Updates 2025-02-11

Posted on February 11, 2025 by Shawn K. Hall

Happy Valentines, Folks!

Today is Patch Tuesday for February, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, that time was about 5 weeks ago. Pickin’s are thin right now. 🙁

There were 275+ major hacks, and over 640 application updates this month. It shouldn’t be that bad though, with about 3.5 GB of updates for most users.

This Month in Technology

1win, 9Lives, Addison Northwest School District, Adobe Photoshop, Adopt Me Trading Values, an airline travel integration service, Allegheny Health Network, Alltours, Alpine iLX-507, Alpine IVI, AMD CPUs, American National Insurance Company, Android, AngelSense, Aoki Holdings, Apex Custom Software, Apple Core Media, Apple CPUs, Apple iPad, Apple iPhone, Apple macOS, Apple WebKit, Aprendamos Intervention Team, Arab Civil Aviation Organization, Arlington Westend Dental, Ascension Health, Asheville Eye Associates, AT&T, Autel MaxiCharger, AuthoraCare Collective, Automotive Grade Linux, Avery Products Corporation, AVTECH cameras, Bank Central Asia, Bankers Cooperative Group, Bayhealth Medical Center, BCP Council, Behavioral Health Resources, Benefits Management Group, Berman & Rabin, PA, Big Cheese Studio, Biomedical Caledonia Medical Laboratory Limited, Bitbucket Server, Blacon High School, Cabrillo College, Cacti, Canon imageCLASS MF656Cdw, Casio UK, Catholic Charities of Southern Nevada, ChargePoint EV charger, ChargePoint HomeFlex, Chicago Department of Public Health, Christian Community Aid, Circle K, Cisco, Cisco Identity Services Engine (ISE), City of Hayward, City of McKinney, City of Tarrant, City of Ulster, Cityworks, ClamAV, ClearML, Cleo, Comhairle nan Eilean Siar, Communicare, Community Health Center, Conduent, CR&R Incorporated, Cracked.io, Craft CMS, Crayfish, Crunchyroll, Daytrip, DeepSeek, Delaware Valley School District, Delta County Memorial Hospital District, Dignity Health Lassen Medical Clinic, Django, DogWifTools, Doxbin, DragonNest, E-Benefit Solution, Econet Wireless, Endo Group, ENGlobal, Ethereum, FC Barcelona, FortiOS and FortiProxy, Fota Wildlife Park, Frame & Optic, Frederick Health, Garden of Life, LLC, GeoTools, GitHub Copilot, Globe Life, Google Chrome, Google Gemini AI, Google’s OAuth, Gravy Analytics, GrubHub, H&M, Hakko Corporation, Han Van Duong, MD, Hanover County Public Schools, Harmonyland, Harrison County Schools, Harvard Pilgrim Health Care, HCF Management, Heart Centre, HeatGames, Hewlett Packard Enterprise (HPE), Hikari Seiko, Holdrege Memorial Homes, Hospital El Cruce, Hospital Sisters Health System, Huawei HG532 routers, Iannuzzi Manetta & Co, IMI plc, InterCon Construction, International AIDS Vaccine Initiative, IntraSystems, IPany VPN, Israel Police Systems, Ivanti Avalanche, Ivanti Endpoint Manager, Jefferson School District, Juniper VPN gateways, Kafene, Inc, Kenwood DMX958XR, Kenwood IVI, Kenya’s Business Registration Service, 12,000+ KerioControl firewalls, KraftCPAs, LandAirSea, Laravel Voyager, LCPtracker, Inc, Le Coq Sportif Columbia, Let’s Secure Insurance Brokers Pvt Ltd, LifeBridge Health, Lightning AI, Logsign Unified SecOps, Lucent Health, Magento, Malaysia’s National Tuberculosis Registry, Marina Family Medical, Matagorda County, MedSave Health Insurance, Microsoft Edge, Microsoft Office Word, Microsoft Outlook, Microsoft Windows Installer Service, 13,000 MikroTik routers, Mintty Sixel, Mission Bank, Mity, Inc, Mizuno USA, Mongoose, Moniepoint, Mortgage Investors Group, MSI, NASAMS, Nash County Public Schools, Netgear WiFi routers, New York Blood Center, NI Vision Builder, NoMachine, NorthBay Health, Nulled.to, OneBlood, OnePoint Patient Care, OpenAI ChatGPT, OpenMRS, Oppo, OrthoMinds, Otelier, OU Medicine, over 660,000 Rsync servers, Oxfam Hong Kong, O’Connor Corporation, Palo Alto firewalls, Parallels Desktop, PDF-XChange Editor, PFS Investments, Phemex, Philippines National Bureau of Investigation, Phoenix Contact CHARX SEC-3150, Planet Technology WGS-804HPT, PoinCampus, Portola Valley School District, PowerSchool Group LLC, Puroland, QNAP NAS, Ramona Unified School District, Rebound Orthopedics & Neurosurgery, Regence BlueShield, Republic of Georgia, Rhode Island Health Information Exchange, River Region Cardiology, RM Group of Education, Rochester City School District, Salinas City Elementary School District, San Francisco-Marin Food Bank, Sanrio Entertainment, Sante PACS Server, Santee School District, SAP NetWeaver, Scholastic, Self Esteem Brands, LLC, Siemens Tecnomatix, SimpleHelp RMM, SkilloVilla, Smiths Group, SonicWall SMA1000, Sony IVI, Sony XAV-AX8500, South African Weather Service, Speedio, Spring River Mental Health & Wellness, Square Medical Group, Stark AeroSpace, Sterling Bank, Subaru’s Starlink service, SuperDraft, the Taliban, TalkTalk, Tata Technologies, TD Bank, TeamViewer, Telefónica, Tesla Wall Connector, Texas Health and Human Services, Texas Tech University Health Sciences Center, The O’farrell Charter School, The Reshaping and Nutritional Company LLC, Thermomix Recipe World Forum, Tokio Marine HCC, Tornillo Independent School District, Trump Hotels, Tycon Medical Systems, Ubiquiti charger, UEFI, UFCW Local 135, University Diagnostic Medical Imaging, University of Notre Dame, Upper Canada District School Board, Valio, Valley News Live, Veeam, VMware Avi Load Balancer, VSCode SSH Agent, W3 Total Cache, Wacom, Wavlink AC3000, Welhof, Westend Dental, Wetaskiwin Regional Public Schools, WhoDB, Willow Pays, WinZip, Wolf Haldenstein, WOLFBOX EV charger, WOLFBOX Level 2 EV Charger, WordPress ASE Plugin, Ya-Moon, Yazoo Valley Electric Power Association, YesWiki, York Region District School Board, Young Consulting LLC, Youthmanual, Yubico pam-u2f, ZAR rehab clinics, Zendesk, Zimbra, Zyxel CPE routers, and Zyxel USG Flex and ATP firewalls, have reported hacking or compromises this month.

Bitbucket, Bohemia Interactive (DayZ and Arma Reforger), Cloudflare’s R2 object storage, Conduent, Garmin GPS watches, GitHub, Lee Enterprises, Microsoft 365, and PlayStation Network have suffered from outages this month.

Last months updates broke Microsoft 365 on Windows Server OS, “New” Outlook, Outlook email composition, Outlook search, USB audio drivers, Windows Activation, and Windows Server 2022.

Microsoft is now force-installing “new” Outlook (“Outlook Fred” for those in the know). Recently, Microsoft has been changing the management methods to prevent installation faster than they release updates to the software or tell their customers of the new policy changes, making it an administrative nightmare. I figure it will be either a class-action lawsuit, a federal (or EU) racketeering case, or an enterprise-wide wake-up to switch to Thunderbird that will finally get Microsoft to (briefly) start respecting their customers that have (oft repeatedly) expressly signalled their desire to opt out of this crap.

Microsoft is saying they’re going to stop supporting installing updates for Office apps on Windows 10 after it reaches end-of-life in October. This is probably BS, since they’ve never prevented installing Office updates on previous operating systems when they reached end-of-life, but you should switch from Windows 10 by then for other reasons anyway.

This doesn’t bode well for Let’s Secure Insurance. Ouch.

A year after announcing that it would be imposing a new UEFI signature and mere months before mandatory enforcement, Microsoft has finally released a script to create media that can boot using the new requirements.

Amazon has (finally) improved the default settings for Redshift to reduce the number of data leaks using their platforms.

The FTC has ordered GM to stop selling OnStar customer data (such as precise geolocation and driving behavior) without obtaining express consent.

In a surprise to literally nobody, security researchers learned that if you install bad things on your device, bad things can happen!

Now for the good news:

A lawsuit against automatic license plate readers is allowed to proceed.

Brave now allows you to inject custom JavaScript to tweak websites without an extension. 🙂 This comes only weeks after adding the ability to Rerank websites in the Brave Search engine.

Most importantly: Ross Ulbricht is free.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is not that bad this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released 41 updates to address 67 vulnerabilities in Active Directory Domain Services, Azure Network Watcher, Microsoft AutoUpdate (MAU), Microsoft Digest Authentication, Microsoft Dynamics 365 Sales, Microsoft Edge (Chromium-based), Microsoft Edge for iOS and Android, Microsoft High Performance Compute Pack (HPC) Linux Node Agent, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft PC Manager, Microsoft Streaming Service, Microsoft Surface, Microsoft Windows, Open Source Software, Outlook for Android, Visual Studio, Visual Studio Code, Windows Ancillary Function Driver for WinSock, Windows CoreMessaging, Windows DHCP Client, Windows DHCP Server, Windows Disk Cleanup Tool, Windows DWM Core Library, Windows Installer, Windows Internet Connection Sharing (ICS), Windows Kerberos, Windows Kernel, Windows LDAP, Windows Message Queuing, Windows NTLM, Windows Remote Desktop Services, Windows Resilient File System (ReFS) Deduplication Service, Windows Routing and Remote Access Service (RRAS), Windows Setup Files Cleanup, Windows Storage, Windows Telephony Server, Windows Telephony Service, Windows Update Stack, Windows Win32 Kernel Subsystem, and MSRT. This includes security updates. A reboot is required.

Oracle released 301 security updates this quarter to address vulnerabilities in 109 applications.

Apple released updates for GarageBand 10.4.12, iOS 18.3, iOS 18.3.1, iPadOS 17.7.4, iPadOS 17.7.5, iPadOS 18.3, iPadOS 18.3.1, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, Safari 18.3, tvOS 18.3, visionOS 2.3, and watchOS 11.3. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 18.3 and 18.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7.4, 17.7.5, 18.3 and 18.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.3 is a security update. Use System, Software Update to install the most current version.

visionOS 2.3.1 is a security update. Use System, Software Update to install the most current version.

Google ChromeOS 132.0.6834.98 and Google ChromeOS LTS 126.0.6478.264 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Epson ET-2750 2.71.00 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2750/s/SPT_C11CG22201

Epson ET-3760 2.68.02 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-3760/s/SPT_C11CG20203

Epson ET-3850 3.01 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-3850/s/SPT_C11CJ61201

Epson ET-4800 3.05 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4800/s/SPT_C11CJ65201

Epson ET-5880 3.04.00 doesn’t provide a change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-5880/s/SPT_C11CJ28201

UniFi Network Server 9.0.114 resolves over a dozen bugs and improves Zone controls. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.6.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.75.175 is a security update.
https://brave.com/

Google Chrome 133.0.6943.53 is a security update.
https://www.google.com/chrome/

Firefox 135.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.7.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 7.1.3570.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.15.1 resolves several bugs. This is not a security update.
https://getmailspring.com/

Spark 3.20.4 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.7.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.0.2 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 8.12.0 is a security update.
https://curl.haxx.se/windows/

Discord February 3, 2025 adds several new performance improvements and privacy controls, as well as cosmetic and stability improvements. This is not a security update.
https://discord.com/download

Dropbox 217.4.4417 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

FreeFileSync 14.0 adds dark mode support, improves cosmetics and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 104.0 is a security update.
https://drive.google.com/start

Grocy Desktop 2.12.1 updates the Grocy release and fixes dependencies. This is not a security update.
https://github.com/grocy/grocy-desktop

Microsoft Teams 1.8.00.1362 adds several new management and organizational features. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.5 resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

PuTTY 0.83 resolves several bugs. This is not a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Signal 7.41.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.32.3 improves organization. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.4.1 should be treated as a security update.
https://technitium.com/dns/

Telegram 5.10.7 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 6.3.6.56144 adds a “new and improved” sidebar and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.13 improves rigging motions. This is not a security update.
https://en.3tene.com/

Grayjay 281 resolves compatibility issues. This is not a security update.
https://grayjay.app/index.html

KaraFun Player 3.4.6 improves stability and performance, ARM compatibility, and resolves several bugs. This is not a security update.
https://www.karafun.com/karaoke-windows/

Kodi 21.2 resolves dozens of bugs. This is a security update.
https://kodi.tv/

Plex Desktop 1.107.2.300 resolves a compatibility bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.70.1.303 updates libraries and now improves privacy on Linux. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.60.10 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2025.115 improves performance and usability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.01.28 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Commerce 2.4.8-beta2, 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 1.5.1, 1.4.2-p4, 1.3.5-p9, 1.3.4-p11, 1.3.3-p12, 2.4.8-beta2, 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-08.html

Adobe Illustrator 28.7.4 and 29.2.1 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb25-11.html

Adobe InCopy 19.5.2 and 20.1 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb25-10.html

Adobe InDesign 19.5.2 and 20.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-01.html

Adobe Photoshop Elements 2025.1 is a security update.
https://helpx.adobe.com/security/products/photoshop_elements/apsb25-13.html

Adobe Substance 3D Designer 14.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb25-12.html

Adobe Reader DC 24.005.20399 resolves several crash bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Substance 3D Stager 3.1.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-09.html

Artweaver 8.0.2 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 7.25.0 resolves several bugs and improves compatibility. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.1.5 improves compatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Krita 5.2.9 massively improves text support. This is not a security update.
https://krita.org/en/download/

LibreOffice Fresh 25.2.0 resolves almost 300 bugs. This is a security update. Please do not use the “Fresh” line – use the stable release instead.
https://www.libreoffice.org/

Manager 25.2.9.2075 improves inventory controls. This is not a security update.
https://www.manager.io/

Notepad++ 8.7.7 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.1.3 resolves over a dozen bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.5.1.394 improves cosmetics and resolves over a dozen bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

iOS 18.3.1 is a security update. Use Settings, General, Software Update to get the most current version.

iPadOS 17.7.5 and iPadOS 18.3.1 are security updates. Use Settings, General, Software Update to get the most current version.

macOS 15.3.1 is a security update. Use Settings, General, Software Update to get the most current version.

Tails 6.12 is a security update.
https://tails.net/install/download/index.en.html

tvOS 18.2.1 and tvOS 18.3 are security updates. Use Settings, General, Software Update to get the most current version.

watchOS 11.3.1 is a security update. Use the Watch app from your iPhone to install the current version.

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Runtime 9.0.1 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Java 8u441 is a security update.
https://www.java.com/en/download/manual.jsp

MalwareBytes Desktop Security 5.2.6.163 resolves a quarantine bug. This should be treated as a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 3.5.1 improves stability and performance. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest

RogueKiller 16.0.2 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.283 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1272 adds a new Browser Protection feature and resolves several bugs. This should be treated as a security update.
https://www.superantispyware.com/download.html

Windows Defender Offline 20250119 doesn’t provide a change log so should be treated as a security update.
https://windows.microsoft.com/en-us/windows/what-is-windows-defender-offline

Wireless Network Watcher 2.42 updates the internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 31.0.1 resolves several crash and stability bugs. This is not a security update.
https://obsproject.com/

SnagIt 24.3.2 is a security update.
https://www.techsmith.com/screen-capture.html

VideoCacheView 3.11 improves support for newer Chrome (v132+) cache structure. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.5 adds support for MP4/MKV AV1 output, improved hardware acceleration and resolves an audio quality bug. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 20250204 resolves an SVT-AV1 API compatibility issue. This is not a security update.
https://ffmpeg.org/ffmpeg.html

IsoBuster 5.5.2 resolves compatibility issues with CD-i and macOS generated media, and special characters in file and folder names. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.17.9 changes only the version number. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 5.3.3 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.2.2.0 improves compatibility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.0.5 adds Colorizer support and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.60 resolves several bugs. This is not a security update.
https://1password.com/downloads/

Beyond Compare 5.0.5.30614 updates libraries and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2025.1.4 now imposes 2FA for new sessions and unknown locations, adds ability to generate SSH keys, and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.32.11432 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.14 adds support for newer hardware and resolves a cosmetic bug. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.5.7 resolves several bugs. This is not a security update.
https://cygwin.com/

Dell OS Recovery Tool 2.4.2.2193 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 11.57 improves uninstall and automatic update. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.3.3.0 updates libraries, adds several new features (Show Replacements, Minimize & Restore, Replace dialog layout) and updates translations. This is a security update.
https://dngrep.github.io/

GoodSync 12.8.2 adds a new @file filter, improves compatibility and rearranges job options. This is not a security update.
https://www.goodsync.com/

GUIPropView 1.31 adds several new columns to the display. This is not a security update.
https://www.nirsoft.net/utils/gui_prop_view.html

Homedale 2.16 adds a Japanese translation. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.56 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

LessMSI 2.5.0 adds ability to change languages in the GUI. This is not a security update.
https://lessmsi.activescott.com/

ManageWirelessNetworks 1.15 adds dark mode support. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NTLite 2025.01.10293 modifies more than a dozen Components features and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.1.1001 resolves several bugs. This should be treated as a security update.
https://www.osforensics.com/download.html

osquery 5.15.0 resolves several bugs and improves data collection and display. This is not a security update.
https://osquery.io/downloads

PowerToys 0.88.0 updates libraries and resolves several bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 4.0.5 resolves dozens of bugs. This is not a security update.
https://psappdeploytoolkit.com/

TeamViewer 15.62.4 is a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.46 improves uninstall and automatic update. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Ventoy 1.1.01 adds native remounting capability to support all Linux distros and resolves a couple bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WakeMeOnLan 1.92 updates the internal MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WinScan2PDF 9.25 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.24 adds several administrative features and cosmetic improvements. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 2.0.19 resolves several bugs. This is a security update.
https://www.autohotkey.com/download/

GDevelop 5.5.224 improves cosmetics and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.16 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.6 is a security update.
https://go.dev/

MySQL ConnectorNet 9.2.0 resolves several bugs. This should be treated as a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 18.20.6 is a security update.
https://nodejs.org/en/

Node.js 20.18.3 is a security update.
https://nodejs.org/en/

Node.js 22.14.0 is a security update.
https://nodejs.org/en/

Node.js 23.7.0 is a security update.
https://nodejs.org/en/

Python 3.13.2 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.49.0 resolves several bugs and improves performance. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.97.1 is a security update.
https://code.visualstudio.com/

WinMerge 2.16.46 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.6 adds support for Linux kernel 6.13 and resolves dozens of bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.20 adds Postmark, Bluesky and Backblaze B2 support. This is not a security update.
https://invisioncommunity.com/

Grocy 4.4.1 adds support for Open Food Facts barcode lookup and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

MailEnable 10.51 is a security update.
https://www.mailenable.com/

ownCloud Client 5.3.2.15463 is a security update.
https://owncloud.com/desktop-app/

phpMyAdmin 5.2.2 is a security update.
https://www.phpmyadmin.net/

WordPress 6.7.2 resolves 35 bugs. This is not a security update.
https://wordpress.org/

Really Simple CAPTCHA 2.4 improves hash strength and compatibility. This is not a security update.
https://wordpress.org/extend/plugins/really-simple-captcha/

Sucuri Security 1.9.8 adds CORS configuration. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WP Cerber Security 9.6.6 resolves several bugs. This is not a security update.
https://wpcerber.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-11-12

Posted on November 12, 2024 by Shawn K. Hall

Happy Thanksgiving, Folks!

Today is Patch Tuesday for November, 2024.

Hold the line: do not upgrade to 24H2 yet. There have been quite a few issues. Let everyone else be the guinea pigs.

Windows 10 now has only 11 months of support left. If your computer can not be upgraded to Windows 11 either start planning for a switch to Linux or replacing your computer.

There are critical security updates for all supported Apple products and (as is now the norm) new critical security updates for every browser every single week.

QuickBooks Desktop 2025 will be released later this month, and on November 1st all previous versions of QuickBooks Desktop will be end-of-life (EOL).

Windows Server 2025 has been released. And it’s “accidentally” being force-installed on recent Windows Server builds.

Entrust certificates are being disavowed as soon as today. There have been months to prepare, but this will still kill off about 0.1% of active SSL certificates.

There were 645+ major hacks and over 525 application updates this month.
It’s a huge month, with about 5 GB of updates for most users.

This Month in Technology

1st Credentialing, 1StopBedrooms, 1stUnited Credit Union, 20 Canadian government networks, 5.11, Abbott Laboratories Employees Credit Union, Absolute Machine Tools, Acadian Ambulance Service, Inc, Accounting Resource Group, Acko.ru, Action Heating & Cooling, Adguard Home, ADT, Advanced Accounting & Business Advisory, Advanced Recovery Equipment & Supplies, AeoTec Smart Home Hub, AEP, Air Specialists Heating & Air Conditioning, Al Ahly SC, Al Fajer School, Alliance Laundry Systems, AlpineReplay, Altenen, Amazon, Ambica Steels, American Mechanical, Inc, American Medical Billing, American River College, American Water, Amourgis & Associates, Android, ANU Enterprise, Apache Mills, Inc, Apache Solr, Apex, Apple iPhone, Apple macOS, Arango Billboard, Arctrade, Arkansas Blue Cross and Blue Shield, Asheville Arthritis Centre, Aspen Healthcare, Astac, Atlantic Coast Consulting Inc, Atlantic Medical Management, ATSG Inc, AudoCAD, Australian Nursing Home Foundation, Aviva Spain, Axis Health System, Ayurvedic Herbs Online, Azure AI, Bahrain government, Banco Sucredito Regional, Barnes Cohen and Sullivan, Bel-Air Bay Club Ltd, Belle Tire, Berling.gr, Berridge Manufacturing Co, Bethalto School District, Birth Choice of San Marcos, Blackburn College, Bliss Worldwide, BNBuilders, Boart Longyear, Boston Children’s Health Physicians, Brandenburger Plumbing, Brazil’s SAIC, BrightStar Care, BSN Sports, Bucharest’s District 5 City Hall, Buenos Aires, Burgess Kilpatrick, Bury Council, UK, BWD Technology, By Design LLC, Byerly Aviation, C & C Industries, Caleb & Brown, Calgary Public Library, California Department of Social Services, Call of Duty, Campus.gov.il, Canon imageCLASS MF656Cdw, Cape Cod Regional Technical High School, Cardiology of Virginia, Carolina Arthritis, CAS Software, Casio, Cathexis Holdings LP, Center for Urban Community Services, Central Pennsylvania Food Bank, Central Tickets, Centreon, CGR Technologies, Cheasapeake Regional Information System for our Patients, Inc, Chicago Cardiology Institute, Children’s Health Ireland, Chimienti & Associates, CIIT Wah, Cisco DevHub, City of Sheboygan, CLAS Information Services, Clay Platte Family Medicine, Clayton Properties Group, Clear Connection, ClickFix, Club Vélez Sarsfield, College of Business – Tanzania, Columbus, OH, Comcast, Community Day School, Community Dental in Portland, Compex Legal Services Inc, Compound, Continental Casualty Company, CoPilot, Cordogan Clark and Associates, Cornerstone Healthcare Group Management Services LLC, Corporate Job Bank, Costa Del Sol Hotels, Cottonwood Union School District, Country Club El Bosque, Country Inn & Suites by Radisson, CreaGen Inc, CreditRiskMonitor, Crypto Vеnturе Cаpitаl, CSU Contracting, Cucamonga Valley Water District, CUSO Financial Services, LP, CyberPanel, D-Link routers, Dana Safety Supply, De Rose Lawyers, Delfin Design & Manufacturing, Delta Electronics CNCSoft-G2, Delta Electronics DIAScreen, Delta Electronics InfraSuite, Dennis Kirk, Department of Occupational Safety and Health (Malaysia), Detroit Wayne Integrated Health Network, Devtron, DieTech North America, Dietzgen Corporation, digiDirect, Diligent Delivery Systems, Directorate for Combating Organised Crime, Disney World, DMEScripts, Doctors Regional Cancer Center, DoctorsToYou, DocuSign, Dohman, Akerlund & Eddy, Dome Construction, Doscast, DR Butler and Associates, Dr.Web, Drug and Alcohol Treatment Service, Dstat.cc, Dudley Council, UK, Eagle Industries, Eagle Recovery Associates, Earth 2, Easterseals, EasyPay, Ecovacs, EIGEN Holdings, Elections Nova Scotia, Embody Performance & Recovery, Empower Management Group, English Construction Company, Epicor Software Corporation, Equalize, Equator Worldwide, Ericsson codechecker, ESET, European External Action Service, Evergreen Public Schools, Exeter City Council, Eye Clinic Surgicenter, Fair Vote Canada, Fairfield Memorial Hospital, Falo, Family Medical Center in Mount Airy, Federal Board of Revenue (Pakistan), Fidelity Investments, Firefox, First Nations Health Authority, Fiskars, Fitzgerald, DePietro & Wojnas, FloridaCentral, Floyd County Public Schools, Followmont TransportPty, Food Sciences Corporation, Form I-9 Compliance, Fortinet FortiManager, Fortis, Fractal ID, France’s Ministry of Labour and Employment, Free (ISP), Freedom Home Care, Fromm, Funadmin, Funlab, Fylde Coast Academy Trust, Game Freak, Gandara Mental Health Center, General Physician, PC, German Chamber of Commerce, GitLab, Globe Life, Gluckstein Personal Injury Lawyers, Google Scholar, Goshen Central School District, Grafana, Granite School District, Gryphon Healthcare, GSR Andrade Architects, Guardian Healthcare, H&R Block Canada, Hafetz and Associates, Harris Personal Injury, Hawaii State Judiciary, Health & Palliative Services of the Treasure Coast, Healthcare Management Systems, Healthfund Solutions, Hemel Hempstead Council, UK, Henry County Schools, Henry Schein, Hewlett Packard Enterprise Aruba OS, Holistix Treatment Center, Hope Valley Recovery, Hot Topic, Housing Authority of the City of Los Angeles, Houston Housing Authority, Howell Electric Inc, HP Color LaserJet Pro MFP 3301fdw, Hyundai, IBM Security Verify, Icedrive, IdeaLab, iFocus Consulting, Illumin8 Global, IM Cannabis, Immuno Laboratories, IMPAXX, InCare Technologies, Indian government email, India’s COVID-19 tracking platform, Indonesia’s E-Visa System, Infosys McCamish Systems LLC, Inner City Education Foundation, Insurance Regulatory and Development Authority of India (IRDAI), Interbank, Interbel, International University of Sarajevo, Internet Archive (three times!), Intesa Sanpaolo Bank of Italy, IrfanView, Iron World Manufacturing, Israeli Ministry of National Security, Israeli Ministry of Welfare, Ivanhoe Club, Ivanti Cloud Services Appliance (CSA), Jacksonville Children’s Multispecialty Clinics, Jardine Aviation Services, Jillamy, Johnson & Johnson, Jomar Electrical Contractors, Jordan Ministry of Education, Jordan Public Schools, JS McCarthy Printers, Justice.fr, K&S Tool & Mfg Co, Kaiser Foundation Hospitals, Kaiser Permanente, Kansas City Hospice, Karman Inc, KEE Process, Kenana Sugar Company, KMC Controls, Knox Law Center, Konecta Group, Kubernetes Image Builder, Kuhn and Associates, Kulicke and Soffa Industries, L & B Transport, LLC, La Tazza D’oro, Lampard Community School, Landmark Admin, Laravel Reverb, Law Office of Omar O Vargas, Legacy Treatment Services, Lein Law Offices, Levales Solicitors LLP, LevelOne WBR-6012, Lexco, Lexmark CX331adwe, LG Electronics, LifeMine, Lincoln University, Linux Kernel, Long Island Plastic Surgical Group, Lorex cameras, Loring, Wolcott & Coolidge, LottieFiles Lotti-Player, Luxwood Software Tools, Magento Open Source, Mainelli Mechanical Contractors, Marisa SA, Maval Industries, Maxxis International, Mazda Connect Connectivity Master Unit (CMU), McElroy, Quirk & Burch, APC, McMillan Electric Company, MCNA Dental, MedElite Group, Memorial Hospital and Manor, GA, Mercury Theatre, Meshworks, Metawin, MiCare Health Center, Michael J Gurfinkel, Microlise, Microsoft Bookings, Microsoft SharePoint, Mid State Electric, Middlesborough Council, UK, Minuteman Senior Services (MSS), MiPC Mexico, MIT Technology Review, Mixfame, Mizuno USA, MMI Services, Inc, MMP Union, Model Die & Mold, Moldova’s parliamentary email servers, MoneyGram, Moodle, Mozilla Firefox, Mr. Winter Wheels, Muah.AI, Muskogee City County Enhanced 911 Trust Authority, MVES, MWI Veterinary Supply, Inc, MySQL Connector/Python, Mystic Valley Elder Services, Nagoya Stock Exchange, NARSTCO, National Financial Services, National Institute of Administration, Native Village of Eyak Ilanka Community Health Center, Navarra & Marzano, Neighbors Credit Union, New Law, New York Plastic Surgery, Newpark Resources, Nidec Precision, Niko Resources Ltd, Nikon NEF, NoBroker, Noida Metro, Nokia, Nor-Well, Northeast Professional Caregivers, Northeast Spine and Sports Medicine, NVIDIA Container Toolkit, NVIDIA GeForce, NVIDIA Onyx, NW Health Porter, Okta, Ollama AI, OMA, Omni, OnePoint Patient Care, Open Range Field Services, Opera Browser, Oracle VirtualBox, ORBCOMM, Orbit Software, Inc, Oregon Department of Corrections, ORM Fertility, Orthopedics Rhode Island, OrthopedicsNY, Osmedeus Web Server, Ottawa Valley Handrailing Company, Over a thousand online shops, OwlTing, OxyHealth, OzarksGo, Pacific Pulmonary Medical Group, PAJ GPS, Palm Hills Developments, Palmisano & Goodman, PA, Palo Alto Networks PAN-OS, Panda Security Dome, Paragon Plastics, Parkland Health, Parnell Defense, Paul White Company, PayDo, Paystack, pCloud, Peoria Lawyers, Petropolis Pet Resort, Pheim Unit Trusts Berhad, Philadelphia Macaroni, Philips Smart Lighting, Phoenix Contact EV chargers, Physical Medicine & Rehabilitation Center, Planned Parenthood of Montana, PlayBoy, Portsmouth City Council, UK, Positive Business Solutions, Postcard Mania, PostHog, Potomac Medical Aesthetics, PRC-Saltillo, Precision Steel Services, Preferred Travel Group, Presbyterian Healthcare Services, PrestaShop, PriceBlink, Professional Probation Services, Promise Technology, Inc, Protective Industrial Products, PT Haleyora Power, PTZOptics cameras, Pureflow Airdog, qBittorrent, QEMU, QNAP QHora-322, QNAP TS-464, QNQB, Qualcomm chips, Quest Diagnostics Inc, Racing Forensics Inc, Radiant Capital, Radisson’s Country Inn and Suites, Raeyco Lab Equipment, Raimondo Pettit Group, Rancher, RANEPA University, RDC Control Ltd, Redwood Coast Regional Center, Regional Government of Ica, ReliaQuest, RENIEC, Rhode Island Orthopedic Practice, Ridgewood Public School District, Rim Country Health and Rehabilitation, Riverview Health, Rockstar Games, Rockwool, Rocky Mountain Gastroenterology, Rosen Legal, Roundcube Webmail, Royal Thai Police, RRCA Accounts Management, Inc, Rumpke Consolidated Companies, Russell Law Firm, LLC, Russian Foreign Ministry, Russian State TV VGTRK, S & W Kitchens, Sage Automotive Interior, Saint Xavier University, SalesGig, Salford Council, UK, Samsung, Samsung Galaxy S24, San Joaquin County Superior Court, Sanglier Limited, Sango Family Dentistry, Sarah Bush Lincoln Fayette County Hospital, Saratoga Liquor, Save Mart Supermarkets, LLC, Schneider Electric, Schneider Electric EcoStruxure, Schneider Electric Zelio Soft 2, Schreck Financial Group, Schweiger Transport, Scullion LAW, Seafile, Sector 5, Bucharest, SelectBlinds, SEP, Set Forth, Inc, Seven Counties Services, Shareholders in Hong Kong, Sit & Sleep, Smart Media Group Bulgaria, SmartSource, Smeg, Smile Design Management, Smiles in the Pines, Smitty’s Supply, Smoker’s Choice, Solairus Aviation, LLC, SolarWinds Web Help Desk, Soliant Health, SonicWall firewalls, Sonoma County Superior Court, Sonos Era 300, Sophos Firewall, South China Athletic Association, South West Family Medicine Associates, South-East Technological University Waterford, Spine by Villamil MD, Spirit Lake Community School District, SRS-Stahl GmbH, St Albans Council, UK, St. Anthony Regional Hospital, Stalker Online, Standard Bank, Star Health Insurance, Stark County Criminal Justice Information Systems, Starkweather and Shepley Insurance Brokerage, Steel Art Signs, Strava, StreamCraft, Strike Bowling, Structural and Steel Products, Sumitomo, Summit Pathology and Summit Pathology Laboratories, Inc, Sunrise Express, Suntrust Properties, Superior Quality Insurance Agency, Supply Technologies, Surfnet Communications, Survival Flight, Inc, SVP Worldwide, Swalekha.in, Switch, Symetra Life Insurance Company, Symfony, Sync, Synology BeeStation, Synology DiskStation, Synology TC500, Systems Application & Technologies Inc, T-Space, Tameside Council, UK, TargetMaps, TaxPros of Clermont, TDM Technical Services, TEAM Software, Texas Department of Public Safety, Texas Spine Consultants, Texas Tech University Health Sciences Center, The Club Penguin Experience, The Getz Group, The Knesset, The Law Offices of Jed Silverman, The Nolan Financial Group, The Physical Medicine & Rehabilitation Center, PA, The Povman Law Firm, The Strainrite Companies, Therabel Lucien Pharma SAS, TheraCom, ThinkPHP, Thompson Coburn, Tiketek, TNAFlix, Toro Enterprises, Inc, Totally Promotional, Tower Clock Eye Center, TrackMan, Trafford Council, UK, Transak, Trend Micro Cloud Edge, Trend Micro Deep Security, Tresorit, Tri-City Healthcare District, Tri-City Medical Center, Tricon Energy, Trimarc Financial, Trimble SketchUp, True World Group, TrueNAS Mini X, TrueNAS X, Truist Bank, TU Parks, Tungsten Automation Power PDF, TV Guide Magazine, Ubiquiti AI Bullet, UK Ambulance Services, UK Biobank, Ultra Tune, United Sleep Diagnostics, Universal Companies, Universal Health Corporation, Universal Music Group, University Medical Center, University of California, Unlimited Lawn Care, US Customs and Border Protection, Uttarakhand State Data Center, Valleygate Dental Surgery Centers, Value City NJ, Van Wagner Group, LLC, Varsity Brands, VasTopUp, Venezuelan Government, VeriSource Services, Inc, Verizon Wireless, Vermilion Parish Schools, VimeWorld, Visionworks of America, Inc, VMware HCX, VMware vCenter Server, Volkswagen, Volta River Authority, Wacom Center, Washington courts, Wayne County, Webb Institute, Weber Packaging, Weiser Memorial Hospital, Well Chip Group, Wellfleet Group, Wells Fargo, Western Sydney University, Westwood Country Club, Wetherby Town Council, Wexford County, WhatsUp Gold, Whitaker Construction Group, Wichita County, Wilson & Lafleur, Wilson Tarquin, WimCoCorp, Windows Driver Signature, Windows Themes, Winestyle, Winnebago Public School Foundation, WordPress Jetpack, WordPress LiteSpeed Cache, X.Org Server, Youngs Timber Builders Merchants, Z-lib, Zalo.vn, Zamalek Club, Zendesk, ZicroDATA, Zierick Manufacturing Corporation, and Zimbra GraphQL have reported hacking or compromises this month.

Calgary Public Library, DHL, Microsoft, Serco, and The Internet Archive have suffered from outages this month.

Last months updates broke Microsoft 365 Outlook, Microsoft Azure Virtual Desktop, Microsoft OneDrive, Microsoft’s “New” Outlook, OpenSSH on Windows Server, Windows 10, and Windows Remote Desktop.

Never again use a third-party charging cord. Treat your USB ports with more concern.

Half of US county websites can be spoofed.

iPhones will now force restart after idle in order to reencrypt data.

Now for the good news:

The Mozilla Foundation has finally dropped their advocacy division. Unfortunately, they’ll be rolling it into their other programs. It still could mean that tech companies might actually start prioritizing their tech instead of politics or other agendas.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released 98 updates to address 88 vulnerabilities in .NET and Visual Studio, airlift.microsoft.com, Azure CycleCloud, Azure Database for PostgreSQL, LightGBM, Microsoft Defender for Endpoint, Microsoft Edge, Microsoft Office SharePoint, Microsoft PC Manager, Microsoft SharePoint Server, Microsoft SQL Server, Microsoft Virtual Hard Disk (VHDX), Microsoft Virtual Hard Drive, Microsoft Windows DNS, Microsoft Windows VMSwitch, TorchGeo, Visual Studio, Visual Studio Code, Win32k Elevation of Privilege Vulnerability, Windows Active Directory Certificate Services, Windows CSC Service, Windows Defender Application Control, Windows DNS, Windows DWM Core Library, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows NT OS Kernel, Windows NTLM, Windows Package Library Manager, Windows Registry, Windows Secure Kernel Mode, Windows SMB, Windows SMBv3 Client/Server, Windows Telephony Service, Windows Update Stack, Windows USB Video Driver, Windows VMSwitch, Windows Win32 Kernel Subsystem, Winlogon, and MSRT. This includes security updates. A reboot is required.

Oracle released 334 security updates this quarter to address vulnerabilities in 109 applications and service.

Apple released updates for iOS 17.7.1, iOS 18.1, iPadOS 17.7.1, iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, Safari 18.1, tvOS 18.1, visionOS 2.1, and watchOS 11.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.7.1 and 18.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7.1 and 18.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.1 is a security update. Use System, Software Update to install the most current version.

visionOS 2.1 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 130.0.6723.101 and Google Chrome OS LTS 126.0.6478.257 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 41-1.4 is a major update, adding many new features, removing unsupported and deprecated tools and applications, and hardening the operating system. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.10.1 resolves several bugs and improves stability. This is not a security update.
https://www.amd.com/en/support

Intel Driver and Support Assistant 24.5.40.11 resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Nvidia Driver 566.03 resolves several bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

UniFi AC Professional 6.6.77 resolves several bugs and improves performance, reliability and stability. This is not a security update.
https://www.ui.com/download/software/uap-ac-pro

UniFi airMAX NanoStation 5AC Loco 8.7.14 resolves several bugs. This is not a security update.
https://www.ui.com/download/software/loco5ac

UniFi Network Server 8.6.9 improves SIEM integration, dozens of improvements and bug fixes. This is a security update.
https://www.ui.com/download/releases/network-server

UniFi U6 Professional 6.6.77 resolves several bugs and improves performance, reliability and stability. This is not a security update.
https://www.ui.com/download/software/u6-pro

VIISAN OfficeCam 7.2.4.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Xerox Smart Start 2.1.22.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.71.123 is a security update.
https://brave.com/

Firefox 132.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.4.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 130.0.6723.116 is a security update.
https://www.google.com/chrome/

Vivaldi 7.0.3495.6 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

ProtonMail (Android) 4.2.1 resolves several bugs. This is not a security update.
https://proton.me/mail/download

Spark 3.17.11.89740 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.12.90683 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.4.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 8.1.4 improves compatibility and requires re-granting persmissions. This is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.59 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.11.0 resolves dozens of bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 211.4.6008 doesn’t provide a change log so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.68.1 resolves several bugs. This should be treated as a security update.
https://filezilla-project.org/

FileZilla Server 1.9.4 resolves several bugs, including improved Let’s Encrypt compatibility.
https://filezilla-project.org/

FreeFileSync 13.8 adds SFTP support for IPv6, improves copmatibility and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 99.0 *finally* adds differential uploads, which will save huge amounts of bandwidth for large files with minor changes. This is not a security update.
https://drive.google.com/start

MeshCentral 1.1.33 resolves dozens of bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.27855 improves BYOD and audio source detection. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.2 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.14.32.3 resolves a dozen bugs and improves the GUI. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Signal 7.32.0 improves performance, bulk downloads, and adds Call Links. This is not a security update.
https://signal.org/download/

Signal (Android) 7.23.1 adds chat folders. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.28.0 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 13.1.1 resolves several bugs and improves protocol support. This is not a security update.
https://technitium.com/dns/

Telegram 5.7.2 resolves over a dozen bugs. This is not a security update.
https://telegram.org/

Zoom 6.2.7.49583 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.11 improves compatibility. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.5 resolves several bugs. This is not a security update.
https://www.bitwig.com/download/

iTunes 12.13.4.4 is a security update.
https://www.apple.com/itunes/download/

KaraFun Player 3.2.2.56 resolves a dozen bugs. This is not a security update.
https://www.karafun.com/karaokeplayer/

Plex Desktop 1.104.0.241 now includes an advertising consent popup.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.1.9057 improves hardware-encoding for DVR, media support, and metadata. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.44.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21.3 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 19.0.1 improves compatibility. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.101 resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.11.05 adds Steam Game Recording and resolves dozens of bugs. As of this version Windows 7 and 8 are no longer supported. These end-of-life operating systems can continue to use the prior build (for now). https://help.steampowered.com/en/faqs/view/4784-4F2B-1321-800A
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.11.06 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe After Effects 24.6.3 & 25.0 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb24-85.html

Adobe Audition 24.6.3 and 25.0 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-83.html

Adobe Bridge 14.1.3 and 15.0 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-77.html

Adobe Commerce 3.2.6 is a security update.
https://helpx.adobe.com/security/products/magento/apsb24-90.html

Adobe Illustrator 28.7.2 and 29.0.0 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-87.html

Adobe InDesign 18.5.3, 18.5.4 and 20.0 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-88.html

Adobe Photoshop 24.7.4 and 25.12 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-89.html

Adobe Reader DC 24.004.20243 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Substance 3D Painter 10.1.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-86.html

Audacity 3.7.0 resolves more than a dozen bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 4.2.3 resolves dozens of bugs. This is not a security update.
https://www.blender.org/download/

Calibre 7.21.0 resolves over a dozen bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.1.3 resolves several bugs. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Inkscape 1.4 resolves several bugs. This is not a security update.
https://inkscape.org/release/

Kdenlive 24.08.3 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

LibreOffice 24.2.7 resolves over 50 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.11.11.1937 resolves several bugs and improves inventory support. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.14.3 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7.1 resolves a couple bugs. This is a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.4.3.391 resolves almost a dozen bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_41 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_49 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

Google Chrome OS 130.0.6723.101 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

iOS 18.1 is a security update.
https://support.apple.com/kb/HT204204

iPadOS 18.1 is a security update.
https://support.apple.com/kb/HT204204

macOS 15.1 is a security update.
https://support.apple.com/kb/HT201541

Tails 6.9 is a security update.
https://tails.net/install/download/index.en.html

tvOS 18.1 is a security update.
https://support.apple.com/kb/HT202716

watchOS 11.1 is a security update.
https://support.apple.com/kb/HT204641

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.10.1 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

FRST 2024.11.12 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

FSS 2024.10.30 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

HTTP Toolkit 1.19.1 doesn’t provide a change log so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 5.2.1.144 resolves several bugs and hardens security controls. This should be treated as a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.4.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.5.0 improves WireGuard connectivity and improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.19.2 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.215 adds support for new detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

uBlock Origin 1.61.0 resolves over a dozen bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.0 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

PDF Creator 5.3.2 resolves several bugs and updates libraries. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.2.0.4 adds support for new sources and resolves several bugs.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.7 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.9 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.52 resolves a dozen bugs. This is not a security update.
https://1password.com/downloads/windows/

AppResourcesUsageView 1.06 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/app_resources_usage_view.html

balenaEtcher 1.19.25 updates SDK. This is not a security update.
https://etcher.balena.io/

Beyond Compare 5.0.3.30258 improves shell menu, updates libraries and resolves dozens of bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2024.10.4 resolves several bugs and improves auth methods and recovery. This is not a security update.
https://bitwarden.com/

CCleaner 6.29.11342 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.12 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Dell OS Recovery Tool 2.4.1.2181 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 11.45 improves configuration and language files. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.95.0 resolves several bugs and updates libraries. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-11-11 improves compatibility and adds a couple new features. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

ESEDatabaseView 1.75 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html

Etcher 1.19.25 updates SDK. This is not a security update.
https://www.balena.io/etcher/

ExplorerPatcher 22621.4317.67.1 improves compatibility. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fing 3.7.2 improves network insights and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.9.2 adds support for iOS 18 and iPhone 16. This is not a security update.
https://www.fonetool.com/download.html

Free Virtual Serial Ports 6.20.00.1466 adds support for virtual script ports and resolves a compatibility bug. This is not a security update.
https://freevirtualserialports.com/

GoodSync & GoodSync2Go 12.7.7 resolves several bugs and improves compatibility. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.6 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

GSmartControl 2.0.0 is a major update, reduces dependencies, improves input/output and scaling support. This is not a security update.
https://gsmartcontrol.shaduri.dev/

Homedale 2.14 is a cosmetic change. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.14 adds support for newer hardware, improves output details, and logging. This is not a security update.
https://www.hwinfo.com/download/

Memtest86+ 7.20 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.memtest.org/

MultiMonitorTool 2.15 improves compatibility and adds monitor position support. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NTLite 2024.11.10163 adds support for new components and resolves a couple bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1015 updates libraries, resolves a crash bug and improves clarity for sparse records. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.14.1 resolves several bugs. This is not a security update.
https://osquery.io/downloads

PowerToys 0.86.0 resolves several bugs and improves Advanced Paste, Workspaces, Mouse Jump and more. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.6.3 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 4.6 improves compatibility and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 24.3.7.9067 resolves several bugs. This is not a security update.
https://screenconnect.connectwise.com/download

Starwind V2V Converter 9.554 adds support for new disk image formats. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

TeamViewer 15.59.3 adds AI log generation, improved address book, reporting and a dozen bug fixes. This is not a security update.
https://www.teamviewer.com/en-us/download/

WhyNotWin11 2.6.1.1 adds TSV, improved logging, and resolves a couple bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WifiInfoView 2.95 improves error reporting. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinGet 1.9.25180 resolves more than 100 bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 9.11 improves compatibility and resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.22 adds MTP/PTP device support, improves compatibility, scaling support and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.2.1.11 resolves several bugs. This is not a security update.
https://developer.android.com/studio

DB Browser for SQLite 3.13.1 resolves several bugs. This is not a security update.
https://sqlitebrowser.org/

GDevelop 5.4.217 resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.9 resolves several bugs and updates libraries. This is not a security update.
https://desktop.github.com/

Go 1.23.3 resolves several bugs. This is not a security update.
https://go.dev/

Java 8u431 is a security update.
https://www.java.com/en/download/manual.jsp

Microsoft Visual C++ 2017 Redistributable 14.16.27052.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Microsoft Visual C++ 2019 Redistributable 14.29.30156.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Microsoft Visual C++ 2022 Redistributable 14.40.33816.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

MySQL ConnectorNet 9.1.0 resolves several bugs, including crash bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 22.11.0 is a security update.
https://nodejs.org/en/

Node.js 23.2.0 is a security update.
https://nodejs.org/en/

Redemption 6.6.0.6338 resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

SQLite 3.47.0 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.17.0.2 improves compatibility. This is not a security update.
https://tortoisegit.org/

TortoiseSVN 1.14.8 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.95.2 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.44 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.4 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.19 is a security update.
https://invisioncommunity.com/

Joomla 5.2.1 is a security update.
https://www.joomla.org/

Piwigo 15.1.0 is a security update.
https://piwigo.org/

Antispam Bee 2.11.7 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

BuddyPress 14.2.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 6.0 provides more than a dozen code and feature changes. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.11.2 resolves a charset bug. This should be treated as a security update.
https://wordpress.org/plugins/duplicator/

Interactive World Map 3.4.8 is a security update.
https://wordpress.org/extend/plugins/interactive-world-map/

Sucuri Security 1.9.6 improves reporting and log behavior. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WordPress Importer 0.8.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

WP Plugin Update Checker 5.5 resolves a couple bugs and improves debug and ZIP support. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

WPBakery 8.0 adds new features, improves controls, and resolves several bugs. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-07-09

Posted on July 9, 2024 by Shawn K. Hall

Today is Patch Tuesday for July, 2024.

There were 330+ major hacks, and over 360 application updates this month. It’s an average month, with about 3.0 GB of updates for most users.

This Month in Technology

3GL Technology Solutions, 50 Cent, Acrotech Biopharma Inc, Adobe Commerce and Magento, Advance Auto Parts, AEG Presents, LLC, Affirm, Agrani Bank, Agropur, Airtel, AJE Group, Alabama Education Department, Altoona Logan Township Mobile Medical Emergency Department Authority, Ambulnz Holdings, LLC, AMD, Amper Group, Amtrak, Android, Ann & Robert H. Lurie Children’s Hospital of Chicago, ANY.RUN, Apple, Arcis Golf, Árvakur, ASI, Association of Texas Professional Educators, Aultman Hospital, Authy, Baltimore 311 callers, Behavioral Health Response, Belle Tire, Benefit Management, Better Business Bureau, Bharat Sanchar Nigam Limited (BSNL), Bol d’air France, BootCDN, Bootcss, Brainworks Software, Bunger Steel, Cambridge University Press & Assessment, Canara Bank, CareDx, Inc, CDK Global (twice), Center for Digestive Health, Center for Human Capital Innovation, Change Healthcare, Channel 7 News Australia, Chicha San Chen, Chroma Color, Circle K Atlanta, CISA Chemical Security Assessment Tool (CSAT), Cisco Nexus switches, Cisco NX-OS, City of Cleveland, Ohio, City Of Coon Rapids, City of Helsinki, Finland, City of Newburgh, NY, Class Advisors, Coca Cola, Cognizant Open Insurance Policy Administration, CoinStats, Conference USA, Consulting Radiologists Ltd, Creative Realities, Credit Suisse, CredRight, Critchfield & Johnston, Crown Equipment, CTG Brands, CTSystem, Cukierski Associates LLC, Custom Concrete, D-Link DIR-859, Datamate Bookkeeping & Tax, Inc, DaVita Inc, Daystar, Derby School, Derbyshire County Council, Designed Receivable Solutions, Inc, Deskcenter, DG3 North America, Inc, Diogenet SR, Docker containers, Dordt University, Eagle Materials, Egyptian Health Department, Ejército del Per, Elite Fitness, Elite Limousine Plus Inc, Elyria Foundry, EqualizeRCM, Ernst & Young LLP, Escondido Union High School District, Esquerra Republicana de Catalunya, Ethereum’s mailing list provider, eVeridis, Evolve Bank & Trust, Facebook PrestaShop module, Fareri Associates, FBT Transport, Financial Business and Consumer Solutions, Inc, Florida Department of Health, Fortra FileCatalyst Workflow, Francesco Parisi, French Diplomats, Fédération Internationale de l’Automobile (FIA – Formula 1), GBA GROUP, GCash, Geisinger Healthcare, Ghostscript library, GitLab, GlobalWafers, Globe Life, Goodman Reichwald-Dodge, GoodTemps, Google Chrome, Gorrie-Regan, Grandstream GXP2135, Great Lakes International Trading, Greylock McKinnon Associates, Inc, Grupo Amper, HackerOne, Harvey Construction, HealthEquity, Hedrick Brothers Construction, Hey You, Highland Health Systems, HubSpot, Human Technology Inc, Husky Owners, Hydmech, INDA’s, India’s National Disaster Management Authority (NDMA), India’s Regional Cancer Centre, Indonesia’s National Data Center, Indonesian Directorate General of Civil Aviation, Infosys McCamish Systems, Innerspec Technologies, Innomar Strategies, Intel CPUs (Indirector), Internal Revenue Service (IRS), Internal Security Operations Command (ISOC), Island Transportation Corp, JM Thompson, Jollibee Group, Jordan’s Ministry of Education, Juniper Networks Session Smart Router, Juniper Networks Session Smart Conductor, Juniper Networks WAN Assurance Router, Kadokawa Corporation, Kairos Health Arizona, Inc, Kansas City, Kansas Police Department, KBC Zagreb, Key Benefit, Kinter, Kito Canada, Kraken crypto exchange, Ladco, Lake Medical Group, Landmark Life, Learnosity, Legend Properties, Inc, Len Dubois Trucking, LevelOne WBR-6013, Levi Strauss, Lexibar, Lindex Group, LivaNova, Longview Oral & Maxillofacial Surgery, Los Angeles County Department of Public Health, Louisiana Special School District, Mailcow Mail Server, Manchester City Football, Maryhaven, Mass General Brigham, Maxicare, MD Now Urgent Care, MEL Aviation Ltd, Mercku, MGF Sourcing, Microsoft Azure Machine Learning Services, Microsoft email, Microsoft O365, Microsoft PlayReady DRM, Middletown Township, Mitsubishi Electric Software, ModPlan, Mount Kisco Surgery, Mountjoy, MOVEit, National Identity Management Commission of Nigeria, National Publisher Services LLC, Neiman Marcus, NetOne, Niconico, OCEANAIR, Olson & Co Steel, Opaxe, OpenAI (twice), OpenSSH server, P Kaufmann, Palomar Health Medical Group, Patelco Credit Union, Payne & Jones, Pediatric Urology Associates, Peterbilt of Atlanta, Philippine Health Insurance Corporation, Philippine Maritime Authority, Phoenix SecureCore UEFI firmware, Pinnacle Orthopaedics & Sports Medicine Specialists LLC, Planar, Plavan Commercial Fueling Inc (“P-Fleet”), Polyfill.io, Prairie Athletic Club, Privia Medical Group of Georgia, Progress MOVEit Transfer, Progress Software Corporation WhatsUp Gold, ProMotion Holdings, Providence Mission Heritage Endocrinology, Prudential Financial, PT Latinusa, Puyallup Tribe, Radiology and Imaging Specialists, Rappi, REA Wire, Realtek rtl819x, Rejetto HTTP File Server (HFS), Rider, Roblox Developer Conference, Rockford Public School District, Rockwell Automation’s PanelView Plus, Rolls-Royce, Sacred Heart Community Service, Samaritan Health Services, Inc, Sanyo Shokai, Scout Energy Partners, Scrubs And Beyond, Seagulf Marine Industries, Sensory Spectrum, Sharp printers, Shinnick & Ryan, Shoe Zone, Shopify third-party app, SiriusXM, Sirva, SkinCure Oncology, Sky-light, SkyPartsUSA, SlowMist, Smartweb, Sofidel, SolarWinds Serv-U, South Africa’s National Health Laboratory Service, SouthCoast Health, Special Health Resources, Spike Chunsoft, Staticfile, Steps to Life, Suminoe, Synnovis Pathology, Taj Hotel Group, TeamViewer, TETRA Technologies, Texas Recycling, Texas Retina Associates, The Ambulatory Surgery Center of Westchester, The Northwestern Mutual Life Insurance Company, The Union Labor Life Insurance Company, Ticketmaster LLC, Toshiba printers, Total Fitness, Tp-Link ER7206 Omada Gigabit VPN Router, TPI, TPOCC, Traderie, Transit Mutual Insurance Corporation, Transport Laberge, Trisun Land Services, Truist Bank, Turkish Government Websites, Twilio, UEFA, UK Post Office, US Dermatology Partners, UwU Lend, Vanguard, Vanna AI, Ventura County Credit Union, Victoria Racing Club, VirtualBox, Virum Apotek, Waupaca County, WI, West Clermont Schools, Western Mechanical, Westview Co-op, Wind Composite Services Group, LLC, Windows Wi-Fi driver (still vulnerable!), Wisconsin Department of Health Services, Wise Payments, Woodruff-Sawyer & Co, WordPress.org, World inquest, Yieldstreet, Zadig & Voltaire, Zaire National Health Laboratory Services, Zerto, Zimbabwe Anti-Corruption Commission, and Zotac have reported hacking or compromises this month.

CDK Global, Cloudflare, OVHcloud, and Xbox Live have suffered from outages this month.

Last months updates broke AuthLite on Domain Controllers, Windows Update, Show Desktop preferences, Windows Taskbar, Windows language packs, and Windows virtualization services.

A new proof-of-concept (SnailLoad) demonstrates how to exploit latency to track a victim’s online activity.

Microsoft’s WSUS driver synchronization will be going away along with WordPad.

The Supreme Court has struck down efforts to hold the federal government responsible for their violations of the first amendment. The US federal government has proven itself impotent to investigate SolarWinds for the most significant hack of all time.

Now for the good news:

The EU Commission has put Meta on notice that their “pay or consent” model breaches EU law.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is about average this month. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates to address 143 vulnerabilities in .NET and Visual Studio, Active Directory Federation Services, Active Directory Rights Management Services, Azure CycleCloud, Azure DevOps, Azure Kinect SDK, Azure Network Watcher, Intel, Line Printer Daemon Service (LPD), Microsoft Defender for IoT, Microsoft Dynamics, Microsoft Graphics Component, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Streaming Service, Microsoft Windows Codecs Library, Microsoft WS-Discovery, NDIS, NPS RADIUS Server, Role: Active Directory Certificate Services; Active Directory Domain Services, Role: Windows Hyper-V, SQL Server, Windows BitLocker, Windows COM Session, Windows CoreMessaging, Windows Cryptographic Services, Windows DHCP Server, Windows Distributed Transaction Coordinator, Windows Enroll Engine, Windows Fax and Scan Service, Windows Filtering, Windows Image Acquisition, Windows Internet Connection Sharing (ICS), Windows iSCSI, Windows Kernel, Windows Kernel-Mode Drivers, Windows LockDown Policy (WLDP), Windows Message Queuing, Windows MSHTML Platform, Windows MultiPoint Services, Windows NTLM, Windows Online Certificate Status Protocol (OCSP), Windows Performance Monitor, Windows PowerShell, Windows Remote Access Connection Manager, Windows Remote Desktop, Windows Remote Desktop Licensing Service, Windows Secure Boot, Windows Server Backup, Windows TCP/IP, Windows Themes, Windows Win32 Kernel Subsystem, Windows Win32K – GRFX, Windows Win32K – ICOMP, Windows Workstation Service, XBox Crypto Graphic Services, and MSRT. This includes security updates. A reboot is required.

Apple released updates for AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Google Chrome OS 126.0.6478.132 and 120.0.6099.315 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AirPods Firmware Update 6A326 is a security update.
https://support.apple.com/HT214111

AirPods Firmware Update 6F8 is a security update.
https://support.apple.com/HT214111

AMD Adrenalin 24.6.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.amd.com/en/support

Beats Firmware Update 6F8 is a security update.
https://support.apple.com/HT214111

Nvidia Driver 475.14 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

TP-Link Archer AX72 v1.60 240426 is a security update.
https://www.tp-link.com/us/support/download/archer-ax72-pro/#Firmware

UniFi U6 Professional 6.6.73 resolves dozens of bugs. This is not a security update.
https://www.ui.com/download/software/u6-pro

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.67.123 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 128.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 126.0.6478.126 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 126.0.2592.87 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.8.3381.46 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.53 resolves a stray field at the end of exported data. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

ProtonMail (Android) 4.0.15 improves security and message header view. This is a security update.
https://proton.me/mail/download

Spark 3.16.7.78552 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.16.7.78551 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.12.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 202.4.5551 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 215.2.0.11.211 is a security update.
https://www.messenger.com/download

FreeFileSync 13.7 adds symlink support and resolves a couple bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 92.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

Microsoft Teams 1.7.00.17051 improves third-party app experience and adds bookable desks. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.3 updates dependencies and resolves several bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.67.0 is a security update.
https://rclone.org/

Signal 7.15.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.10.3 improves linked devices. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.27.9 resolves several bugs and updates dependencies. This is not a security update.
https://syncthing.net/

Technitium DNS Server 12.2.1 resolves a couple bugs. This is not a security update.
https://technitium.com/dns/

Telegram 5.2.3 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.14.3 updates libraries and resolves several bugs. This is not a security update.
https://telegram.org/apps

Trillian 6.5.0.40 resolves dozens of bugs. This should be treated as a security update.
https://www.trillian.im/

Trillian Mac 6.5.0.43 doesn’t provide a change log so should be treated as a security update.
https://www.trillian.im/

Zoom 6.1.1.41705 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.6 resolves a user interface bug. This is not a security update.
https://en.3tene.com/

darktable 4.8.0 adds a color equalizer, canvas enlargement, overlay support, performance improvements and resolves over 50 bugs. This is not a security update.
https://www.darktable.org/

Grayjay 249 adds support for Spotify, YouTube Channel Playlists, Nebula, Odysee, and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

KaraFun Player 2.6.2.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.karafun.com/karaokeplayer/

Plex Desktop 1.96.0.177 resolves a bug displaying Genre. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.64.0.170 updates libraries. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.3.8555 resolves several bugs and adds automatic 64-bit upgrade to 32-bit installs on 64-bit hardware. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.2.02 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PS5 2024.702 resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-06-20 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 24.002.20895 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Premiere Pro 24.5 and 23.6.7 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb24-46.html

Adobe InDesign 19.4 and 18.5.3 are security updates
https://helpx.adobe.com/security/products/indesign/apsb24-48.html

Adobe Bridge 13.0.8 and 14.1.1 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-51.html

Artweaver 7.0.17 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 7.13.0 adds ability to generate a CSV catalog and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

GnuCash 5.8 adds ability to move accounts into sub-accounts of another account. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.05.2 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.4.70904 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Krita 5.2.3 resolves 20 bugs. This is not a security update.
https://krita.org/en/download/

Manager 24.7.7.1713 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.2 resolves a couple bugs. This should be treated as a security update.
https://nextcloud.com/

PDF-XChange Editor 10.3.1.387 adds several new settings and resolves dozens of bugs. This is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240529-R16_17 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240529-R13_14 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.9.1-2 improves CLI and dump support, and fixes macOS builds. This is not a security update.
https://github.com/countercept/chainsaw

FSS 2024.6.20 doesn’t have a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

JShelter 0.18.1 resolves several bugs. This is not a security update.
https://jshelter.org/install/

RogueKiller 15.17.4 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SanDisk PrivateAccess 6.4.11.0 doesn’t provide a change log so should be treated as a security update.
https://support-en.wd.com/app/answers/detailweb/a_id/48025

Stinger 13.0.0.138 adds support for several new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.4 updates libraries and resolves several bugs. This is a security update.
https://tails.net/install/download/index.en.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.0 adds support for new encodings and resolves a compatibility bug. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.8.1 resolves several bugs and updates libraries. This is not a security update.
https://handbrake.fr/

StreamFab 6.1.8.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.35 is a security update.
https://1password.com/downloads/

7-Zip 24.07 improves stability. This is not a security update.
https://www.7-zip.org/

AOMEI Partition Assistant 10.4.1 resolves several bugs. This is not a security update.
https://www.diskpart.com/

Beyond Compare 5.0.0.29773 is a major update, adding dark mode, improved wrapping and table behavior, improved media compare, performance improvements and more. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 2024.6.4 improves legacy migration, administration and self-hosting. This is not a security update.
https://bitwarden.com/

CCleaner 6.25.11131 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z 2.10 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 11.29 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.29.0 resolves several bugs. This is a security update.
https://dngrep.github.io/

Everything Toolbar 1.3.4 resolves several bugs. This is a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3527.65.5 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.58 removes Windows 8.1 downloads. This is not a security update.
https://github.com/pbatard/Fido/releases

FolderChangesView 2.36 adds option to Save All Items. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

FoneTool 2.8.0 adds support for iOS 18, ringtone management and fixes bugs in the ringtone maker. This is not a security update.
https://www.fonetool.com/download.html

Go 1.22.5 is a security update.
https://go.dev/

GoodSync 12.7.2 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.3 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

HWiNFO 8.04 improves hardware support and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

ManageWirelessNetworks 1.14 adds option to set connection mode. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NTLite 2024.7.9997 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1008 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PingInfoView 3.15 resolves IPv6 address parsing and menu configuration. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.82.0 improves stability and resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcessMonitor 4.01 adds color display. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Recuva 1.54.120 adds license changes. This is not a security update.
https://www.ccleaner.com/recuva

SetUserFTA 1.8.2 doesn’t provide a change log so should be treated as a security update.
https://setuserfta.com/

Speccy 1.33.75 adds support for new hardware and improves licensing. This is not a security update.
https://www.ccleaner.com/speccy

Starwind V2V Converter 9.509 adds support for new conversions and improves performance. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

WhyNotWin11 2.6.1.0 resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinGet 1.8.1791 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.88 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.7 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.1.1.11 doesn’t provide a detailed change log so should be treated as a security update.
https://developer.android.com/studio

AutoHotkey 2.0.18 resolves a couple bugs. This is not a security update.
https://www.autohotkey.com/download/

GameMaker Studio 2024.6.1 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.4.205 improves performance, adds several new actions and variables, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.2 resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.3.2 resolves a bug in text parsing. This is not a security update.
https://www.jrsoftware.org/isdl.php

MySQL ConnectorNet 9.0.0 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 18.20.4 is a security update.
https://nodejs.org/en/

Node.js 20.15.1 is a security update.
https://nodejs.org/en/

Node.js 22.4.1 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.91 adds support for several new features. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.16.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.humhub.com/en

ISPConfig 3.2.12 resolves several bugs, improves compatibility, and adds a couple new features. This is not a security update.
https://www.ispconfig.org/ispconfig/download/

Joomla 5.1.2 is a security update.
https://www.joomla.org/

ownCloud Client 5.3.1.14018 resolves a linking bug. This is a security update.
https://owncloud.com/desktop-app/

WordPress 6.5.5 is a security update.
https://wordpress.org/

bbPress 2.6.11 resolves over a dozen bugs. This is not a security update.
https://wordpress.org/extend/plugins/bbpress/

Contact Form 7 5.9.6 resolves a compatibility bug. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.10 resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar 2.7.1 resolves a button bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

NextScripts Social Networks Auto-Poster 4.4.6 is a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Sucuri Security 1.9.1 adds support for configuring the cache-control header. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WPBakery 7.7.2 resolves a couple bugs. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-05-14

Posted on May 14, 2024 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for May, 2024.

There were 580+ major hacks, and over 460 application updates this month. It’s an insanely big month, with about 5 GB of updates for most users.

This Month in Technology

First, let me apologize for this list. It’s 3x longer than it was only a couple months ago and that’s not really my fault. I really want to keep sharing the hacked lists but at the rate it’s going 3/4 of the newletter will just be the list by the end of Summer. I’m going to need to rework this next month when I have more time.

1+1 Media, 4LEAF, Inc, A123 Systems, Access Intelligence, Accor, ACFIN SA, Active PCB Solutions, Acurrate Lock & Hardware, ADCOM911, Advanced Business Networks, Advarra, Inc., Aero Tec Laboratories Inc, Aetna ACE, Affordable Payroll & Bookkeeping Services, Agate Construction, Agency for the Sustainable Development of the Saint Nazaire Region, France, AirAsia Group, Airsoft, Allianz Global Risks U.S. Insurance Company, Alltruck Bodies, Alrajhi Bank, Altipal S.A.S, Amazon, Amberstone Security, AMD Radeon DirectX 11 Driver, American Builders Outlet, American Renal Associates, American Renal Management, Andovers Federal Credit Union, APS – Automotive Parts Solutions, Arbitrum, Argentina’s national registry, Army Welfare Trust, Array Networks, Asantee Games, Asbury Automotive Group, Ascension healthcare, Ashley Home Stores, Aspire Health Alliance, Astra Daihatsu Motor (ID), AT&T, Atlantic States Marine Fisheries Commission (ASMFC), Aussizz Group, Autodesk Drive, Axip Energy Services, Ayesa, B&G Foods, Badger Tag & Label, Banco Santander, Banten Regional Development Bank Tbk, Barclays Bank, Base Network, Bay Oral Surgery & Implant Center, Bağcılar Training and Research Hospital, Bega Valley Council, Belarusian KGB, Belvedere Vodka UK, BenefitsCal, Berry, Dunn, McNeil & Parker, Best Reward Federal Credit Union, BetterHelp, Bharat Sanchar Nigam Limited (BSNL), BHF Couriers, Biggs Cardosa Associates, Inc., Bira 91, Bitfinex, Blackstone Valley Community Health Care, Blooms Today, Bluebonnet Trails, Bluegrass Care Navigators, BMW BANK, Bodyartforms LLC, Boeing, Bradford-Scott, Brandywine Realty Trust, BreachForums, Bridgeway Center, Inc., British Columbia, Canada, Brocade SANnav SAN Management Software, Brovedani Group, Bundeswehr, Byron council, Café Soluble, California library system, Calumet Civil Contractors, Inc, Camino Nuevo Charter Academy, Canatal Industries, Canberra club, Cannes hospital, Cariboo library system, Carpetright, Catholic Diocese of Cleveland, Catholic Medical Center (CMC), CCM Health, Central Bank Argentina, Central Carolina Insurance Agency Inc, Central Florida Equipment, Central Power Systems & Services, Central Virginia Federal Credit Union, Change Healthcare, Channel Logistics LLC, Chemring Group, Cherry Health, Chicony Electronics, Chirp Systems, Christie’s Auction House, Cisco Duo, Cisco Integrated Management Controller (IMC), City of Buckeye, AZ, City of Donges, France, City of El Cerrito, California, City of London, UK, City of Pensacola, Florida, City of Wichita, Kansas, Cleveland Catholic Diocese, Community First Credit Union, Confins Transport, Consensus Medical Group, Consol Energy, Continuum Health, Coppel, Coradix-Magnescan, CorporateStack, Costa Edutainment SPA, Council for Relationships, County of Coffee, Georgia, County of Hernando, FL, County of Jackson, MO, County of Los Angeles, CA, Department of Health Services, County of Robeson, NC, County of San Bernardino, CA, CrushFTP, Cushman Contracting Corporation, CyberPower UPS, D-Link Devices, Daoust, Dawson Creek, Deeside Timberframe, Delinea Secret Server, Dell, Dental Group of Amarillo, Dental Health Services, DES Architects and Engineers,
Designed Receivable Solutions, Deutsche Telekom, Digi Yatra Foundation, Dijk, Discord, District of Columbia’s Department of Insurance, Securities and Banking (DISB), DocGo, Dominican Republic vaccination data, Donco Air, Doyon Drilling, Drive Sally LLC, DRM Arby’s, Dropbox Sign, Duvel Moortgat, D’amico & Pettinicchi, LLC, E-ZPass, East Central University, OK, Eden Project, Edlong and Holstein Association USA, Educational Computer Systems, EduMarket, Efrat Airlines, Egypt Ministry of Supply and Internal Trade, El Salvador, El Salvador’s Chivo Wallet, Electric Mirror, Empath Health, Engineered Automation of Maine, Enstar, Epilepsy Foundation of Metro NY, EqualizeRCM and 1st Credentialing, Ernest Health, Eucatex, European Parliament, Europol, EvoBanco, F5 Central Manager, Feldstein & Stewart, Fic Expertise, Financial Business and Consumer Solutions (FBCS), Firstmac, FiXBET, Floirac, Footdistrict, Fort Worth, Texas, Foxit Reader, French Ministry of Agriculture, Frontier Communications, FrotCom, GBI Genios, Gerber Life Insurance Company, Giant Tiger, GitHub Search, GitLab, Glendale Unified School District, Glints, Global Tel Link, Google Chrome, Google, Graphic Solutions Group Inc, Grassroot DICOM, Great Firewall of China, Green Diamond Resource Company, Greylock McKinnon, Grindr, Grodno Azot, Group Health Cooperative of South-Central Wisconsin (GHC-SCW), Guadeloupe, Canada, Guardant Health, Inc., Guardian Analytics, Hapy Bear Surgery Center, Hardeman County Community Health Center, Hedgey Finance, Helapet Ltd, Helsinki Education Division, Heritage Cooperative, High Performance Services, Hillsong Church, Hirsh Industries, Hit Promotional Products, Home Depot, Hong Kong Arts Development Council, Hong Kong College of Technology, Hong Kong Fire Department, Hong Kong Union Hospital, Hooker Furniture, Hosocongty, Hospital Simone Veil, 100 hotels in Japan, Houser LLP, Hoya Optics, HP, HPE ArubaOS Devices, HSBC Bank, HTW, Hub International Limited, Human Events, IBM’s Enterprise Terminal, iCabbi, ICICI Bank, IDS Michigan, Illinois State Credit Union, Illinois Tollway, In The Know, India’s Central Board of Secondary Education (CBSE), India’s HRYLabour, India’s ICICI Bank, Ingo Money Inc, Inland Physicians Billing Services, Intel CPUs (Spectre v2), Intel Hardware Firmware, Interim Healthcare of Lubbock, International Baccalaureate Exam, Inventum Øst, Iranian Pipeline Company, Iress Ltd, Israel Electric Corporation (IEC), Israeli Real Estate Companies, ISTA International GmbH, It4 Solutions Robras Corp, Italian Red Cross Network, Ivanti Avalanche, J.P. Morgan Chase, JE Owens, Kaiser Foundation Health Plan, Inc., Kaiser Permanente, Kameymall, Kansas City Scout System, Keenan & Associates, Kintetsu World Express, Kisco Senior Living, KISTI SMART K2C, Kowloon Shangri-La, La Chapelle-des-marais, France, Ladakh Social Welfare Department, Lamont Hanley & Associates, Latvian TV Channels, LDLC, Le Slip Français, Leicester City Council, Lenovo Hardware Firmware, Lewis & Clark College, LG TVs, Lieberman LLP, Lilly Drogerie, Lincoln Project, LiteSpeed Cache, LivaNova, LiveHelpNow, LocalPlace JP, London Drugs, London Stock Exchange Group, Lopesan Hotels, Lotz Trucking, Lpdb Kumkm, LRB Info Tech, Lukfook Jewellery, Lumina Americas, Luxor, LYON TERMINAL, M2E Consulting Engineers, Macedonian Joint Stock Company, Madata, Magnet+, Malone & Co, Manchester’s Catholic Medical Center, Marpai Health, Mauritzon, McKinley Packing, Medequip Assistive Technology, Medical Home Network, MediExcel, Medios de Prevención Externos Sur SL, MedStar Health, Meduza, Mellitah Company, Mercedes, Merchants Benefit Administration, Metropolitan Life Insurance Company, Microsoft, Microsoft Azure Entra ID, Microsoft Outlook, Missouri Electric Cooperatives, Moffitt Cancer Center and Research Institute, Moldova Government, MoldTech, Molen & Associates, Monash Health, Monday.com, MongoDB, Monocon, Montoir-de-Bretagne, France, Moscow Moskollector, MovieBoxPro, MRA – The Management Association, Mt Hira College, Myers Automotive Group, National Energy Research Scientific Computing Center (NERSC), Nespresso, Nestle, New Boston Dental Care, New Hudson Facades, New Mexico Administrative Office of the District Attorneys, New Mexico Highlands University, New York’s state legislature, Nexperia, NHS Dumfries and Galloway, NK Parts Industries, NorthBay Health, Nota by M&T Bank and TTEC Databases, Nothing, Nova Scotia Health, NRS Healthcare, Numotion, NVIDIA, OakBend Medical, Octopharma Plasma, OE Federal Credit Union, Ogero, Ohio Lottery, Okta, Olson Steel, Olympus Group, OracleCMS, OraSure, Original Herkimer Cheese, OrthoConnecticut, Outabox, Pacific Guardian, Pak Suzuki, Palo Alto Networks PAN-OS, Panda Restaurant Group, Pandemonium Rocks, Panoramic Health, Parent Teacher Association (PTA), Paris Saint-Germain (PSG), Parklane Group, Patricia AI, Paychex, Inc., Paytm, Pennsylvania Convention Center, Pennsylvania Insurance Department, Peplink Smart Reader, Persyn, Philadelphia Inquirer, Philips Respironics, Phoenix Business Consulting, PHP, Pifer’s Auction & Realty, Pilot, Pinnacle Engineering, Pinnacle Orthopaedics, Pioneer Oil Company, Inc, Piping Rock, Police Service of Northern Ireland (PSNI), Porniche, France, Pratham, Precision Fluid Controls, Premier Dermatology, Prisma Finance, Pro Metals LLC, Process Solutions, Procuraduría General de la República, Profile Products, Progress Flowmon, Promarka Peru, Pub And Club, Public service of Wallonia, PWS – The Laundry Company, Qantas, QNAP, Quebec CEGEPs, RAF El Salvador, Randolph Health, RaySharp, RB Woodcraft, Reading Electric, Rebound Orthopedics & Neurosurgery, Recology, Redwood Coast Regional Center, Rehabilitation Hospital of Southern New Mexico, Reliable Networks, Rocky Mountain Sales, Roku, Romeo Pitaro Injury and Litigation Lawyers, Rushd Bookstore, Rutgers University, Räddningstjänsten Vä stra Blekinge, Sachkhere, Sahara Bank, Saint-Nazaire, France, Sanok Rubber Company, Saudi Water Facilities, Scanda Group, Scigames, Scottish health board, Seaman’s Mechanical, SEK Studio, Seneca Nation Health System, Sentry Data Management, Servicio Móvil, Shadow, Siemens Manufacturing, Sigmund Espeland, Signature Healthcare Services LLC, SigningHub, Simmons Perrine Moyer Bergman PLC, Singapore’s Ministry of Education, Singapore’s Mobile Guardian, SinglePoint Outsourcing, Inc., SIS Automatisering, Sisense, Skanlog, Sleep Data Holdings, LLC, Sleep Management Institute, Smoke Alarm Solutions, SOA Architecture, Softura, Somerset Dental Las Vegas, Somerville, Sonadev, France, South Africa’s International Trade Administration Commission (ITAC), South Korean courts, South Korean cable & satellite, South Korean Defense Companies, South Texas Oncology and Hematology, Space X, Space-Eyes, Speedy France, Sri Lanka’s visa system, SSCL, SSS Australia, St-Jerome Company, St. Helena Public Library, Stainless Foundry & Engineering, StarWallets, States of Guernsey, Sterling Holidays, Sterling Plumbing Inc., Studio LAMBDA, Swisspro, SynLab Italia, Sysmex America, Inc, T2 Tea Australia, Tamil Nadu Police, Tappware, Targus, Tatarstan, Russia, Taxi Software, Ted Brown Music, Telecom Argentina, Telit Cinterion modems, Texas Retina Associates, The Epilepsy Institute, The Georgia Institute for Plastic Surgery, The Heritage Foundation, The Kennedy Collective, The Lagunitas Brewing Company, The Line Up, Inc, The May Institute, Inc., The Philadelphia Inquirer, PBC, The Post and Courier, The Post Millennial, The Prudential Insurance Company of America, The Roman Catholic Diocese of Phoenix, The State of Kansas Office of Judicial Administration, The Tech Interactive, Theatrixx Technologies, Therapeutic Health Services, 50,000 Tinyproxy servers, Tipton Municipal Utilities, IN, Toolmarts, Toronto Transit Commission, Transamerica Life Insurance Company, Trib Total Media, True Homes, LLC, TRUE Solicitors, Trylon Srl, Tyler Technologies, UAE Government, UK Government’s System Database, UK Ministry of Defence, UK Royal Mail, 20 Ukrainian Energy and Water Sites, Ukrainian TV, United Nations Development Programme, University of Alabama, University of Alberta, University System of Georgia (USG), US Air Force Academy (USAFA), US Atlantic Fisheries, US Coast Guard Reserve, US Consumer Database, US Health and Human Services (HHS), US Internal Revenue Service (IRS), US Medicare, US Patent and Trademark Office, US Space Forces (USSF) Military Bases, USA Health Providence Hospital, Utica Mack, Valley Mountain Regional Center, Valley Veterinary Clinic, LLC, Van Gogh Museum, Varo Bank, N.A., Veeam, Velvet Capital, Verizon, Victorian Ambulance Union, Virginia Union University, VirtualBox, Visionary Integration Professionals, VMware Cloud Foundation, VMware ESXi, VMware Fusion Pro/Fusion, VMware Workstation Pro/Player, Void Interactive, Volkswagen, VPN traffic (TunnelVision), VTRP, W.I.S. Sicherheit-Service GmbH & Co. KG, Washington State’s Swinomish Casino and Lodge, WebTPA Employer Services, LLC, WEL Partners, Wells Fargo, Welsh Government, Wescom Central Credit Union, West Idaho Orthopedics and Sports Medicine, Westboro Baptist Church, WhatsApp, Windows, Windows Apps, Windows Print Spooler, WOM, World Architects, World-Check, WP Forminator plugin, WP-Automatic Plugin, Xiaomi, Yale Mortgage, YRW Limited – Chartered Accountants, ZA Government Employees Pension Fund’s (GEPF), ZircoDATA, and Zscaler Inc have reported hacking or compromises this month.

Central Power Systems & Services, Final Fantasy, Frontier Communications, Kansas City’s official website, Ogero, Reddit, and Telegram have suffered from outages this month.

Last months updates broke Outlook, Windows (thanks ManageEngine), and VPN connections.

An update to ManageEngine has caused thousands of Windows machines to fail to boot. I guess that’s one way to make sure that they can’t be hacked through ManageEngine vulnerabilities?

Windows has officially added advertisements to the Windows 11 Start Menu.

The PuTTY Pageant key generation weakness will require millions upon millions of certificates to be rekeyed.

The Windows Boot Manager update released in January still has no automated fix from Microsoft. Third parties have created several methods of installing the update, and the closest-to-perfect automation yet requires seven (7!) restarts.

Microsoft has announced plans to implement fully locked down DNS via a pairing of DNS and the firewall, branded Zero Trust DNS – ZTDNS.

A recent technical paper described the process of using LLM (GPT-4) to automate the process of building exploits for newly discovered vulnerabilities. Reviews of the paper tend to acknowledge that it can be used in this fashion but focus instead on the use of the word “autonomously” which they treat as sentience. No guys, the paper isn’t saying that Skynet is here, just that LLMs are getting to the point where they can build functional exploit code based on brief descriptions of vulnerabilities.

I first saw the description of “Kobold Letters” a couple months ago. While a very creative use of CSS and an interesting idea, what are the chances that this kind of thing would actually be used in real life? 100%. I’ve now seen this behavior on three different client mail accounts in Microsoft Online and Gmail.

The founder of Telegram has publicly reported that the FBI pressured an employee to build a backdoor into the system. They refused.

Thunderbird has added Microsoft Exchange support. This means you won’t be forced to use the “New Outlook” crapp to access your Microsoft Exchange accounts. 🙂

Now for the good news:

We won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is insane this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released updates to address 67 vulnerabilities in .NET and Visual Studio, Azure Migrate, Microsoft Bing, Microsoft Brokering File System, Microsoft Dynamics 365 Customer Insights, Microsoft Edge (Chromium-based), Microsoft Intune, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Microsoft Windows Search Component, Power BI, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows CNG Key Isolation Service, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Deployment Services, Windows DHCP Server, Windows DWM Core Library, Windows Hyper-V, Windows Kernel, Windows Mark of the Web (MOTW), Windows Mobile Broadband, Windows MSHTML Platform, Windows NTFS, Windows Remote Access Connection Manager, Windows Routing and Remote Access Service (RRAS), Windows Task Scheduler, Windows Win32K – GRFX, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.

Oracle released 441 security updates this quarter to address vulnerabilities in 119 applications.
https://www.oracle.com/security-alerts/cpuapr2024.html

Apple released updates for iOS 16.7.8, iOS 17.5, iPadOS 16.7.8, iPadOS 17.5, iTunes 12.13.2 for Windows, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, Safari 17.5, tvOS 17.5, and watchOS 10.5. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 6.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.5 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.5 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 124.0.6367.154 and 120.0.6099.310 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 40-1.14 is a major update, replacing BerkeleyDB with alternatives, updating libraries, and including adding new features and defaults. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.4.1 adds support for new software, performance improvements, and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 12.1.0 improves tooltips, and resolves a couple bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Dymo Connect for Desktop 1.3.2.18 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dymo.com/label-makers-printers/labelwriter-label-printers/dymo-labelwriter-450-duo-thermal-label-printer/SAP_1752267.html

TP-Link Archer AX55 v1 240325 adds almost a dozen new features, improves stability and resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

TP-Link Archer AX73 v2.0 240323 resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

UniFi Network Server 8.1.127 enhances firewall rules visibility, adds tunnel IP addresses, OSPF dynamic routing support, and resolves a dozen bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.1.19.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Wacom Driver 6.4.6-1 adds support for newer hardware, resolves several bugs and improves stability.
https://www.wacom.com/en-us/support/product-support/drivers

Xerox Smart Start 2.0.34.0 doesn’t provide a change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.65.133 is a security update.
https://brave.com/

Firefox 126 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 124.0.6367.207 is a security update.
https://www.google.com/chrome/

Microsoft Edge 124.0.2478.97 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.7.3329.29 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.15.5.72973 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.15.5.72972 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.10.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.10 is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.0.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 199.4.6287 removes a cosmetic defect. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 211.0.0.18.236 is a security update.
https://www.messenger.com/download

FileZilla Client 3.67.0 is a security update.
https://filezilla-project.org/

FileZilla Server 1.8.2 is a security update.
https://filezilla-project.org/

FreeFileSync 13.6 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 90.0 resolves several bugs. This is the last version to support macOS 10.15 – if your hardware can not support macOS 11 you should have already removed it from the Internet, but if not, please take this as one more signal that it’s time to replace it.
https://drive.google.com/start

Microsoft Teams 1.7.00.10152 resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.0 is a major update, resolving dozens of bugs, updating libraries, and improving workflow and design. This should be treated as a security update.
https://nextcloud.com/

Nmap 7.95 adds over 6,500 more fingerprints, new scripts and resolves several bugs. This is a security update.
https://nmap.org/

PuTTY 0.81 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Signal 7.8.0 adds emoji call responses and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.6.2 adds emoji call responses, adds sent message editing, and resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Skype 8.116.0.213 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.27.7 resolves a potential security bug.
https://syncthing.net/

Telegram 5.0.1 resolves several bugs. This is not a security update.
https://telegram.org/

USB Drive Log 1.13 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/usb_drive_log.html

Z-Library 1.02 doesn’t provide a change log so should be treated as a security update.
https://z-library.se/z-access#desktop_app_tab

Zoom 6.0.4.38135 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.4 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.9 resolves several bugs. This is a security update.
https://www.bitwig.com/download/

Grayjay 240 adds several new features, sources, improvements, and resolves a dozen bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.2.3 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.92.1.140 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.60.1.134 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.2.8395 resolves several bugs, including an installation path issue. If you used a custom path you will need to uninstall and reinstall in order for future automatic updates to work correctly. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2024.4.0.137 changes homepage. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.201 resolves several bugs and improves interface. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.81.01 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.20.6 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 18.0.1 resolves several bugs. This is a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.430 resolves several bugs and improves hardware support. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-05-13 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
By the way, we won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

SteamOS SteamDeck Update 2024-05-03 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat and Reader 24.002.20759 and 20.005.30636 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-29.html

Adobe Aero 0.24.4 is a security update.
https://helpx.adobe.com/security/products/aero/apsb24-33.html

Adobe Animate 23.0.6 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-36.html

Adobe Dreamweaver 21.4 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb24-39.html

Adobe FrameMaker 2020.6 and 2022.4 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-37.html

Adobe Illustrator 28.5 and 27.9.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-30.html

Adobe Substance 3D Designer 13.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-35.html

Adobe Substance 3D Painter 10.0.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html

Aronium 1.43.0.2 adds dual currency and night theme, improves refund behavior, and resolves several bugs. This is not a security update.
https://aronium.com/

Audacity 3.5.1 adds a bunch of new features and resolves dozens of bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.10.0 adds export support, spell check, color inversion and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.6 improves wrapped line caompatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Formatta Filler 8.19.0.4 doesn’t provide a change log so should be treated as a security update.
https://formatta.com/formatta-products/complete-submit/

GIMP 2.10.38 doesn’t provide a detailed change log so should be treated as a security update.
https://www.gimp.org/

Java 8u411 is a security update.
https://www.java.com/en/download/manual.jsp

JShelter 0.18 improves compatibility. This is not a security update.
https://jshelter.org/install/

Kdenlive 24.02.2 improves compatibility and resolves several bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.3.70840 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.6.7 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.3 resolves over 75 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.5.13.1531 adds several new features and improves email integration and display. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.0 resolves dozens of bugs and updates libraries. This is a security update.
https://nextcloud.com/

Notepad++ 8.6.7 improves multiedit and language support, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.3.0.386 adds page extraction, label modification, improves sort and group behavior and resolves dozens of bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240509-R15_25 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240509-R12_15 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.9.0 adds native rules, timezone improvements, and adds ability to change default conditional when searching. This is not a security update.
https://github.com/countercept/chainsaw

Microsoft Edge Policy 2024.05.07 updates policies. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

OpenSSL 3.3.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.2.2 improves performance. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.16.1 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.118 adds support for more detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1266 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

Tails 6.2 is a security update.
https://tails.net/install/download/index.en.html

Velociraptor 0.72 adds EWF support and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.3 improves OCR, performances, updates libraries and resovles several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.7 resolves several couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.7.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.0 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.32 improves compatibility, adds support to import from more third-party platforms, and resolves several bugs. This is a security update.
https://1password.com/downloads/

Agent Ransack 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AOMEI Partition Assistant 10.4.0 improves the user interface. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.4.2 improves passkeys support and secrets manager, and adds a new Authenticator app. This is not a security update.
https://bitwarden.com/

BulkFileChanger 1.73 resolves a timezone-related bug. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

CCleaner 6.23.11010 resolves several bugs. This is a security update.
https://www.ccleaner.com/

DesktopOK 11.21 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.92.0 resolves a .git/.gitignore bug, updates .NET library and translations. This is a security update.
https://dngrep.github.io/

ExplorerPatcher 22621.3527.65.2 resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FileLocator Pro 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FoneTool 2.6.1 adds iOS Data Recovery and resolves a crash bug. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.45.0 adds dozens of new features and behaviors, and resolves over 50 bugs. This is not a security update.
https://git-scm.com/

Go 1.22.3 is a security update.
https://go.dev/

GoodSync 12.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.02 doesn’t provide a change log so should be treated as a security update.
https://www.hwinfo.com/download/

InstalledAppView 1.08 resolves a CLI bug. This is not a security update.
https://www.nirsoft.net/utils/installed_app_view.html

IsMyHdOK 3.96 improves performance and testing accuracy. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 2.0.1 updates dependencies and build environment, and resolves a stability bug. This is not a security update.
https://lessmsi.activescott.com/

NirCmd 2.87 adds and resolves ~$ variables. This is not a security update.
https://www.nirsoft.net/utils/nircmd.html

NTLite 2024.5.9931 resolves dozens of bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.12.1 is a security update.
https://osquery.io/downloads

PingInfoView 3.05 adds option to map source IPv4 Address. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.80.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.10.1 adds a dozen features and parameters, improves stability and reliability, and resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 9.5.8 improves GUI. This is not a security update.
https://www.roboform.com/

ScreenConnect 24.1.7.8892 resolves dozens of bugs and improves compatibility. This should be treated as a security update.
https://screenconnect.connectwise.com/download

Starwind V2V Converter 9.444 adds support for new conversions. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

WinGet 1.7.11261 fixes elevation issues, updates dependencies and libraries. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WUMT 04.22.2022 improves Windows 11 compatibility. This is not a security update.
https://www.oldergeeks.com/downloads/file.php?id=1366

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.5 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.3.1 adds device streaming for testing, integrates crashlytics, improves App Quality Insights, and adds audio redirection. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.14 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

cx_Freeze 7.0 updates dependencies and libraries and resolves hundreds of bugs. This should be treated as a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GitHub Desktop 3.3.17 removes support for older macOS versions, resolves a dozen bugs and improves user interface. This is not a security update.
https://desktop.github.com/

Godot 4.2.2 improves CLI support, resolves the audio bug, and more than 200 other issues. This is a security update.
https://godotengine.org/

MySQL ConnectorNet 8.4.0 updates libraries and resolves several bugs. This is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.37 resolves dozens of bugs. This is a security update.
https://dev.mysql.com/downloads/installer/

NASM 2.16.03 improves the build process. This is not a security update.
https://www.nasm.us/index.php

Node.js 18.20.2 is a security update.
https://nodejs.org/en/

Node.js 20.13.1 resolves several bugs and updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 21.7.3 is a security update.
https://nodejs.org/en/

Node.js 22.1.0 is a major update. This is a security update.
https://nodejs.org/en/

Redemption 6.5.0.6294 improves integration and resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

Rustup 1.27.1 resolves several bugs. This is not a security update.
https://www.rust-lang.org/

SQLite 3.45.3 adds new JSON handling behaviors and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.16.0 resolves a dozen bugs and updates libraries. This is a security update.
https://tortoisegit.org/

TortoiseSVN 1.14.7 resolves several bugs. This is a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.89.1 adds support to exclude content from Copilot and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.40 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.18 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.5 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.1.0 adds more than a dozen features and code and performance improvements. This is not a security update.
https://www.joomla.org/

MAMP 5.0.6 updates dependencies. This should be treated as a security update.
https://www.mamp.info/en/mamp/windows/

phpList 3.6.15 is a security update.
https://www.phplist.org/

Piwigo 14.4.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.5.3 is a security update.
https://wordpress.org/

BuddyPress 12.4.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.4 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.9 improves compatibility and resolves a bug. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar 2.7 resolves a cosmetic bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.69 should be treated as a security update.
https://wordpress.org/extend/plugins/postie/

Slider Revolution 6.7 resolves several bugs. This is a security update.
https://revolution.themepunch.com/

Social Post Feed 4.2.4 improves integration. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.44 improves API key controls. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.7.2 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.9.0 improves compatibility and resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.6 resolves several bugs. This is a security update.
https://wpbakery.com/

WPtouch 4.3.59 adds support for Reddit, improves compatibility, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-02-13

Posted on February 13, 2024 by Shawn K. Hall

Happy Valentine’s Day, Folks!

Today is Patch Tuesday for February, 2024. There were 230+ major hacks and over 200 application updates this month. It’s a big month, with about 3.5 GB of updates for most users.

This Month in Technology

23andMe, Inc., Academy Mortgage Corporation, AHS Management Company, Inc., Air Methods, LLC, Alkem Laboratories, Almerys, Alpine Halo9 iLX-F509, American Meat Companies, Android TV and eCos set-top boxes, Android, Ann & Robert H. Lurie Children’s Hospital, AnyDesk, Apple iPhone, Apple Mac, Apple Vision Pro, Apple Watch, AppleTV, Ashford, Inc., Autel MaxiCharger AC Wallbox Commercial, Automotive Grade Linux, Azura Vascular Care, Azusa Unified School District, Bake ‘N Joy Foods, Inc., Bank of America, Bankers Life and Casualty Company, Blink Mobility, Bosch Thermostats, Brady Martz & Associates PC, 3 million Breathless toothbrushes, BrightStar Care, Buildkit, Burr & Forman LLP, Cadence Bank, California Public Employees Retirement System (CalPERS), Calvià City Council, Canterbury County Council, Carnegie Mellon University, Catholic Charities of the Archdiocese of Miami, Inc., ChargePoint Home Flex, a China-based financial MNC, Chuze Fitness, Citrix Netscaler, Cloudflare, CNO ACE, Coastal Hospice & Palliative Care, Coastal Plains Community Mental Health Mental Retardation Center, Colorado Ophthalmology Associates, PC, Columbus Life Insurance Company, Columbus Regional Healthcare System, Concentra Health Services, Concord Music Group, Inc., Connecticut College, Coppola Physical Therapy and Fitness Gyms, Covenant Care California, LLC, Coventry school, Crace Medical Centre, Des Moines Orthopaedic Surgeons, P.C., Dickinson County Health Department, Docker, Dover District Council, Dutch Ministry of Defence, ElGuindy, Meyer & Koegel, APC, Emmanuel College, EMPORIA EV Charger Level 2, EquiLend Holdings, Europcar, ExpressVPN, Family Healthcare Center, FedEx Corporation Group Health Plan, Fidelity National Financial, First Financial Security, Inc.,
Fortinet, FortiOS SSL VPN, FortiSIEM, Fortra GoAnywhere MFT, Framework Computer, Freehold Township schools, Fullerton Joint Union High School District, Gamma Strategies, GEICO Corporation, Georgia’s Fulton County, 5,300+ GitLab instances, Glendale Unified School District, Global Affairs Canada, Glow, Goledo Finance, Google Bazel, Google Chrome, Hair Club for Men, Ltd., Inc., Halara, Hampton-Newport News Community Services Board, Hanmi Bank, Hathway, Health Alliance Medical Plans, Hewlett Packard Enterprise (HPE), Hipocrate Information System, HMG Healthcare, HopSkipDrive, HORNE, LLP, HP ink cartridges, Hyundai Motor Europe, Infosys McCamish Systems LLC, InHealth Technologies, INTEGRIS Health, Islamic Charity in Saudi Arabia, ITITAN Hosting, Ivanti Avalanche, Ivanti Connect Secure VPN, Ivanti Policy Secure Gateway, J.D. Gilmour, Jason’s Deli, 45,000+ Jenkins instances, JetBrains TeamCity, 65 job listing sites, JuiceBox 40 Smart EV Charging Station, Juniper, Kansas City Area Transportation Authority, Kansas State University, Keenan & Associates, Kern Regional Center, Kyocera printers, Liberty Hospital, Lineage, Inc, Livall, LoanDepot, Lutheran World Federation, Marywood Nursing Care Center, Mastodon, McCarthy & Holthus, LLP, Medical Eye Services, Inc., Mercedes-Benz, Microbe & Lab, Microsoft (again!), Microsoft SharePoint, Microsoft SQL servers, Multi-Fineline Electronix, Inc., Musick, Peeler & Garrett LLP, MyPertamina, Nabholz Construction Company Employee Welfare Health Plan, NASCO, National Advisors Holdings, Inc., Nautic Partners, LLC, Navvis & Company, LLC, Naz.API, Oak View Group, Omaha Firefighters Healthcare Trust, Orange Spain, Orange Unified School District, OrthoArkansas, PA Employee Benefit Plan, Ozys, Parkovy, Payoneer, Pennsylvania Emergency Dispatch, Perry Johnson & Associates, Inc., Phoenix Contact CHARX SEC-3100, Pioneer DMH-WT7600NEX, Planet Home Lending, Planeta, PLUS FIVE FIVE, Prestige Care, Inc., Radiant Capital, Rajasthan government (India), Rebekah Children’s Services, Ripple, Romanian Chamber of Deputies, Roundcube email server, Saint Anthony Hospital, Schneider Electric Sustainability, SendGrid, Singing River Gulfport, Singing River Health System, SinglePoint Outsourcing, Inc., Socket, Somesing, SonicWall next-generation firewalls, Sony XAV-AX5500, Spoutible, Summit Medical Group, PLLC, Sun Pain Management, LLC, Tesla Infotainment System, Tesla Modem, Tesla, TGI Direct, Thanet District Council, The Burton Corporation, TIC Hosting, Tietoevry, Tigo, Torchbyte, TP-Link Omada, Trello, Trezor, Trinity Universal Insurance Company, TRISTAR Insurance Group, U.S. Renal Care, Inc., Ubiquiti Connect EV Station, UEFI Firmware, United Regional Health Care System, Unitronics PLCs, US Department of Health and Human Services, US GSA, US military, Ventura County Credit Union, Veolia North America, Verizon Communications Inc., Verizon, Viamedis, VMware vCenter Server, Walker Therapeutic & Educational Programs, Washington National Insurance Company, Webber Chiropractic Sports Clinic, Inc., Weslend Financial, Windows SmartScreen, WinStar, Wise Lending, and WPS Office have reported hacking or compromises this month.

Atlassian Jira, Microsoft Teams (twice), Parkovy, Tietoevry, and T-Mobile have suffered from outages this month.

Last months updates broke spellcheck in Microsoft Teams, the ability to install updates directly for Microsoft Teams without enabling Delivery Optimization, search in Outlook, Google Pixel phones, Outlook.com via Outlook, Windows Sysprep, Windows updates.

There is a new “flaw” in the Windows 11 installer, which allows incompatible hardware to be installed to and activated. The Microsoft ms-appinstaller protocol handler is being exploited again to install malware.

The German railway system still uses MS-DOS and Windows 3.11 to manage their displays. Wrenches and toothbrushes are the latest victims in hijacking efforts. A new study demonstrates that the new trend of using AI to write code generates less secure code. SIM swapping is still quite popular.

Google is resuming their migration to Manifest V3, which will result in many content and ad filters failing, as well as many other browser extensions, in only 5 short months.

Amazon AWS is now charging for IPv4 addresses.

While unlikely to make a difference, CA is now suing streaming media services for violating the CCPA. The UN is pushing for a “cybercrime” treaty designed to criminalize all efforts to research malware, security, and vulnerability testing, even when the target of the research has requested it. The treaty would also allow international courts to be used to target anyone using encryption for private communication channels, such as PGP, Telegram, or Signal.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is a big one this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released updates to address 79 vulnerabilities in .NET, .NET Framework, ASP.NET, Azure Active Directory, Azure Connected Machine Agent, Azure DevOps, Azure File Sync, Azure Site Recovery, Azure Stack, Internet Connection Sharing (ICS), Internet Shortcut Files, Microsoft ActiveX, Microsoft Azure Kubernetes Service, Microsoft Defender for Endpoint, Microsoft Dynamics 365, Microsoft Dynamics, Microsoft Edge, Microsoft Entra Jira, Microsoft Exchange Server, Microsoft Message Queuing (MSMQ), Microsoft ODBC Driver, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office Word, Microsoft Office, Microsoft Power Platform Connector, Microsoft SQL Data Provider, Microsoft Teams for Android, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Microsoft Windows, Servicing Stack Update, Skype for Business, SQL Server, Trusted Compute Base, Visual Studio, Win32k, Windows AppX, Windows DNS Client, Windows DNS Server, Windows Hyper-V, Windows Kernel, Windows LDAP, Windows Network Address Translation (NAT), Windows OLE, Windows Pragmatic General Multicast (PGM), Windows Printing Service, Windows SmartScreen, Windows USB Generic Parent Driver, Windows USB Serial Driver, and MSRT (~ 2.0 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.8.1, iOS 16.7.5, iOS 17.3, iOS 17.3.1, iPadOS 15.8.1, iPadOS 16.7.5, iPadOS 17.3, iPadOS 17.3.1, macOS 14.3, macOS 14.3.1, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, Magic Keyboard Firmware 2.0.6, Safari 17.3.1, tvOS 17.3, visionOS 1.0.3, watchOS 10.3, and watchOS 10.3.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.8.1, 16.7.5 and 17.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.8.1, 16.7.5 and 17.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.3 is a security update. Use System, Software Update to install the most current version.

visionOS 1.0.3 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 120.0.6099.235 and 121.0.6167.159 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.1.1 adds support for new hardware, AFMF and upscaling improvements, and resolves several bugs. AMD Link is being discontinued with this version. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.7.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Wacom Driver 6.4.5-5 improves reliability. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.62.162 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 122.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.7.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 121.0.6167.160 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 121.0.2277.113 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

SeaMonkey 2.53.18.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 6.5.3206.61 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

DavMail Gateway 6.2.1 is a security update.
https://davmail.sourceforge.net/

Spark 3.13.4.66391 adds deep link email sharing and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark for macOS 3.13.4.66401 adds deep link email sharing and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.7.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.8 is a security update.
https://anydesk.com/en/downloads

AnyDesk 8.0.0 for macOS is a security update.
https://anydesk.com/en/downloads

curl 8.6.0 resolves over 100 bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 192.4.4605 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 205.0.0.11.228 is a security update.
https://www.messenger.com/download

FileZilla Client 3.66.5 is a security update.
https://filezilla-project.org/

FileZilla Server 1.8.1 is a security update.
https://filezilla-project.org/

Google Drive 86.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Grocy Desktop 2.9.0 updates library and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.20 resolves over a dozen bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.1864 adds several new features, including improved domain & email integration. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0.2 resolves more than 100 bugs. This is a security update.

Homepage

Npcap 1.79 resolves a couple reliability bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 5.13.23 resolves several bugs. This is not a security udpate.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.22.1 resolves over a dozen bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.77 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.65.2 updates libraries and resolves a couple important reliability bugs. This should be treated as a security update.
https://rclone.org/

Signal 6.47.0 makes several improvements to emoji and emoticon support. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.46.7 doesn’t have a detailed changelog so should be treated as a security update.
https://signal.org/android/apk/

Skype 8.110.0.218 improves stability and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.27.3 resolves several bugs and improves CLI complettion. This is not a security update.
https://syncthing.net/

Technitium DNS Server 12.0.1 moves to .NET 8, resolves more than a dozen bugs. This is a security update.
https://technitium.com/dns/

Telegram 4.14.15 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.6.1 resolves several bugs. This is not a security update.
https://telegram.org/apps

Tigase Server 8.3.1 resolves several bugs. This is not a security update.
https://github.com/tigase/tigase-server/releases/latest

Trillian 6.5.0.38 resolves a mute bug. This should be treated as a security update.
https://www.trillian.im/

Zoom 5.17.7.31859 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.1 improves tracking, compatibility, and resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.3 adds a few new filters and modules, and resolves several bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 233 resolves several crashes and improves stability. This is not a security update.
https://grayjay.app/index.html

Kodi 20.4 resolves dozens of bugs and improves compatibility. This is a security update.
https://kodi.tv/

MediaMonkey 5.2 resolves a cosmetic bug. This is not a security update.
https://www.mediamonkey.com/windows#download

Plex Desktop 1.86.1.4076 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.55.1.4084 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.0.7998 improves native tagging, music filtering, resolves several bugs. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GDevelop 5.3.189 resolves over 20 bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.61.01 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2024.206 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-01-13 resolves dozens of bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 23.008.20533 is a security update.
https://get.adobe.com/reader

Adobe Commerce 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.3-ext-6, 2.4.2-ext-6, 2.4.1-ext-6, 2.4.0-ext-6, and 2.3.7-p4-ext-6 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-03.html

Magento Open Source 2.4.6-p4, 2.4.5-p6, and 2.4.4-p7 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-03.html

Adobe Substance 3D Painter 9.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html

Adobe Acrobat 23.008.20533 and 20.005.30574 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-07.html

Adobe FrameMaker Publishing Server 2022.2 is a security update.
https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-10.html

Adobe Audition 24.2 and 23.6.4 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-11.html

Adobe Substance 3D Designer 13.1.1 iis a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-13.html

Calibre 7.5.1 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.2 resolves a critical stability bug. This should be treated as a security update.
https://github.com/Coises/ColumnsPlusPlus

ImageMagick 7.1.1-28 updates libraries and resolves over a dozen bugs. This should be treated as a security update.
https://imagemagick.org/

Kindle for PC 2.3.70682 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 24.2.0 is the first version released with the new numbering scheme (year and month of release). This version resolves almost 300 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/

Manager 24.2.13.1295 doesn’t have any detailed changes in the changelog for the most recent several versions over the last month, so this should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.11.1 updates libraries and resolves over a dozen bugs. This is a security update.

Homepage

Notepad++ 8.6.2 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.2.1.385 resolves over a dozen bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20231120-R13_63 doesn’t provide a detailed changelog so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20231107-R9_121 doesn’t provide a detailed changelog so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

uniCenta oPOS 5.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://unicenta.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 4.3.0 resolves dozens of bugs. This is a security update.
https://www.gpg4win.org/download.html

Java 8u401 is a security update.
https://www.java.com/en/download/manual.jsp

KeePass 2.56 improves integration and search feature, resolves more than a dozen bugs. This is not a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.6.8.311 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

Microsoft Edge Policy 2024.02.06 adds blocklist for extension install types and the ability to preserve Manifest v2 availability. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

OpenSSL 3.2.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN 3.3.5 improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.14.0 is a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.64 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Symantec Norton Removal Tool 20240206 improves removal. This is not a security update.
https://support.norton.com/sp/en/us/home/current/solutions/v60392881

Tails 5.22 updates libraries, included apps, and resolves several bugs. This is a security update.
https://tails.net/install/download/index.en.html

YARA 4.5.0 resolves a dozen bugs. This is not a security update.
https://github.com/VirusTotal/yara/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.1 adds support for new encodings and resolves a couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.7.3 resolves over a dozen bugs. This is not a security update.
https://handbrake.fr/

MakeMKV 1.17.6 improves tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.1.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.1.1 adds support for denoise, improves upscaling performance, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.24 resolves several bugs, improves idle behavior, and improves integration. This should be treated as a security update.
https://1password.com/downloads/mac/
https://1password.com/downloads/windows/

Agent Ransack 2022.3420 resolves several bugs. This is not a security update.

Agent Ransack – Download

AMD Ryzen Master 2.13.0.2908 adds support for new hardware and improves Curve Optimizer settings. This is not a security update.
https://www.amd.com/en/technologies/ryzen-master

AOMEI Partition Assistant 10.3.0 adds Bitlocker support and resolves several bugs. This is not a security update.
https://www.diskpart.com/

Autoruns 14.11 fixes a parameter parsing bug. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

balenaEtcher 1.18.11 resolves a couple bugs. This is not a security update.
https://etcher.balena.io/

Bitwarden 2024.2.0 improves self-hosting controls, TOTP capture and import. This is not a security update.
https://bitwarden.com/

CCleaner 6.20.10897 improves cleaning, adds bookmark backup removal, and improves compatibility. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.09 adds support for new hardware and adds the ability to benchmark a single coreset/cluster. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.5.0 drops support for older Windows versions, adds several new raw maps, API calls, and mixer control. This is not a security update.
https://cygwin.com/

Dell Command Update 5.2.0 improves controls and notifications. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 11.16 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.7.0 improves PDF search, date-time display, adds mutliple custom editor support, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-01-20 adds support for GWS Cloud Service accounts, and resolves several bugs. This is a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything CLI 1.1.0.27 improves performance and adds x64 build. This is not a security update.
https://www.voidtools.com/

Fido 1.55 improves compatibility. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3420 resolves several bugs. This is not a security update.

FileLocator Pro – Download

Fing 3.6.1 resolves a couple bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Go 1.22.0 adds several new language constructs, improved auditing and performance, adds go/version, and enhanced routing. This is not a security update.
https://go.dev/

GoodSync 12.5.5 improves compatibility and resolves more than a dozen bugs. This is not a security update.
https://www.goodsync.com/

Hiren’s BootCD PE 1.0.4 adds several new utilities, updates libraries and applications, adds hundreds of new drives, and resolves several bugs. This is a security update.

Download

Homedale 2.10 adds support for MU-MIMO detection. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 7.72 doesn’t provide a detailed changelog so should be treated as a security update.

Download HWiNFO

Inkchip WIC 1.17 doesn’t provide a changelog so should be treated as a security update.
https://inkchip.net/wic/

Kingston SSD Manager 1.5.3.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

MS Printer Metadata Troubleshooter 1.0.0.1 is a security update.
https://support.microsoft.com/en-us/topic/kb5034510-microsoft-printer-metadata-troubleshooter-tool-december-2023-b3197f24-fd25-430d-96d2-70f2044ce6a1

OSForensics 11.0.1004 improves compatibility and resolves dozens of bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.11.0 updates libraries, adds support for new tables, and resolves several bugs. This is a security update.
https://osquery.io/downloads

PowerToys 0.78.0 updates libraries and resolves several bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

Rufus 4.4 updates libraries and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.9.7.8804 is a security update.
https://www.connectwise.com/software/control/download

SearchMyFiles 3.24 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Sysmon 15.12 resolves several stability and reliability bugs. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

Ventoy 1.0.97 adds support for FreeBSD 14.0 and resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WhyNotWin11 2.6.0.0 improves detection and resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WizTree 4.18 improves scan performance and filter behavior, improves Copy/Cut/Delete, progress bar and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomIt 8.01 adds DemoType (autotyping) support and fixes a crash. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2023.1.1.28 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.8 resolves more than a dozen bugs. This is not a security update.
https://desktop.github.com/

Microsoft Visual C++ 2022 Redistributable 14.38.33135.0 doesn’t provide a changelog so should be treated as a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

MySQL ConnectorNet 8.3.0 is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.36 is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 21.6.1 updates libraries and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/

Node.js 20.11.0 is a security update.
https://nodejs.org/en/

Python 3.12.2 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.45.1 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.86.1 resolves dozens of bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.38 improves BOM detection and resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.17.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.ppsspp.org/download/

VirtualBox 7.0.14 resolves more than a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.26 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Grocy 4.1.0 updates library and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.15.3 resolves several bugs. This is not a security update.

Home

Invision Community 4.7.15 resolves over 50 bugs. This is a security update.
https://invisioncommunity.com/

MailEnable 10.48 resolves more than a dozen bugs. This is not a security update.
https://www.mailenable.com/

ownCloud Client 5.2.1.13040 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 14.2.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.4.3 is a security update.
https://wordpress.org/

Akismet 5.3.1 resolves several bugs and improves reliability. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

BuddyPress 12.2.0 is a minor security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.8.7 improves compatibility and resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.8.1 resolves a couple bugs. This is not a security update.

Duplicator – WordPress Migration & Backup Plugin

Email Log 2.4.9 adds controls to limit actions. This is a security update.
https://wordpress.org/extend/plugins/email-log/

Redirection 5.4.2 removes Geo IP and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Social Post Feed 4.2.2 is a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.41 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WooCommerce 8.5.2 resolves a dozen bugs. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Importer 0.8.2 updates documentation and improves workflow. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

WP Cerber Security 9.6.2 updates design, adds event insights, and resolves a couple bugs. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.11.1 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WPBakery 7.4 adds built-in SEO toolkit and improves social media controls. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/