXi, Windows desktop icons, Windows Server 2022 VMs on VMware ESXi, Windows Update, and WSUS.

Microsoft violated (again) their promise not to push bloatware on LTSC.

Microsoft also introduced over 110 security vulnerabilities (discovered so far…) to Microsoft 365 by integrating SketchUp 3D capabilities.

Sadly, Microsoft has also disabled the free upgrade to Windows 10 from Windows 7 and 8. Until about a month ago it was still possible to upgrade older machines to Windows 10 without having to purchase a license. Now it is no longer possible.

Microsoft has also changed Authenticator behavior to suppress notifications for “risky sign-ins.” The idea is that when a login occurs from an unlikely source, somewhere you have not logged in before or a country you’re unlikely to be in, they can prevent the out-of-the-blue popup asking if you’re trying to log in. Unfortunately, if you’ve reused passwords, or used weak passwords, then this will increase the likelihood of a random calls “from microsoft” or “your IT department” asking you to “verify that you still have access to account” by opening the authenticator and actively approving the login. This kind of UI behavior teaches people to be less wary since they have to then go out of their way to “prove” themselves, which is something most humans innately want to do. It’s going to be bad. To reduce the risk please use strong, unique, random passwords to lessen the risk of successful password spraying attacks.

Microsoft extended the security update support period for Windows Server 2012 to October 2026.

LBRY, Inc is finally throwing in the towel after years of fighting the SEC. LBRY is the organization behind the best (IMHO) video and data sharing service in the world, and was targeted because the federal government chooses not to understand crypto. LBRY is dead, long live LBRY!

The US is leading an alliance to never pay ransom to cybercriminals. A US court has ruled that it is not a privacy violation for your car to harvest your contacts, texts and call logs even when you do not grant those permissions. The SEC has charged SolarWinds and their CISO with fraud over the massive hack in late 2020.

Not only is it foolhardy to assume that any automated system could prevent abuse by 100% of the advertisers, Google’s own data shows that the number of malicious ads they have detected has increased by over 50% in the last year.

The “they have detected” clause is the important takeaway from that statement. Google has over a thousand dedicated people within their ad review department whose sole purpose is to detect and block malicious advertisements, and ads that violate any other policies. Even with that, many people that interact with ads still don’t realize they’re advertisements or are taken to malicious or fraudulent sites. They simply can not detect all malicious advertisements.

Now that Google is pushing a new ad-blocker war via YouTube, it’s actually increasing the number of people that realize that they can, and should, take action to block advertisements. Is it any wonder why people are increasingly blocking ads? You should, too. Start with uBlock Origin. Blocking advertisements is not just about security, though, it could help save the planetNeed help? Ask.

Moody’s has downgraded the US financial outlook to “negative”.

Now for the good news:

According to the CDC there are now record-high childhood vaccine refusals across the country. It’s about time.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released updates to address 83 vulnerabilities in .NET Framework, ASP.NET, Azure, Azure DevOps, Microsoft Dynamics, Microsoft Dynamics 365 Sales, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Remote Registry Service, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Search Component, Microsoft Windows Speech, Open Management Infrastructure, Tablet Windows User Interface, Visual Studio, Visual Studio Code, Windows Authentication Methods, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Compressed Folder, Windows Defender, Windows Deployment Services, Windows DHCP Server, Windows Distributed File System (DFS), Windows DWM Core Library, Windows HMAC Key Derivation, Windows Hyper-V, Windows Installer, Windows Internet Connection Sharing (ICS), Windows Kernel, Windows NTFS, Windows Protected EAP (PEAP), Windows Scripting, Windows SmartScreen, Windows Storage, and MSRT (~ 2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Monterey 12.7.1, macOS Ventura 13.6.2, macOS Sonoma 14.1.1, iOS 15.8, iOS 16.7.2, iOS 17.1.1, iPadOS 15.8, iPadOS 16.7.2, iPadOS 17.1.1, Safari 17.1, tvOS 17.1, and watchOS 10.1.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.8, 16.7.2, and 17.1.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.8, 16.7.2, and 17.1.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.1.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 118.0.5993.123/124 and 114.0.5735.339 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 39-1.5 is a major update, adding cosmetic, networking, security and other improvements, and updates libraries. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.11.1 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 12.0.0 is a major update with a redesign, improves search and resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Display Driver Uninstaller 18.0.6.9 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.2.19 updates libraries and resolves several bugs. This is a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Nvidia Driver 474.66 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Samsung DeX 2.4.1.22 doesn’t provide a change log so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

Wacom Driver 6.4.4-3 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.60.114 resolves dozens of bugs. This is a security update.
https://brave.com/

Google Chrome 119.0.6045.123 is a security update.
https://www.google.com/chrome/

Microsoft Edge 119.0.2151.58 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 119.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.4.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 6.4.3160.42 is a security update.
https://vivaldi.com/

Microsoft Edge WebView2 119.0.2151.44 is a security update.
https://developer.microsoft.com/en-us/microsoft-edge/webview2/

Email Updates

One or more of these are likely to be of interest to everyone.

DavMail Gateway 6.2.0 updates dependencies and resolves several bugs. This is a security update.
https://davmail.sourceforge.net/

Spark 3.10.2 adds Spark Integrations and +AI to improve automation and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.10.2.61166 adds Spark Integrations and +AI to improve automation and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.4.2 resolves several bugs. This is not a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.6 adds dark mode, improves key handling, improves UI, and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 7.2.3 vastly improves key handling and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.57 improves compatibility with Opera. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.4.0 adds support for IPFS and resolves more than 100 bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 186.4.6207 improved hard drive space controls. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 199.0.0.9.236 is a security update.
https://www.messenger.com/download

FileZilla Client 3.66.1 improves stability and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 13.1 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 84.0 is a security update.
https://drive.google.com/start

Microsoft Teams 1.6.00.29964 adds SMS notifications, unique join links, workflows within channels and resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 27.1.3 is a security update.
https://nextcloud.com/

Npcap 1.78 is a security update.
https://nmap.org/npcap/

Pocketnet-GUI 0.8.67 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.64.2 resolves several bugs. This should be treated as a security update.
https://rclone.org/

Signal 6.38.0 improves contact management, voice and video calls. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.39.3 improves contact management. This is not a security update.
https://signal.org/android/apk/

Skype 8.106.0.212 resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.26.0 resolves several bugs. This should be treated as a security update.
https://syncthing.net/

Technitium DNS Server 11.5.3 resolves several bugs. This follows shortly after a security update, so should be treated as a security update.
https://technitium.com/dns/

Telegram (Android) 10.2.3 doesn’t provide a changelog so should be treated as a security update.
https://telegram.org/apps

Telegram 4.11.8 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.16.6.24712 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.13 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.0.11 resolves several bugs. This is not a security update.
https://www.bitwig.com/download/

iTunes 12.13.0.9 is a security update.
https://www.apple.com/itunes/download/

Picard 2.10 is a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.81.0.4012 adds Discover Together and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.50.1.4014 improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.8.7639 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.20 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.8.2.108 improves stability. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.180 resolves several bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.23.10_1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Minecraft Server (Bedrock) 1.20.41.02 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 17.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 23.02-08.20.02 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

SteamOS SteamDeck Update 2023-11-13 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat and Reader DC 23.006.20380 is a security update.
https://get.adobe.com/reader

Adobe Acrobat and Reader 20.005.30539 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb23-54.html

Adobe After Effects 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb23-66.html

Adobe Animate 23.0.3 and 24.0 are security updates.
https://helpx.adobe.com/security/products/animate/apsb23-61.html

Adobe Audition 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/audition/apsb23-64.html

Adobe Bridge 13.0.5 and 14.0.1 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb23-57.html

Adobe ColdFusion 2021.12 and 2023.6 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html

Adobe Dimension 3.4.10 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb23-62.html

Adobe FrameMaker Publishing Server 2022.1 is a security update.
https://helpx.adobe.com/security/products/framemaker/apsb23-58.html

Adobe InCopy 18.5.1 and 19.0 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb23-60.html

Adobe InDesign 18.5.1 and 19.0 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb23-55.html

Adobe Media Encoder 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb23-63.html

Adobe Photoshop 24.7.2 and 25.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb23-56.html

Adobe Premiere Pro 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html

Adobe RoboHelp Server 11.5 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html

Artweaver 7.0.16 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Audacity 3.4.1 adds musical view, pitch controls, and resolves a dozen bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 3.6.5 doesn’t provide a detailed change log so should be treated as a security update.
https://www.blender.org/download/

Calibre 6.29.0 resolves several bugs, improves zoom control, and adds a command line option to open a new instance. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.02.1 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GIMP 2.10.36 is a security update.
https://www.gimp.org/

ImageMagick 7.1.1-21 is a security update.
https://imagemagick.org/

Kdenlive 23.08.3 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.1.70471 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Krita 5.2.1 improves various features and resolves dozens of bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice 7.5.8 resolves more than a dozen bugs. This is not a security update.
https://www.libreoffice.org/

Manager 23.11.13.1143 resolves several bugs. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.10.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.5.8 resolves more than a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.11 resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.1.2.382 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

QuickBooks Pro 2022 R13_09 improves migration assistant and resolves several bugs. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 R6_25 resolves resolves a major billing bug. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2024 20230817-R3_61 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

SumatraPDF 3.5.2 resolves several bugs. This is not a security update.
https://www.sumatrapdfreader.org/download-free-pdf-viewer

Security Software Updates

One or more of these is likely to be of interest to most people.

JShelter 0.17 adds several new controls and features. This is not a security update.
https://jshelter.org/install/

KeePass 2.55 resolves more than a dozen bugs and adds several new features. This is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.6.5 improves compatibility and resolves a couple bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.1.4 is a security update.
https://www.openssl.org/

ProtonVPN (macOS) 4.0.0 improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.13.0 is a security update.
https://www.adlice.com/download/roguekiller/

Stinger 12.2.0.664 adds support for several new detections. This should be considered a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1258 is a security update.
https://www.superantispyware.com/download.html

Tails 5.19 is a security update.
https://tails.boum.org/install/dvd/index.en.html

Tron 2023-10-17 is a security update.
https://www.bmrf.org/repos/tron/

uBlock Origin 1.53.4 improves stability.
https://github.com/gorhill/uBlock/releases/latest

Wireless Network Watcher 2.40 adds columns for IPv6 Address and Link Local IPv6 Address. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.0.0 is a major update which removes support for older platforms, adds support to new features and capabilities, and resolves over 50 bugs. This should be treated as a security update.
https://obsproject.com/

SnagIt 24.0.1 resolves several bugs, improves performance and adds output to Teams. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.0.4 resolves dozens of bugs and adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 20231114 adds caption decoding. This is not a security update.
https://ffmpeg.org/ffmpeg.html

StreamFab 6.1.4.9 improves compatibility and resolves dozens of bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.0.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.30 is a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

.NET Runtime 7.0.13 and 8.0.0 are security updates.
https://dotnet.microsoft.com/en-us/download/dotnet

1Password 8.10.18 resolves over a dozen bugs. This is not a security update.
https://1password.com/

Agent Ransack 2022.3416 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AMD Ryzen Master 2.11.2.2659 is a security update.
https://www.amd.com/en/technologies/ryzen-master

AOMEI Partition Assistant 10.2.1 improves compatibility. This is not a security update.
https://www.diskpart.com/

Beyond Compare 4.4.7.28397 improves stability and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 2023.10.1 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.17.10746 improves junk cleaning. This is a security update.
https://www.ccleaner.com/

CurrPorts 2.76 adds option to show only incoming TCP connections. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Dell Command Update 5.1.0 is a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

Dell OS Recovery Tool 2.3.2.7523 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 11.13 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.0.129.0 updates libraries and resolves several bugs. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2023-11-01 adds support for secret rotation, resolves a couple bugs, and improves compatibility. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.3.2 resolves a couple bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.52 adds support for Windows 11 23H2. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3416 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.5.1 improves stability and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Go 1.21.4 is a security update.
https://go.dev/

GoodSync 12.4.5 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

HDD Raw Copy 1.20 doesn’t provide a change log so should be treated as a security update.
https://hddguru.com/software/HDD-Raw-Copy-Tool/

HWiNFO 7.66 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

Java 8u391 is a security update.
https://www.java.com/en/download/manual.jsp

NConvert 7.163 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NetworkInterfacesView 1.35 adds support for IPv6 addresses and IPv6 DNS servers. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

NTLite 2023.11.9477 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.10.2 is a security update.
https://osquery.io/downloads

PingInfoView 3.01 adds support for IPv6, sorting, reporting improvements, and resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.75.1 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.5.4 reduces nags and resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 4.3 adds support for Windows 11 23H2, improves compatibility, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.8.5.8707 is a security update.
https://www.connectwise.com/software/control/download

Sysmon 15.11 improves performance and resolves a couple bugs. This is a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon

TcpLogView 1.40 adds option to show only incoming connections. This is not a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

VMMap 3.4 adds support for .NET 6 and higher. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/vmmap

WinGet 1.6.3133 adds support to configure behavior and resolves several bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.68 improves performance and reliability. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.16 adds several new features, cosmetic and reliability improvements, and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomIt 7.2 adds highlighter and blur and microphone selection. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

ADB 34.0.5 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2022.3.1.21 resolves a couple issues with Gradle. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.5 resolves several bugs. This is not a security update.
https://desktop.github.com/

Godot 4.1.3 resolves several bugs. This is not a security update.
https://godotengine.org/

Microsoft Visual C++ 2022 Redistributable 14.36.33130.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

MySQL ConnectorNet 8.2.0 updates libraries and resolves a couple bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.35 resolves over a dozen bugs. This is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 18.18.2 is a security update.
https://nodejs.org/en/

Node.js 20.9.0 is a security update.
https://nodejs.org/en/

Node.js 21.2.0 resolves several bugs, updates libraries, and provides dozens of improvements. This is a security update.
https://nodejs.org/en/

SQLite 3.44.0 provides more than a dozen improvements and bug fixes. This should be treated as a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.84.2 resolves several bugs. As of 1.84 Microsoft has dropped support for 32-bit versions of Visual Studio. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.34 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.16.6 resolves several bugs. This is not a security update.
https://www.ppsspp.org/download/

VirtualBox 7.0.12 resolves dozens of bugs. This should be treated as a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.0 resolves dozens of bugs. This is a security update.
https://www.humhub.com/en

Invision Community 4.7.14 resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

Joomla 5.0.0 and 4.4.0 are both major updates with many new features, compatibility improvements, and bug fixes. These are not security updates.
https://www.joomla.org/

ownCloud Client 5.1.2 is a major update improving compatibility, performance, stability and resolving many bugs. This is not a security update.
https://owncloud.com/desktop-app/

ownCloud Server 10.13.2 updates depenendencies and resolves several bugs. This is a security update.
https://owncloud.com/download-server/

WordPress 6.4.1 is the third update to WordPress in the last month, following several security issues.
https://wordpress.org/

Autoptimize 3.1.10 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 11.4.0 improves stability and compatibility. This is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.8.2 improves stability and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.7 resolves a couple bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar (formerly myStickymenu) 2.6.5 rebrands, adds a couple features, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.66 improves compatibility and resolves a notification bug. This is not a security update.
https://wordpress.org/extend/plugins/postie/

Show IDs 1.1.10 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

W3 Total Cache 2.6.0 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.2.2 resolves several bgus. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.10.0 improves OAuth integration and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WP Plugin Update Checker 5.3 resolves a couple bugs. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

WPBakery 7.2 adds AI support and resolves several bugs. This is not a security update.
https://wpbakery.com/

WPtouch 4.3.55 resolves several bgus. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2023-09-12

Welcome back, Folks!

Today is Patch Tuesday for September, 2023.

This month has been insane. There were 223 major hacks, and over 170 application updates this month. Each browser and several other apps released at least weekly security updates. It’s a very big month, with about 5 GB of updates for most users.

This Month in Technology

16shop, A-Family Dental Care Center PC, Absolute Dental Services, Adobe Acrobat & Reader, Alberta Dental Services Corporation, Allison Transmission Inc., AMD CPUs, AmeriBen, American National Group, LLC, Android TV, Anonfiles, Apache’s RocketMQ, Asian national electricity grid, The Associated Press Stylebook, Associates in Pediatric Dentistry, ASUS routers, Atlas VPN, Atmeltomo, a major auction house, Avada WordPress Theme and Plugin, Ayush Jharkhand, AzeroCloud, Baesman Group, Inc., Balancer, Barracuda Email Security Gateway (ESG), Beverly Hills Plastic Surgery, Binance, Bloom Health Centers, Blue Cross Blue Shield of Arizona, Byju’s, CareSource, CentroMed, CERT Poland, Chicago IVF, Church of England Debenham High School, Church of England St. Augustine Academy, Cisco Adaptive Security Appliance (ASA), Cisco BroadWorks, Cisco Firepower Threat Defense (FTD), Cisco VPN, Citrix NetScaler, Citrix ShareFile, Cleveland City Schools, Clorox, CloudNordic, Coastal Orthopedics, Cobra DocGuard, CODESYS V3, Coffee Meets Bagel, Coinbase, Colorado Department of Health Care Policy & Financing, CraftRise, Cummins Behavioral Health Systems, CyberPower PowerPanel, Cypher, Data Media Associates, Dataprobe iBoot, Dell Compellent, Detroit Central City Community Mental Health, Discord, Discord.io, DuoLingo, Dymocks Booksellers, El Salvadoran government, a south African electrical utility, EMS Management and Consultants Inc, Energy One Limited, Enzo Clinical Labs, Inc., Exactly Protocol, Florida Healthy Kids, Ford SYNC3, Forever 21, France’s Pôle emploi, Free Download Manager, Freecycle, Geico, Gemini North Observatory, GitLab, Google Chrome, Google Looker Studio, Harbor Protocol, Harris Center for Mental Health and Intellectual and Developmental Disabilities, Health Care Service Corporation, Health Employers Association of BC, Highgate Wood School, Illinois Department of Public Health, iMenu360, Indiana University Health, Intel CPUs, iPhone iMessage, Israel’s Mayanei Hayeshua hospital, iTrust Wellness Group, Ivacy VPN, Ivanti Avalanche, Ivanti MobileIron, Ivanti Sentry, IXPERTA, Japan’s Cybersecurity Agency (NISC), Jefferson Health, Jobzone, Johnson & Johnson Health Care Systems, Juniper EX switches, Juniper SRX firewalls, Jupiter X Core, Just Kids Dental, Kroll (that’s appropriate), Leaseweb, Libbitcoin, Lifeline Health Systems, Lincoln SYNC3, LinkedIn, LogicMonitor, Lolek Bulletproof Hosting, MacOS, Madera County, Magellan Rx Management, Maiden Erlegh Trust, Manipulated Caiman, Maximus Health Services Inc, McAlester Regional Health Center, Mend.io, MGM Resorts International, Microsoft 365 corporate accounts, Microsoft Azure Active Directory, Microsoft’s PowerShell Gallery, Milan Eye Center, MinIO, Missouri Department of Social Services, Morris Hospital & Healthcare Centers, Mountain View Family Practice, PC, Nice Pak Products Inc., Norfolk and Suffolk police, Nova Scotia government, NPO Mashinostroyeniya, NVIDIA D3D10 Driver, NXP, O’Neil Digital Solutions, LLC, OAS Engine, Openfire, Orrick, Herrington & Sutcliffe, Pampling, Paramount Global, PCC Pediatric EHR Solutions, Performance Health Technology, PHPFusion, Pizza Hut Australia, PlayCyberGames, Poland’s PKP railway, Police Service of Northern Ireland (PSNI) —  twice, Prime Therapeutics, Prince George’s County Public Schools, Prospect Medical Group, Prospect Medical Holdings, PurFoods/Mom’s Meals, QakBot, Radius Global Solutions, Ranhill Utilities Berhad, Rapattoni, Resort Data Processing, Respublikinė Vilniaus Psichiatrijos Ligoninė, Rightbiz, Rite Aid, Roberto Polizzi, RocketSwap, Sabre, Schneck Medical Center, See Tickets, Seiko, Serco, Inc., SevenRooms, Seville, Spain, Singing River Health System, Sourcegraph, South African National Defence Force, SouthCoast Medical Group, LLC, Sovos Compliance LLC, Spring WebFlux, Sri Lankan Government, St. Paul Public Schools, Stake.com, Starmount Life Insurance Co, SUNY at Buffalo School of Dental Medicine, SysInformation Healthcare Services, LLC, Terra, Tesla, Three Crowns Park, Tift Regional Medical Center, TitleMax, Topgolf Callaway, TP-Link Tapo, TRACT Radiology, TTEC Healthcare Solutions, a UK internet backbone infrastructure provider, UK Metropolitan Police, UK Ministry of Defence, Ukrainian Military, United Bankshares, Inc., United Healthcare Services, Inc., UnitedHealthcare, University of Massachusetts Chan Medical School, University of Michigan, University of Sydney, University of Utah, UofL Health, US Department of Defense (DoD), US Drug Enforcement Administration (DEA), US energy company, US Government email servers, Vecino Health Centers, Venus Protocol, Virginia Dept. of Medical Assistance Services, Viva Air, VMware’s Aria Operations for Networks, VNS Health Plans, WebDetetive, WinRAR, Zaun, Zengo, Zimbra Collaboration Suite, Zoom ZTP, and Zunami have reportedly been hacked or compromised this month.

Coffee Meets Bagel, German Federal Financial Supervisory Authority (BaFin), Hotmail, Midwest Hospital Group, Rogers, Square, and Toyota have suffered from outages this month.

Last months updates broke Microsoft Exchange, MSI BIOS compatibility, Windows drive partitions, Windows EFI boot loader, Windows Group Policy, Windows LAPS, Windows Search, Windows Time service, and Windows Update for Business.

The new Microsoft Edge for Business release was such a disaster that enterprise customers are moving to Chrome and Firefox.

Facebook Messenger has become a major target of phishing. Again. So is Microsoft Teams.

The fallout from the LastPass hack last year is still coming to light, including repeated hijacks of large cryptocurrency accountsAt the time we were assured that since the data was “strongly encrypted” that there was no chance of accounts being exposed. It seems that faith was misplaced. 

Microsoft will finally be eliminating WordPad. This isn’t really that surprising since all supported versions of Windows are now born with MS Office already installed.
What is less surprising is that they’re also killing off Visual Studio for Mac and disabling support for older TLS versions in the next few months, which is likely to prevent many network and automation apps from working. 

Another ransomware key decryptor is now available.

The Taliban is working with Huawei to install facial detection cameras. Experian Consumer Services has been caught spamming, to the tune of $650k. The Federal Trade Commission has publicly named 130 healthcare firms sharing user information with third parties through web trackers.

Google has added a new feature in Chrome, “Privacy Sandbox,” to use your browsing history to show ads. Turn it all off.

Now for the good news:

There may finally be a good reason to use Microsoft Paint. It will soon have the ability to remove photo backgrounds. And — this is hard for me to believe — Apple, yes that Apple, is supporting the California State “Right to Repair” bill.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released updates to address 73 vulnerabilities in .NET, .NET Core, .NET Framework, 3D Builder, 3D Viewer, AMD CPU Branch, Azure DevOps, Azure HDInsights, Microsoft Azure Kubernetes Service, Microsoft Dynamics, Microsoft Dynamics Finance & Operations, Microsoft Edge, Microsoft Exchange Server, Microsoft Identity Linux Broker, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Word, Microsoft PostScript Printer Driver, Microsoft Streaming Service, Microsoft Windows Codecs Library, Servicing Stack Update, Visual Studio, Visual Studio Code, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Defender, Windows DHCP Server, Windows GDI, Windows Internet Connection Sharing (ICS), Windows Kernel, Windows Photo Import API, Windows Scripting, Windows TCP/IP, Windows Themes, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Ventura 13.5.2, macOS Monterey 12.6.9, macOS Big Sur 11.7.10, iOS 16.6.1 and 15.7.9, iPadOS 16.6.1 and 15.7.9, watchOS 9.6.2, and tvOS 16.6. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.6.1 and 15.7.9 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.6.1 and 15.7.9 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.6.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 16.6 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 115.0.5790.182 and 108.0.5359.242 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Ventura (13.x) means that macOS Catalina (10.15) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.9.1 resolves a stability bug. This is not a security update.
https://www.amd.com/en/support

BullZip PDF Printer 14.4.0.2963 updates translations. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Crucial Storage Executive 9.07 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.6.7 improves cleanup and resolves a couple bugs. This is a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.2.14 adds several new controls and translations. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Garmin Express 7.18.3 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

GSLite 20230809 is a security update.
https://www.bullzip.com/products/pdf/download.php

TP-Link Archer A6 v3 230828 is a security update.
https://www.tp-link.com/us/support/download/archer-a6/v3/#Firmware

TP-Link Archer AX21 v1.20 230829 is a security update.
https://www.tp-link.com/us/support/download/archer-ax21/v1.20/#Firmware

Wacom Driver 6.4.3-1 adds support for newer hardware and resolves a couple bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.57.62 is a security update.
https://brave.com/

Firefox 117.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.2.1 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 116.0.5845.187 is a security update.
https://www.google.com/chrome/

Iridium 2023.09.116 is a security update.
https://iridiumbrowser.de/

Microsoft Edge 116.0.1938.81 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.2.3105.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.46 adds the icon to dialogs and resolves an empty field bug. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

ProtonMail (Android) 3.0.16 doesn’t provide a detailed changelog so should be treated as a security update.
https://proton.me/mail/download

Spark 3.8.3 resolves several bugs. This should be treated as a security update.
https://sparkmailapp.com/

Thunderbird 115.2.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.1.16 improves localization. This is not a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.56 improves cosmetics. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Dropbox 182.4.6427 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 195.0.0.4.225 is a security update.
https://www.messenger.com/download

FileZilla Server 1.7.3 is a security update.
https://filezilla-project.org/

FreeFileSync 13.0 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 80.0 improves performance, installation size and resolves several bugs. This is not a security update. Note that Windows 8, Windows Server 2012, and 32-bit Windows of all flavors are no longer supported — you can still access your files through Firefox on these devices.
https://drive.google.com/start

Grocy 4.0.3 improves performance and resolves several bugs. This is not a security update.
https://grocy.info/

Grocy Desktop 2.7.0 improves compatibility. This is not a security update.
https://github.com/grocy/grocy-desktop

IPInfoOffline 1.70 adds support for sapics IP-Location. This is not a security update.
https://www.nirsoft.net/utils/ip_country_info_offline.html

jq 1.7 is the first update in 5 years and doesn’t disappoint. This build adds several new functions, logical structures, stability, output formats, and resolves dozens of bugs. This is not a security update.
https://jqlang.github.io/jq/

Microsoft Teams 1.6.00.22378 doesn’t provide a changelog so should be treated as a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 27.0.2 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

PuTTY 0.79 resolves a dozen bugs. This is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Rclone 1.64.0 adds new backends, multithreaded transfers, and resolves dozens of bugs. This is not a security update.
https://rclone.org/

Signal 6.30.1 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.31.2 improves performance. This is not a security update.
https://signal.org/android/apk/

Skype 8.102.0.211 expands AI integration and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.24.0 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 11.4.1 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 4.9.5 ads several new bot web-app features and resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.0.1 doesn’t provide a changelog so should be treated as a security update.
https://telegram.org/apps

Trillian 6.5.0.31 resolves several bugs. This is not a security update.
https://www.trillian.im/

Wget2 2.1.0 adds support for sitemaps, certificate validation, improves recursion, and resolves a dozen bugs. This is a security update.
https://gitlab.com/gnuwget/wget2/-/releases

Zoom 5.15.12.21574 adds several new features (and the ability to disable!) to their integrated AI Companion offering. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.12 resolves several bugs. This is not a security update.
https://en.3tene.com/

Picard 2.9.2 resolves a dozen bugs and improves update detection behavior. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.78.2.3975 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.47.1.3971 resolves a couple networking bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.8.0.98 updates libraries and runtimes, improves debugging capabilities, and resolves dozens of bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.2.172 resolves several bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.23.8.1 resolves several bugs and adds new palette controls, tagging and GUI elements. This is not a security update.
https://www.lego.com/en-us/ldd

Minecraft Server (Bedrock) 1.20.15.01 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 16.1.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS5 23.01-07.61.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Connect 12.4.1 is a security update.
https://helpx.adobe.com/security/products/connect/apsb23-33.html

Adobe Experience Manager 6.5.18.0 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb23-43.html

Adobe Reader DC 23.006.20320 and 20.005.30524 are security updates.
https://get.adobe.com/reader

Blender 3.6.2 resolves several bugs. This is not a security update.
https://www.blender.org/download/

Calibre 6.26.0 adds support for new hardware, new stylization options, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.01.2 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

Kdenlive 23.08.0 adds support for several new formats, improved hardware support and performance, and resolves several bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.0.70301 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.5.6 resolves over 50 bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.6.1 provides over 400 new features and bug fixes. This is not a security update. Remember that the “Fresh” line is beta software and the “Still” line should be used wherever possible.
https://www.libreoffice.org/

Nextcloud Desktop 3.9.4 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.5.7 is a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.9 resolves several bugs and improves stability. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.1.0.380 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Runtime 7.0.11 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Chainsaw 2.7.3 updates dependencies, adds new rules, and resolves export data issues. This is not a security update.
https://github.com/countercept/chainsaw

DNSQuerySniffer 1.95 adds support for sapics IP geolocation. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

JShelter 0.14 improves performance, internationalization, and resolves several bugs. This is not a security update.
https://jshelter.org/install/

Kaspersky Removal Tool 20.0.6.0 doesn’t provide a changelog so should be treated as a security update.
https://support.kaspersky.com/viruses/utility

MalwareBytes Anti-Malware 4.6.2 improves detection, internationalization, and resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 1.1.1w is a security update.
https://www.openssl.org/source/

ProtonVPN (macOS) 3.3.2 resolves several bugs and adds B2B WPN support. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.12.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 5.17 is a short follow-on to a critical security update in 5.16.1. This version adds new printer drivers and enables all drivers by default (which I personally think is a horrible idea) and updates libraries. This is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.52.0 improves performance and stability, adds new operators, and resolves several bugs. This is a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.7.0 adds several new features and many bug fixes. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 23.2.1 updates libraries, improves output options, and resolves several bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.1.1.5 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

PDF Creator 5.1.2 is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.4.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 1.0.3.0 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.27 resolves several bugs and adds support for macOS Sonoma. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.10.13 resolves dozens of bugs and updates libraries. This should be treated as a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.10.13 resolves dozens of bugs and updates libraries. This should be treated as a security update.
https://1password.com/downloads/windows/

Agent Ransack 2022.3406 resolves a compatibility bug. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2023.8.3 doesn’t provide a changelog so should be treated as a security update.
https://bitwarden.com/

CCleaner 6.15.10623 adds and updates cleaning rules. This is not a security update.
https://www.ccleaner.com/

CintaNotes 3.14 is *finally* released. This version resolves several stability and reliability bugs. This is not a security update.
https://cintanotes.com/download

CPU-Z Installer 2.07 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.4.9 resolves several bugs. This is a security update.
https://cygwin.com/

DesktopOK 11.08 improves compatibility and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.80 adds high DPI support, ability to run unelevated, an elevation switch, and a dark background option. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

dnGrep 4.0.69.0 adds pause/resume support, improved print output, and updates libraries. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2023-09-06 resolves several bugs and improves compatibility. This is a security update.
https://github.com/simonrob/email-oauth2-proxy

ESEDatabaseView 1.74 resolves a couple bugs. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html

Fido 1.51 improves compatibility. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3406 resolves a compatibility bug. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FileTypesMan 1.98 adds sort menus and buttons. This is not a security update.
https://www.nirsoft.net/utils/file_types_manager.html

Git SCM 2.42.0 resolves dozens of bugs. This is not a security update.
https://git-scm.com/

Go 1.21.1 is a security update.
https://go.dev/

GoodSync 12.3.6 resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 7.62 doesn’t provide a changelog so should be treated as a security update.
https://www.hwinfo.com/download/

HWMonitor 1.52 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 3.91 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.3.3 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NConvert 7.155 improves HEIC and TIFF support. This is not a security update.
https://www.xnview.com/en/nconvert/

NTLite 2023.8.9408 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Open-Shell 4.4.191 resolves over a dozen bugs and improves compatibility. This is not a security update.
https://github.com/Open-Shell/Open-Shell-Menu

PointerStick 6.31 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.73.0 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

QuickSetDNS 1.35 improves high DPI support, adds menu and toolbar controls, and keyboard support. This is not a security update.
https://www.nirsoft.net/utils/quick_set_dns.html

RoboForm 9.5.2 resolves several bugs. This is not a security update.
https://www.roboform.com/

ScreenConnect 23.6.8.8644 resolves dozens of bugs. This is not a security update.
https://www.connectwise.com/software/control/download

TraceRouteOK 3.33 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Unity 2023.1.12 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

Ventoy 1.0.95 resolves a couple bugs and adds new distros. This is not a security update.
https://www.ventoy.net/en/index.html

WifiInfoView 2.91 resolves a detection bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinGet 1.5.2201 resolves a couple bugs and is now available through the PowerShell Gallery. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WizTree 4.15 improves deletion detection and display, TSV support, and updates translations. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2022.3.1.19 adds several new features. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.8 resolves several parsing and key mapping bugs. This is not a security update.
https://www.autohotkey.com/download/

GitHub Desktop 3.3.1 adds support for commit signing, repository rules, fixes several bugs and improves output, contrast, and accessibility. This is not a security update.
https://desktop.github.com/

Node.js 16.20.2 is a security update.
https://nodejs.org/en/

Node.js 18.17.1 is a security update.
https://nodejs.org/en/

Node.js 20.6.1 is a security update.
https://nodejs.org/en/

Python 3.11.5 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.43.1 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.82.1 adds several new features and improves accessibility. This is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.16 adds support for new backends, resolves dozens of bugs, and improves reliability. This is not a security update.
https://www.ppsspp.org/download/

Web Package Updates

These are likely to be of interest only to web developers.

Grocy 4.0.3 is a major update improving compatibility, adds several new features, improved calculations and field support, and dozens of bug fixes. This should be treated as a security update.
https://github.com/grocy/grocy

Invision Community 4.7.13 resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

Joomla 3 is now end of life (EOL). *Please* upgrade to Joomla 4 as soon as possible.
https://www.joomla.org/announcements/release-news/5894

Joomla 4.3.4 resolves several bugs. This is not a security update.
https://www.joomla.org/

jQuery 3.7.1 resolves several bugs. This is not a security update.
https://code.jquery.com/

ownCloud Server 10.13.1 resolves dozens of bugs. This is not a security update.
https://owncloud.com/download-server/

WordPress 6.3.1 resolves several bugs. This is not a security update.
https://wordpress.org/

BuddyPress 11.3.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Idea Publisher 1.0.9 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/idea-publisher/

Social Post Feed 4.2 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

W3 Total Cache 2.4.1 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.0.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Cerber Security 9.5.7 adds and extends 2FA support. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.9.0 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WP Plugin Update Checker 5.2 improves compatibility. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-09-13

Welcome back, Folks!

Today is Patch Tuesday for September, 2022. This month brings new major versions of iOS, tvOS, watchOS, and impending new versions of Windows 11 and Windows 10. That’s on top of the 120 major hacks, and over 150 application updates this month. Even with all that, it’s actually a pretty light month, with only about 3 GB of updates for most users.

This Month in Technology

Advanced (NHS MSP), Akamai, Akasa Air, Albanian government, Ally Bank, Amazon, Argentina’s Judiciary of Córdoba, Armed Forces General Staff agency of Portugal (EMGFA), Atlantic Dialysis Management Services, Atlassian Bitbucket Server, an “automotive supplier“, Avamere Health Services LLC, Baker & Taylor, Banorte, Block, BOGA Group, Bombardier Recreational Products (BRP), BrandNewTube, BSA Hospice of the Southwest, California Department of Corrections and Rehabilitation (CDCR), Celanese Medical Plan, Center Hospitalier Sud Francilien (CHSF), Cerebral Medical Group, P.A., Chester Upland School District, Chile Consumer Protection Agency, Chile’s government, Cisco (more), Common Ground Healthcare Cooperative, Conifer Revenue Cycle Solutions, CorrectHealth, CS.MONEY, Damart, DaVita Inc., DESFA, DigitalOcean, Dominican Republic’s Instituto Agrario Dominicano, DoorDash, EmergeOrtho, energy providers worldwide, Entrust, Eurocell, Family Medicine Centers, Farmville Internal Medicine, First Street Family Health, Forsyth County medical office, Franklin College, General Bytes, General Health System, Gestore dei Servizi Energetici SpA (GSE), Go-Ahead, Health Advantage, Henderson & Walton Women’s Center, P.C., Holdcroft Motor Group, HP Support Assistant, Hyundai, InterContinental Hotels Group PLC (IHG), IRS, Japan government, KeyBank, Kickstarter (?), LA USD (more), Lamoille Health Partners, LastPass, Lee County Emergency Medical Services, Liberty Counsel, MailChimp, Major Cineplex, Major Development PCL, Medical Mutual of Ohio, Methodist Craig Ranch Surgical Center, Methodist McKinney Hospital, Microsoft Teams, Montenegro government (and lied about it), Mossad, Nelnet Serving, Neopets, Nereus Finance, New Free DAO, NorthStar HealthCare Consulting LLC, Northwestern Medical Center, Novant Health, over 130 organizations via Okta, OMNI Healthcare, INC, OneTouchPoint, Onyx Technology LLC, Orange Cyberdefense, Overlake Medical Center & Clinics, Plex, Practice Resources LLC, Priti Patel Physician PC, Prowers  County Hospital District, PT Jasamarga Tollroad Operator, QNAP Photo Station, QuestionPro, Rug Pull Finder, Samsung, San Diego American Indian Health Center, San Francisco 49ers, Sando, Savannah College of Art and Design, Sephora, SFERRA, Sheppard Robson, Shipyaari, ShitExpress, Signal, SitePoint, South Staffordshire Water, Specialized Treatment Facility, Sri Lanka Department of Examinations, Starlink’s Dishy McFlatface, START.ru, Stratford University, TAP Air Portugal, Tesla cars, The North Face, TikTok, Trinity Health, Tulsa Tech, Twilio, Twitter, U-Haul, UK’s National Health Service, USAble Mutual Insurance Company, Valley Baptist Medical Center – Brownsville, Valley Baptist Medical Center – Harlingen, Warner Norcross & Judd, Xinai Electronics, and Zimbra Collaboration Suite have reportedly been hacked or compromised this month.

75% of retailers and 52% of supply chains report being hacked in 2021. Those numbers don’t reflect well on the security state of the nation. 🙁

Patreon fired their entire security department. What this means for you: if you’re still using Patreon, now is the best time to stop.  The Zoom installer can get you hacked. Facebook and Twitter will soon be shunning the CIA. (/sarc)

After updates last month, MS Office would crash if you floated your mouse over Outlook contacts. The version was pulled, but a new version wasn’t released until today. Microsoft released a virus definitions update that falsely identified every Electron app as malware on September 4th (the Labor Day holiday weekend). While it took only 13 hours before they released a fix, it was 13 hours too long for many who thought their browsers had been compromised. Edge 105 wouldn’t start if you had policies enabled relating to data reporting. Completely removing the policies was the only workaround. Tabs are coming to Windows Explorer in a “Moment.” I think they should probably call them Hot Flashes. Or Whims.

The only significant outages this month were Microsoft Azure and Microsoft 365.

End-of-life (EOL) means end-of-life. Don’t expect vendors to fix critical vulnerabilities in EOL hardware or software. Usually. This is a win for Apple. This isn’t. And this is just sad.

Google finished their purchase of Mandiant. Even Lloyd’s of London is taking a page out of the terrorism handbook. The IoT (Internet of Things) is far less secure than they claim. In an approach that could only be described as inevitable, the anti-cheat software used to prevent cheating in a video game is being abused to hack computers with it installed.

The concept of software “permissions” is fatally flawed. While this article only demonstrates how it effected the clipboard, it’s a timely reminder to keep your camera and mic physically disabled whenever possible.

When the Federal government has no respect for the law, is it any surprise that law enforcement are tracking you without warrants. Duh.

Now for the good news:

While there’s not a lot of good news in tech, we can at least have some fun with it. Check out these barcode ponies.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is about average this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates to address 64 vulnerabilities in .NET and Visual Studio, .NET Framework, Azure Arc, Cache Speculation, HTTP.sys, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Network Device Enrollment Service (NDES), SPNEGO Extended Negotiation, Visual Studio Code, Windows Common Log File System Driver, Windows Credential Roaming Service, Windows Defender, Windows Distributed File System (DFS), Windows DPAPI (Data Protection Application Programming Interface), Windows Enterprise App Management, Windows Event Tracing, Windows Group Policy, Windows IKE Extension, Windows Kerberos, Windows Kernel, Windows LDAP – Lightweight Directory Access Protocol, Windows ODBC Driver, Windows OLE, Windows Photo Import API, Windows Print Spooler Components, Windows Remote Access Connection Manager, Windows Remote Procedure Call, Windows TCP/IP, Windows Transport Security Layer (TLS), and MSRT (~3 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 12.5.6 and 16.0, iPadOS 15.6.1, macOS Big Sur 11.7, macOS Monterey 12.5.1 and 12.6, Safari 15.6.1 and 16.0. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 12.5.6 and 16.0 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.6.1 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 16.0 is a security update. Use System, Software Update to install the most current version.

watchOS 9.0 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 105.0.5195.112 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The new versions of Windows 10 and Windows 11 are expected within the next month. This release is the first in Microsoft’s new “Moments” behavior. We knew this would eventually happen last year when they threw in the towel on their 6-month OS release cadence and switch to a 1-year cadence, then last month announced that they would instead release a new major build every 3 years but release smaller feature updates (called “Moments”) whenever they wanted to. I think they missed their chance to call them “Whims”. If their recent cadence changes demonstrate anything, it’s that it’s all on a Windows Whim anyway. 🙂

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.8.2 resolves several bugs and improves compatibility. This is not a security update.
https://www.amd.com/en/support

BullZip PDF Printer 14.0.0.2944 removes features. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Dymo Connect for Desktop 1.3.2.18 improves compatibility, but still not supported on Windows 11. This is not a security update.
https://www.dymo.com/label-makers-printers/labelwriter-label-printers/dymo-labelwriter-450-duo-thermal-label-printer/SAP_1752267.html

Intel Driver and Support Assistant 22.5.34 improves stability and resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.43.89 is a security update.
https://brave.com/

Google Chrome 105.0.5195.102 is a security update.
https://www.google.com/chrome/

Microsoft Edge 105.0.1343.33 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 104.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 102.2.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 5.4.2753.47 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.5 is a security update.
https://getmailspring.com/

Thunderbird 102.2.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.14 is a security update.
https://anydesk.com/en/downloads

curl 7.85.0 resolves over a hundred bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 156.4.4908 improves context menu behavior. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 159.0.0.23.221 is a security update.
https://www.messenger.com/download

FreeFileSync 11.25 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 63.0 is a security update.
https://drive.google.com/start

Mumble 1.4.274 resolves over a dozen bugs. This is not a security update.
https://www.mumble.info/

Nextcloud Server 24.0.5 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Nmap 7.93 is a security update.
https://nmap.org/

Npcap 1.71 is a security update.
https://nmap.org/npcap/

Omada Software Controller 5.5.6 improves reliability, compatibility, and resolves an access bug. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-GUI 0.8.11 resolves several bugs. This is not a security update.
https://pocketnet.app/

Signal 5.58.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://signal.org/download/windows/

Skype 8.87.0.406 resolves several bugs and adds quoting for all content types. This is not a security update.
https://www.skype.com/

Syncthing 1.21.0 resolves two bugs and adds several new features. This is not a security update.
https://syncthing.net/

Telegram 4.1.1 resolves several bugs. This is not a security update.
https://telegram.org/

Trillian 6.5.0.24 improves reliability, media and diagnostics. This is not a security update.
https://www.trillian.im/

WinSCP 5.21.3 resolves a couple bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.11.11.8425 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.4 resolves several bugs. This is not a security update.
https://en.3tene.com/

iTunes 12.12.5.1 is a security update.
https://www.apple.com/itunes/download/

Picard 2.8.3 resolves a crash bug. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.53.1.3225 improves watchlist, resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.25.1.3248 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.28.2.6151 resolves a stability bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.2.1 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.8.1.37 adds several new features, removes redundant and unused features, and resolves over 150 bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.22.8.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

PS4 10.0 adds zoom and magnify options in the browser, and improves Remote Play. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PS5 22.02-06.00.00 adds dozens of new features and bug fixes. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2022.08.18 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 21.0.12 and 22.0.8 are security updates.
https://helpx.adobe.com/security/products/animate/apsb22-54.html

Adobe Bridge 12.0.3 and 11.1.4 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb22-49.html

Adobe Experience Manager 6.5.14.0 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html

Adobe Illustrator 23.5 and 25.4.8 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-55.html

Adobe InCopy 17.4 and 16.4.3 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb22-53.html

Adobe InDesign 17.4 and 16.4.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb22-50.html

Adobe Photoshop 22.5.9 and 23.5 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-52.html

Adobe Reader DC 22.002.20212 is a security update.
https://get.adobe.com/reader

Calibre 6.4.0 adds several new management and organizational features, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Krita 5.1.0 resolves dozens of bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.4.1 adds over 500 bug fixes and features changes. This is a security update. Please remember that LibreOffice Fresh is beta software. Most users should use LibreOffice Still.
https://www.libreoffice.org/

LibreOffice 7.3.6 resolves over 50 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.6.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4.5 updates libraries and resolves a dozen bugs. This should be treated as a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.12 resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.4.363.0 resolves several stability and reliability bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Framework 4.8.1 adds native support for Arm64, forms, and tooltips improvements. This is not a security update.
https://dotnet.microsoft.com/en-us/download/dotnet-framework/net481

Hashcat 6.2.6 adds a return code for self-test failure. This is not a security update.
http://hashcat.net/hashcat/#downloadlatest

Johnny 2.2 adds several new modes, file formats, export options and resolves several bugs. This is not a security update.
https://openwall.info/wiki/john/johnny

KeePass 2.52 adds several new features, improves GUI and automation, and resolves a couple bugs. This is not a security update.
https://keepass.info/

ProtonVPN 2.0.6 improves DNS resolution. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.2 now automatically logs you in when visiting the ProtonVPN website. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.6.1 updates core, adds clipboard protection, and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SanDisk PrivateAccess 6.3.10 doesn’t provide a changelog so should be treated as a security update.
https://kb.sandisk.com/app/answersweb/detailweb/a_id/21996

Tails 5.4 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.44.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.6.6 resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 28.0.1 adds dozens of new features, bug fixes, and performance improvements. This is not a security update.
https://obsproject.com/

ScreenToGif 2.37.1 resolves a couple bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.8.6 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 5.0.5.2 improves reliability and performance with some websites. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.13 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.9.4 resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.9.5 resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/windows/

AOMEI Partition Assistant 9.10.0 resolves several bugs and adds ability to delete large files. This is not a security update.
https://www.diskpart.com/

Agent Ransack 2022.3341 updates libraries and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

CCleaner 6.03.10002 increases the nag factor and resolves several crash bugs. This is not a security update.
https://www.ccleaner.com/

ControlMyMonitor 1.36 adds option to start as hidden. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Coreinfo 3.53 now handles NUMA nodes with more than 64 processors. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/coreinfo

CPU-Z Installer 2.02 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.3.6 resolves a dozen bugs. This is not a security update.
https://cygwin.com/

DesktopOK 10.16 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.0.154.0 resolves several bugs. This is not a security update.
https://dngrep.github.io/

Drive Snapshot 1.50 adds SFTP support and support for newer operating systems. This is not a security update.
http://www.drivesnapshot.de/en/

Everything 1.4.1.1020 is a security update.
https://www.voidtools.com/

Fido 1.31 improves compatibility. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3341 updates libraries and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.37.3 resolves several bugs. This is not a security update.
https://git-scm.com/

GoodSync 12.0.2 resolves dozens of bugs and improves compatibility. This is a security update.
https://www.goodsync.com/

NTLite 2.3.8.8890 improves compatibility. This is not a security update.
https://www.ntlite.com/download/

osquery 5.5.1 adds and updates several new tables, and resolves several bugs. This is not a security update.
https://osquery.io/downloads

PointerStick 5.95 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.62.0 adds Screen Ruler, Quick Accent, Text Extractor (OCR), and resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 22.7.8783.8255 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SearchMyFiles 3.22 resolves a couple bugs. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

SimpleWMIView 1.52 adds option to show milliseconds. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Ookla Speedtest CLI 1.2.0
https://www.speedtest.net/apps/cli

Sysmon 14.0 adds a new event type, FileBlockExecutable, that prevents processes from creating executable files in specified locations, and includes several performance improvements and bug fixes. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TcpLogView 1.36 is a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

TeamViewer 15.33.7 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.13 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Unity 2022.1.16 updates libraries and resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

USBDeview 3.06 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WhyNotWin11 2.5.0.3 resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinScan2PDF 8.22 adds reverse scan order. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.10 resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

ADB 33.0.3 resolves several bugs. This is a security update.
https://developer.android.com/studio/releases/platform-tools

AutoHotkey 1.1.34.04 resolves several bugs. This is a security update.
https://www.autohotkey.com/download/

Docker Desktop 4.12.0 upgrades libraries and fixes dozens of bugs. This is a security update.
https://www.docker.com/products/docker-desktop

Get-IMAPAccessToken 2022.9.1 improves consistency and updates documentation. This is not a security update.
https://github.com/DanijelkMSFT/ThisandThat/blob/main/Get-IMAPAccessToken.ps1

Go 1.19.1 is a security update.
https://go.dev/

GitHub Desktop 3.0.8 resolves several bugs. This is not a security update.
https://desktop.github.com/

Node.js 18.9.0 updates libraries and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/

Node.js 16.17.0 updates libraries and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/

SQLite 3.39.3 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.71.1 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.13.2 resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

VirtualBox 6.1.38 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.19.0 resolves several bugs, adds new features, and updates libraries. This is a security update.
https://dadamailproject.com/

HumHub 1.12.1 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 4.2.2 is a security update.
https://www.joomla.org/

jQuery 3.6.1 resolves several bugs. This is not a security update.
https://code.jquery.com/

MailEnable 10.41 updates utilities, and resolves over a dozen bugs. This is not a security update.
https://www.mailenable.com/

OpenCart 4.0.1.1 resolves several bugs. This should be treated as a security update.
https://www.opencart.com/

ownCloud Client 2.11.1.8438 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

WordPress 6.0.2 is a security update.
https://wordpress.org/

Autoptimize 3.1.1.1 resolves a stability bug. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 10.4.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.6.3 adds new validation features. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.0 resolves several bugs and adds new options within the installer. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

myStickymenu 2.6 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Redirection 5.3.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Simple Lightbox 2.9.1 adds support for new media formats, improves compatibility, and resolves a validation bug. This is not a security update.
https://wordpress.org/extend/plugins/simple-lightbox/

Slider Revolution 6.5.31 resolves a minor bug. This is not a security update.
https://revolution.themepunch.com/

Sucuri Security 1.8.35 resolves a referer bug. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WooCommerce 6.8.2 resolves dozens of bugs, improves reliability, compatibility and adds several new tests and flows. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.5.2 resolves a self-diagnostic bug. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WPtouch 4.3.44 is a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

 

Updates 2018-07-10

Hi, Folks!

Today is Patch Tuesday and it’s a big one. The typical computer should see roughly 3gb in updates today. Let’s get started.

Microsoft released updates to Windows, .NET, Internet Explorer, Edge, Flash, and MSRT (~3gb). This includes security updates. A reboot is required.

Apple released macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan, SwiftNIO 1.8.0, Safari 11.1.2, iCloud for Windows 7.6, iTunes 12.8 for Windows, and Wi-Fi Update for Boot Camp 6.4.0. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 11.4.1 is a security update. Use Settings, General, Software Update to install the most current version.

watchOS 4.3.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 11.4.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 67.0.3396.101 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 30.0.0.134 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of Windows 10 (1803) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients at The Farmory, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

UniFi Controller 5.8.24 resolved several bugs. This is not a security update.
https://www.ubnt.com/download/

Display Driver Uninstaller 17.0.9.0 improves performance and reliability, removes dependency on Windows SC, and resolves several bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver Update 3.4.1 improves reliability, adds details for more drivers and hardware, and resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Logitech Options 6.90.135 resolves several bugs. This is not a security update.
https://support.logitech.com/en_us/software/options

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 67.0.3396.99 is a security update. Use Menu, Help, About to install the most current version.

Firefox 61.0.1 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 52.9.0 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.36 resolves a display bug in high DPI mode. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

Thunderbird 52.9.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

DiscordApp 6.21.2018 resolves several bugs, improves colorblind compatibility, adds group DM invites and @everyone warnings. This is not a security update.
https://discordapp.com/download

WinSCP 5.13.3 is a security update.
https://winscp.net/eng/index.php

Evernote 6.13.14.7474 does not provide a changelog, so should be treated as a security update.
https://www.evernote.com/

FileZilla 3.34.0 improves focus. This is not a security update.
https://filezilla-project.org/

FreeFileSync 10.2 improves version control behavior, performance, and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

MaxMind GeoIP Data 201807 is a data refresh.
https://dev.maxmind.com/geoip/

BrowsingHistoryView 2.16 fixed to work with Firefox 61. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

DNSDataView 1.55 improves command-line behavior to add additional variable controls. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Npcap 0.99-r7 improves compatibility and restores loopback capture. This is not a security update.
https://nmap.org/npcap/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.8 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Battle.net 20180620 does not provide a changelog, so should be treated as a security update.
https://us.battle.net/en/app/

EA Origin 10.5.21.179 resolves several bugs. This is not a security update.
https://www.origin.com/en-us/download

Office Updates

One or more of these are likely to be of interest to most people.

LibreOffice Fresh 6.0.5 resolves several bugs. This is not a security update.
https://www.libreoffice.org/

Notepad++ 7.5.7 resolves several bugs. This is not a security update.
https://12pd.com/click?npp

Adobe Acrobat 2017 and Reader 2017 (Acrobat 2017 Track) 2017.011.30096 are security updates. Use Help, Check for updates to get the most current version.

Adobe Acrobat DC and Reader DC (Classic Track) 2015.006.30434 are security updates. Use Help, Check for updates to get the most current version.

Adobe Acrobat DC and Reader DC (Continuous Track) 2018.011.20055 are security updates. Use Help, Check for updates to get the most current version.

Adobe DNG Converter 10.4 is a security update.
Mac: https://supportdownloads.adobe.com/detail.jsp?ftpID=6351
Win: https://supportdownloads.adobe.com/detail.jsp?ftpID=6353

Adobe Experience Manager cumulative fix and hotfix 24289 for all 6+ versions are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb18-23.html

Adobe Connect 9.8.1 is a security update.
https://helpx.adobe.com/adobe-connect/release-note/adobe-connect-9-8-1-release-notes.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Avast! Home Edition 18.5.3931 resolves several bugs. This is not a security update
https://www.avast.com/free-antivirus-download

Gpg4win 3.1.2 removes support for old and unsupported email clients, improves usability, and resolves several bugs. This is a security update.
https://www.gpg4win.org/download.html

RogueKiller 12.12.26 resolves compatibility and crash bugs, and adds detections. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 3.4.1806.2217 resolves several bugs and improves compatibility with various hardware and services. This is not a security update.
https://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

CDex 2.06 resolves several bugs. This is not a security update.
https://cdex.mu/?q=download

DVDFab 10.1.0.0 adds support for new encodings, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 4.2 adds support for several new formats, improves performance, stability, search, and adds dozens of new features. This is not a security update.
https://www.isobuster.com/download.php

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.5.1 resolves several bugs. This is not a security update.
https://12pd.com/click?rf

GoodSync 10.9.2 resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

Beyond Compare 4.2.5.23088 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitcoin 0.16.1 resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

NTLite 1.6.3.6240 improves compatibility. This is not a security update.
https://www.ntlite.com/download/

DesktopOK 5.44 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

FileLocator Pro 8.4.2840 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

QuickSetDNS 1.22 adds quoting to generated command lines. This is a security update.
https://www.nirsoft.net/utils/quick_set_dns.html

OSForensics 6.0.1003 improves Index controls and case management, and resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 3.13 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

ProduKey 1.93 adds Office Product Name Extraction Mode option to control how MS Office names are parsed. This is not a security update.
https://www.nirsoft.net/utils/product_cd_key_viewer.html

RapidEE 9.2 build 937 updates third-party libraries and improves compatibility. This should be treated as a security update.
https://www.rapidee.com/en/download

Rufus 3.1 improves compatibility and resolves several bugs. This is not a security update.
https://rufus.akeo.ie/

Sysmon 8.0 adds rule tagging, expands the command-line length logged, fixes a GUID printing bug, and prints friendly registry path names for rename operations. This is not a security update.
http://sysinternals.com/

Autoruns 13.90 adds Runonce Depend keys and GPO logon and logoff locations, as well as fixes a bug in WMI path parsing. This is not a security update.
http://sysinternals.com/

TraceRouteOK 1.33 resolves a bug. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinScan2PDF 4.31 improves hardware detection. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.25 adds CSV import, high-DPI support, performance improvements, language improvements, and resolves a crash on some 64-bit PCs. This is not a security update.
https://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

Developer Updates

These are unlikely to be of interest to most people.

StrawberryPerl 5.28.0.1 is a security update.
http://strawberryperl.com/

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.6.3 resolves several bugs. This is not a security update.
https://www.adminer.org/en/

Drupal 8.5.5 resolves several bugs. This is not a security update.
https://drupal.org/download

phpMyAdmin 4.8.2 is a security update.
https://www.phpmyadmin.net/home_page/news.php

Joomla 3.8.10 resolves a bug on Windows servers. This is not a security update.
https://www.joomla.org/

WordPress 4.9.7 is a security update.
https://wordpress.org/

Akismet 4.0.8 resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.2.6 resolves several bugs, improves stability and compatibility. This is not a security update.

Redirection 3.3.1 adds a PHP check for old versions. This is not a security update.

Sucuri Security 1.8.18 preserves settings when deactivated. This is not a security update.

Theme My Login 7.0.7 resolves several bugs. This is not a security update.

WooCommerce 3.4.3 resolves several bugs. This is not a security update.

WP Mail SMTP 1.3.3 doesn’t provide a changelog, so should be treated as a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2018-04-10

Hi, Folks!

It’s April 10th and the next build of Windows 10, v1803 aka “Redstone 4,” is supposed to be released today. This is a 6gb download that introduces a few new features and controls, but is not yet widely tested. Don’t be the guinea pig. For at least the next month, when you’re prompted that “the new version of Windows is ready,” just say no! I’ll report here when I believe it is safe for most users.

It’s Patch Tuesday and it’s a big one.

The typical computer should see roughly 2gb in updates today. Let’s get started.

Microsoft released updates to Windows, MS Office, Edge, Internet Explorer, Flash, and MSRT (~1.2gb). This includes security updates. A reboot is required.

Apple released updates for macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, Security Update 2018-002 El Capitan, iTunes 12.7.4 for Windows, iCloud for Windows 7.4, and Xcode 9.3. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 11.3 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 4.3 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 11.3 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 65.0.3325.209 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 29.0.0.140 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of the next build of Windows 10 (1803) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients at The Farmory, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Intel Driver Update 3.2 adds support for newer hardware and improves compatibility. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Display Driver Uninstaller 17.0.8.5 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 65.0.3325.181 is a security update. Use Menu, Help, About to install the most current version.

Firefox 59.0.2 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 52.7.3 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 52.7.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Trillian 6.1.0.14 resolves several bugs, and improves HiDPI support. This is not a security update.
https://www.trillian.im/

Adobe Shockwave 12.3.2.202 is a security update.
https://12pd.com/click?shockwave

WinSCP 5.13.1 is a security update.
https://winscp.net/eng/index.php

Evernote 6.11.2.7027 resolves several bugs. This is not a security update.
https://www.evernote.com/

MaxMind GeoIP Data 201804 is a data refresh.
https://dev.maxmind.com/geoip/

Nmap 7.70 resolves several bugs, adds fingerprints, scripts, and improved service diagnostics. This is a security update.
https://nmap.org/

Npcap 0.99-r3 resolves a couple bugs. This is not a security update.
https://nmap.org/npcap/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.7.4 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.16.49299 resolves download manager and chat bugs, improves stability and TTS behavior. This is not a security update.
https://www.origin.com/en-us/download

Technic Launcher 4/360 improves stability. This is not a security update.
https://www.technicpack.net/download

Office Updates

One or more of these are likely to be of interest to most people.

LibreOffice Fresh 6.0.3 resolves several bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice 5.4.6 resolves several bugs. This is not a security update.
https://www.libreoffice.org/

Notepad++ 7.5.6 adds previous and next buttons to find, improves monitoring behavior, and resolves 2 crash bugs. This is not a security update.
https://12pd.com/click?npp

OpenOffice Dictionary 2018.03.01 is not a security update.
https://extensions.openoffice.org/en/project/english-dictionaries-apache-openoffice

Adobe PhoneGap Push Plugin 2.1.0 is a security update.
https://helpx.adobe.com/security/products/phonegap/apsb18-15.html

Adobe Digital Editions 4.5.8 is a security update.
https://helpx.adobe.com/security/products/Digital-Editions/apsb18-13.html

Adobe InDesign 13.1 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb18-11.html

Adobe Experience Manager 6.x Cumulative Fixes are security updates.
https://helpx.adobe.com/experience-manager/aem-releases-updates.html

Security Software Updates

One or more of these is likely to be of interest to most people.

QubesOS 4.0 improves security, improves reliability and privacy, with new behaviors targeting imposed security by design. This is a security update.
https://www.qubes-os.org/downloads/

Avast! Home Edition 18.3.2333 improves performance, redesigns the password manager, resolves a fatal data loss bug in the virus chest and allows email on IPv6. This should be treated as a security update.
https://www.avast.com/free-antivirus-download

Wireshark 2.4.6 is a security update.
https://www.wireshark.org/

RouterPassView 1.72 improves file type detection. This is not a security update.
https://www.nirsoft.net/utils/router_password_recovery.html

OpenSSL 1.0.2o is a security update.
https://openssl.org/

OSFClone 1.3.1000 updates libraries, resolves checksum computation bug, and improves compatibility. This should be treated as a security update.
https://www.osforensics.com/tools/create-disk-images.html

RogueKiller 12.12.12 adds detections. This should be treated as a security update.
https://www.adlice.com/softwares/roguekiller/

SuperAntiSpyware 6.0.1258 resolves several bugs and improves engine. This should be treated as a security update.
https://www.superantispyware.com/download.html

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 3.3.1803.0505 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

XSplit Gamecaster 3.3.1802.1515 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

CDex 2.00 improves stability and compatibility with newer operating systems. This is not a security update.
https://cdex.mu/?q=download

DVDFab 10.0.8.8 resolves several bugs, adds support for newer encodings, and improves compatibility. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

Synergy 2.0.9 adds Raspberry Pi support, improves reliability, and resolves several bugs. This is not a security update.
https://symless.com/synergy/downloads

RoboForm 8.4.8 improves extension compatibility and installation, and resolves several bugs. This is not a security update.
https://12pd.com/click?rf

1Password for Mac 6.8.8 resolves a couple bugs. This is not a security update.
https://1password.com/downloads/

1Password for Windows 6.8.534 improves two-factor authentication integration. This should be treated as a security update.
https://1password.com/downloads/

GoodSync 10.8.4 improves service compatibility, improves performance and reliability, and resolves several bugs. This is a security update.
https://12pd.com/click?goodsync

CPU-Z 1.84 adds support for Spectre detection, newer hardware support, timers and bench testing. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

NTLite 1.6.0.6122 resolves a couple bugs. This is not a security update.
https://www.ntlite.com/download/

DesktopOK 5.12 resolves several bugs and improves reliability. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

HWMonitor 1.35 adds support for newer hardware, and improves monitoring. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

ImageUSB 1.3.1006 does not provide a changelog, so should be treated as a security update.
https://www.osforensics.com/tools/write-usb-images.html

SearchMyFiles 2.83 resolves a search trimming bug. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

OSFMount 2.0.1001 resolves several bugs and improves compatibility. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

OSForensics 5.2.1007 resolves a couple bugs. This is not a security update.
http://www.osforensics.com/download.html

PointerStick 3.03 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

SystemRescueCD 5.2.2 is a security update.
https://www.sysresccd.org/

TeamViewer 13.1.1548 resolves several bugs, improves UI, adds integration with Active Directory, and reports in servicecamp. This is not a security update.
https://www.teamviewer.com/en/download/windows/

Ultimate Boot CD 5.3.8 updates libraries and included applications. This should be treated as a security update.
http://www.ultimatebootcd.com/download.html

WinScan2PDF 4.16 resolves several bugs, improves reliability, and optimizes output. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.2.1 resolves several bugs. This is not a security update.
https://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 3.1.1.0 is a major update with many new features and improvements. This should be treated as a security update.
https://developer.android.com/studio/index.html

SQLite 3.23.0 resolves several bugs, improves consistency, language constructs, and overloading SQL statements. This is a security update.
https://www.sqlite.org/download.html

Web Package Updates

These are likely to be of interest only to web developers.

DigiCertUtil 20180330 doesn’t provide a changelog so should be treated as a security update.
https://www.digicert.com/util/

TinyMCE 4.7.10 resolves several bugs. This is not a security update.
https://www.tinymce.com/download/

Drupal 8.5.1 is a security update.
https://drupal.org/download

phpMyAdmin 4.8.0 resolves dozens of bugs. This is not a security update.
https://www.phpmyadmin.net/home_page/news.php

MailEnable 10.15 resolves several bugs, improves chat integration, and updates antivirus engine. This should be treated as a security update.
https://www.mailenable.com/

ScreenConnect (aka ConnectWise Control) 6.6.17081.6648 adds support for Chrome OS and Android, improves keyboard controls, and resolves many bugs…but not the one that forbids you from creating custom extensions without sharing the source code with ConnectWise. This is not a security update.
https://www.screenconnect.com/Download

WordPress 4.9.5 is a security update.
https://wordpress.org/

Autoptimize 2.3.4 resolves a couple bugs. This is not a security update.

BuddyPress 2.9.4 resolves several bugs. This is not a security update.

Custom Facebook Feed 2.5.2 resolves several bugs. This is not a security update.

myStickymenu 2.0.4 adds option to hide for large screens. This is not a security update.

NextScripts Social Networks Auto-Poster 4.2.1 resolves compatibility issue. This is not a security update.

Postie 1.9.19 improves paragraph detection. This is not a security update.

Sucuri Security 1.8.14 resolves several bugs, improves setup and authentication. This is not a security update.

WooCommerce 3.3.4 resolves several bugs. This is not a security update.

WP Edit 4.0.3 improves sanity checks and reduces warnings. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/