Welcome back, Folks!
Today is Patch Tuesday for May, 2025.
It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.
If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, the time was months ago. Pickin’s are thin right now. 🙁
However… if you do need to replace your laptop there’s an awesome Lenovo laptop available at Costco right now for $600 (plus tax & shipping).
There were 495+ major hacks, and over 600 application updates this month. It’s an insanely large month, with about 6 GB of updates for most users.
This Month in Technology
1st Health Inc, 30 London Job Centres, 4chan, 90 Degree Benefits, Inc – MN/WI Office, Abergavenny, Abilene, Texas, Active! Mail, Adelaide’s Women’s and Children’s Hospital, Adobe Acrobat Reader DC, Advanced Simulation Technology, Adyen, Agencia Browne y Espinoza, Ahold Delhaize, Alabama government, Alabama Ophthalmology Associates, Allegra, Allied Telesis, Inc, AllTrust, Alternate Solutions Health Network, Altior Healthcare, Alvin Independent School, Amazon ElastiCache, American Eagle Logistics, American Express Travel Related Services Co, Amethyst Group, Amtech Software, Andy Frain Services, Anfarm Hellas, Apache ActiveMQ, Apache Parquet, Apache Roller, Apache Tomcat, Apple AirPlay, Apple iPhone, Apple iPhone Messages, Apple macOS, Arizona Arthritis and Rheumatology Associates, Arkansas Primary Care, Ascension Health, Associated Wholesale Grocers, Astra Products, ASUS AiCloud, ASUS AMI, ASUS DriverHub, Avast Free Antivirus, Balance Diagnostics, Baltimore City Public Schools, Bangalore Water Supply and Sewerage Board (BWSSB), Barnstable County Sheriff’s Office, Barr Dermatopathology, Bartlesville Public Schools, BayMark Health Services, Bell Ambulance, Berkeley Research Group, Bertie, NC Schools, Bervar and Jones, Bigfork Valley Hospital, Bilbie Faraday Harrison, Bindi SpA, Bio-Clima Service, Bloom Family Eye Surgeons, Blue Shield of California (to Google!), Bluestone Bank, Bolivar Insulation, Boudreaux’s Specialty Compounding Pharmacy, Boulanger, Brainard Surgery Center LLC, British Columbia Health Authority, Broadcom Fabric OS, Brunswick Medical Center, Brydens Lawyers, Business Functions, Cabot Medical Care, California Correctional Health Care Services, Caltrol Inc, Cambridge University Press & Assessment, Canada Revenue Agency, CAPTCHA systems on 400,000+ websites (AkiraBot), Caritas Catholic charities, Carlton County Public Health and Human Services, Carrefour Mobile, Cato Networks Cato Client, Cell C, Central Texas Pediatric Orthopedics, Chang Shen Hospital, Charleston Fire Department, Chepstow, Chicano Federation of San Diego County, Cisco IOS XE, Cisco Webex, City of Bristol, TN, City of Grove, City of Long Beach, CA, Cloudera Hue Ace Editor, CMC Corporation, Co-op Group, Cobb County, GA, Colorado River Adventures, Community Dental Care, Commvault Command Center, Commvault, Complete Payroll Solutions, Compliance Consulting Group, Comport Technology Solutions, Conduent, Conrey Insurance Brokers & Risk Managers, Corporate Flight, Cortez Resources, Cosmos, Couples Learn, CPUs, Craft CMS, Culinary Services of America Inc, Curve Finance, Custom Paper, D’Granel, Dale Partners Architects, Dameron Hospital, Daniels & Taylor, PC, DaVita, six DDoS-for-hire platforms, Dedicated Web Consultants, DermCare Management, Destination Toronto, Diedrich Coffee, Dior, Discord, Disney, Dominion Lending Centres, Drug and Alcohol Treatment Services, Inc, Dutch Ministry of Climate Policy and Green Growth, Dutch Ministry of Economic Affairs, Dutch Ministry of the Interior and Kingdom Relations, DYNAMIS Insurance, East Central Missouri Behavioral Health Services, eCharge Hardy Barth, Eclipse ThreadX NetX Duo, ECOM America, Edinburgh schools, Ehlers Inc, EIZO Rugged Solutions, EMX Enterprises, Endue Software, Enflame Technology, Erlang/OTP SSH, Erlanger Health, ESP Associates, Esse Health, Everest Bank, eXch, Extreme Fire, Family Christian Health Center, Feldman & Lopez, Fleet Canada, Fogelman Management Group, Forsyth County Schools, 16,000 Fortinet devices, FortiSwitch, Fowler Elementary School District, Framlingham College, France’s Municipality of Ardon, Franklin Nursing Home, Frederick Health Medical Group, FreeType 2, Frisco Chamber, Galvatech, Gardena Honda, GeoLogics Corporation, German Association for East European Studies, Gistic Research, Gladinet CentreStack, Gladinet Triofox, Global Media Group, GlobalX, GMA Network, Google Chrome DevTools, Google Sites, Government of Peru, Great Plains Transport, GStreamer, Hacienda La Puente Unified School District, Hamilton County, TN, Hamrah Aval, Harman Becker MGU21, Harrods, Hayward Quartz Technology, HC Sheriff, HealthEquity, Inc, Heinz Hammer Vertragswerkstatt, Helix Tools, Hertz Corporation, Highland Rivers Behavioral Health, Hitachi Energy MicroSCADA Pro/X SYS600, Hong Kong Science and Technology Parks, HOPI, Horizon Behavioral Health, Hyalogic, Hyundai Motor Group, IBM Cloud, IBM Portal, iClicker, iHeartMedia + Entertainment, IKEA, Impact Canada, Inaba Denki Sangyo CHOCO TEI WATCHER, Independent Financial Services, Independent Title Agency, Indian Air Force (IAF) aircraft, Indian government defence websites, 1.5+ million Indian websites, Inductors Inc, Insight Partners, Insight Pipe Contracting, Interior Health, Internet Initiative Japan, Iowa County, WI, Iris ID, Isle of Man government, Ivanti Endpoint Manager, J. Banks Design, Jackpot Junction, Jacksonville Medical Care, James & Sons Fine Jewelers, Jamjoom Pharma, Janco Steel, Jani-King International, Inc, Jet Ice, Jordan Kuwait Bank, Ju Percussion Group, Julia Evans Accountants, Just Concrete & Masonry, Karachi Port Trust, Kasb Bank, Kaye Lifestyle Homes, Kelly & Associates Insurance Group, Kenworth Del Sur, Khan Academy, Kickidler, KiloEx, King Industries Inc, Kintetsu World Express, Kittrich Corporation, Korea Land and Housing Corporation, KraftKisarna, Kuala Lumpur International Airport, Kyiv Notaries, LabHost, Laboratory Services Cooperative, Lake HVAC, Lake Shore Paving, Lamberti Group, Landmark Admin, Langer & Langer, Langflow, Law Firm of Rochelle McCullough, Law Offices of Chris M. Ingram, Lee Valley Tools, Ltd, Legends International, Lemonade, Lexmark CX331adwe, Limestone District School Board, Lincoln Financial, Lithium Americas, LockBit Ransomware Group, Long Beach Convention and Entertainment Center, Loretto Hospital, Luxion KeyShot, Machu Picchu Foods, Madison School District, Magento, Malaysia Airports Holdings Berhad, Manchester Credit Union, Marc Irwin Sharfman, MD, PA, Marks & Spencer, Marsicovetere & Levine Law Group, Mashburn Construction, Masimo Corporation, Mataró Water Utility Company, MATE Desktop, McElwee Firm, MedDream PACS Server, MedDream WEB DICOM Viewer, MedEx Ambulance, Medical Express Ambulance Service, Megachem Singapore, Mercer County Joint Township Community Hospital, Merri-Makers, Microsoft 365 OAuth, Minyard Morris LLP, Mission Laguna Pathology Medical Group, Monongalia Health System, Mountain View Mushrooms, Movistar Venezuela, Mt. Baker Imaging and Northwest Radiologists, MTN Group, Munich Re, Municipality of Pisa, N8XT, Nagios Log Server, NASCAR, National Social Security Fund (CNSS) of Morocco, Nationwide Recovery Services, Nelson University, Neurological Institute of Savannah & Center for Spine, Nevada Ready Mix, New York Post, Newport Advisory, LLC, Nintendo, Nippon Life Mutual Fund, Nixon, Inc, North Kitsap School District, Northeast Georgia Health System, Northern California Children’s Therapy Center, Nova Scotia Power, Nth Degree, O’Brien & Ryan, OCH Regional Medical Center, Oettinger Brewery, Omni Healthcare Financial Holdings, OnRPG, Onsite Mammography, Oracle, Oracle VirtualBox, Orange County Medical Group Pathology, Oregon Department of Environmental Quality, Orthopaedic Specialists of Connecticut, OttoKit WordPress plugin, Output Messenger, Oversea Casing, Pacific Metallurgical, Palo Verde Hospital, Pawnee Heights Unified School District, Pearson, PESEL, Pharma Force, Pienaar Brothers, Planet Technology Industrial Switches, Planned Parenthood, Plastic Surgery Specialists of Lawrence, PlayStation, Port of Seattle, PR TIMES, Pratt Homes, Premier Meats South Africa, Prestonwood Baptist Church, Inc, Promenade Village Dental, Pryor Morrow, Pulse Urgent Care Center, Qraved, R&N Manufacturing, Radford University, Radware Cloud Web Application Firewall, Raw, Rayle Electric Membership Corporation, Red Chamber, RFID, Richmond СPA, Roblox, Rockwell Automation Industrial Data Center, Rocky View Schools, Roman Catholic Bishop of San Diego, Ruby Servers, Russell Child Development Center, Saint James Hospital Group, Sally B Gold, Salus Group, Samsung phones, Samsung Galaxy S24, Samsung Germany, Samsung MagicINFO 9 Server, San Francisco Campus for Jewish Living, San Francisco crosswalk system, Santa Cruz Properties, SAP NetWeaver, SavantCare, Scharnhorst Ast Kennard Griffin PC, Schultz Industries Inc, Scrubs & Beyond LLC, SeaCMS, Seneca Gaming, Sensata Technologies, Sentara Health, SentinelOne, Setpoint Systems, Seydel Companies, Shinko Shoji, Shopify, Shrader Law, Silgan Containers, SIMCO Electronics, Sinalisa Segurança Viária Ltda, SK Inc, SK Telecom, SogoTrade, Inc, SonicWALL Connect, SonicWall SMA, Sonos Era 300, Sonrisas Dental Health, South African Airways, South African IT, Southern Fidelity, Springer & Steinberg, St Anthony Hospital, St Clair Orthopaedics & Sports Medicine, St James Hospital, Study Hotels, Sunsweet Growers Inc, Sweet Shop USA, Synology BeeStation BST150-4T, Synology DiskStation DS1823xs+, Synology TC500, SysAid, T-Mobile, Takeda, TehetségKapu, TeleMessage, Tenda AC9, Tesla Model 3, Tesla Model S, Texas Health and Human Services Commission, The City of Long Beach, CA, The Fortune Society, The Michelson Organization, Thompson Coburn LLP, Thrive Physical Therapy Partners, TicketToCash, TikTok, TMA Group, Toppan Next, Toronto District School Board, Town of Orangeville, Traefik, Trend Micro Apex Central, Trend Micro Deep Security, Troicare College, True Dental Care for Kids and Adults, TrussWorks International, Tänzer GmbH, Ubiquity UniFi Protect Cameras, UK Department of Work and Pensions, UK Legal Aid Agency, Union Health System, Inc, UniTrak, Universal Window, Urban One, Urban Renewal Authority, US Claims Capital, Inc, US Office of the Comptroller of the Currency (OCC), Vanni and Humphrey, Vastaamo, VeriSource Services, Inc, Verrex, Versa Networks, Via Credit Union, Vicarage Court Solicitors, Victure RX1800, Virtuvian Health, Voigt-Abernathy Company, Wan Hai, Wazuh server, WDEF-TV, Webmin, Weil Construction, Weir Canyon Honda, West Lothian Council, Western New Mexico University, Western Sydney University, Whiteboard Technologies Pvt Ltd, Whitman County Public Hospital District No 3, Wilmington Personal Injury Lawyer – DPLAW, Windows Common Log File System, Windows NTLM hashes, Wisconsin Supreme Court, Wizz Air, Wolters Kluwer, WooCommerce, WordPress AIHub theme, WordPress BuddyBoss Platform Pro plugin, WordPress Flynax Bridge plugin, WordPress InstaWP Connect plugin, WordPress Smart Product Review plugin, WordPress UrbanGo Membership plugin, WorkComposer, WPM Pathology Laboratory, Chartered, XP Investimentos, XRP Ledger NPM Package (xrpl.js), Yale New Haven Health, Yankee Trails, Yodogawa Steel, Yokogawa Recorder, Young Consulting LLC, ZKsync, and Zoom remote control have reported hacking or compromises this month.
4chan, Atlassian Jira, Coinbase 2FA, Exchange Admin Center, Microsoft 365, and pretty much all of Spain (and some neighboring countries) less than a week after bragging about how they were finally able to run on 100% renewable energy, have suffered from outages this month.
By the way, did you know that 4chan was mostly run by the US government? Duh.
Last months updates broke
Broadcom Brocade Fabric OS, Classic Outlook calendar, Classic Outlook typing, Hitachi Vantara, Microsoft 365 “paste special”, Microsoft Entra ID, Microsoft Office, Microsoft Office 2016, Microsoft Outlook online, SAP NetWeaver, SharePoint Online, Windows 10 Start Menu, Windows 11 24H2 upgrades, Windows Domain Controllers, Windows Hello for Business (WHfB) Key Trust, Windows kernel, Windows Remote Desktop, Windows Server 2025, and the Win Recovery Environment (WinRE).
A Florida bill that would have required backdoors to any encryption for social media accounts has failed.
AT&T will be the first of the big telcos to drop their email-to-sms gateway – in only about a month. You’ll still be able to send emails to email addresses and text to and from cell numbers, but their gateway that allows you to send messages between email and text will be disabled in mid June. This should have a massive impact on the amount of spam received by AT&T mobile customers. It will not stop it, of course.
Broadcom is threatening to sue their own customers for installing security updates in VMware.
Your heated car seats (among other features) are exposing you to law enforcement tracking.
Kali Linux lost their repo signing key, requiring manual end-user intervention to install security updates.
CISA is “trimming the fat” by removing some of their communication methods (even though I’m sure they were fully automated). This is going to disrupt important intelligence resources for those in the tech industry.
Skype is dead. Microsoft will finally start killing off ActiveX in Office and Microsoft 365. All new Microsoft accounts will now be “passwordless” by default.
I’ve been warning about the Copilot AI storage access risks since they changed their Terms of Service in October. My fears were justified. Microsoft will no longer “accidentally” flag all Gmail messages as spam. Or Adobe.
In the wake of a study that demonstrates how easy it was for AI to manipulate Reddit users, Reddit is considering legal action to protect their victims, I mean, users.
Android and Apple both now have auto-reboot to reduce the effectiveness of brute force attacks.
Apple is getting spanked for violating the letter and the intent of the judge’s order following the Apple v Epic Games lawsuit from a couple years ago.
BIG NEWS: US Attorney for the District of Columbia, Ed Martin, calls out Wikimedia Foundation (Wikipedia) for violating 501(c)(3) status by allowing propagandists to flood platform. He gave them until May 15th to turn over documents.
Google is finally consolidating all of it’s country TLDs to use “google.com“. Google will pay $1.4 billion to Texas to settle claims the company collected users’ data without permission. Google’s updated Local Services Ads Terms have sparked privacy fears and threaten confidentiality in medical and legal sectors. Google would never really harvest all of your medical data though, right? LOL.
Now for the good news:
T-Mobile has added satellite-based 5G support to their lineup. While currently in beta, this signals a huge improvement to coast to coast, and in fact world-wide, phone support using Starlink’s satellites to back up your 5G service when no towers are available (like when there’s a power outage or localized service issue or when you live in the middle of nowhere).
I suspect this mean Elon will soon be buying T-Mobile.
Let’s Get Busy
Now back to our regularly scheduled program.
Patch Tuesday is insane this month. The typical computer should see roughly 6 GB in updates today. Let’s get started.
Microsoft released 48 updates to address 83 vulnerabilities in .NET, Active Directory Certificate Services, Azure, Azure Automation, Azure DevOps, Azure File Sync, Azure Storage Resource Provider, Build Tools for Visual Studio, Microsoft Brokering File System, Microsoft Dataverse, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Edge, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office PowerPoint, Microsoft Office SharePoint, Microsoft PC Manager, Microsoft Power Apps, Microsoft Scripting Engine, Remote Desktop Gateway Service, Universal Print Management Service, UrlMon, Visual Studio, Visual Studio Code, Web Threat Defense, Windows Ancillary Function Driver for WinSock, Windows Common Log File System Driver, Windows Deployment Services, Windows Drivers, Windows DWM, Windows File Server, Windows Fundamentals, Windows Hardware Lab Kit, Windows Hyper-V, Windows Installer, Windows Kernel, Windows LDAP, Windows Media, Windows NTFS, Windows Remote Desktop, Windows Routing and Remote Access Service, Windows Secure Kernel Mode, Windows SMB, Windows Trusted Runtime Interface Driver, Windows Virtual Machine Bus, Windows Win32K – GRFX, and MSRT. This includes security updates. A reboot is required.
Oracle released 378 security updates this quarter to address vulnerabilities in 117 products.
Apple released updates for macOS Sequoia 15.4.1, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, Safari 18.5, iOS 18.4.1, iOS 18.5, iPadOS 17.7.7, iPadOS 18.4.1, iPadOS 18.5, tvOS 18.4.1, tvOS 18.5, visionOS 2.4.1, visionOS 2.5, and watchOS 11.5. This includes security updates. Use Apple Software Update to install the most current versions.
iOS 18.4.1 and 18.5 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 17.7.7, 18.4.1 and 18.5 are security updates. Use Settings, General, Software Update to install the most current update.
watchOS 11.5 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 18.4.1 and 18.5 are security updates. Use System, Software Update to install the most current version.
visionOS 2.4.1 and 2.5 are security updates. Use System, Software Update to install the most current version.
Google ChromeOS 134.0.6998.198, ChromeOS 135.0.7049.120, and ChromeOS LTS 132.0.6834.223 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Fedora 42.0 is a major update (leaning hard into “42”), with changes to the installer, updates to libraries, defaults and now offering COSMIC. This is not a security update.
https://getfedora.org/en/workstation/download/
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Important Notes
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
Driver Updates
If you’re using this hardware – these updates are for you.
AMD Adrenalin 25.5.1 adds support for newer hardware, improves performance and resolves several bugs. This is not a security update.
https://www.amd.com/en/support
Crucial Storage Executive 11.03 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive
Daemon Tools Lite 12.3.0 resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite
GoXLR Utility 1.2.2 resolves several bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/
Intel Driver and Support Assistant 25.2.15.9 is a security update.
https://www.intel.com/p/en_US/support/detect
UniFi Network Server 9.1.120 is a security update.
https://www.ui.com/download/releases/network-server
VIISAN OfficeCam 7.2.8.1 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html
Browser Updates
One or more of these are likely to be of interest to everyone.
Brave 1.78.97 is a security update.
https://brave.com/
Google Chrome 136.0.7103.92 is a security update.
https://www.google.com/chrome/
Firefox 138.0.3 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 128.10.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Vivaldi 7.3.3635.12 is a security update.
https://vivaldi.com/
Email Updates
One or more of these are likely to be of interest to everyone.
OutlookAttachView 3.54 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html
Spark 3.22.9.106186 improves Team support and resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.22.9.106183 improves Team support and resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/
Thunderbird 138.0 is a security update.
https://www.thunderbird.net/en-US/
Internet Updates
One or more of these are likely to be of interest to everyone.
AnyDesk 9.5.4 resolves several bugs. This should be treated as a security update.
https://anydesk.com/en/downloads
AnyDesk (macOS) 9.0.2 resolves several bugs. This should be treated as a security update.
https://anydesk.com/en/downloads
Discord May 1, 2025 resolves dozens of bugs. This is not a security update.
https://discord.com/download
Dropbox 223.4.4909 resolves several bugs. This is not a security update.
https://www.dropbox.com/
FileZilla Client 3.69.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/
FileZilla Server 1.10.3 resolves several bugs. This is not a security update.
https://filezilla-project.org/
Google Drive 108.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start
MeshCentral 1.1.44 resolves dozens of bugs. This is not a security update.
https://meshcentral.com/info/downloads.html
Microsoft Teams 1.8.00.9760 improves GUI and resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads
Nextcloud Server 31.0.4 resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/
Nmap 7.97 is a security update.
https://nmap.org/
Npcap 1.82 resolves several bugs. This is not a security update.
https://nmap.org/npcap/
Pocketnet-Core 0.22.17 resolves several bugs. This is not a security update.
https://pocketnet.app/
Pocketnet-GUI 0.9.119 resolves several bugs. This is not a security update.
https://pocketnet.app/
Rclone 1.69.2 is a security update.
https://rclone.org/
Signal 7.53.0 adds new device attachment transfer and resolves several bugs. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.41.3 doesn’t provide a detailed change log so should be treated as a security update.
https://signal.org/android/apk/
Syncthing 1.29.6 resolves several bugs. This is not a security update.
https://syncthing.net/
Technitium DNS Server 13.6 resolves several bugs. This is not a security update.
https://technitium.com/dns/
Telegram 5.14.2 resolves a compatibility bug and adds marketplace sales. This is not a security update.
https://telegram.org/
WinSCP 6.5.1 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php
Zoom 6.4.6.64360 resolves several bugs. This is not a security update.
https://zoom.us/
Media Updates
These are unlikely to be of interest to most people.
3tene 4.0.17 resolves several bugs. This is not a security update.
https://en.3tene.com/
Bitwig Studio 5.3.8 resolves a series of crash bugs. This is not a security update.
https://www.bitwig.com/download/
Grayjay 306 adds remote sync and resolves several bugs. This is not a security update.
https://grayjay.app/index.html
Plex Media Server 1.41.6.9685 adds DOVI filter and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
Game Updates
These are unlikely to be of interest to most people.
Minecraft Server (Bedrock) 1.21.80.3 should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
Nintendo Switch 20.0.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
PS5 2025.429 adds audio focus and new themes. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
Steam 2025.05.10 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
SteamOS SteamDeck Update 2025.05.06 improves compatibility, resolves several bugs, and updates libraries. This is not a security update.
https://store.steampowered.com/news/app/1675200/
Office Updates
One or more of these are likely to be of interest to most people.
Adobe Animate 23.0.12 and 24.0.9 are security updates.
https://helpx.adobe.com/security/products/animate/apsb25-42.html
Adobe Bridge 14.1.7 and 15.0.4 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb25-44.html
Adobe ColdFusion 2021.20, 2023.14, and 2025.2 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html
Adobe Connect 12.9 is a security update.
https://helpx.adobe.com/security/products/connect/apsb25-36.html
Adobe Dimension 4.1.2 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb25-45.html
Adobe Dreamweaver 21.5 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb25-35.html
Adobe Illustrator 28.7.6 and 29.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb25-43.html
Adobe InDesign 19.5.3 and 20.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-37.html
Adobe Lightroom 8.3 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb25-29.html
Adobe Photoshop 25.12.3 and 26.6 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb25-40.html
Adobe Reader DC 25.001.20467 resolves several bugs. This is not a security update.
https://get.adobe.com/reader
Adobe Substance 3D Modeler 1.22.0 is a security update.
https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-51.html
Adobe Substance 3D Painter 11.0.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb25-38.html
Adobe Substance 3D Stager 3.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-46.html
Artweaver 8.0.4 resolves several bugs. This is not a security update.
https://www.artweaver.de/
Calibre 8.4.0 resolves several bugs and improves compatibility. This is not a security update.
https://calibre-ebook.com/
Ghostscript 10.05.1 is a security update.
https://www.ghostscript.com/releases/gsdnld.html
Inkscape 1.4.2 resolves dozens of bugs. This is not a security update.
https://inkscape.org/release/
LibreOffice 24.8.7 resolves over a dozen bugs. This is not a security update.
https://www.libreoffice.org/
LibreOffice Fresh 25.2.3 resolves over sixty bugs. This is not a security update.
https://www.libreoffice.org/
Manager 25.5.8.2317 does not provide a detailed change log so should be treated as a security update.
https://www.manager.io/
Nextcloud Desktop 3.16.4 resolves several bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.8.1 resolves over a dozen bugs and improves colorization. This is not a security update.
https://notepad-plus-plus.org/
PDF-XChange Editor 10.6.0.396 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
Scribus 1.6.4 resolves several bugs. This is not a security update.
https://www.scribus.net/
Operating System Updates
These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.
ChromeOS 134.0.6998.198 and ChromeOS 135.0.7049.120 are security updates.
Fedora 42.0 is a major update (leaning hard into “42”), with changes to the installer, updates to libraries, defaults and now offering COSMIC. This is not a security update.
https://getfedora.org/en/workstation/download/
iOS 18.4.1 and 18.5 are security updates.
https://support.apple.com/kb/HT204204
iPadOS 17.7.7, iPadOS 18.4.1, and iPadOS 18.5 are security updates.
https://support.apple.com/kb/HT204204
macOS Sequoia 15.4.1, macOS Sequoia 15.5, macOS Sonoma 14.7.6, and macOS Ventura 13.7.6 are security updates.
https://support.apple.com/kb/HT201541
Tails 6.14.2 and Tails 6.15 are security updates.
https://tails.net/install/download/index.en.html
tvOS 18.4.1 and tvOS 18.5 are security updates.
https://support.apple.com/kb/HT202716
visionOS 2.4.1 and visionOS 2.5 are security updates.
https://support.apple.com/en-us/122721
watchOS 11.5 is a security update.
https://support.apple.com/en-us/122722
Security Software Updates
One or more of these is likely to be of interest to most people.
FRSTx64 2025.5.9 doesn’t provide a detailed change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
HTTP Toolkit 1.20.1 doesn’t provide a detailed change log so should be treated as a security update.
https://httptoolkit.tech/
JShelter 0.20.2 improves privacy and resolves several bugs. This is not a security update.
https://jshelter.org/install/
MalwareBytes Desktop Security 5.3.0.186 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/
OpenSSL 3.5.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html
PassRec 3.65 updates included apps. This is not a security update.
https://www.nirsoft.net/password_recovery_tools.html
RogueKiller 16.1.3 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/
Stinger 13.0.0.347 adds and improves detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
uBlock Origin 1.64.0 resolves a couple bugs and adds several new scriptlets and controls. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
WebBrowserPassView 2.15 adds support for app-bound encryption in recent Chrome releases. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html
Capture Updates
These are unlikely to be of interest to most people.
Camtasia 25.1.1 resolves a startup crash. This is not a security update.
https://www.techsmith.com/video-editor.html
SnagIt 25.1.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.techsmith.com/screen-capture.html
Converter Updates
These are unlikely to be of interest to most people.
DVDFab 13.0.4.0 adds support for newer encodings and adds an AI upscaler. This is not a security update.
https://www.dvdfab.cn/download.htm
IsoBuster 5.6 adds support for new media formats, a new Preview mode, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php
PDF Creator 6.0.0 is a major update, switching to newer libraries, adds document previews, SharePoint integration, and resolves a couple bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator
StreamFab 6.2.3.5 improves compatibility, adds support to download from several new sources, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm
UniFab 3.0.1.6 adds SDR and new output formats, resolves several bugs and improves subtitle and Face Enhancer. This is not a security update.
https://www.dvdfab.cn/unifab.htm
Utility Updates
These are unlikely to be of interest to most people.
1Password 8.10.76 resolves a couple bugs and improves error messages.
https://1password.com/downloads/
Agent Ransack 2022.3517 improves favorites list, cosmetics and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/
Beyond Compare 5.0.7.30840 improves cosmetics, updates libraries, and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download
Bitwarden 2025.4.2 resolves several bugs. This is not a security update.
https://bitwarden.com/
CalyxOS Device Flasher 1.1.1 is a security upate.
https://calyxos.org/install/
CrucialScan 20250424 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/store/systemscanner
Cygwin 3.6.1 resolves several bugs. This is not a security update.
https://cygwin.com/
DesktopOK 11.81 improves cosmetics. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.5.8.0 updates libraries. This is a security update.
https://dngrep.github.io/
Etcher 2.1.2 removes analytics. This is not a security update.
https://www.balena.io/etcher/
FileLocator Pro 2022.3517 improves favorites list, cosmetics and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download
FoneTool 3.0.0 is a major update that adds a new “My Devices” interface, improves iPhone to PC interface, and resolves a couple bugs. This is not a security update.
https://www.fonetool.com/download.html
Free Virtual Serial Ports 6.22.00.1498 resolves several bugs. This is not a security update.
https://freevirtualserialports.com/
GoodSync 12.8.8 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/
HWiNFO 8.26 improves hardware detection and reporting. This is not a security update.
https://www.hwinfo.com/download/
HWMonitor 1.57 adds support for newer hardware and resolves a couple bugs. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html
Kingston SSD Manager 1.5.5.3 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager
NTLite 2025.04.10406 adds Power Plan integration support, improves registry writes, updates components and resolves a bug. This is not a security update.
https://www.ntlite.com/download/
OSForensics 11.1.1007 improves performance and resolves a couple bugs. This is not a security update.
https://www.osforensics.com/download.html
osquery 5.17.0 resolves over a dozen bugs and updates libraries. This is not a security update.
https://osquery.io/downloads
Password Security Scanner 1.63 adds support for app-bound passwords in recent Chrome releases. This is not a security update.
https://www.nirsoft.net/utils/password_security_scanner.html
PowerToys 0.90.1 resolves several bugs and updates libraries. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest
RoboForm 9.6.8 improves update process and adds support for Google Workspace SSO. This is not a security update.
https://www.roboform.com/
Rufus 4.7 resolves several bugs and improves UEFI detection and download. This should be treated as a security update.
https://rufus.ie/en_US/
ScreenConnect 25.2.4.9229 is a security update. Updates were released for other “recent” versions as well so you’re not forced to upgrade to the Canary version that breaks several other features.
https://screenconnect.connectwise.com/download
SimpleWMIView 1.56 adds Black Background support. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html
SmartMonTools 7.5 adds dozens of new diagnostic objects and reporting elements and improves reliability and performance. This is not a security update.
https://smartmontools.org/
Starwind V2V Converter 9.755 adds CLI conversion support. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter
SysinternalsSuite 2025.5.5 updates RDCMan. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/
TeamViewer 15.65.6 resolves a bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/
WinGet 1.10.390 improves end-to-end support for Entra ID, configuration file controls, and resolves several bugs. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest
WinScan2PDF 9.33 improves hardware support and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
XnConvert 1.105.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/
ZoomText 2025 2025.2504.25.400 improves performance, multi-monitor support, and resolves several bugs.
https://support.freedomscientific.com/Downloads/ZoomText
Developer Updates
These are unlikely to be of interest to most people.
.NET Runtime 9.0.4 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet
ADB 36.0.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools
Android Studio 2024.3.2.14 resolves several bugs. This is not a security update.
https://developer.android.com/studio
cx_Freeze 8.3 updates libraries. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html
GameMaker Studio 2024.13.1.193 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker
GDevelop 5.5.230 resolves several bugs. This is not a security update.
https://gdevelop.io/download
GitHub Desktop 3.4.19 resolves over a dozen bugs. This is not a security update.
https://desktop.github.com/
Go 1.24.3 is a security update.
https://go.dev/
Inno Setup 6.4.3 improves restore operations, resolves seeral bugs, and adds a new tool for ECDSA P-256 support. This is not a security update.
https://www.jrsoftware.org/isdl.php
Java 8u451 is a security update.
https://www.java.com/en/download/manual.jsp
Node.js 20.19.1 updates libraries. This is not a security update.
https://nodejs.org/en/
Node.js 22.15.0 updates libraries and resolves several bugs. This is a security update.
https://nodejs.org/en/
Rustup 1.28.2 improves download stack and management controls. This is not a security update.
https://www.rust-lang.org/
SQLite 3.49.2 resolves several bugs. This should be treated as a security update.
https://www.sqlite.org/download.html
Visual Studio Code 1.100.1 is a security update.
https://code.visualstudio.com/
WinMerge 2.16.48.2 resolves several bugs. This is not a security update.
https://winmerge.org/
Virtual Machine Updates
These are unlikely to be of interest to most people.
VirtualBox 7.1.8 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads
Web Package Updates
These are likely to be of interest only to web developers.
Adminer 5.3.0 resolves over a dozen bugs and improves compatibility. This is not a security update.
https://www.adminer.org/en/
Joomla 5.3.0 improves email templates, media management, scheduled tasks, read more, accessibility and compatibility. This is not a security update.
https://www.joomla.org/
YOURLS 1.10.1 resolves several bugs. This is not a security update.
https://yourls.org/
WordPress 6.8.1 resolves over a dozen bugs. This is not a security update.
https://wordpress.org/
bbPress 2.6.13 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/bbpress/
Contact Form 7 6.0.6 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/
My Sticky Bar 2.8.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/
Show IDs 1.1.11 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/
Sucuri Security 2.1 resolves a couple bugs and adds support for several new scanners. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/