Updates 2025-05-13

Welcome back, Folks!

Today is Patch Tuesday for May, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, the time was months ago. Pickin’s are thin right now. 🙁

However… if you do need to replace your laptop there’s an awesome Lenovo laptop available at Costco right now for $600 (plus tax & shipping).

There were 495+ major hacks, and over 600 application updates this month. It’s an insanely large month, with about 6 GB of updates for most users.

This Month in Technology

1st Health Inc, 30 London Job Centres, 4chan, 90 Degree Benefits, Inc – MN/WI Office, Abergavenny, Abilene, Texas, Active! Mail, Adelaide’s Women’s and Children’s Hospital, Adobe Acrobat Reader DC, Advanced Simulation Technology, Adyen, Agencia Browne y Espinoza, Ahold Delhaize, Alabama government, Alabama Ophthalmology Associates, Allegra, Allied Telesis, Inc, AllTrust, Alternate Solutions Health Network, Altior Healthcare, Alvin Independent School, Amazon ElastiCache, American Eagle Logistics, American Express Travel Related Services Co, Amethyst Group, Amtech Software, Andy Frain Services, Anfarm Hellas, Apache ActiveMQ, Apache Parquet, Apache Roller, Apache Tomcat, Apple AirPlay, Apple iPhone, Apple iPhone Messages, Apple macOS, Arizona Arthritis and Rheumatology Associates, Arkansas Primary Care, Ascension Health, Associated Wholesale Grocers, Astra Products, ASUS AiCloud, ASUS AMI, ASUS DriverHub, Avast Free Antivirus, Balance Diagnostics, Baltimore City Public Schools, Bangalore Water Supply and Sewerage Board (BWSSB), Barnstable County Sheriff’s Office, Barr Dermatopathology, Bartlesville Public Schools, BayMark Health Services, Bell Ambulance, Berkeley Research Group, Bertie, NC Schools, Bervar and Jones, Bigfork Valley Hospital, Bilbie Faraday Harrison, Bindi SpA, Bio-Clima Service, Bloom Family Eye Surgeons, Blue Shield of California (to Google!), Bluestone Bank, Bolivar Insulation, Boudreaux’s Specialty Compounding Pharmacy, Boulanger, Brainard Surgery Center LLC, British Columbia Health Authority, Broadcom Fabric OS, Brunswick Medical Center, Brydens Lawyers, Business Functions, Cabot Medical Care, California Correctional Health Care Services, Caltrol Inc, Cambridge University Press & Assessment, Canada Revenue Agency, CAPTCHA systems on 400,000+ websites (AkiraBot), Caritas Catholic charities, Carlton County Public Health and Human Services, Carrefour Mobile, Cato Networks Cato Client, Cell C, Central Texas Pediatric Orthopedics, Chang Shen Hospital, Charleston Fire Department, Chepstow, Chicano Federation of San Diego County, Cisco IOS XE, Cisco Webex, City of Bristol, TN, City of Grove, City of Long Beach, CA, Cloudera Hue Ace Editor, CMC Corporation, Co-op Group, Cobb County, GA, Colorado River Adventures, Community Dental Care, Commvault Command Center, Commvault, Complete Payroll SolutionsCompliance Consulting Group, Comport Technology Solutions, Conduent, Conrey Insurance Brokers & Risk Managers, Corporate Flight, Cortez Resources, Cosmos, Couples Learn, CPUs, Craft CMS, Culinary Services of America Inc, Curve Finance, Custom Paper, D’Granel, Dale Partners Architects, Dameron Hospital, Daniels & Taylor, PC, DaVita, six DDoS-for-hire platforms, Dedicated Web Consultants, DermCare Management, Destination Toronto, Diedrich Coffee, Dior, Discord, Disney, Dominion Lending Centres, Drug and Alcohol Treatment Services, Inc, Dutch Ministry of Climate Policy and Green Growth, Dutch Ministry of Economic Affairs, Dutch Ministry of the Interior and Kingdom Relations, DYNAMIS Insurance, East Central Missouri Behavioral Health Services, eCharge Hardy Barth, Eclipse ThreadX NetX Duo, ECOM America, Edinburgh schools, Ehlers Inc, EIZO Rugged Solutions, EMX Enterprises, Endue Software, Enflame Technology, Erlang/OTP SSH, Erlanger Health, ESP Associates, Esse Health, Everest Bank, eXch, Extreme Fire, Family Christian Health Center, Feldman & Lopez, Fleet Canada, Fogelman Management Group, Forsyth County Schools, 16,000 Fortinet devices, FortiSwitch, Fowler Elementary School District, Framlingham College, France’s Municipality of Ardon, Franklin Nursing Home, Frederick Health Medical Group, FreeType 2, Frisco Chamber, Galvatech, Gardena Honda, GeoLogics Corporation, German Association for East European Studies, Gistic Research, Gladinet CentreStack, Gladinet Triofox, Global Media Group, GlobalX, GMA Network, Google Chrome DevTools, Google Sites, Government of Peru, Great Plains Transport, GStreamer, Hacienda La Puente Unified School District, Hamilton County, TN, Hamrah Aval, Harman Becker MGU21, Harrods, Hayward Quartz Technology, HC Sheriff, HealthEquity, IncHeinz Hammer Vertragswerkstatt, Helix Tools, Hertz Corporation, Highland Rivers Behavioral Health, Hitachi Energy MicroSCADA Pro/X SYS600, Hong Kong Science and Technology Parks, HOPI, Horizon Behavioral Health, Hyalogic, Hyundai Motor Group, IBM Cloud, IBM Portal, iClicker, iHeartMedia + Entertainment, IKEA, Impact Canada, Inaba Denki Sangyo CHOCO TEI WATCHER, Independent Financial Services, Independent Title Agency, Indian Air Force (IAF) aircraft, Indian government defence websites, 1.5+ million Indian websites, Inductors Inc, Insight Partners, Insight Pipe Contracting, Interior Health, Internet Initiative Japan, Iowa County, WI, Iris ID, Isle of Man government, Ivanti Endpoint Manager, J. Banks Design, Jackpot Junction, Jacksonville Medical Care, James & Sons Fine Jewelers, Jamjoom Pharma, Janco Steel, Jani-King International, Inc, Jet Ice, Jordan Kuwait Bank, Ju Percussion Group, Julia Evans Accountants, Just Concrete & Masonry, Karachi Port Trust, Kasb Bank, Kaye Lifestyle Homes, Kelly & Associates Insurance Group, Kenworth Del Sur, Khan Academy, Kickidler, KiloEx, King Industries Inc, Kintetsu World Express, Kittrich Corporation, Korea Land and Housing Corporation, KraftKisarna, Kuala Lumpur International Airport, Kyiv Notaries, LabHost, Laboratory Services Cooperative, Lake HVAC, Lake Shore Paving, Lamberti Group, Landmark Admin, Langer & Langer, Langflow, Law Firm of Rochelle McCullough, Law Offices of Chris M. Ingram, Lee Valley Tools, Ltd, Legends International, Lemonade, Lexmark CX331adwe, Limestone District School Board, Lincoln Financial, Lithium Americas, LockBit Ransomware Group, Long Beach Convention and Entertainment Center, Loretto Hospital, Luxion KeyShot, Machu Picchu Foods, Madison School District, Magento, Malaysia Airports Holdings Berhad, Manchester Credit Union, Marc Irwin Sharfman, MD, PA, Marks & Spencer, Marsicovetere & Levine Law Group, Mashburn Construction, Masimo Corporation, Mataró Water Utility Company, MATE Desktop, McElwee Firm, MedDream PACS Server, MedDream WEB DICOM Viewer, MedEx Ambulance, Medical Express Ambulance Service, Megachem Singapore, Mercer County Joint Township Community Hospital, Merri-Makers, Microsoft 365 OAuth, Minyard Morris LLP, Mission Laguna Pathology Medical Group, Monongalia Health System, Mountain View Mushrooms, Movistar Venezuela, Mt. Baker Imaging and Northwest Radiologists, MTN Group, Munich Re, Municipality of Pisa, N8XT, Nagios Log Server, NASCAR, National Social Security Fund (CNSS) of Morocco, Nationwide Recovery Services, Nelson University, Neurological Institute of Savannah & Center for Spine, Nevada Ready Mix, New York Post, Newport Advisory, LLC, Nintendo, Nippon Life Mutual Fund, Nixon, Inc, North Kitsap School District, Northeast Georgia Health System, Northern California Children’s Therapy Center, Nova Scotia Power, Nth Degree, O’Brien & Ryan, OCH Regional Medical Center, Oettinger Brewery, Omni Healthcare Financial Holdings, OnRPG, Onsite Mammography, Oracle, Oracle VirtualBox, Orange County Medical Group Pathology, Oregon Department of Environmental Quality, Orthopaedic Specialists of Connecticut, OttoKit WordPress plugin, Output Messenger, Oversea Casing, Pacific Metallurgical, Palo Verde Hospital, Pawnee Heights Unified School District, Pearson, PESEL, Pharma Force, Pienaar Brothers, Planet Technology Industrial Switches, Planned Parenthood, Plastic Surgery Specialists of Lawrence, PlayStation, Port of Seattle, PR TIMES, Pratt Homes, Premier Meats South Africa, Prestonwood Baptist Church, Inc, Promenade Village Dental, Pryor Morrow, Pulse Urgent Care Center, Qraved, R&N Manufacturing, Radford University, Radware Cloud Web Application Firewall, Raw, Rayle Electric Membership Corporation, Red Chamber, RFID, Richmond СPA, Roblox, Rockwell Automation Industrial Data Center, Rocky View Schools, Roman Catholic Bishop of San Diego, Ruby Servers, Russell Child Development Center, Saint James Hospital Group, Sally B Gold, Salus Group, Samsung phones, Samsung Galaxy S24, Samsung Germany, Samsung MagicINFO 9 Server, San Francisco Campus for Jewish Living, San Francisco crosswalk system, Santa Cruz Properties, SAP NetWeaver, SavantCare, Scharnhorst Ast Kennard Griffin PC, Schultz Industries Inc, Scrubs & Beyond LLC, SeaCMS, Seneca Gaming, Sensata Technologies, Sentara Health, SentinelOne, Setpoint Systems, Seydel Companies, Shinko Shoji, Shopify, Shrader Law, Silgan Containers, SIMCO Electronics, Sinalisa Segurança Viária Ltda, SK Inc, SK Telecom, SogoTrade, Inc, SonicWALL Connect, SonicWall SMA, Sonos Era 300, Sonrisas Dental Health, South African Airways, South African IT, Southern Fidelity, Springer & Steinberg, St Anthony Hospital, St Clair Orthopaedics & Sports Medicine, St James Hospital, Study Hotels, Sunsweet Growers Inc, Sweet Shop USA, Synology BeeStation BST150-4T, Synology DiskStation DS1823xs+, Synology TC500, SysAid, T-Mobile, Takeda, TehetségKapu, TeleMessage, Tenda AC9, Tesla Model 3, Tesla Model S, Texas Health and Human Services Commission, The City of Long Beach, CA, The Fortune Society, The Michelson Organization, Thompson Coburn LLP, Thrive Physical Therapy Partners, TicketToCash, TikTok, TMA Group, Toppan Next, Toronto District School Board, Town of Orangeville, Traefik, Trend Micro Apex Central, Trend Micro Deep Security, Troicare College, True Dental Care for Kids and Adults, TrussWorks International, Tänzer GmbH, Ubiquity UniFi Protect Cameras, UK Department of Work and Pensions, UK Legal Aid Agency, Union Health System, Inc, UniTrak, Universal Window, Urban One, Urban Renewal Authority, US Claims Capital, Inc, US Office of the Comptroller of the Currency (OCC), Vanni and Humphrey, Vastaamo, VeriSource Services, Inc, Verrex, Versa Networks, Via Credit Union, Vicarage Court Solicitors, Victure RX1800, Virtuvian Health, Voigt-Abernathy Company, Wan Hai, Wazuh server, WDEF-TV, Webmin, Weil Construction, Weir Canyon Honda, West Lothian Council, Western New Mexico University, Western Sydney University, Whiteboard Technologies Pvt Ltd, Whitman County Public Hospital District No 3, Wilmington Personal Injury Lawyer – DPLAW, Windows Common Log File System, Windows NTLM hashes, Wisconsin Supreme Court, Wizz Air, Wolters Kluwer, WooCommerce, WordPress AIHub theme, WordPress BuddyBoss Platform Pro plugin, WordPress Flynax Bridge plugin, WordPress InstaWP Connect plugin, WordPress Smart Product Review plugin, WordPress UrbanGo Membership plugin, WorkComposer, WPM Pathology Laboratory, Chartered, XP Investimentos, XRP Ledger NPM Package (xrpl.js), Yale New Haven Health, Yankee Trails, Yodogawa Steel, Yokogawa Recorder, Young Consulting LLC, ZKsync, and Zoom remote control have reported hacking or compromises this month.

4chan, Atlassian Jira, Coinbase 2FA, Exchange Admin Center, Microsoft 365, and pretty much all of Spain (and some neighboring countries) less than a week after bragging about how they were finally able to run on 100% renewable energy, have suffered from outages this month.

By the way, did you know that 4chan was mostly run by the US government? Duh.

Last months updates broke
Broadcom Brocade Fabric OS, Classic Outlook calendar, Classic Outlook typing, Hitachi Vantara, Microsoft 365 “paste special”, Microsoft Entra ID, Microsoft Office, Microsoft Office 2016, Microsoft Outlook online, SAP NetWeaver, SharePoint Online, Windows 10 Start Menu, Windows 11 24H2 upgrades, Windows Domain Controllers, Windows Hello for Business (WHfB) Key Trust, Windows kernel, Windows Remote Desktop, Windows Server 2025, and the Win Recovery Environment (WinRE).

A Florida bill that would have required backdoors to any encryption for social media accounts has failed.

AT&T will be the first of the big telcos to drop their email-to-sms gateway – in only about a month. You’ll still be able to send emails to email addresses and text to and from cell numbers, but their gateway that allows you to send messages between email and text will be disabled in mid June. This should have a massive impact on the amount of spam received by AT&T mobile customers. It will not stop it, of course.

Broadcom is threatening to sue their own customers for installing security updates in VMware.

Your heated car seats (among other features) are exposing you to law enforcement tracking.

IPv6 makes MitM easy.

Kali Linux lost their repo signing key, requiring manual end-user intervention to install security updates.

CISA is “trimming the fat” by removing some of their communication methods (even though I’m sure they were fully automated). This is going to disrupt important intelligence resources for those in the tech industry.

Skype is dead. Microsoft will finally start killing off ActiveX in Office and Microsoft 365. All new Microsoft accounts will now be “passwordless” by default.

I’ve been warning about the Copilot AI storage access risks since they changed their Terms of Service in October. My fears were justified. Microsoft will no longer “accidentally” flag all Gmail messages as spamOr Adobe.

In the wake of a study that demonstrates how easy it was for AI to manipulate Reddit users, Reddit is considering legal action to protect their victims, I mean, users.

Android and Apple both now have auto-reboot to reduce the effectiveness of brute force attacks.

Apple is getting spanked for violating the letter and the intent of the judge’s order following the Apple v Epic Games lawsuit from a couple years ago.

BIG NEWS: US Attorney for the District of Columbia, Ed Martin, calls out Wikimedia Foundation (Wikipedia) for violating 501(c)(3) status by allowing propagandists to flood platform. He gave them until May 15th to turn over documents.

Google is finally consolidating all of it’s country TLDs to use “google.com“. Google will pay $1.4 billion to Texas to settle claims the company collected users’ data without permission. Google’s updated Local Services Ads Terms have sparked privacy fears and threaten confidentiality in medical and legal sectors. Google would never really harvest all of your medical data though, right? LOL.

Now for the good news:

T-Mobile has added satellite-based 5G support to their lineup. While currently in beta, this signals a huge improvement to coast to coast, and in fact world-wide, phone support using Starlink’s satellites to back up your 5G service when no towers are available (like when there’s a power outage or localized service issue or when you live in the middle of nowhere).

I suspect this mean Elon will soon be buying T-Mobile.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is insane this month. The typical computer should see roughly 6 GB in updates today. Let’s get started.

Microsoft released 48 updates to address 83 vulnerabilities in .NET, Active Directory Certificate Services, Azure, Azure Automation, Azure DevOps, Azure File Sync, Azure Storage Resource Provider, Build Tools for Visual Studio, Microsoft Brokering File System, Microsoft Dataverse, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Edge, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office PowerPoint, Microsoft Office SharePoint, Microsoft PC Manager, Microsoft Power Apps, Microsoft Scripting Engine, Remote Desktop Gateway Service, Universal Print Management Service, UrlMon, Visual Studio, Visual Studio Code, Web Threat Defense, Windows Ancillary Function Driver for WinSock, Windows Common Log File System Driver, Windows Deployment Services, Windows Drivers, Windows DWM, Windows File Server, Windows Fundamentals, Windows Hardware Lab Kit, Windows Hyper-V, Windows Installer, Windows Kernel, Windows LDAP, Windows Media, Windows NTFS, Windows Remote Desktop, Windows Routing and Remote Access Service, Windows Secure Kernel Mode, Windows SMB, Windows Trusted Runtime Interface Driver, Windows Virtual Machine Bus, Windows Win32K – GRFX, and MSRT. This includes security updates. A reboot is required.

Oracle released 378 security updates this quarter to address vulnerabilities in 117 products.

Apple released updates for macOS Sequoia 15.4.1, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, Safari 18.5, iOS 18.4.1, iOS 18.5, iPadOS 17.7.7, iPadOS 18.4.1, iPadOS 18.5, tvOS 18.4.1, tvOS 18.5, visionOS 2.4.1, visionOS 2.5, and watchOS 11.5. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 18.4.1 and 18.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7.7, 18.4.1 and 18.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.5 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.4.1 and 18.5 are security updates. Use System, Software Update to install the most current version.

visionOS 2.4.1 and 2.5 are security updates. Use System, Software Update to install the most current version.

Google ChromeOS 134.0.6998.198, ChromeOS 135.0.7049.120, and ChromeOS LTS 132.0.6834.223 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 42.0 is a major update (leaning hard into “42”), with changes to the installer, updates to libraries, defaults and now offering COSMIC. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 25.5.1 adds support for newer hardware, improves performance and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 11.03 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Daemon Tools Lite 12.3.0 resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

GoXLR Utility 1.2.2 resolves several bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

Intel Driver and Support Assistant 25.2.15.9 is a security update.
https://www.intel.com/p/en_US/support/detect

UniFi Network Server 9.1.120 is a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.8.1 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.78.97 is a security update.
https://brave.com/

Google Chrome 136.0.7103.92 is a security update.
https://www.google.com/chrome/

Firefox 138.0.3 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.10.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 7.3.3635.12 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.54 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.22.9.106186 improves Team support and resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.22.9.106183 improves Team support and resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 138.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.5.4 resolves several bugs. This should be treated as a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 9.0.2 resolves several bugs. This should be treated as a security update.
https://anydesk.com/en/downloads

Discord May 1, 2025 resolves dozens of bugs. This is not a security update.
https://discord.com/download

Dropbox 223.4.4909 resolves several bugs. This is not a security update.
https://www.dropbox.com/

FileZilla Client 3.69.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.10.3 resolves several bugs. This is not a security update.
https://filezilla-project.org/

Google Drive 108.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

MeshCentral 1.1.44 resolves dozens of bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.8.00.9760 improves GUI and resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 31.0.4 resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

Nmap 7.97 is a security update.
https://nmap.org/

Npcap 1.82 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Pocketnet-Core 0.22.17 resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.9.119 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.69.2 is a security update.
https://rclone.org/

Signal 7.53.0 adds new device attachment transfer and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.41.3 doesn’t provide a detailed change log so should be treated as a security update.
https://signal.org/android/apk/

Syncthing 1.29.6 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 13.6 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 5.14.2 resolves a compatibility bug and adds marketplace sales. This is not a security update.
https://telegram.org/

WinSCP 6.5.1 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 6.4.6.64360 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.17 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.3.8 resolves a series of crash bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 306 adds remote sync and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

Plex Media Server 1.41.6.9685 adds DOVI filter and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.80.3 should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 20.0.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2025.429 adds audio focus and new themes. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.05.10 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2025.05.06 improves compatibility, resolves several bugs, and updates libraries. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.12 and 24.0.9 are security updates.
https://helpx.adobe.com/security/products/animate/apsb25-42.html

Adobe Bridge 14.1.7 and 15.0.4 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb25-44.html

Adobe ColdFusion 2021.20, 2023.14, and 2025.2 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html

Adobe Connect 12.9 is a security update.
https://helpx.adobe.com/security/products/connect/apsb25-36.html

Adobe Dimension 4.1.2 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb25-45.html

Adobe Dreamweaver 21.5 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb25-35.html

Adobe Illustrator 28.7.6 and 29.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb25-43.html

Adobe InDesign 19.5.3 and 20.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-37.html

Adobe Lightroom 8.3 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb25-29.html

Adobe Photoshop 25.12.3 and 26.6 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb25-40.html

Adobe Reader DC 25.001.20467 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Substance 3D Modeler 1.22.0 is a security update.
https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-51.html

Adobe Substance 3D Painter 11.0.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb25-38.html

Adobe Substance 3D Stager 3.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-46.html

Artweaver 8.0.4 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 8.4.0 resolves several bugs and improves compatibility. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.05.1 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

Inkscape 1.4.2 resolves dozens of bugs. This is not a security update.
https://inkscape.org/release/

LibreOffice 24.8.7 resolves over a dozen bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 25.2.3 resolves over sixty bugs. This is not a security update.
https://www.libreoffice.org/

Manager 25.5.8.2317 does not provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.16.4 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.8.1 resolves over a dozen bugs and improves colorization. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.6.0.396 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

Scribus 1.6.4 resolves several bugs. This is not a security update.
https://www.scribus.net/

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

ChromeOS 134.0.6998.198 and ChromeOS 135.0.7049.120 are security updates.

Fedora 42.0 is a major update (leaning hard into “42”), with changes to the installer, updates to libraries, defaults and now offering COSMIC. This is not a security update.
https://getfedora.org/en/workstation/download/

iOS 18.4.1 and 18.5 are security updates.
https://support.apple.com/kb/HT204204

iPadOS 17.7.7, iPadOS 18.4.1, and iPadOS 18.5 are security updates.
https://support.apple.com/kb/HT204204

macOS Sequoia 15.4.1, macOS Sequoia 15.5, macOS Sonoma 14.7.6, and macOS Ventura 13.7.6 are security updates.
https://support.apple.com/kb/HT201541

Tails 6.14.2 and Tails 6.15 are security updates.
https://tails.net/install/download/index.en.html

tvOS 18.4.1 and tvOS 18.5 are security updates.
https://support.apple.com/kb/HT202716

visionOS 2.4.1 and visionOS 2.5 are security updates.
https://support.apple.com/en-us/122721

watchOS 11.5 is a security update.
https://support.apple.com/en-us/122722

Security Software Updates

One or more of these is likely to be of interest to most people.

FRSTx64 2025.5.9 doesn’t provide a detailed change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

HTTP Toolkit 1.20.1 doesn’t provide a detailed change log so should be treated as a security update.
https://httptoolkit.tech/

JShelter 0.20.2 improves privacy and resolves several bugs. This is not a security update.
https://jshelter.org/install/

MalwareBytes Desktop Security 5.3.0.186 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.5.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

PassRec 3.65 updates included apps. This is not a security update.
https://www.nirsoft.net/password_recovery_tools.html

RogueKiller 16.1.3 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.347 adds and improves detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

uBlock Origin 1.64.0 resolves a couple bugs and adds several new scriptlets and controls. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

WebBrowserPassView 2.15 adds support for app-bound encryption in recent Chrome releases. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 25.1.1 resolves a startup crash. This is not a security update.
https://www.techsmith.com/video-editor.html

SnagIt 25.1.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.4.0 adds support for newer encodings and adds an AI upscaler. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 5.6 adds support for new media formats, a new Preview mode, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

PDF Creator 6.0.0 is a major update, switching to newer libraries, adds document previews, SharePoint integration, and resolves a couple bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.2.3.5 improves compatibility, adds support to download from several new sources, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.1.6 adds SDR and new output formats, resolves several bugs and improves subtitle and Face Enhancer. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.76 resolves a couple bugs and improves error messages.
https://1password.com/downloads/

Agent Ransack 2022.3517 improves favorites list, cosmetics and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Beyond Compare 5.0.7.30840 improves cosmetics, updates libraries, and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2025.4.2 resolves several bugs. This is not a security update.
https://bitwarden.com/

CalyxOS Device Flasher 1.1.1 is a security upate.
https://calyxos.org/install/

CrucialScan 20250424 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/store/systemscanner

Cygwin 3.6.1 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 11.81 improves cosmetics. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.5.8.0 updates libraries. This is a security update.
https://dngrep.github.io/

Etcher 2.1.2 removes analytics. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 2022.3517 improves favorites list, cosmetics and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FoneTool 3.0.0 is a major update that adds a new “My Devices” interface, improves iPhone to PC interface, and resolves a couple bugs. This is not a security update.
https://www.fonetool.com/download.html

Free Virtual Serial Ports 6.22.00.1498 resolves several bugs. This is not a security update.
https://freevirtualserialports.com/

GoodSync 12.8.8 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.26 improves hardware detection and reporting. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.57 adds support for newer hardware and resolves a couple bugs. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

Kingston SSD Manager 1.5.5.3 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2025.04.10406 adds Power Plan integration support, improves registry writes, updates components and resolves a bug. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.1.1007 improves performance and resolves a couple bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.17.0 resolves over a dozen bugs and updates libraries. This is not a security update.
https://osquery.io/downloads

Password Security Scanner 1.63 adds support for app-bound passwords in recent Chrome releases. This is not a security update.
https://www.nirsoft.net/utils/password_security_scanner.html

PowerToys 0.90.1 resolves several bugs and updates libraries. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.6.8 improves update process and adds support for Google Workspace SSO. This is not a security update.
https://www.roboform.com/

Rufus 4.7 resolves several bugs and improves UEFI detection and download. This should be treated as a security update.
https://rufus.ie/en_US/

ScreenConnect 25.2.4.9229 is a security update. Updates were released for other “recent” versions as well so you’re not forced to upgrade to the Canary version that breaks several other features.
https://screenconnect.connectwise.com/download

SimpleWMIView 1.56 adds Black Background support. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

SmartMonTools 7.5 adds dozens of new diagnostic objects and reporting elements and improves reliability and performance. This is not a security update.
https://smartmontools.org/

Starwind V2V Converter 9.755 adds CLI conversion support. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

SysinternalsSuite 2025.5.5 updates RDCMan. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/

TeamViewer 15.65.6 resolves a bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WinGet 1.10.390 improves end-to-end support for Entra ID, configuration file controls, and resolves several bugs. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 9.33 improves hardware support and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

XnConvert 1.105.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2025 2025.2504.25.400 improves performance, multi-monitor support, and resolves several bugs.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 9.0.4 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

ADB 36.0.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2024.3.2.14 resolves several bugs. This is not a security update.
https://developer.android.com/studio

cx_Freeze 8.3 updates libraries. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GameMaker Studio 2024.13.1.193 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.5.230 resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.19 resolves over a dozen bugs. This is not a security update.
https://desktop.github.com/

Go 1.24.3 is a security update.
https://go.dev/

Inno Setup 6.4.3 improves restore operations, resolves seeral bugs, and adds a new tool for ECDSA P-256 support. This is not a security update.
https://www.jrsoftware.org/isdl.php

Java 8u451 is a security update.
https://www.java.com/en/download/manual.jsp

Node.js 20.19.1 updates libraries. This is not a security update.
https://nodejs.org/en/

Node.js 22.15.0 updates libraries and resolves several bugs. This is a security update.
https://nodejs.org/en/

Rustup 1.28.2 improves download stack and management controls. This is not a security update.
https://www.rust-lang.org/

SQLite 3.49.2 resolves several bugs. This should be treated as a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.100.1 is a security update.
https://code.visualstudio.com/

WinMerge 2.16.48.2 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.8 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 5.3.0 resolves over a dozen bugs and improves compatibility. This is not a security update.
https://www.adminer.org/en/

Joomla 5.3.0 improves email templates, media management, scheduled tasks, read more, accessibility and compatibility. This is not a security update.
https://www.joomla.org/

YOURLS 1.10.1 resolves several bugs. This is not a security update.
https://yourls.org/

WordPress 6.8.1 resolves over a dozen bugs. This is not a security update.
https://wordpress.org/

bbPress 2.6.13 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/bbpress/

Contact Form 7 6.0.6 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

My Sticky Bar 2.8.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Show IDs 1.1.11 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

Sucuri Security 2.1 resolves a couple bugs and adds support for several new scanners. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2025-03-11

Happy St. Patrick’s Day, Folks!

Today is Patch Tuesday for March, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, the time was 6 weeks ago. Pickin’s are thin right now. 🙁

There were 575+ major hacks, and over 300 application updates this month. Even so, it’s a relatively minor month, with about 2.5 GB of updates for most users.

This Month in Technology

1inch, 1X Internet, 365labs, Access2Jobs, 49,000 Access Management Systems AMS), ACDC Express, Acqua Development, ACTi Corporation, Adrenalina, Adval Tech, Advantage Home Construction Insurance, Aeonsparx, AJ Taylor Electrical Contractors, Alabama Ophthalmology Associates, Albion Online, Alf DaFrè, All4Labels, Allied Tenesis, AllTrust, Allworx, Ally Financial, Almost Famous Clothing, Amalgamated Sugar, Amerman Ginder, an American political action committee (PAC), Andover Family Medicine, Android, Angel One, Anne Arundel County, Apache Atlas, Apache EventMesh, Apache Ignite, Apache Pinot, Apache Tomcat, ¡appa!, Apparel Group, Apple Safari, Archie Cochrane Ford, Arcusin, Armed Forces of the Philippines, Artistic Family Dental, Ashlar-Vellum Cobalt, Aspire Rural Health System, Aurora Boardworks, Aurora Public Schools, Australian National University, Autodesk Navisworks, Autohaus Kießling, Autoschade Pippel, Avery Products Corporation, Aya Healthcare, Azamara Cruises, Baltimore Country Club, Bangladesh Navy, Bank of America, Barhite & Holzinger Inc, Bassford Remele PA, Bay Cove Human Services, Belgium State Security Service (VSSE), Bell Ambulance, BeniPlus, Benjamin Consulting Services, Benton Police Department, Berg Engineering Consultants, Berkeley Research Group, Best Collateral, Bethany Lutheran Church, Better Auth, BH Aircraft Company, Biagi Bros, Inc, Bikur Rofeh, Birch Medical LLC, Birdsall Muller LLC, Bis Industries, Black Basta ransomware gang, Black Star, BluAgent Technologies, Blue & Co, Blue Planet, Blue Shield of California, Bosowa Berlian Motor, Boys and Girls Clubs of the Tennessee Valley, British Virgin Islands London Office, Bulgaria’s Supreme Administrative Court, Bulldog Oilfield Services, Bulverde Glass, Burdick Painting, Burlington Hydro, Bybit, Cache Valley ENT, Cafe Zupas, Callico Distributors, Cardiology of Virginia, Carolina Arthritis Associates, Carruth Compliance Consulting, Castle Rock Construction, CCL Products India, CCT Technologies, CDS in Texas, Central District Health Department, Central New York Cardiology, Central Texas Pediatric Orthopedics, Charleston Area Medical Center, Chicago Doorways, Chicago Public Schools, Chimu Agropecuaria, Ciba Cobertura Medica, City of McKinney, City Of Roseburg, City of Tarrant, City of Van, Turkey, City Plumbing & Electric Supply, Claris Vision Holdings, Clawson Honda, Cleveland Municipal Court, Cocospy, Color Dating, Colorado River Adventures, Columbus Division of Fire, Comercializadora S&E Perú, Command & Conquer Generals: Zero Hour, Community Care Alliance, Commvault Webserver, Compound Solutions, Connekted, Consultants in Pain Medicine, Convert Solar, Couri Insurance Agency, CPS Solutions, Craft CMS, Crayfish, Cricadda, Cronos Europa, Crossroads Trading Company, Cyncly Company, Dacas Argentina, Daniels Homes, Datavant Group, Delta Electronics CNCSoft-G2, Delta Electronics ISPSoft, Detroit PBS, Digital Technology Co, Dinizulu Law Group, DISA Global Solutions, Django, DocsGPT, DOGE, Donna G Rogers, CPA, Doxbin, DRClaims FL, Dynamic Closures, DZL, EAC Consulting, Edesur Dominicana, Edimax IC-7100 IP, El Corte Inglés, Elastic Kibana, Elite Advanced Laser Corporation, Endless Mountains Health Systems, Engikam, Erie Management Group, Essex County OB/GYN Associates, Euranova, Ewald Consulting, Executive Agenda, EzyLegal, F&V Capital Management, Fairhaven Shipyard Companies, FANTIN group, Fickling & Company, Fillmore County Hospital, Financial Services of America, Finastra, Finck Cigar, First Defense Fire Protection, First Federal Savings & Loan, Flat Earth Sun, Moon and Zodiac App, Flightsim Studio, FlowiseAI, Fort St. John, Fortinet FortiWeb, Franklin County, Friendship House, FTECH R&D, G&M Direct Hire, G&S Electric LLC, Gala Tech, Garantex, Genea, Georgian Government, GitLab, Goldstein Law Group, Google Chrome, Google Chrome extension platform, Government of Brazil, Government of Pakistan, Grafitec, Greencastle-Antrim Senior High School, Greenwood Village South, Gregory & Appel Insurance, Grubhub, Grupo Baston Aerossol, GS Retail, Haggin Oaks Golf, Hall Law Group, Hammond Trucking & Excavation, Hancock Public School, Hanson Cold Storage, Hatolna, HCRG Care Group, HealthRev Partners, LLC, Heartland Health Center, Help Me Grow Yolo, Heritage South Credit Union, Hewlett Packard, Hewlett Packard Enterprise, Hickory Law, Hillcrest Convalescent Center, Inc, Hipshipper, Hirsch Enterphone MESH, Hisingstads Bleck, Holiday Comfort Inn, Hollandia Dairy, Home Assistant, HomeTeamNS, Houston Symphony, HP LaserJet Pro MFP 3301fdw, Humboldt Independent Practice Association, iCloud, Indian Ministry of Culture, INDIC Electronics, Indonesian Firefighting Services, Infini, InfoReach, Inland Empire Distribution Systems, Innovative Renal Care, Insight Partners, Insyst GmbH, Interjet, INTERLINK Health Services, Internet Corporation for Assigned Names and Numbers (ICANN), 86,000 Internet of Things devices, InternetWay, Inversiones Clinica Del Meta, InvestHK, Investing.com, IRS, Island Realty, IT-IQ Botswana, Italian Government, iTP Partners, Ivanti Connect Secure (ICS), Ivanti Endpoint Manager, Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC), Jaguar Land Rover, Jaime Schwartz MD, Jefferson Elementary School District, Jerue Companies, Jewish Child Care Association of New York, Jildor Shoes, Johnson’s Nursery, JP Express, Juniper Networks Session Smart Router (SSR) devices, Kelsey-Seybold Clinic, Kendall Auto Group, Kensington Glass Arts, Keystone Pacific Property Management, Kings River Union Elementary, Klesk Metal Stamping, Krisala Developer, Krispy Kreme, Kronick Moskovitz Tiedemann & Girard, Kuwaiti Government, Kyocera International, Inc, La Unión, Label Studio, LandAirSea, LANIT, Laravel, Las Cruces, Laurens School District 56, Law Diary, Leadership Strategies, Leading Edge Specialized Dentistry, Leantime, Leeds United, Legacy Professionals, Legal Aid Society of Salt Lake, Lexmark, Lietvaris, Ligentia, LINKGROUP, LINTEC & LINNHOFF Holdings, Linux Kernel, Lost & Found, Loyola University Maryland, LRT, Lucee, Lucent Health Solutions, Lumen Technologies, Luminus Management, M-1 Toolworks, Mac Jee, Mackay Memorial Hospital, Magnolia Manor, Mainline Information Systems, Makai, Manning Publications, Mars Hydro, Martin Energy Group Services, Matagorda County, Medefer, Medusind, Inc, Meet and Chill, Memorial Hospital and Manor, MercadoLibre, Mercury Paper Inc, Mercy Supply, Merkanti Bank, Meta E2 F, Metro Supply Chain Group, Metropolitan Borough of Gateshead, Microsoft Edge, Microsoft Sharepoint, Microsoft Windows Debugger, Microsoft Windows Installer Service, Microsoft Windows KDC Proxy, Microsoft’s partner website, Minaris Medical America, Ministry of Agriculture, Indonesia, Ministry of Defence, India, Ministry of Foreign Affairs, Ukraine, Ministry of Health of Palau, Minnesota Exteriors, Minnesota Orthodontics, Mission, Texas, Missouri Department of Conservation, MITRE Caldera, MNJ Technologies Direct, Monroe Transportation Services, Moodle, Mosley Glick O’Brien, MOVITOOLS MotionStudio, Moxa PT Switches, MTN Group, Muller Insurance, Mundelein Park & Recreation District, My New Jersey Dentist, mySCADA, Naphix, Naples Heritage Golf & Country Club, NASCAR, National AirVibrator, National Presto Industries, Navien, NBA, Neaton Auto Products Manufacturing, Nebraska Irrigation, Nelson & Townsend, CPA’s, Neopoly, Netcom-World, New Era Enterprises, Inc, New Era Life Insurance Companies, Newton & Associates, Next TI, NHS Tayside, NI DAQExpress, Nichino Ryokka Co, NioCorp Developments Ltd, Nippon Steel, Niva Bupa, North American Fire Hose, Northern Management, NorthWest Arkansas Community College, Novi Community School District, NTT Communications Corporation, Numotion, Nuna Baby Essentials, NVIDIA Container Toolkit, NVW Newco, LLC, Oberlin Cable Co-op, Obex Medical, Omni United, Ondunova, Openreso, OpenSSH, Orange Group Romania, Ottawa Family Physicians, Oxidized Web, PACE, Pacific Honda Company, Pacific Rehabilitation Centers, Paddington Bear, PAN-OS firewalls, Paragon Partition Manager, Parallels Desktop, Paratus, Park Place Pediatric Dentistry, payapps.com, Paysera, PDF-XChange Editor, Pebble, Pedensia Graphics Distribution, Penn-Harris-Madison, Perrin Performance, Persante Health Care, Pervedant, Peter Glenn Ski Sport, Petstop, Phoenix Rehabilitation and Nursing Center, Polish Space Agency (POLSA), Portland Schools, PostgreSQL, PostHog ClickHouse, Pound Road Medical Centre, Power Pages, PPS Services Group, Praxis Eins, Precision Orthopedics and Sports Medicine, Primary Health-SMMPP & U.S. HEALTHWORKS-SMMPP, Princeton Hydro, PS, Pump.fun X account, QBurst, Quality Home Health Care, Radco Industries, Rainbow District School Board, Ray Fogg Corporate Properties, Raymond Lifestyle, Raymond Limited, RCDPRO, Reading Cooperative Bank, Reddit, Regency Media, Rennes University, Renton School District, Restorix Health, RFA Decor, Riverdale Country School, Rivers Casino Philadelphia, a prominent Riyadh-based real estate and construction firm, RJ IT Solutions, ROCK SOLID Stabilization & Reclamation, Roswell Park Comprehensive Cancer Center, Rowe Tactical, Rubrik, Ruby on Rails, RxSight, RZD, S3-Proxy, Safe-Strap Company, Saracen Properties, Sault Ste. Marie Tribe of Chippewa Indians, Schmiedetechnik Plettenberg GmbH & Co, SCLARC, Scott County, Iowa, Scottish Qualifications Authority, Seabank Group, Semyonishna, Shetland Islands Council, Shields Facilities Maintenance, Shinn Fu Company of America, Siegel Group, Signal, SimonMed Imaging, Sittab, SMC Corporation of America, Soco Systems, Solar Data Systems, SolarWinds, Somnia, SonicWall firewalls, Sorare, Sorbonne University, South African Weather Service, SPEED Co, Spring Management OK, LLC, Spyic, Spyzie, SSK Plastic Surgery, St. Andrew’s Resources for Seniors System, Star Solution Services, State Bar of Texas, Stateside Seattle, Sterling BMW, Storenvy, Story Environmental, Stram Center for Integrative Medicine, StubHub, Sublette County, WY, Summit Home Health, Sunflower Medical Group, PA, Sunnking Sustainable Solutions, SushiCo, Synelixis Solutions, System Pavers, T J Machine & Tool, T-Mobile, TensorFlow, Thai Metal Aluminium, The Agency, The Grove at Valhalla Rehabilitation and Nursing Center, The Northwestern Illinois Association, The Pension Specialist, The Phoenix Rehabilitation and Nursing Center, The Siegel Group, The Smeg Group, The Townsley Law Firm, Therma Seal Insulation Systems, Thong Sia, Thornton Engineering, Tie Down Engineering, TikTok, Title 9 Sports, Inc, TOT Mobile, Town Counsel Law & Litigation, TP-Link routers, Transak, Transkid, Trident Maritime Systems LLC, Trimble SketchUp, Tugwell Pump & Supply, Turning Point of Central California, UFCW Local 135, Unimicron, United Community Health Center, US Coast Guard, US Dept Of Defense, US Dept of Housing and Urban Development (HUD), Utsunomiya Central Clinic, Vector Engineering, VectraRx Mail Pharmacy Services, Vela Server, Vermeer Mexico, Versant Technologies, Via Credit Union, Vicky Foods, Virginia Attorney General’s office, Vičiūnai Group, VMware ESX, Volt, Vue, Wayne County, Michigan, WDNA, Webex for BroadWorks, Weed Man Canada, Wendy Wu Tours, Whitman Hospital & Medical Clinics, Wilkinson Rogers, Williamsburg-James City Schools, Window World of Raleigh, WJCC Public Schools, Woman’s Athletic Club of Chicago, WordPress Chaty Pro plugin, WordPress Essential Addons for Elementor plugin, WordPress Jupiter X Core plugin, Workforce Group, Wylie Steel Fabricators, Xactus, Xen hypervisor, Xerox VersaLink C7025, XWiki, Yahoo, Yorke & Curtis, YouTube, Zacks Investment Research, Zimbra, ZITADEL, zkLend, and Zurich Insurance have reported hacking or compromises this month.

Flight Radar 24,Mastercard, Microsoft 365, Outlook.com, X/Twitter, and ZServers/XHost (yay!) have suffered from outages this month.

Last months updates broke AutoCAD 2022, Classic Outlook (again), Microsoft 365, Outlook Drag & Drop, Windows 11 SSH, and Windows Server 2025. Microsoft did release an out-of-cycle BIOS update to fix crash bugs in ASUS devices that has persisted since October.

In other news…

Apple’s AI sucks at transcription. And they’ve disabled end-to-end encryption for users in the UK.

Microsoft is never going to give up trying to get your files into OneDrive so they can use them to feed their AI. After this, their next step will be to “accidentally” turn it on in a month or two then apologize for it later. “Oops.” Microsoft has announced they’re killing off Skype in only a couple months. An ad-supported version of Microsoft Office/365 is currently in beta.

Microsoft accounts are being targeted by an insane “password spraying” attack over the last month or so. Due to the way their authentication works, where all it takes is your email address to send you an email or text with a passcode to log you in, it’s resulting in hundreds or even thousands of messages to Microsoft account holders with these one time pin numbers.

As Microsoft launches their new 24/7 screen capture and content collection service, Recall, they are removing the Location History feature in Windows.

Many websites are now “fingerprinting” your browser to uniquely identify “you” – and the net effect is that it actually allows malicious actors to impersonate you really well.

ReliaQuest has released information about how a “tsunami of phishing messages” followed by a massive deluge of spam in order to allow hackers the cover they needed to hijack their network. It’s a great birds-eye view of how this kind of thing works. The lesson here: Don’t simply ignore a massive uptick in phishing messages or spam.

A series of vulnerabilities exist in undocumented functions in the Espressif bluetooth chips used in over a billion devices.

YouTubers are being targeted with threats of copyright strikes if they don’t spread malware. And you thought the content was bad already.

Now for the good news:

The EFF has released a tool to detect cellular spying.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is relatively minor this month. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released 39 updates to address 72 vulnerabilities in .NET, ASP.NET Core & Visual Studio, Azure Agent Installer, Azure Arc, Azure CLI, Azure PromptFlow, Kernel Streaming WOW Thunk Service Driver, Microsoft Edge, Microsoft Local Security Authority Server (lsasrv), Microsoft Management Console, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office Word, Microsoft Streaming Service, Microsoft Windows, Remote Desktop Client, Synaptics, Inc., Visual Studio, Visual Studio Code, Windows Common Log File System Driver, Windows Cross Device Service, Windows DNS Server, Windows exFAT File System, Windows Fast FAT Driver, Windows File Explorer, Windows Hyper-V, Windows Kernel Memory, Windows Kernel-Mode Drivers, Windows MapUrlToZone, Windows Mark of the Web (MOTW), Windows NTFS, Windows NTLM, Windows Remote Desktop Services, Windows Routing and Remote Access Service (RRAS), Windows Subsystem for Linux, Windows Telephony Server, Windows USB Video Driver, Windows Win32 Kernel Subsystem, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iOS 18.3.2, iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, tvOS 18.3.1, and visionOS 2.3.2. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 18.3.2 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 18.3.2 are security updates. Use Settings, General, Software Update to install the most current update.

tvOS 18.3.1 is a security update. Use System, Software Update to install the most current version.

visionOS 2.3.2 is a security update. Use System, Software Update to install the most current version.

Google ChromeOS 133.0.6943.146 and Google ChromeOS LTS 126.0.6478.265 and 132.0.6834.211 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 25.3.1 adds support for new hardware, feature and performance improvements, and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 11.01 does not provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Intel Driver and Support Assistant 25.1.9.6 is a security update.
https://www.intel.com/p/en_US/support/detect

VIISAN OfficeCam 7.2.7.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.76.74 is a security update.
https://brave.com/

Google Chrome 134.0.6998.88 is a security update.
https://www.google.com/chrome/

Firefox 136.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.8.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 7.1.3570.60 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

DavMail Gateway 6.3.0 improves compatibility and resolves several bugs. This is a security update.
https://davmail.sourceforge.net/

Spark 3.21.3.100475 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.21.3.100474 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 136.0.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.0.4 resolves several crash bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 9.0.0 is a major update adding several new features and resolves compatibility and stability bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 8.12.1 improves tests and resolves several bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 219.4.4463 resolves several stability bugs. This is not a security update.
https://www.dropbox.com/

FreeFileSync 14.2 resolves a crash bug. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 105.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Grocy Desktop 2.13.0 improves compatibility. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.42 resolves several bugs. Note that this version has conflicts with Windows 7 and 2008R2 so do not enable update on these platforms. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.8.00.4966 enables AI by default, feature improvements and now consumes Skype links. Skype is dead. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 31.0.0 updates libraries and resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

Npcap 1.81 adds several new features and performance improvements. This is not a security update.
https://nmap.org/npcap/

Rclone 1.69.1 improves compatibility and resolves several bugs. This is not a security update.
https://rclone.org/

Signal 7.45.1 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.36.2 adds chat history migration support. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.4.3 improves reliability and performance. This is not a security update.
https://technitium.com/dns/

Telegram 5.12.3 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 6.3.7 is a security update.
https://winscp.net/eng/index.php

Zoom 6.3.11.60501 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.15 improves clothing and other interactions. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.3.2 resolves several bugs. This should be treated as a security update.
https://www.bitwig.com/download/

darktable 5.0.1 resolves dozens of bugs. This is not a security update.
https://www.darktable.org/

Grayjay 285 improves sync and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.6.1 adds support for new iOS and iPadOS versions. This does not provide a detailed change log so should be treated as a security update.
https://www.apple.com/itunes/download/

KaraFun Player 3.5.3 improves offline mode and remote. This is not a security update.
https://www.karafun.com/karaoke-windows/

Plex Desktop 1.108.1.307 doesn’t provide a change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.5.9522 improves ad detection feature, performance and resolves a bunch of bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.62.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2025.225 improves performance and stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.03.10 resolves several bugs and improves stability. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2025.03.04 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Illustrator 28.7.5 and 29.3 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb25-17.html

Adobe InDesign 19.5.3 and 20.2 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-19.html

Adobe Reader DC 25.001.20432, 24.001.30235 and 20.005.30763 are security updates.
https://get.adobe.com/reader

Adobe Substance 3D Designer 14.1.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb25-22.html

Adobe Substance 3D Modeler 1.20.10 is a security update.
https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-21.html

Adobe Substance 3D Painter 11.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb25-18.html

Adobe Substance 3D Sampler 5.0 is a security update.
https://helpx.adobe.com/security/products/substance3d-sampler/apsb25-16.html

Aronium 1.45 resolves several bugs. This is not a security update.
https://aronium.com/

Artweaver 8.0.3 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Audacity 3.7.2 resolves over a dozen bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.26.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.2 improves parsing and adds additional escapes and search options. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Kdenlive 24.12.3 resolves over a dozen bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.7.70978 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 24.8.5 resolves over 60 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 25.2.1 resolves over 75 bugs. This is a security update. The “Fresh” line is beta software and should be avoided in favor of the standard release.
https://www.libreoffice.org/

Manager 25.3.11.2151 improves inventory feature. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.16.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7.8 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.1.5 adds JPEG XL support, updates libraries and resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.5.2.395 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

Tails 6.13 is a security update.
https://tails.net/install/download/index.en.html

Security Software Updates

One or more of these is likely to be of interest to most people.

IISCrypto 4.0.18 adds support for Windows Server 2025, improved logging, controls, profiles and resolves a couple bugs. This is not a security update.
https://www.nartac.com/Products/IISCrypto/Download

JShelter 0.20 resolves several bugs. This is not a security update.
https://jshelter.org/install/

KeePass 2.58 improves cosmetics, controls and adds several new import and export capabilities. This is not a security update.
https://keepass.info/

MalwareBytes Desktop Security 5.2.7.167 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OnionShare 2.6.3 updates libraries, resolves several bugs, improves compatibility, and log capability. This is not a security update.
https://onionshare.org/

OpenSSL 3.4.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN 3.5.3 improves stability. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest

RogueKiller 16.1.1 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.300 adds new detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 31.0.2 resolves several crash and stability bugs. This is not a security update.
https://obsproject.com/

SnagIt 25.0.0 updates libraries, adds “step capture”, smart redaction, removal of background noise and customizable sharing. Unfortunately, it also now attempts to install SQL Server Compact Edition which has been unsupported for over three years with outstanding security vulnerabilities. It also introduced a crash bug when exporting to PNG format. This is a security update. Kinda sad isn’t it: Fix a few vulnerabilities and intentionally add even more? Sigh.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.7 adds support for new hardware and improves stability. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.9.2 resolves a couple bugs. This is not a security update.
https://handbrake.fr/

StreamFab 6.2.2.5 resolves several bugs and improves compatibility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.1.0 resolves several bugs and adds support for newer hardware. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.13 resolves a couple bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.64 resolves several bugs and improves default behaviors. This is not a security update.
https://1password.com/downloads/

balenaEtcher 2.1.0 adds support for new platforms and ability to disable analytics. This is not a security update.
https://etcher.balena.io/

Beyond Compare 5.0.6.30713 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download

BgInfo 4.33 doesn’t provide a change log so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/bginfo

Bitwarden 2025.2.1 improves user interface and adds 2FA for unrecognized devices. This is not a security update.
https://bitwarden.com/

Carbonite 6.5.1 improves compatibility. This is not a security update.
https://account.carbonite.com/

CCleaner 6.33.11465 resolves a couple bugs. This is not a security update.
https://www.ccleaner.com/

DesktopOK 11.63 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.4.2.0 resolves several bugs and improves console support. This is not a security update.
https://dngrep.github.io/

ESEDatabaseView 1.77 improves database reading. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html

Fing 3.8.1 resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 12.8.5 resolves several bugs and improves compatibility. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.8 resolves a couple bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

GSmartControl 2.0.2 resolves several bugs. This is not a security update.
https://gsmartcontrol.shaduri.dev/

Homedale 2.18 adds Thai language support. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.22 adds support for newer hardware. This is not a security update.
https://www.hwinfo.com/download/

IsMyHdOK 4.21 improves hardware detection and compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 2.7.0 adds several new translations. This is not a security update.
https://lessmsi.activescott.com/

MultiMonitorTool 2.20 adds scaling capabilities. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NTLite 2025.03.10344 improves component selection and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.1.1003 improves triage, hash sets, and other improvements. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.16.0 resolves a couple bugs and improves python, deb and rpm package support. This is not a security update.
https://osquery.io/downloads

PowerToys 0.89.0 adds transcoding to advanced paste, improves stability and resolves over a dozen bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 4.0.6 resolves dozens of bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 9.6.5 removes Security Center from installed app and resolves several bugs. This is not a security update.
https://www.roboform.com/

Starwind V2V Converter 9.623 improves compatibility and resolves several bugs. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

TeamViewer 15.63.5 resolves several bugs and improves logging. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Ventoy 1.1.05 improves compatibility and resolves a couple bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WinGet 1.10.340 improves stability. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinRAR 7.10 resolves over a dozen bugs and improves MOTW propagation. This should be treated as a security update.
https://www.rarlab.com/

WizFile 3.11 improves threading, user interface and resolves several bugs. This is not a security update.
https://antibody-software.com/wizfile/

WizTree 4.25 improves CSV import and export and resolves a 32-bit compatibility bug. This is not a security update.
https://www.diskanalyzer.com/

XnConvert 1.104.0 adds command line file and list options. This is not a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2025.2502.63.400 adds ARM64 support and live text view. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 9.0.3 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.3.1.13 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.5.226 updates libraries and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.18 updates libraries and resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.24.1 is a security update.
https://go.dev/

Godot 4.4 adds dozens of new features and improvements. This is not a security update.
https://godotengine.org/

Inno Setup 6.4.1 improves autocompletion and tooltips, and resolves several bugs. This is not a security update.
https://www.jrsoftware.org/isdl.php

Microsoft Visual C++ 2022 Redistributable 14.42.34438.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Node.js 18.20.7 resolves over a dozen bugs. This is not a security update.
https://nodejs.org/en/

Node.js 23.9.0 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Rustup 1.28.1 resolves several bugs. This is not a security update.
https://www.rust-lang.org/

SQLite 3.49.1 resolves several bugs. This should be treated as a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.98.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 5.0.4 resolves dozens of bugs and improves various language integrations. This is not a security update.
https://www.adminer.org/en/

Grocy 4.4.2 improves Open Food Facts integration and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.17.1 improves registration controls and resolves several bugs. This is not a security update.
https://www.humhub.com/en

Joomla 4.4.12 is a security update.
https://www.joomla.org/

Joomla 5.2.5 is a security update.
https://www.joomla.org/

Piwigo 15.4.0 resolves over a dozen bugs. This is not a security update.
https://piwigo.org/

bbPress 2.6.12 is a security update.
https://wordpress.org/extend/plugins/bbpress/

Conditional Widgets 3.3 updates documentation and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/conditional-widgets/

Contact Form 7 6.0.5 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.12 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Redirection 5.5.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Sucuri Security 1.9.9 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WP Cerber Security 9.6.7.3 resolves several bugs and improves performance. This is not a security update.
https://wpcerber.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-10-08

Welcome back, Folks!

Today is Patch Tuesday for October, 2024.

Windows 11 24H2 is out. So is macOS 15/Sequoia. iOS 18, iPadOS 18, tvOS 18, watchOS 11, and visionOS 11 are out now.  The first set of security updates for each of these are released now, too.

All versions of Windows 11 prior to 23H2 are no longer be supported. Upgrade to 23H2 now, then do not upgrade to 24H2, yet. Let everyone else be the guinea pigs. It’s already showing quite a few issues.

All versions of macOS prior to 13/Ventura are no longer supported. If you can’t upgrade your Mac to Ventura you need to permanently take it offline and/or replace it.

Windows 10 now has only 12 months of support left. If your computer can not be upgraded to Windows 11 either start planning now for a switch to Linux or replacing your computer.

There were 505+ major hacks, and over 395 application updates this month. It’s an enormous month, with about 4 GB of updates for most users.

This Month in Technology

4B Components, 5.11 Tactical, A1 Mobile Locksmith, Access Ambulatory Surgery Center, LLC, Access Sports, Accurate Railroad Construction Ltd, Acuity Advisor, Adobe Acrobat Reader DC, Adobe After Effects, Adobe Audition, Adobe Commerce & Magento stores (5% of all their commerce sites!!!),  Adobe Media Encoder, Adobe Photoshop, Adobe Premiere Pro, ADT, Advanced Sterilization Products, Inc, Affirm Agency, AFP, air-gapped government systems, Akromold, Al Rajhi Bank, Albany College of Pharmacy, Alliance, Ally Bank, Alshaya Group, Altman Plants, Alvan Blanch, American Water Works, Amgen Inc, Amplitude Laser, Andamen, Andantex USA, Anniversary Holding, Apache Avro, Apache HugeGraph-Server, Apex Softcell, Aramark myPay, Arc browser, Arelance Group, Around the Clock Companies, Asheville Arthritis and Osteoporosis Center, PA, AT&T, ATG Communications Group, Atrium Health, Autel Maxicharger, Auto Recyclers, AutoCanada, Autodesk Navisworks Freedom DWF, automatic storage tank gauge (ATG) systems (6 models), Avi Resort & Casino, Avis, Balboa Bay Club Ventures LLC, Banana Gun, Bangladeshi government, Barbados Revenue Authority, Barnes & Cohen, Batcom, Battle Lumber Co, Bay Ridge Automotive Management Group, Bazooka, Bel-Air Bay Club, BELL DATA, Inc, Benny Gantz, Bethalto Community Unit School District, Betterhalf, Bharat Petroleum, BingX, Bloom Hearing Specialists, Blundstone USA Inc, BNBuilders, BotSpace, Branhaven Chrysler Dodge Jeep Ram, Brechbuhler Scales Inc, BroadGrain Commodities, Broward Realty Corp, Brown Bottling Group, Brown Integrated Logistics, Brunswick Hospital Center, BSH Soft, BudTrader, C&L Ward, CaleyWray, Calibrated Healthcare, LLC, California Department of Social Services, Cameroon’s pension fund, Canstar Restorations, Capgemini, Capital Printing, Carlile Group, Cascade Columbia Distribution, Casino Fandango, Casio, Caterpillar Inc, Cellular Plus, CentralTickets, CF Medical, Charles Darwin School, Chernan Technology, ChiceDNA, Chinese government, a Chinese government botnet, Chrome, Chunghwa Telecom Data, Cincinnati Public Schools, City of Aberdeen, WA, City of Forest Park, City of Pleasanton, CA, City of Richardson, TX, CK Associates, CKS Packaging, Classic Business Products, CobelPlast, Cohesive Networks VNS3, Comcast Cable Communications, Community Clinic of Maui, Inc, Community Hospital of Anaconda, Compass Group, Concord Management Services, Condere IP, Conductive Containers, Inc, Connally Memorial Medical Center, Control Panels USA, CopySmart LLC, Corantioquia, Creative Consumer Concepts, Creative Playthings, CrediHealth, Crown Mortgage Company, CSG Consultants, D-Link routers, DATASUS, Daughterly Care, David’s Bridal, Del Valle Independent School District, Delaware Library system, Dell (twice in a week),  Deloitte, Delta Prime, Department of Foreign Affairs (DFA), Philippines, DETRAN, Detroit Public TV, Diamond Contracting, LLC, Didi Chuxing, digiDirect, Dimensional Merchandising, DINAS Corp, Divine Interprises INC, DJH Jugendherberge, Domain Industries, DotPe, DPC DATA, Dr. Web, DrayTek routers, Dreyfuss + Blackford Architecture, Duopharma Biotech, Dutch Police, EasyMPS, Edge Imaging, eFile.com, EigenLayer, Elgin Separation Solutions, Elitecare Emergency Hospital, Elitecare, Empereon Marketing, English Football League, Enterprise Outsourcing, EnviroNET Inc, Environmental Code Consultants Inc, Erasmus+, ETC Companies, Ethena Labs, Eurobulk, Evans Distribution Systems, Experience Engine, Express Services, Fabrica Industrial Machinery & Equipment, FastStone Imave Viewer, Fazenda Brazil government, FBCS, Fedbank Financial Services, Feeld, Feldstein & Stewart, Fireworks Software, First Choice, Fleet Equipment, FoccoERP, Forshey Prostok LLP, Fortinet, Fortive, Foundation, Foxit PDF Reader, Freshstart Credit Repair, Frigocenter, Fritzøe Engros, FTV Employment Services LLC, Fylde Coast Academy Trust, G/S Solutions, Galloway MacLeod, Games Box, GameVN, Garvey, GenPro Inc, GitLab, GNOME Project G, GoDaddy, Golden Age Nursing Home, Gough Construction, Graminex, Graybill Medical Group, Greene Acres Nursing Home, Guerriere & Halnon, GW Mechanical, Hair Club for Men, Hamel Cranial Chiropractic & Wellness INC, Harvard Pilgrim Health Care, Harvey Nichols, HDI, Hertz, Hezbollah, Hindle Group, Holmes & Brakel, Howard CPAs, HPE Aruba Networking, Hughes Gill Cochrane Tinetti, Hunter Dickinson Inc, HuntStand, I-MED, Ibermutuamur, ICBC London, IDEALEASE INC, Idre Fjäll, Indian Supreme Court, Indodax, Infosys McCamish Systems, Instituto Nacional de Deportes de Chile, Insurance Agency Marketing Services, Inc, InteriorWorx Commercial Flooring, iOS Password Manager, 260,000 IoT devices (Raptor Train), Iron Metals, Isola, Israel Defense Minister, Israel Foreign Affairs Minister, Israel Harel Insurance, Israel Prime Minister, an Israeli analytics company, Israeli defense companies, Israeli Industrial Batteries, Istrail, Italian Ministry, Ivanti Cloud Services Appliance, Ivanti Endpoint Manager, Ivanti Workspace Control, Jackson Paper Manufacturing, Jacobsen Construction Co, Inc Health Plan, Joe Swartz Electric, Johnson & Wales University, JTaylor & Associates LLC, Juice Generation, Kawasaki Motors Europe, Keller Williams Realty Group, Kennedy Funding, Keuka College, Keya Accounting and Tax Services LLC, Kia dealer portal, Kia vehicles (again), KintApp, Kravit, Hovel & Krawczyk SC, KukuFM, Kuwait Health Ministry, LA Financial Federal Credit Union, Labib Funk Associates, Ladov Law Firm, Lakeland Chamber, Lancaster Royal Grammar, three-quarters of law firms (which explains a lot of the hacks this month), Law Offices of Michael J Gurfinkel, Inc, Lawrie Insurance Group, Lee Hoffoss Injury Lawyers, LEGO, Lenovo Service Bridge, Liberty First Credit Union, Local 1964 ILA Health & Insurance Fund, Lumen Technologies, Luso Cuanzа, Lyomark Pharma, MacGillivray Law, macOS graphics driver, macOS video decoder, Magenta Photo Studio, Malwarebytes Antimalware, Markdom Plastic Products, Maryville Academy, Mattson Technology, Inc, Max Shop, MC2 Data, McAbee Construction, Inc, McCarty Company, MCNA Dental, MDSi INC, MediCheck, MedReview, Messe C, Miami Dolphins Forum, Michigan Masonic Home, Michigan Medicine, Microsoft Azure API Management, Microsoft C++ redistributable, Microsoft Pragmatic General Multicast Server, Microsoft SharePoint, Microsoft Windows, Microsoft Windows 10 AllJoyn Router Service, Microsoft Windows Internet Explorer, Microsoft Windows SmartScreen, Mile Hi Foods, MIPS Holding, Inc, Mobility Compare, Model Engineering, Moeller Door and Window, MoneyGram, Mozambique Election System, Mt. Carmel Behavioral Healthcare, Muskogee City County Enhanced 911 Trust Authority, mySCADA myPRO, NASA, New Electric, New River Electrical, New York Sports Club, Noble Environmental, North American Breaker, Nova Sinseg, Nusser Mineralöl GmbH, NVIDIA Container Toolkit, Octapharma Plasma, OffRoadAction, Omega Industries, One Point HR Solutions, Onyx, OpenAI, OpenPLC_v3 Runtime, Optigo Networks ONS-S8, Oracle WebLogic, Pacific Coast Building Products, Pacific Islands Forum, Fiji, Pacific Scientific Energetic Materials Company LLC, Palomar Medical Group, PaperCut NG, Partners Air, Patelco Credit Union, Patrick Sanders Company, PDF-XChange Editor, Pearl Cohen, Peerless Umbrella, Performance Food Centers, Performance Therapies, PetEdge, Pete’s Road Service, PetroChina, Physical Medicine & Rehabilitation Center, Piggly Wiggly, Plaisted Companies, Plastics Plus, Plumbers Stock, Port of Seattle/Seattle-Tacoma International Airport (SEA), Power Torque Services, PRC-Saltillo, Premier Packaging, Prentke Romich Company, Progress Software WhatsUp Gold, Pureform Radiology Center, Qualcomm DSP, Quantum Healthcare, Raaga, Rackspace, Radio Geretsried, 19 UK railway stations, Ranveer Allahbadia, Reading Train Station, Red Barrels, Repsol, Research Electronics International, Reutter, Richland County, WI, Richmond Auto Mall, Richmond Community Schools, Riley Gear Corporation, Rim Country Health and Rehabilitation, Ring Power, River Delta Unified School District, River Region Cardiology Associates, Riverside Resort Casino, Rob Levine & Associates, Robson Planning Group Inc, Rockwell Automation PLC Software, Sacred Heart Catholic School, Sage Home Loans Corporation, SaniRent, Satia Group, Savannah Candy, Schäfer, dein Bäcker GmbH & Co KG, Scranton School District, Sellafield, ServiceNow, Shenango Area School District, Sherr Puttmann Akins Lamb PC, Shezmu, Shin Bet, ShoreMaster, Signature Healthcare Services LLC, siParadigm LLC, Slim CD, Smart Buy, Smart Source, Inc, 2,700 “smart” devices in the Netherlands, SolarWinds Access Rights Manager, Solutii Sistemas, Sono Bello, Southeast Cooler, Southern Bone, SpaceX, Spectrum Industries, Sportstech, spWETH Wallet, Star Blizzard, Star Health (India), Stillwater Mining Company, Storck-Baugesellschaft mbH, Structural Concepts, Sub-Zero, Wolf, and Cove, Sunrise Farms, Synnovis, TANYA Creations, TeamViewer, TeleHealth Center (India), Temu, Tewkesbury Borough Council, Thai Honda Manufacturing, The Gill Corporation, The Maids International, The Rubber Resources, The Superior Court of California, The Tech Interactive, Theresa Gordon Tax Services, Inc, Think Simple, Thomas Lloyd, Thompson Construction Supply, TIAA, Title Financial Corporation, Total Electronics, TOTVS, Toyota, TradeZero America Inc, Transport for London, Transtec SAS, TransUnion Risk and Alternative Data Solutions, Inc, Travel Alberta, TRC Worldwide Engineering, Trend Micro Deep Discovery Inspector, True Family Enterprises, Truflation, Truist Bank, Trump campaign, Tuttle-Click Automotive Group, Twilio, Uber Eats, UCC Retreivals, United Animal Health, Universal Music Group, University Medical Center, University of Minnesota Orthodontics, US Centers for Medicare and Medicaid Services, US Congress, US Dermatology Partners, UT Southwestern Medical Center, Uttarakhand (India) government, Veertu Anka Build, Verizon, Vermilion Parish Schools, Versa Director, VGTRK, Vickers Engineering, Vidisco, Virginia Dare Extract Co, Visionary Homes, Visteon Infotainment System, VMware vCenter Server, Ward Transport, Wayne County, MI, WazirX, We Level Up Treatment Lake Worth, Weiser Memorial Hospital, Weldco-Beales Manufacturing, Wells Fargo, Western Digital MyCloud PR4100, WhatsApp, Wichita Police, Wilmington Convention Center, Wilson & Lafleur, Wisconsin Physicians Service Insurance Corp, Woodard, Hernandez, Roth & Day, WordPress Houzez Login Register plugin, WordPress Houzez theme, WordPress LiteSpeed Cache Plugin, Wright, Moore, DeHart, Dupuis & Hutchinson, LLC, Young Consulting LLC, and Zimbra email servers have reported hacking or compromises this month.

AFP, AT&T, Cloudflare, Confidant Health, Dr. Web, Google CloudImposer, Highline Public Schools, MoneyGram, PlayStation Network, Port of Seattle, Providence Public Schools, State Data Center (India), Verizon, and WP Engine have suffered from outages this month.

Last months updates broke M4 iPad Pro devices, macOS Sequoia VPN & antivirus software, Microsoft 365 apps, Microsoft Outlook mail vs nested folders, Microsoft Word (serious – Word deletes your files if they have mixed case extensions!), Windows 11 24H2 BSODs, Windows 11 24H2 gaming performance, Windows 11 24H2 license activation, Windows reboots, and Windows USB & Bluetooth.

In other news

The Internet backdoor mandated by US federal law has been hijacked by China (Salt Typhoon) and is being actively exploited again across several phone providers. It’s not good.

Almost 3 in 5 of breached UK firms admit to paying ransom on demand. An insane 92% of healthcare firms in the US were hit by cyberattacks this year.

Now that “exploding pagers” (and more) are a thing, will people start to take supply chain and physical security seriously?

Fearing exposure of weak security processes, Apple has moved to dismiss their lawsuit against NSO Group.

Now for the good news

Discord has added end-to-end encryption for audio & video calls.

NIST has finally scrapped their complexity and change frequency recommendations. The math on these recommendations simply doesn’t add up.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is enormous this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released 65 updates to address 121 vulnerabilities in .NET Framework, .NET, Azure CLI, Azure Monitor, Azure Stack, BranchCache, Code Integrity Guard, DeepSpeed, Internet Small Computer Systems Interface (iSCSI), Microsoft ActiveX, Microsoft Configuration Manager, Microsoft Defender for Endpoint, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Management Console, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office, Microsoft Simple Certificate Enrollment Protocol, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Speech, OpenSSH for Windows, Outlook for Android, Power BI, Remote Desktop Client, RPC Endpoint Mapper Service, Service Fabric, Sudo for Windows, Visual C++ Redistributable Installer, Visual Studio Code, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows BitLocker, Windows Common Log File System Driver, Windows Cryptographic Services, Windows cURL Implementation, Windows EFI Partition, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows Kernel-Mode Drivers, Windows Local Security Authority (LSA), Windows Mobile Broadband, Windows MSHTML Platform, Windows Netlogon, Windows Network Address Translation (NAT), Windows NT OS Kernel, Windows NTFS, Windows Online Certificate Status Protocol (OCSP), Windows Print Spooler Components, Windows Remote Desktop Licensing Service, Windows Remote Desktop Services, Windows Remote Desktop, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Scripting, Windows Secure Channel, Windows Secure Kernel Mode, Windows Shell, Windows Standards-Based Storage Management Service, Windows Storage Port Driver, Windows Storage, Windows Telephony Server, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for Apple TV 1.5.0.152 for Windows, iOS 17.7, iOS 18, iOS 18.0.1, iPadOS 17.7, iPadOS 18, iPadOS 18.0.1, macOS Sequoia 15.0.1, macOS Sonoma 14.7, macOS Ventura 13.7, Safari 18, Safari 18.0.1, tvOS 17.6.1, tvOS 18, visionOS 2, visionOS 2.0.1, watchOS 10.6.1, watchOS 11, watchOS 11.0.1, and Xcode 16. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.6.1, 11, and 11.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 18 is a security update. Use System, Software Update to install the most current version.

visionOS 2 and 2.0.1 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 128.0.6613.163, 129.0.6668.80, and ChromeOS LTS 126.0.6478.254 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.9.1 improves hardware compatibility, game support, resolves several bugs and expands Vulkan extensions. This is not a security update.
https://www.amd.com/en/support

TP-Link Archer AX55 v1 240628 improves mesh and configuration controls. This is not a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

goxlr-utility 1.1.4 resolves several compatibility and reliability bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

UniFi Network Server 8.4.62 resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.2.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.70.123 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 129.0.6668.100 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 129.0.2792.79 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 131.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.3.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 6.9.3447.51 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.14.0 is a security update.
https://getmailspring.com/

ProtonMail (Android) 4.0.22.1 resolves a major stability bug. This is not a security update.
https://proton.me/mail/download

Spark 3.17.9.86866 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.9.86865 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.3.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.1.0 resolves dozens of bugs and improves stability. This is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.1.2 is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.58 resolves an export bug. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.10.1 resolves over a dozen bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 209.4.3661 does not provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.6.0.24.211 is a security update.
https://www.messenger.com/download

FileZilla Server 1.9.2 resolves a bug in the update engine. This is not a security update.
https://filezilla-project.org/

Google Drive 98.0 is a security update.
https://drive.google.com/start

MeshCentral 1.1.32 is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.26062 improves onboarding flow and allows external presenters to join from mobile platforms. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.0 is a major update, updating libraries, minimum requirements, and resolving more than a hundred bugs. This is a security update.
https://nextcloud.com/

Npcap 1.80 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Rclone 1.68.1 improves compatibility and resolves several bugs. This is not a security update.
https://rclone.org/

Signal 7.27.0 adds several new display options for media, groups and restores ability to search stored messages from groups you’re no longer part of. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.18.2 adds ability to search for emoji. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.0.2 resolves protocol bugs. v13 adds several other new DNS features and controls including ZONEMD, RP, Catalog Zones and improved logging. This is not a security update.
https://technitium.com/dns/

Telegram 5.6.1 resolves dozens of bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 11.1.3 resolves dozens of bugs. This is not a security update.
https://telegram.org/apps

Zoom 6.2.3.47507 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.10 resolves a couple bugs and improves lip sync. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.4 resolves over 20 bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 264 adds auto-play toggle, allows you to control rotation sensitivity, reverse rotation, and resolves several bugs and compatibility issues. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.3.2 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.102.0.230 resolves a couple bugs and adds an advertising consent notice. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.67.1.233 updates web engine. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.0.8994 adds support for external subtitles, improved ad detection, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.31.04 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 19.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.920 improves stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.09.17 changes the terms of use and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.10.03 improves Wi-Fi 7 compatibility. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.8 and 24.0.5 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-76.html

Adobe Commerce 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11, 1.4.2-p3, 1.3.5-p8, 1.3.4-p10, and 1.3.3-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Magento Open Source 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Adobe Dimension 4.0.4 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb24-74.html

Adobe FrameMaker 2020.7 and 2022.5 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-82.html

Adobe InCopy 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb24-79.html

Adobe InDesign 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-80.html

Adobe Lightroom 7.5, 13.5.1, and 12.5.2 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb24-78.html

Adobe Substance 3D Painter 10.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html

Adobe Substance 3D Stager 3.0.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html

Audacity 3.6.4 doesn’t have a change log so should be treated as a security update.
https://www.audacityteam.org/download/

Blender 4.2.2 resolves dozens of bugs. This is a security update.
https://www.blender.org/download/

Calibre 7.19.0 improves performance and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.04.0 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GnuCash 5.9 resolves several bugs. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.08.1 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Krita 5.2.6 resolves over 50 bugs and improves reliability and stability. This is not a security update.
https://krita.org/en/download/

LibreOffice Fresh 24.8.2 resolves almost 200 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.10.8.1879 adds business templates, FDX support, and resolves several bugs. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.14.1 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7 updates libraries, resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

PDF Candy Desktop 3.13 doesn’t provide a change log so should be treated as a security update.
https://pdfcandy.com/

PDF-XChange Editor 10.4.1.389 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_34 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_39 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

JShelter 0.19.1 improves Manifest V3 compatibility and performance. This is not a security update.
https://jshelter.org/install/

KeePass 2.57.1 is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 5.5.4 doesn’t provide a change log so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

RogueKiller 15.18.3 updates libraries and resolves several bugs. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/

SecurityCheck 2024.9.22 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/securitycheck/dl/123/

Stinger 13.0.0.197 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1268 adds support for new browsers, applications, unicode compatibility and resolves several bugs. This is a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.60.0 adds several new features and resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

QubesOS 4.2.3 is a security update.
https://www.qubes-os.org/downloads/

Tails 6.8 is a security update. 6.8 also signals the merger of Tails and the Tor Project.
https://tails.net/install/download/index.en.html

Zorin OS 17.2 improves customization, updates libraries, and resolves several bugs. This is not a security update.
https://zorin.com/os/mirrors/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.2.4 resolves stability bugs. This is not a security update. This is not a security update.
https://www.techsmith.com/screen-capture.html

VideoCacheView 3.10 improves compatibility with Google Chrome. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.7 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.17.8 improves defect tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.2.0.0 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.5 adds FLAC support and resolves sseveral bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.7 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.46 adds QR code authentication, Wi-Fi QR code sharing, accessibility improvements, and resolved several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.5.0 adds Boot Repair, improves Migrate OS and resolves bugs in the optical media creation flow. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.9.2 improves PDF attachment handling and improves Secrets Manager. This is not a security update.
https://bitwarden.com/

CCleaner 6.28.11297 adds support for new applications. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.11 improves mainboard detection and adds new hardware support. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Deskflow 1.17.0 is a complete rebrand of the upstream Synergy source, pushing the public code base into a useful utility. This is the first one, though, so I’d hold off a little while. This is not a security update.
https://deskflow.org/

DesktopOK 11.44 improves copmatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.84.0 improves cache plug-in to use hash data to reduce network chatter, encoding improvements, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-09-12 adds option to use password as credentials, improves documentation and resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.5.1 improves compatibility, adds RTL support, keyboard shortcuts and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3880.66.6 improves compatibility and adds support for Windows 11 v24H2. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.60 adds support for Windows 11 v24H2 and removes v23H2. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 3.7.1 improves Network Insights and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.9.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.46.1 resolves several bugs and improves documentation. This is not a security update.
https://git-scm.com/

GoodSync 12.7.6 improves logging and compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 2.13 adds channel utilization reporting, Wi-Fi 7 (802.11be) support and filtering improvements. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.12 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.55 adds support for newer hardware and battery information. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 4.11 adds support improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 2.2.0 adds Italian language support. This is not a security update.
https://lessmsi.activescott.com/

MultiMonitorTool 2.11 resolves a mapping bug. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NTLite 2024.9.10073 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1014 resolves over a dozen bugs including performance and reliability issues. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 6.44 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.85.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 24.2 should be avoided. It has had rollout “paused” due to stability issues four times already. Just wait for 24.3 or 24.4 to be stable.
https://screenconnect.connectwise.com/download

TeamViewer 15.58.5 resolves several bugs and implements new cosmetics. This is a security update.
https://www.teamviewer.com/en-us/download/windows/

TestDisk 7.3 doesn’t provide a change log so should be treated as a security update.
https://www.cgsecurity.org/wiki/TestDisk_Download

XnConvert 1.101.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.10 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.2.1.9 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.4.213 adds ability to change opacity within properties panel, tilemap improvements, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.6 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.2 resolves several bugs. This is not a security update.
https://go.dev/

Node.js 20.18.0 updates libraries, resovles several bugs and adds experimental support for network inspection. This is not a security update.
https://nodejs.org/en/

Node.js 22.9.0 updates libraries, adds support for stack trace, disables V8, and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.0 resolves over a dozen bugs. This is a security update.
https://www.python.org/downloads/windows/

Visual Studio Code 1.94 improves Explorer Find, adds filtering options to Source Control Graph, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.2 is a major update, changing style, performance, stability, hardware compatibility and adding many options. It also initially broke older guests and this release fixes that as well as a dozen other bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Duplicator 1.5.11 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Sucuri Security 1.9.5 improves analysis. This should be treated as a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-05-14

Welcome back, Folks!

Today is Patch Tuesday for May, 2024.

There were 580+ major hacks, and over 460 application updates this month. It’s an insanely big month, with about 5 GB of updates for most users.

This Month in Technology

First, let me apologize for this list. It’s 3x longer than it was only a couple months ago and that’s not really my fault. I really want to keep sharing the hacked lists but at the rate it’s going 3/4 of the newletter will just be the list by the end of Summer. I’m going to need to rework this next month when I have more time.

1+1 Media, 4LEAF, Inc, A123 Systems, Access Intelligence, Accor, ACFIN SA, Active PCB Solutions, Acurrate Lock & Hardware, ADCOM911, Advanced Business Networks, Advarra, Inc., Aero Tec Laboratories Inc, Aetna ACE, Affordable Payroll & Bookkeeping Services, Agate Construction, Agency for the Sustainable Development of the Saint Nazaire Region, France, AirAsia Group, Airsoft, Allianz Global Risks U.S. Insurance Company, Alltruck Bodies, Alrajhi Bank, Altipal S.A.S, Amazon, Amberstone Security, AMD Radeon DirectX 11 Driver, American Builders Outlet, American Renal Associates, American Renal Management, Andovers Federal Credit Union, APS – Automotive Parts Solutions, Arbitrum, Argentina’s national registry, Army Welfare Trust, Array Networks, Asantee Games, Asbury Automotive Group, Ascension healthcare, Ashley Home Stores, Aspire Health Alliance, Astra Daihatsu Motor (ID), AT&T, Atlantic States Marine Fisheries Commission (ASMFC), Aussizz Group, Autodesk Drive, Axip Energy Services, Ayesa, B&G Foods, Badger Tag & Label, Banco Santander, Banten Regional Development Bank Tbk, Barclays Bank, Base Network, Bay Oral Surgery & Implant Center, Bağcılar Training and Research Hospital, Bega Valley Council, Belarusian KGB, Belvedere Vodka UK, BenefitsCal, Berry, Dunn, McNeil & Parker, Best Reward Federal Credit Union, BetterHelp, Bharat Sanchar Nigam Limited (BSNL), BHF Couriers, Biggs Cardosa Associates, Inc., Bira 91, Bitfinex, Blackstone Valley Community Health Care, Blooms Today, Bluebonnet Trails, Bluegrass Care Navigators, BMW BANK, Bodyartforms LLC, Boeing, Bradford-Scott, Brandywine Realty Trust, BreachForums, Bridgeway Center, Inc., British Columbia, Canada, Brocade SANnav SAN Management Software, Brovedani Group, Bundeswehr, Byron council, Café Soluble, California library system, Calumet Civil Contractors, Inc, Camino Nuevo Charter Academy, Canatal Industries, Canberra club, Cannes hospital, Cariboo library system, Carpetright, Catholic Diocese of Cleveland, Catholic Medical Center (CMC), CCM Health, Central Bank Argentina, Central Carolina Insurance Agency Inc, Central Florida Equipment, Central Power Systems & Services, Central Virginia Federal Credit Union, Change Healthcare, Channel Logistics LLC, Chemring Group, Cherry Health, Chicony Electronics, Chirp Systems, Christie’s Auction House, Cisco Duo, Cisco Integrated Management Controller (IMC), City of Buckeye, AZ, City of Donges, France, City of El Cerrito, California, City of London, UK, City of Pensacola, Florida, City of Wichita, Kansas, Cleveland Catholic Diocese, Community First Credit Union, Confins Transport, Consensus Medical Group, Consol Energy, Continuum Health, Coppel, Coradix-Magnescan, CorporateStack, Costa Edutainment SPA, Council for Relationships, County of Coffee, Georgia, County of Hernando, FLCounty of Jackson, MOCounty of Los Angeles, CA, Department of Health Services, County of Robeson, NC, County of San Bernardino, CA, CrushFTP, Cushman Contracting Corporation, CyberPower UPS, D-Link Devices, Daoust, Dawson Creek, Deeside Timberframe, Delinea Secret Server, Dell, Dental Group of Amarillo, Dental Health Services, DES Architects and Engineers,
Designed Receivable Solutions, Deutsche Telekom, Digi Yatra Foundation, Dijk, Discord, District of Columbia’s Department of Insurance, Securities and Banking (DISB), DocGo, Dominican Republic vaccination data, Donco Air, Doyon Drilling, Drive Sally LLC, DRM Arby’s, Dropbox Sign, Duvel Moortgat, D’amico & Pettinicchi, LLC, E-ZPass, East Central University, OK, Eden Project, Edlong and Holstein Association USA, Educational Computer Systems, EduMarket, Efrat Airlines, Egypt Ministry of Supply and Internal Trade, El Salvador, El Salvador’s Chivo Wallet, Electric Mirror, Empath Health, Engineered Automation of Maine, Enstar, Epilepsy Foundation of Metro NY, EqualizeRCM and 1st Credentialing, Ernest Health, Eucatex, European Parliament, Europol, EvoBanco, F5 Central Manager, Feldstein & Stewart, Fic Expertise, Financial Business and Consumer Solutions (FBCS), Firstmac, FiXBET, Floirac, Footdistrict, Fort Worth, Texas, Foxit Reader, French Ministry of Agriculture, Frontier Communications, FrotCom, GBI Genios, Gerber Life Insurance Company, Giant Tiger, GitHub Search, GitLab, Glendale Unified School District, Glints, Global Tel Link, Google Chrome, Google, Graphic Solutions Group Inc, Grassroot DICOM, Great Firewall of China, Green Diamond Resource Company, Greylock McKinnon, Grindr, Grodno Azot, Group Health Cooperative of South-Central Wisconsin (GHC-SCW), Guadeloupe, Canada, Guardant Health, Inc., Guardian Analytics, Hapy Bear Surgery Center, Hardeman County Community Health Center, Hedgey Finance, Helapet Ltd, Helsinki Education Division, Heritage Cooperative, High Performance Services, Hillsong Church, Hirsh Industries, Hit Promotional Products, Home Depot, Hong Kong Arts Development Council, Hong Kong College of Technology, Hong Kong Fire Department, Hong Kong Union Hospital, Hooker Furniture, Hosocongty, Hospital Simone Veil, 100 hotels in Japan, Houser LLP, Hoya Optics, HP, HPE ArubaOS Devices, HSBC Bank, HTW, Hub International Limited, Human Events, IBM’s Enterprise Terminal, iCabbi, ICICI Bank, IDS Michigan, Illinois State Credit Union, Illinois Tollway, In The Know, India’s Central Board of Secondary Education (CBSE), India’s HRYLabour, India’s ICICI Bank, Ingo Money Inc, Inland Physicians Billing Services, Intel CPUs (Spectre v2), Intel Hardware Firmware, Interim Healthcare of Lubbock, International Baccalaureate Exam, Inventum Øst, Iranian Pipeline Company, Iress Ltd, Israel Electric Corporation (IEC), Israeli Real Estate Companies, ISTA International GmbH, It4 Solutions Robras Corp, Italian Red Cross Network, Ivanti Avalanche, J.P. Morgan Chase, JE Owens, Kaiser Foundation Health Plan, Inc., Kaiser Permanente, Kameymall, Kansas City Scout System, Keenan & Associates, Kintetsu World Express, Kisco Senior Living, KISTI SMART K2C, Kowloon Shangri-La, La Chapelle-des-marais, France, Ladakh Social Welfare Department, Lamont Hanley & Associates, Latvian TV Channels, LDLC, Le Slip Français, Leicester City Council, Lenovo Hardware Firmware, Lewis & Clark College, LG TVs, Lieberman LLP, Lilly Drogerie, Lincoln Project, LiteSpeed Cache, LivaNova, LiveHelpNow, LocalPlace JP, London Drugs, London Stock Exchange Group, Lopesan Hotels, Lotz Trucking, Lpdb Kumkm, LRB Info Tech, Lukfook Jewellery, Lumina Americas, Luxor, LYON TERMINAL, M2E Consulting Engineers, Macedonian Joint Stock Company, Madata, Magnet+, Malone & Co, Manchester’s Catholic Medical Center, Marpai Health, Mauritzon, McKinley Packing, Medequip Assistive Technology, Medical Home Network, MediExcel, Medios de Prevención Externos Sur SL, MedStar Health, Meduza, Mellitah Company, Mercedes, Merchants Benefit Administration, Metropolitan Life Insurance Company, Microsoft, Microsoft Azure Entra ID, Microsoft Outlook, Missouri Electric Cooperatives, Moffitt Cancer Center and Research Institute, Moldova Government, MoldTech, Molen & Associates, Monash Health, Monday.com, MongoDB, Monocon, Montoir-de-Bretagne, France, Moscow Moskollector, MovieBoxPro, MRA – The Management Association, Mt Hira College, Myers Automotive Group, National Energy Research Scientific Computing Center (NERSC), Nespresso, Nestle, New Boston Dental Care, New Hudson Facades, New Mexico Administrative Office of the District Attorneys, New Mexico Highlands University, New York’s state legislature, Nexperia, NHS Dumfries and Galloway, NK Parts Industries, NorthBay Health, Nota by M&T Bank and TTEC Databases, Nothing, Nova Scotia Health, NRS Healthcare, Numotion, NVIDIA, OakBend Medical, Octopharma Plasma, OE Federal Credit Union, Ogero, Ohio Lottery, Okta, Olson Steel, Olympus Group, OracleCMS, OraSure, Original Herkimer Cheese, OrthoConnecticut, Outabox, Pacific Guardian, Pak Suzuki, Palo Alto Networks PAN-OS, Panda Restaurant Group, Pandemonium Rocks, Panoramic Health, Parent Teacher Association (PTA), Paris Saint-Germain (PSG), Parklane Group, Patricia AI, Paychex, Inc., Paytm, Pennsylvania Convention Center, Pennsylvania Insurance Department, Peplink Smart Reader, Persyn, Philadelphia Inquirer, Philips Respironics, Phoenix Business Consulting, PHP, Pifer’s Auction & Realty, Pilot, Pinnacle Engineering, Pinnacle Orthopaedics, Pioneer Oil Company, Inc, Piping Rock, Police Service of Northern Ireland (PSNI), Porniche, France, Pratham, Precision Fluid Controls, Premier Dermatology, Prisma Finance, Pro Metals LLC, Process Solutions, Procuraduría General de la República, Profile Products, Progress Flowmon, Promarka Peru, Pub And Club, Public service of Wallonia, PWS – The Laundry Company, Qantas, QNAP, Quebec CEGEPs, RAF El Salvador, Randolph Health, RaySharp, RB Woodcraft, Reading Electric, Rebound Orthopedics & Neurosurgery, Recology, Redwood Coast Regional Center, Rehabilitation Hospital of Southern New Mexico, Reliable Networks, Rocky Mountain Sales, Roku, Romeo Pitaro Injury and Litigation Lawyers, Rushd Bookstore, Rutgers University, Räddningstjänsten Vä stra Blekinge, Sachkhere, Sahara Bank, Saint-Nazaire, France, Sanok Rubber Company, Saudi Water Facilities, Scanda Group, Scigames, Scottish health board, Seaman’s Mechanical, SEK Studio, Seneca Nation Health System, Sentry Data Management, Servicio Móvil, Shadow, Siemens Manufacturing, Sigmund Espeland, Signature Healthcare Services LLC, SigningHub, Simmons Perrine Moyer Bergman PLC, Singapore’s Ministry of Education, Singapore’s Mobile Guardian, SinglePoint Outsourcing, Inc., SIS Automatisering, Sisense, Skanlog, Sleep Data Holdings, LLC, Sleep Management Institute, Smoke Alarm Solutions, SOA Architecture, Softura, Somerset Dental Las Vegas, Somerville, Sonadev, France, South Africa’s International Trade Administration Commission (ITAC), South Korean courts, South Korean cable & satellite, South Korean Defense Companies, South Texas Oncology and Hematology, Space X, Space-Eyes, Speedy France, Sri Lanka’s visa system, SSCL, SSS Australia, St-Jerome Company, St. Helena Public Library, Stainless Foundry & Engineering, StarWallets, States of Guernsey, Sterling Holidays, Sterling Plumbing Inc., Studio LAMBDA, Swisspro, SynLab Italia, Sysmex America, Inc, T2 Tea Australia, Tamil Nadu Police, Tappware, Targus, Tatarstan, Russia, Taxi Software, Ted Brown Music, Telecom Argentina, Telit Cinterion modems, Texas Retina Associates, The Epilepsy Institute, The Georgia Institute for Plastic Surgery, The Heritage Foundation, The Kennedy Collective, The Lagunitas Brewing Company, The Line Up, Inc, The May Institute, Inc., The Philadelphia Inquirer, PBC, The Post and Courier, The Post Millennial, The Prudential Insurance Company of America, The Roman Catholic Diocese of Phoenix, The State of Kansas Office of Judicial Administration, The Tech Interactive, Theatrixx Technologies, Therapeutic Health Services, 50,000 Tinyproxy servers, Tipton Municipal Utilities, IN, Toolmarts, Toronto Transit Commission, Transamerica Life Insurance Company, Trib Total Media, True Homes, LLC, TRUE Solicitors, Trylon Srl, Tyler Technologies, UAE Government, UK Government’s System Database, UK Ministry of Defence, UK Royal Mail, 20 Ukrainian Energy and Water Sites, Ukrainian TV, United Nations Development Programme, University of Alabama, University of Alberta, University System of Georgia (USG), US Air Force Academy (USAFA), US Atlantic Fisheries, US Coast Guard Reserve, US Consumer Database, US Health and Human Services (HHS), US Internal Revenue Service (IRS), US Medicare, US Patent and Trademark Office, US Space Forces (USSF) Military Bases, USA Health Providence Hospital, Utica Mack, Valley Mountain Regional Center, Valley Veterinary Clinic, LLC, Van Gogh Museum, Varo Bank, N.A., Veeam, Velvet Capital, Verizon, Victorian Ambulance Union, Virginia Union University, VirtualBox, Visionary Integration Professionals, VMware Cloud Foundation, VMware ESXi, VMware Fusion Pro/Fusion, VMware Workstation Pro/Player, Void Interactive, Volkswagen, VPN traffic (TunnelVision), VTRP, W.I.S. Sicherheit-Service GmbH & Co. KG, Washington State’s Swinomish Casino and Lodge, WebTPA Employer Services, LLC, WEL Partners, Wells Fargo, Welsh Government, Wescom Central Credit Union, West Idaho Orthopedics and Sports Medicine, Westboro Baptist Church, WhatsApp, Windows, Windows Apps, Windows Print Spooler, WOM, World Architects, World-Check, WP Forminator plugin, WP-Automatic Plugin, Xiaomi, Yale Mortgage, YRW Limited – Chartered Accountants, ZA Government Employees Pension Fund’s (GEPF), ZircoDATA, and Zscaler Inc have reported hacking or compromises this month.

Central Power Systems & Services, Final Fantasy, Frontier Communications, Kansas City’s official website, Ogero, Reddit, and Telegram have suffered from outages this month.

Last months updates broke Outlook, Windows (thanks ManageEngine), and VPN connections.

An update to ManageEngine has caused thousands of Windows machines to fail to boot. I guess that’s one way to make sure that they can’t be hacked through ManageEngine vulnerabilities?

Windows has officially added advertisements to the Windows 11 Start Menu.

The PuTTY Pageant key generation weakness will require millions upon millions of certificates to be rekeyed.

The Windows Boot Manager update released in January still has no automated fix from Microsoft. Third parties have created several methods of installing the update, and the closest-to-perfect automation yet requires seven (7!) restarts.

Microsoft has announced plans to implement fully locked down DNS via a pairing of DNS and the firewall, branded Zero Trust DNS – ZTDNS.

A recent technical paper described the process of using LLM (GPT-4) to automate the process of building exploits for newly discovered vulnerabilities. Reviews of the paper tend to acknowledge that it can be used in this fashion but focus instead on the use of the word “autonomously” which they treat as sentience. No guys, the paper isn’t saying that Skynet is here, just that LLMs are getting to the point where they can build functional exploit code based on brief descriptions of vulnerabilities.

I first saw the description of “Kobold Letters” a couple months ago. While a very creative use of CSS and an interesting idea, what are the chances that this kind of thing would actually be used in real life? 100%. I’ve now seen this behavior on three different client mail accounts in Microsoft Online and Gmail.

The founder of Telegram has publicly reported that the FBI pressured an employee to build a backdoor into the system. They refused.

Thunderbird has added Microsoft Exchange support. This means you won’t be forced to use the “New Outlook” crapp to access your Microsoft Exchange accounts. 🙂

Now for the good news:

We won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is insane this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released updates to address 67 vulnerabilities in .NET and Visual Studio, Azure Migrate, Microsoft Bing, Microsoft Brokering File System, Microsoft Dynamics 365 Customer Insights, Microsoft Edge (Chromium-based), Microsoft Intune, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Microsoft Windows Search Component, Power BI, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows CNG Key Isolation Service, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Deployment Services, Windows DHCP Server, Windows DWM Core Library, Windows Hyper-V, Windows Kernel, Windows Mark of the Web (MOTW), Windows Mobile Broadband, Windows MSHTML Platform, Windows NTFS, Windows Remote Access Connection Manager, Windows Routing and Remote Access Service (RRAS), Windows Task Scheduler, Windows Win32K – GRFX, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.

Oracle released 441 security updates this quarter to address vulnerabilities in 119 applications.
https://www.oracle.com/security-alerts/cpuapr2024.html

Apple released updates for iOS 16.7.8, iOS 17.5, iPadOS 16.7.8, iPadOS 17.5, iTunes 12.13.2 for Windows, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, Safari 17.5, tvOS 17.5, and watchOS 10.5. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 6.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.5 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.5 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 124.0.6367.154 and 120.0.6099.310 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 40-1.14 is a major update, replacing BerkeleyDB with alternatives, updating libraries, and including adding new features and defaults. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.4.1 adds support for new software, performance improvements, and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 12.1.0 improves tooltips, and resolves a couple bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Dymo Connect for Desktop 1.3.2.18 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dymo.com/label-makers-printers/labelwriter-label-printers/dymo-labelwriter-450-duo-thermal-label-printer/SAP_1752267.html

TP-Link Archer AX55 v1 240325 adds almost a dozen new features, improves stability and resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

TP-Link Archer AX73 v2.0 240323 resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

UniFi Network Server 8.1.127 enhances firewall rules visibility, adds tunnel IP addresses, OSPF dynamic routing support, and resolves a dozen bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.1.19.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Wacom Driver 6.4.6-1 adds support for newer hardware, resolves several bugs and improves stability.
https://www.wacom.com/en-us/support/product-support/drivers

Xerox Smart Start 2.0.34.0 doesn’t provide a change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.65.133 is a security update.
https://brave.com/

Firefox 126 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 124.0.6367.207 is a security update.
https://www.google.com/chrome/

Microsoft Edge 124.0.2478.97 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.7.3329.29 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.15.5.72973 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.15.5.72972 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.10.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.10 is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.0.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 199.4.6287 removes a cosmetic defect. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 211.0.0.18.236 is a security update.
https://www.messenger.com/download

FileZilla Client 3.67.0 is a security update.
https://filezilla-project.org/

FileZilla Server 1.8.2 is a security update.
https://filezilla-project.org/

FreeFileSync 13.6 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 90.0 resolves several bugs. This is the last version to support macOS 10.15 – if your hardware can not support macOS 11 you should have already removed it from the Internet, but if not, please take this as one more signal that it’s time to replace it.
https://drive.google.com/start

Microsoft Teams 1.7.00.10152 resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.0 is a major update, resolving dozens of bugs, updating libraries, and improving workflow and design. This should be treated as a security update.
https://nextcloud.com/

Nmap 7.95 adds over 6,500 more fingerprints, new scripts and resolves several bugs. This is a security update.
https://nmap.org/

PuTTY 0.81 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Signal 7.8.0 adds emoji call responses and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.6.2 adds emoji call responses, adds sent message editing, and resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Skype 8.116.0.213 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.27.7 resolves a potential security bug.
https://syncthing.net/

Telegram 5.0.1 resolves several bugs. This is not a security update.
https://telegram.org/

USB Drive Log 1.13 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/usb_drive_log.html

Z-Library 1.02 doesn’t provide a change log so should be treated as a security update.
https://z-library.se/z-access#desktop_app_tab

Zoom 6.0.4.38135 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.4 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.9 resolves several bugs. This is a security update.
https://www.bitwig.com/download/

Grayjay 240 adds several new features, sources, improvements, and resolves a dozen bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.2.3 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.92.1.140 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.60.1.134 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.2.8395 resolves several bugs, including an installation path issue. If you used a custom path you will need to uninstall and reinstall in order for future automatic updates to work correctly. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2024.4.0.137 changes homepage. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.201 resolves several bugs and improves interface. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.81.01 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.20.6 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 18.0.1 resolves several bugs. This is a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.430 resolves several bugs and improves hardware support. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-05-13 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
By the way, we won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

SteamOS SteamDeck Update 2024-05-03 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat and Reader 24.002.20759 and 20.005.30636 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-29.html

Adobe Aero 0.24.4 is a security update.
https://helpx.adobe.com/security/products/aero/apsb24-33.html

Adobe Animate 23.0.6 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-36.html

Adobe Dreamweaver 21.4 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb24-39.html

Adobe FrameMaker 2020.6 and 2022.4 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-37.html

Adobe Illustrator 28.5 and 27.9.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-30.html

Adobe Substance 3D Designer 13.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-35.html

Adobe Substance 3D Painter 10.0.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html

Aronium 1.43.0.2 adds dual currency and night theme, improves refund behavior, and resolves several bugs. This is not a security update.
https://aronium.com/

Audacity 3.5.1 adds a bunch of new features and resolves dozens of bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.10.0 adds export support, spell check, color inversion and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.6 improves wrapped line caompatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Formatta Filler 8.19.0.4 doesn’t provide a change log so should be treated as a security update.
https://formatta.com/formatta-products/complete-submit/

GIMP 2.10.38 doesn’t provide a detailed change log so should be treated as a security update.
https://www.gimp.org/

Java 8u411 is a security update.
https://www.java.com/en/download/manual.jsp

JShelter 0.18 improves compatibility. This is not a security update.
https://jshelter.org/install/

Kdenlive 24.02.2 improves compatibility and resolves several bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.3.70840 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.6.7 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.3 resolves over 75 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.5.13.1531 adds several new features and improves email integration and display. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.0 resolves dozens of bugs and updates libraries. This is a security update.
https://nextcloud.com/

Notepad++ 8.6.7 improves multiedit and language support, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.3.0.386 adds page extraction, label modification, improves sort and group behavior and resolves dozens of bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240509-R15_25 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240509-R12_15 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.9.0 adds native rules, timezone improvements, and adds ability to change default conditional when searching. This is not a security update.
https://github.com/countercept/chainsaw

Microsoft Edge Policy 2024.05.07 updates policies. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

OpenSSL 3.3.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.2.2 improves performance. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.16.1 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.118 adds support for more detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1266 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

Tails 6.2 is a security update.
https://tails.net/install/download/index.en.html

Velociraptor 0.72 adds EWF support and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.3 improves OCR, performances, updates libraries and resovles several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.7 resolves several couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.7.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.0 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.32 improves compatibility, adds support to import from more third-party platforms, and resolves several bugs. This is a security update.
https://1password.com/downloads/

Agent Ransack 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AOMEI Partition Assistant 10.4.0 improves the user interface. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.4.2 improves passkeys support and secrets manager, and adds a new Authenticator app. This is not a security update.
https://bitwarden.com/

BulkFileChanger 1.73 resolves a timezone-related bug. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

CCleaner 6.23.11010 resolves several bugs. This is a security update.
https://www.ccleaner.com/

DesktopOK 11.21 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.92.0 resolves a .git/.gitignore bug, updates .NET library and translations. This is a security update.
https://dngrep.github.io/

ExplorerPatcher 22621.3527.65.2 resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FileLocator Pro 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FoneTool 2.6.1 adds iOS Data Recovery and resolves a crash bug. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.45.0 adds dozens of new features and behaviors, and resolves over 50 bugs. This is not a security update.
https://git-scm.com/

Go 1.22.3 is a security update.
https://go.dev/

GoodSync 12.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.02 doesn’t provide a change log so should be treated as a security update.
https://www.hwinfo.com/download/

InstalledAppView 1.08 resolves a CLI bug. This is not a security update.
https://www.nirsoft.net/utils/installed_app_view.html

IsMyHdOK 3.96 improves performance and testing accuracy. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 2.0.1 updates dependencies and build environment, and resolves a stability bug. This is not a security update.
https://lessmsi.activescott.com/

NirCmd 2.87 adds and resolves ~$ variables. This is not a security update.
https://www.nirsoft.net/utils/nircmd.html

NTLite 2024.5.9931 resolves dozens of bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.12.1 is a security update.
https://osquery.io/downloads

PingInfoView 3.05 adds option to map source IPv4 Address. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.80.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.10.1 adds a dozen features and parameters, improves stability and reliability, and resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 9.5.8 improves GUI. This is not a security update.
https://www.roboform.com/

ScreenConnect 24.1.7.8892 resolves dozens of bugs and improves compatibility. This should be treated as a security update.
https://screenconnect.connectwise.com/download

Starwind V2V Converter 9.444 adds support for new conversions. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

WinGet 1.7.11261 fixes elevation issues, updates dependencies and libraries. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WUMT 04.22.2022 improves Windows 11 compatibility. This is not a security update.
https://www.oldergeeks.com/downloads/file.php?id=1366

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.5 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.3.1 adds device streaming for testing, integrates crashlytics, improves App Quality Insights, and adds audio redirection. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.14 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

cx_Freeze 7.0 updates dependencies and libraries and resolves hundreds of bugs. This should be treated as a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GitHub Desktop 3.3.17 removes support for older macOS versions, resolves a dozen bugs and improves user interface. This is not a security update.
https://desktop.github.com/

Godot 4.2.2 improves CLI support, resolves the audio bug, and more than 200 other issues. This is a security update.
https://godotengine.org/

MySQL ConnectorNet 8.4.0 updates libraries and resolves several bugs. This is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.37 resolves dozens of bugs. This is a security update.
https://dev.mysql.com/downloads/installer/

NASM 2.16.03 improves the build process. This is not a security update.
https://www.nasm.us/index.php

Node.js 18.20.2 is a security update.
https://nodejs.org/en/

Node.js 20.13.1 resolves several bugs and updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 21.7.3 is a security update.
https://nodejs.org/en/

Node.js 22.1.0 is a major update. This is a security update.
https://nodejs.org/en/

Redemption 6.5.0.6294 improves integration and resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

Rustup 1.27.1 resolves several bugs. This is not a security update.
https://www.rust-lang.org/

SQLite 3.45.3 adds new JSON handling behaviors and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.16.0 resolves a dozen bugs and updates libraries. This is a security update.
https://tortoisegit.org/

TortoiseSVN 1.14.7 resolves several bugs. This is a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.89.1 adds support to exclude content from Copilot and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.40 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.18 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.5 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.1.0 adds more than a dozen features and code and performance improvements. This is not a security update.
https://www.joomla.org/

MAMP 5.0.6 updates dependencies. This should be treated as a security update.
https://www.mamp.info/en/mamp/windows/

phpList 3.6.15 is a security update.
https://www.phplist.org/

Piwigo 14.4.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.5.3 is a security update.
https://wordpress.org/

BuddyPress 12.4.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.4 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.9 improves compatibility and resolves a bug. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar 2.7 resolves a cosmetic bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.69 should be treated as a security update.
https://wordpress.org/extend/plugins/postie/

Slider Revolution 6.7 resolves several bugs. This is a security update.
https://revolution.themepunch.com/

Social Post Feed 4.2.4 improves integration. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.44 improves API key controls. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.7.2 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.9.0 improves compatibility and resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.6 resolves several bugs. This is a security update.
https://wpbakery.com/

WPtouch 4.3.59 adds support for Reddit, improves compatibility, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-02-13

Happy Valentine’s Day, Folks!

Today is Patch Tuesday for February, 2024. There were 230+ major hacks and over 200 application updates this month. It’s a big month, with about 3.5 GB of updates for most users.

This Month in Technology

23andMe, Inc., Academy Mortgage Corporation, AHS Management Company, Inc., Air Methods, LLC, Alkem Laboratories, AlmerysAlpine Halo9 iLX-F509, American Meat Companies, Android TV and eCos set-top boxes, Android, Ann & Robert H. Lurie Children’s Hospital, AnyDesk, Apple iPhone, Apple Mac, Apple Vision Pro, Apple Watch, AppleTV, Ashford, Inc., Autel MaxiCharger AC Wallbox Commercial, Automotive Grade Linux, Azura Vascular Care, Azusa Unified School District, Bake ‘N Joy Foods, Inc., Bank of America, Bankers Life and Casualty Company, Blink Mobility, Bosch Thermostats, Brady Martz & Associates PC, 3 million Breathless toothbrushes, BrightStar Care, Buildkit, Burr & Forman LLP, Cadence Bank, California Public Employees Retirement System (CalPERS), Calvià City Council, Canterbury County Council, Carnegie Mellon University, Catholic Charities of the Archdiocese of Miami, Inc., ChargePoint Home Flex, a China-based financial MNC, Chuze Fitness, Citrix Netscaler, Cloudflare, CNO ACE, Coastal Hospice & Palliative Care, Coastal Plains Community Mental Health Mental Retardation Center, Colorado Ophthalmology Associates, PC, Columbus Life Insurance Company, Columbus Regional Healthcare System, Concentra Health Services, Concord Music Group, Inc., Connecticut College, Coppola Physical Therapy and Fitness Gyms, Covenant Care California, LLC, Coventry school, Crace Medical Centre, Des Moines Orthopaedic Surgeons, P.C., Dickinson County Health Department, Docker, Dover District Council, Dutch Ministry of Defence, ElGuindy, Meyer & Koegel, APC, Emmanuel College, EMPORIA EV Charger Level 2, EquiLend Holdings, Europcar, ExpressVPN, Family Healthcare Center, FedEx  Corporation Group Health Plan, Fidelity National Financial, First Financial Security, Inc.,
FortinetFortiOS SSL VPN, FortiSIEM, Fortra GoAnywhere MFT, Framework Computer, Freehold Township schools, Fullerton Joint Union High School District, Gamma Strategies, GEICO Corporation, Georgia’s Fulton County, 5,300+ GitLab instances, Glendale Unified School District, Global Affairs CanadaGlow, Goledo Finance, Google Bazel, Google Chrome, Hair Club for Men, Ltd., Inc., Halara, Hampton-Newport News Community Services Board, Hanmi Bank, Hathway, Health Alliance Medical Plans, Hewlett Packard Enterprise (HPE), Hipocrate Information System, HMG Healthcare, HopSkipDrive, HORNE, LLP, HP ink cartridges, Hyundai Motor Europe, Infosys McCamish Systems LLC, InHealth Technologies, INTEGRIS Health, Islamic Charity in Saudi Arabia, ITITAN Hosting, Ivanti Avalanche, Ivanti Connect Secure VPN, Ivanti Policy Secure Gateway, J.D. Gilmour, Jason’s Deli, 45,000+ Jenkins instances, JetBrains TeamCity, 65 job listing sites, JuiceBox 40 Smart EV Charging Station, Juniper, Kansas City Area Transportation Authority, Kansas State University, Keenan & Associates, Kern Regional Center, Kyocera printers, Liberty Hospital, Lineage, Inc, Livall, LoanDepot, Lutheran World Federation, Marywood Nursing Care Center, Mastodon, McCarthy & Holthus, LLP, Medical Eye Services, Inc., Mercedes-Benz, Microbe & Lab, Microsoft (again!), Microsoft SharePoint, Microsoft SQL servers, Multi-Fineline Electronix, Inc., Musick, Peeler & Garrett LLP, MyPertamina, Nabholz Construction Company Employee Welfare Health Plan, NASCO, National Advisors Holdings, Inc., Nautic Partners, LLC, Navvis & Company, LLC, Naz.API, Oak View Group, Omaha Firefighters Healthcare Trust, Orange Spain, Orange Unified School District, OrthoArkansas, PA Employee Benefit Plan, Ozys, Parkovy, Payoneer, Pennsylvania Emergency Dispatch, Perry Johnson & Associates, Inc., Phoenix Contact CHARX SEC-3100, Pioneer DMH-WT7600NEX, Planet Home Lending, Planeta, PLUS FIVE FIVE, Prestige Care, Inc., Radiant Capital, Rajasthan government (India), Rebekah Children’s Services, Ripple, Romanian Chamber of Deputies, Roundcube email server, Saint Anthony Hospital, Schneider Electric Sustainability, SendGrid, Singing River Gulfport, Singing River Health System, SinglePoint Outsourcing, Inc., Socket, Somesing, SonicWall next-generation firewalls, Sony XAV-AX5500, Spoutible, Summit Medical Group, PLLC, Sun Pain Management, LLC, Tesla Infotainment System, Tesla Modem, Tesla, TGI Direct, Thanet District Council, The Burton Corporation, TIC Hosting, Tietoevry, Tigo, Torchbyte, TP-Link Omada, Trello, Trezor, Trinity Universal Insurance Company, TRISTAR Insurance  Group, U.S. Renal Care, Inc., Ubiquiti Connect EV Station, UEFI Firmware, United Regional Health Care System, Unitronics PLCs, US Department of Health and Human Services, US GSA, US military, Ventura County Credit Union, Veolia North America, Verizon Communications Inc., Verizon, Viamedis, VMware vCenter Server, Walker Therapeutic & Educational Programs, Washington National Insurance Company, Webber Chiropractic Sports Clinic, Inc., Weslend Financial, Windows SmartScreen, WinStar, Wise Lending, and WPS Office have reported hacking or compromises this month.

Atlassian Jira, Microsoft Teams (twice), Parkovy, Tietoevry, and T-Mobile have suffered from outages this month.

Last months updates broke spellcheck in Microsoft Teams, the ability to install updates directly for Microsoft Teams without enabling Delivery Optimization, search in OutlookGoogle Pixel phones, Outlook.com via Outlook, Windows Sysprep, Windows updates.

There is a new “flaw” in the Windows 11 installer, which allows incompatible hardware to be installed to and activated. The Microsoft ms-appinstaller protocol handler is being exploited again to install malware.

The German railway system still uses MS-DOS and Windows 3.11 to manage their displays. Wrenches and toothbrushes are the latest victims in hijacking efforts. A new study demonstrates that the new trend of using AI to write code generates less secure code. SIM swapping is still quite popular.

Google is resuming their migration to Manifest V3, which will result in many content and ad filters failing, as well as many other browser extensions, in only 5 short months.

Amazon AWS is now charging for IPv4 addresses.

While unlikely to make a difference, CA is now suing streaming media services for violating the CCPA. The UN is pushing for a “cybercrime” treaty designed to criminalize all efforts to research malware, security, and vulnerability testing, even when the target of the research has requested it. The treaty would also allow international courts to be used to target anyone using encryption for private communication channels, such as PGP, Telegram, or Signal.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is a big one this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released updates to address 79 vulnerabilities in .NET, .NET Framework, ASP.NET, Azure Active Directory, Azure Connected Machine Agent, Azure DevOps, Azure File Sync, Azure Site Recovery, Azure Stack, Internet Connection Sharing (ICS), Internet Shortcut Files, Microsoft ActiveX, Microsoft Azure Kubernetes Service, Microsoft Defender for Endpoint, Microsoft Dynamics 365, Microsoft Dynamics, Microsoft Edge, Microsoft Entra Jira, Microsoft Exchange Server, Microsoft Message Queuing (MSMQ), Microsoft ODBC Driver, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office Word, Microsoft Office, Microsoft Power Platform Connector, Microsoft SQL Data Provider, Microsoft Teams for Android, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Microsoft Windows, Servicing Stack Update, Skype for Business, SQL Server, Trusted Compute Base, Visual Studio, Win32k, Windows AppX, Windows DNS Client, Windows DNS Server, Windows Hyper-V, Windows Kernel, Windows LDAP, Windows Network Address Translation (NAT), Windows OLE, Windows Pragmatic General Multicast (PGM), Windows Printing Service, Windows SmartScreen, Windows USB Generic Parent Driver, Windows USB Serial Driver, and MSRT (~ 2.0 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.8.1, iOS 16.7.5, iOS 17.3, iOS 17.3.1, iPadOS 15.8.1, iPadOS 16.7.5, iPadOS 17.3, iPadOS 17.3.1, macOS 14.3, macOS 14.3.1, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, Magic Keyboard Firmware 2.0.6, Safari 17.3.1, tvOS 17.3, visionOS 1.0.3, watchOS 10.3, and watchOS 10.3.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.8.1, 16.7.5 and 17.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.8.1, 16.7.5 and 17.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.3 is a security update. Use System, Software Update to install the most current version.

visionOS 1.0.3 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 120.0.6099.235 and 121.0.6167.159 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.1.1 adds support for new hardware, AFMF and upscaling improvements, and resolves several bugs. AMD Link is being discontinued with this version. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.7.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Wacom Driver 6.4.5-5 improves reliability. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.62.162 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 122.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.7.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 121.0.6167.160 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 121.0.2277.113 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

SeaMonkey 2.53.18.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 6.5.3206.61 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

DavMail Gateway 6.2.1 is a security update.
https://davmail.sourceforge.net/

Spark 3.13.4.66391 adds deep link email sharing and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark for macOS 3.13.4.66401 adds deep link email sharing and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.7.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.8 is a security update.
https://anydesk.com/en/downloads

AnyDesk 8.0.0 for macOS is a security update.
https://anydesk.com/en/downloads

curl 8.6.0 resolves over 100 bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 192.4.4605 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 205.0.0.11.228 is a security update.
https://www.messenger.com/download

FileZilla Client 3.66.5 is a security update.
https://filezilla-project.org/

FileZilla Server 1.8.1 is a security update.
https://filezilla-project.org/

Google Drive 86.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Grocy Desktop 2.9.0 updates library and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.20 resolves over a dozen bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.1864 adds several new features, including improved domain & email integration. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0.2 resolves more than 100 bugs. This is a security update.

Homepage

Npcap 1.79 resolves a couple reliability bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 5.13.23 resolves several bugs. This is not a security udpate.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.22.1 resolves over a dozen bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.77 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.65.2 updates libraries and resolves a couple important reliability bugs. This should be treated as a security update.
https://rclone.org/

Signal 6.47.0 makes several improvements to emoji and emoticon support. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.46.7 doesn’t have a detailed changelog so should be treated as a security update.
https://signal.org/android/apk/

Skype 8.110.0.218 improves stability and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.27.3 resolves several bugs and improves CLI complettion. This is not a security update.
https://syncthing.net/

Technitium DNS Server 12.0.1 moves to .NET 8, resolves more than a dozen bugs. This is a security update.
https://technitium.com/dns/

Telegram 4.14.15 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.6.1 resolves several bugs. This is not a security update.
https://telegram.org/apps

Tigase Server 8.3.1 resolves several bugs. This is not a security update.
https://github.com/tigase/tigase-server/releases/latest

Trillian 6.5.0.38 resolves a mute bug. This should be treated as a security update.
https://www.trillian.im/

Zoom 5.17.7.31859 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.1 improves tracking, compatibility, and resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.3 adds a few new filters and modules, and resolves several bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 233 resolves several crashes and improves stability. This is not a security update.
https://grayjay.app/index.html

Kodi 20.4 resolves dozens of bugs and improves compatibility. This is a security update.
https://kodi.tv/

MediaMonkey 5.2 resolves a cosmetic bug. This is not a security update.
https://www.mediamonkey.com/windows#download

Plex Desktop 1.86.1.4076 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.55.1.4084 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.0.7998 improves native tagging, music filtering, resolves several bugs. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GDevelop 5.3.189 resolves over 20 bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.61.01 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2024.206 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-01-13 resolves dozens of bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 23.008.20533 is a security update.
https://get.adobe.com/reader

Adobe Commerce 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.3-ext-6, 2.4.2-ext-6, 2.4.1-ext-6, 2.4.0-ext-6, and 2.3.7-p4-ext-6 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-03.html

Magento Open Source 2.4.6-p4, 2.4.5-p6, and 2.4.4-p7 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-03.html

Adobe Substance 3D Painter 9.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html

Adobe Acrobat 23.008.20533 and 20.005.30574 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-07.html

Adobe FrameMaker Publishing Server 2022.2 is a security update.
https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-10.html

Adobe Audition 24.2 and 23.6.4 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-11.html

Adobe Substance 3D Designer 13.1.1 iis a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-13.html

Calibre 7.5.1 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.2 resolves a critical stability bug. This should be treated as a security update.
https://github.com/Coises/ColumnsPlusPlus

ImageMagick 7.1.1-28 updates libraries and resolves over a dozen bugs. This should be treated as a security update.
https://imagemagick.org/

Kindle for PC 2.3.70682 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 24.2.0 is the first version released with the new numbering scheme (year and month of release). This version resolves almost 300 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/

Manager 24.2.13.1295 doesn’t have any detailed changes in the changelog for the most recent several versions over the last month, so this should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.11.1 updates libraries and resolves over a dozen bugs. This is a security update.

Homepage

Notepad++ 8.6.2 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.2.1.385 resolves over a dozen bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20231120-R13_63 doesn’t provide a detailed changelog so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20231107-R9_121 doesn’t provide a detailed changelog so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

uniCenta oPOS 5.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://unicenta.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 4.3.0 resolves dozens of bugs. This is a security update.
https://www.gpg4win.org/download.html

Java 8u401 is a security update.
https://www.java.com/en/download/manual.jsp

KeePass 2.56 improves integration and search feature, resolves more than a dozen bugs. This is not a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.6.8.311 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

Microsoft Edge Policy 2024.02.06 adds blocklist for extension install types and the ability to preserve Manifest v2 availability. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

OpenSSL 3.2.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN 3.3.5 improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.14.0 is a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.64 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Symantec Norton Removal Tool 20240206 improves removal. This is not a security update.
https://support.norton.com/sp/en/us/home/current/solutions/v60392881

Tails 5.22 updates libraries, included apps, and resolves several bugs. This is a security update.
https://tails.net/install/download/index.en.html

YARA 4.5.0 resolves a dozen bugs. This is not a security update.
https://github.com/VirusTotal/yara/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.1 adds support for new encodings and resolves a couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.7.3 resolves over a dozen bugs. This is not a security update.
https://handbrake.fr/

MakeMKV 1.17.6 improves tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.1.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.1.1 adds support for denoise, improves upscaling performance, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.24 resolves several bugs, improves idle behavior, and improves integration. This should be treated as a security update.
https://1password.com/downloads/mac/
https://1password.com/downloads/windows/

Agent Ransack 2022.3420 resolves several bugs. This is not a security update.

Agent Ransack – Download

AMD Ryzen Master 2.13.0.2908 adds support for new hardware and improves Curve Optimizer settings. This is not a security update.
https://www.amd.com/en/technologies/ryzen-master

AOMEI Partition Assistant 10.3.0 adds Bitlocker support and resolves several bugs. This is not a security update.
https://www.diskpart.com/

Autoruns 14.11 fixes a parameter parsing bug. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

balenaEtcher 1.18.11 resolves a couple bugs. This is not a security update.
https://etcher.balena.io/

Bitwarden 2024.2.0 improves self-hosting controls, TOTP capture and import. This is not a security update.
https://bitwarden.com/

CCleaner 6.20.10897 improves cleaning, adds bookmark backup removal, and improves compatibility. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.09 adds support for new hardware and adds the ability to benchmark a single coreset/cluster. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.5.0 drops support for older Windows versions, adds several new raw maps, API calls, and mixer control. This is not a security update.
https://cygwin.com/

Dell Command Update 5.2.0 improves controls and notifications. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 11.16 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.7.0 improves PDF search, date-time display, adds mutliple custom editor support, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-01-20 adds support for GWS Cloud Service accounts, and resolves several bugs. This is a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything CLI 1.1.0.27 improves performance and adds x64 build. This is not a security update.
https://www.voidtools.com/

Fido 1.55 improves compatibility. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3420 resolves several bugs. This is not a security update.

FileLocator Pro – Download

Fing 3.6.1 resolves a couple bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Go 1.22.0 adds several new language constructs, improved auditing and performance, adds go/version, and enhanced routing. This is not a security update.
https://go.dev/

GoodSync 12.5.5 improves compatibility and resolves more than a dozen bugs. This is not a security update.
https://www.goodsync.com/

Hiren’s BootCD PE 1.0.4 adds several new utilities, updates libraries and applications, adds hundreds of new drives, and resolves several bugs. This is a security update.

Download

Homedale 2.10 adds support for MU-MIMO detection. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 7.72 doesn’t provide a detailed changelog so should be treated as a security update.

Download HWiNFO

Inkchip WIC 1.17 doesn’t provide a changelog so should be treated as a security update.
https://inkchip.net/wic/

Kingston SSD Manager 1.5.3.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

MS Printer Metadata Troubleshooter 1.0.0.1 is a security update.
https://support.microsoft.com/en-us/topic/kb5034510-microsoft-printer-metadata-troubleshooter-tool-december-2023-b3197f24-fd25-430d-96d2-70f2044ce6a1

OSForensics 11.0.1004 improves compatibility and resolves dozens of bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.11.0 updates libraries, adds support for new tables, and resolves several bugs. This is a security update.
https://osquery.io/downloads

PowerToys 0.78.0 updates libraries and resolves several bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

Rufus 4.4 updates libraries and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.9.7.8804 is a security update.
https://www.connectwise.com/software/control/download

SearchMyFiles 3.24 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Sysmon 15.12 resolves several stability and reliability bugs. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

Ventoy 1.0.97 adds support for FreeBSD 14.0 and resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WhyNotWin11 2.6.0.0 improves detection and resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WizTree 4.18 improves scan performance and filter behavior, improves Copy/Cut/Delete, progress bar and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomIt 8.01 adds DemoType (autotyping) support and fixes a crash. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2023.1.1.28 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.8 resolves more than a dozen bugs. This is not a security update.
https://desktop.github.com/

Microsoft Visual C++ 2022 Redistributable 14.38.33135.0 doesn’t provide a changelog so should be treated as a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

MySQL ConnectorNet 8.3.0 is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.36 is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 21.6.1 updates libraries and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/

Node.js 20.11.0 is a security update.
https://nodejs.org/en/

Python 3.12.2 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.45.1 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.86.1 resolves dozens of bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.38 improves BOM detection and resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.17.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.ppsspp.org/download/

VirtualBox 7.0.14 resolves more than a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.26 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Grocy 4.1.0 updates library and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.15.3 resolves several bugs. This is not a security update.

Home

Invision Community 4.7.15 resolves over 50 bugs. This is a security update.
https://invisioncommunity.com/

MailEnable 10.48 resolves more than a dozen bugs. This is not a security update.
https://www.mailenable.com/

ownCloud Client 5.2.1.13040 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 14.2.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.4.3 is a security update.
https://wordpress.org/

Akismet 5.3.1 resolves several bugs and improves reliability. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

BuddyPress 12.2.0 is a minor security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.8.7 improves compatibility and resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.8.1 resolves a couple bugs. This is not a security update.

Duplicator – WordPress Migration & Backup Plugin

Email Log 2.4.9 adds controls to limit actions. This is a security update.
https://wordpress.org/extend/plugins/email-log/

Redirection 5.4.2 removes Geo IP and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Social Post Feed 4.2.2 is a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.41 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WooCommerce 8.5.2 resolves a dozen bugs. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Importer 0.8.2 updates documentation and improves workflow. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

WP Cerber Security 9.6.2 updates design, adds event insights, and resolves a couple bugs. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.11.1 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WPBakery 7.4 adds built-in SEO toolkit and improves social media controls. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/