Updates 2022-08-09

Welcome back, Folks!

Today is Patch Tuesday for August, 2022. This is a much lighter month, but there are still over a hundred large hacking victims, two hundred updates and a little over 3.5 GB in updates today.

This Month in Technology

7-Eleven, 70 Lenovo laptop models, Acts Retirement Services, Inc. and Affiliates, Aetna ACE, alio.lt, Allegheny Health Network, Atlassian Confluence Server, Audius, Avamere Health Services LLC, Avamere Holdings, Axie Infinity, Azure Site Recovery, Bandai Namco, Battlefy, Belgian Ministry of Defense, Bellingham Public Library, Benefit Plan Administrators, Inc., Benson Health, BHG Behavioral Health Group, BHG Holdings, LLC, Black Swan State Theatre Company, Blue Cross and Blue Shield of Alabama, Bronx Accountable Healthcare Network, Cavender Stores, Ltd Health Plan, Center for Primary Care, Centerstone, Central Maine Medical Center, Cisco Small Business VPN routers, City of Newport, Cleartrip, Colorado Springs Utilities, Conifer Value-Based Care, LLC, Creos Luxembourg S.A., Deakin University, deBridge Finance, governments and organizations in the defense industry, DHS Emergency Alert System, DrayTek routers, East Valley Ophthalmology, Elastix VoIP, Entrust, Eskimi, Famm, First Choice Community Health Care, Inc., Florida Springs Surgery Center, German Chambers of Industry and Commerce, Granbury Eye Clinic, Healthback Holdings, LLC, JukinMedia, Klaviyo, Knauf Group, L’Agenzia delle Entrate, La Poste Mobile, Lawson Products, Inc., Lopes, Magie Mabrey Hughes Eye Clinic, P.A., MBDA, Mecho Download, MiCODUS GPS trackers, Minuteman Senior Services, Mooresville Schools, Neopets, NetStandard, Newfoundland and Labrador English School District, Nomad, NuLife Med, LLC, OneTouchPoint, Orthopedic Specialists of North America, PLLC, Perth Festival, Pixlr, Policybazaar, PPCGeeks, Prefeitura Municipal de Itapermirim, Premere Infinity Rehab, LLC, Premint, PrestaShop, Professional Finance Company, QuestionPro, Radiation Oncology Centers of the Carolinas, hundreds of restaurants, Scott County, Iowa, Semikron, Slack, Slope, Solana, Southwest Behavioral & Health Services, Spanish National Research Council, Synergic Healthcare Solutions, LLC, T-Mobile, Taiwanese Government, TAVR Media, The Bronx Accountable Healthcare Network, Tuned Global, Twilio, Twitter, Uniswap Liquidity Pool, US DOJ, Virginia Commonwealth University Health System, WA ballet, WA opera, Washington University School of Medicine, Wooton Upper School, Zenith American Solutions, and Zimbra have reportedly been hacked or compromised this month.

Microsoft 365 (and again), Microsoft Access, Microsoft Exchange Online, Microsoft Outlook, Microsoft Teams (and 365 again), Google, Oracle, Twitter, and the UK NHS have had major outages this month.

Google is blocking the ACMMicrosoft broke USB printing. There’s yet another novel method to extract data from air-gapped systems. And Meta (Facebook) is in hot water again, this time for collecting private medical information from within patient portals.

Now for the good news:

A million disinformation bots have been disabled. This still leaves primarily the MSM to disinform us.

Windows 8.1 only has a few months of support left. Upgrade to Windows 10 now.

Play stupid games, win stupid prizes.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released updates to address 65 vulnerabilities in .NET Core, Active Directory Domain Services, Azure Batch Node Agent, Azure Real Time Operating System, Azure Site Recovery, Azure Sphere, Microsoft ATA Port Driver, Microsoft Bluetooth Driver, Microsoft Edge, Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Windows Support Diagnostic Tool (MSDT), Remote Access Service Point-to-Point Tunneling Protocol, System Center Operations Manager, Visual Studio, Windows Bluetooth Service, Windows Canonical Display Driver, Windows Cloud Files Mini Filter Driver, Windows Defender Credential Guard, Windows Digital Media, Windows Error Reporting, Windows Fax Service, Windows Hello, Windows Hyper-V, Windows Internet Information Services, Windows Kerberos, Windows Kernel, Windows Local Security Authority (LSA), Windows Network File System, Windows Partition Management Driver, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Secure Boot, Windows Secure Socket Tunneling Protocol (SSTP), Windows Storage Spaces Direct, Windows Unified Write Filter, Windows WebBrowser Control, Windows Win32K, and MSRT (~ 3 GB). This includes security updates. A reboot is required.

Apple released updates for Safari 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, tvOS 15.6, and watchOS 8.7. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.6 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 15.6 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 15.6 is a security update. Use System, Software Update to install the most current version.

watchOS 8.7 are security updatess. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 104.0.5112.83 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.7.1 adds support for newer hardware, resolves several bugs and improves performance. This is not a security update.
https://www.amd.com/en/support

BullZip PDF Printer 14.0.0.2938 adds support for TLS3, updates libraries, and resolves bugs. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Drivers by Seagull 2022.2 adds support for over 240 new printer models, resolves a compatibility bug, and adds support for RFID TID and creating custom printer commands. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

Display Driver Uninstaller 18.0.5.4 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 9.70.68 resolves several bugs. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025297893

Nvidia Driver 473.81 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.42.88 is a security update.
https://brave.com/

Google Chrome 104.0.5112.81 is a security update.
https://www.google.com/chrome/

Microsoft Edge 104.0.1293.47 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 103.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.12.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 5.3.2679.70 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 102.1.2 is a security update.
https://www.thunderbird.net/en-US/

Mailspring 1.10.4 resolves compatibility issues, adds 64-bit, Apple Silicon M1 and M2 support, and resolves several bugs. This is not a security update.
https://getmailspring.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.13 resolves a cosmetic bug. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 154.4.5363 improves reliability and consistency, adds external device indication and resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 156.0.0.21.216 is a security update.
https://www.messenger.com/download

FileZilla Client 3.60.2 updates libraries to address stability bug. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.5.1 improves reliability and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.23 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 61.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Java 8u341 is a security update.
https://www.java.com/en/download/manual.jsp

Nextcloud Server 24.0.3 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Omada Software Controller 5.4.6 adds support for new protocols, newer hardware, and resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Qbox 4.0.5.20 doesn’t provide a changelog so should be treated as a security update.
https://www.coraltreetech.com/qbox

Rclone 1.59.1 resolves almost two dozen bugs. This is not a security update.
https://rclone.org/

Signal 5.53.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Skype 8.86.0.409 resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.20.4 resolves a couple bugs and improves CLI support. This is not a security update.
https://syncthing.net/

WinSCP 5.21.2 is a security update.
https://winscp.net/eng/index.php

Zoom 5.11.4.7185 improves reliability and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.3 resolves several bugs. This is not a security update.
https://en.3tene.com/

Plex Desktop 1.50.1.3185 resolves several bugs and improves controls. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.22.1.3169 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.28.0.5999 adds support for Apple Silicon, many improvements to music handling, and resolves a compatibility bug with Microsoft’s linker. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.1.4 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.6.1.26 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.22.7.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Steam 2022.07.27 resolves dozens of bugs and improves compatibility. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Commerce 2.3.7-p4, 2.4.3-p3, 2.4.4-p1, and 2.4.5 are security updates.
https://helpx.adobe.com/security/products/magento/apsb22-38.html

Adobe Acrobat and Reader 22.002.20191, 20.005.30381, and 17.012.30262 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb22-39.html

Adobe Illustrator 26.4 and 25.4.7 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-41.html

Adobe FrameMaker 15.0.8 and 16.0.4 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb22-42.html

Adobe Premiere Elements 20220702 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb22-43.html

Calibre 6.2.1 adds support for newer hardware, improves full text search, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Essential Forms 2022.07.20 is the summer data update. This is not a security update.
https://help.ceb.com/en/collections/2482118-essential-forms

Inkscape 1.2.1 resolves several bugs. This is not a security update.
https://inkscape.org/release/

Kindle for PC 1.38.65290 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 7.3.5 resolves over 80 bugs. This is not a security update. The Fresh line is beta software. I recommend you use LibreOffice “Still” to get the most stable version.
https://www.libreoffice.org/

Nextcloud Desktop 3.5.4 adds proper silent installation support. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4.4 resolves a find-in-files bug. This is not a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.13 is a security update. If you’re still using OpenOffice please consider switching to LibreOffice. OpenOffice has only had sporadic security updates for the last several years and there’s no sign of that changing.
https://www.openoffice.org/download/

PDF-XChange Editor 9.4.362.0 adds dozens of new features and resolves a lot of bugs. This is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

FSS 2022.7.18 adds support for newer platforms. This is not a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62

HTTP Toolkit 1.10.0 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.5.12 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.16.7 resolves several bugs. This is not a security update.
https://www.malwarebytes.com/mac/

ProtonVPN 2.0.5 improves stability. This is not a security update.
https://protonvpn.com/download

QubesOS 4.1.1 is a security update.
https://www.qubes-os.org/downloads/

Tails 5.3.1 is a security update.
https://tails.boum.org/install/dvd/index.en.html

YARA 4.2.3 is a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 22.1.1 adds support for WebP, PiP, OBS, resizable arrowheads, and resolves several bugs. This is a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.8.1 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.17.1 adds support for new encodings, improves stability, and resolve several bugs. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 4.4.3 updates the associated PDF Architect installer and uses a new application signature. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 5.0.4.7 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.10 resolves several bugs. This is not a security update.
https://www.zotero.org/

Zotero (macOS) 6.0.11 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.8.0 improves import support, additional browser support, accessibility improvements, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.8.0 improves import support, additional browser support, accessibility improvements, and resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

7-Zip 22.01 improves UDF, HFS and APFS support. This is not a security update.
https://www.7-zip.org/

AOMEI Partition Assistant 9.9.0 resolves several bugs and adds PC Cleaner. This is not a security update.
https://www.diskpart.com/

AstroGrep 4.4.8 is a security update.
http://astrogrep.sourceforge.net/

Beyond Compare 4.4.3.26655 is a security update.
https://www.scootersoftware.com/download.php?zz=dl4

BgInfo 4.31 fixes a compatibility bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/bginfo

CCleaner 6.02.9938 adds support for cleaning new applications, improvements in existing application cleaning, and resolves several bugs. This is a security update.
https://www.ccleaner.com/

DesktopOK 10.01 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.77 resolves a data export bug. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Everything CLI 1.1.0.24 improves stability. This is not a security update.
https://www.voidtools.com/

Git SCM 2.37.1 is a security update.
https://git-scm.com/

GoodSync 11.11.7 resolves several bugs. This should be treated as a security update.
https://www.goodsync.com/

Kingston SSD Manager 1.5.2.0 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2.3.7.8826 adds support for new builds, new components and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1003 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.4.0 resolves several bugs, improves compatibility and adds support for several new engines. This is a security update.
https://osquery.io/downloads

PowerToys 0.61.1 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.91 fixes a compatibility bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Recuva 1.53.2083 updates license integration. This is not a security update.
https://www.ccleaner.com/recuva

Rufus 3.20 resolves several compatibility bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 22.6.8722.8249 improves stability and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SearchMyFiles 3.21 improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Sigcheck 2.90 adds custom code integrity policy checks. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sigcheck

TeamViewer 15.32.3 adds remote terminal sessions to the Instant Connect bar, and resolves a couple bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.12 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

Windows 11 RCT 1.5.0 adds support for newer hardware and resolves a couple bugs. This is not a security update.
https://bytejams.com/

WinScan2PDF 8.01 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Zoomit 6.01 fixes a compatibility bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/zoomit

ZoomText 2022 2022.2207.14.400 resovles several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2021.2.1.16 resolves a dozen bugs. This is a security update.
https://developer.android.com/studio

GitHub Desktop 3.0.5 updates libraries and resolves a warning. This is not a security update.
https://desktop.github.com/

Go 1.18.5 and Go 1.19 are security updates. Go 1.19 is a major update adding several new features and improvements, as well as updating libraries.
https://go.dev/

MySQL Server 8.0.30 is a security update.
https://dev.mysql.com/downloads/installer/

MySQL ConnectorNet 8.0.30 is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 18.7.0 resolves dozens of bugs. This is a security update.
https://nodejs.org/en/

Rustup 1.25.1 resolves a build order bug. This should be treated as a security update.
https://www.rust-lang.org/

SQLite 3.39.2 is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.70 adds support for custom folded sections, tree views and filters, terminal improvements and other fixes. This is is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.13.1 resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

VirtualBox 6.1.36 resolves dozens of bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.18.2 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Drupal 9.3.19 is a security update.
https://drupal.org/download

Drupal 9.4.5 is a library security update.
https://drupal.org/download

HumHub 1.12.0 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

OpenPetra 2022.07 resolves several bugs and improves security checking. This should be treated as a security update.
https://www.openpetra.org/

Akismet 5.0 improves spam detection. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.0 is a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.6.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.4.7.1 is a security update.
https://wordpress.org/plugins/duplicator/#developers

NextScripts Social Networks Auto-Poster 4.3.30 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Redirection 5.3.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Show IDs 1.1.9 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

Social Post Feed 4.1.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.33 improves cache cleaning. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.2.4 resolves several bugs and improves compatibility. This is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 6.7.0 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.5.1 resolves a bug. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WPtouch 4.3.42 resolves a menu bug. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2022-05-10

Welcome back, Folks!

Today is Patch Tuesday for May, 2022. There’s a lot of news this month, and sunlight is proving to be the best disinfectant. It’s a big one.

This Month in Technology

AA Traveller, Adaptive Health Integrations, AGCO, Aimware, Amazon Web Services, American Dental Association, Android, Apple, ARcare, Aruba and Avaya network switches, Austin Peay State University, Avvo, Bank of Israel, Beanstalk, Bob’s Red Mill Natural Foods, Central Florida Cardiology Group, Cisco Umbrella Virtual Appliances, Coca-Cola, Costa Rica government, County of Los Angeles Department of Mental Health, Dedalus Biology, Deus, Devil-Torrents, Discord, District 518 in Minnesota, Docker servers, DVR devices, EGAIS, F5 BIG-IP, Facebook, Fairfield County Implants and Periodontics, LLC, Fei protocol, Ferrari, Funky Pigeon, GHT Coeur Grand Est. Hospitals and Health Care group, Good Samaritan in West Palm Beach, Google, HealthActions, P.A., Healthplex, Inc, Heroku, Hetzner Online GmbH, IKEA Canada, Illinois Gastroenterology Group, PLLC, Illuminate Education, Kellogg Community College, Kenosha Community Health Center, King County Public Hospital District No. 2, La Casa de Salud, Lakeview Loan Servicing, Lincoln College, Linux, Lutheran Services Carolinas, Mental Health Center of Greater Manchester, MetroHealth System, Microsoft Azure, Microsoft Exchange servers, Nauru Police Force, New Creation Counseling Center, Newman Regional Health, Nordex, Nordic Hotels & Resorts, NPM, Oklahoma City Indian Clinic, Onleihe, OpenSea, Optima Dermatology Holdings, LLC, PayHere, QIWI, QNAP, RainLoop, Rarible NFT, Romania, Ronin Network, RuTube, Scott County, IowaSelect Benefits Group, LLC dba Dental Select, Sixt, Smile Brands, Snapchat, Southern Ohio Medical Center, Spanish football federation, St. Mary’s Medical Center in West Palm Beach, State Bar of Georgia, SUMMIT EYE ASSOCIATES P.C., Sunwing Airlines, Synology, T-Mobile, The Energy Cooperative Group Benefits Plan, The Mental Health Center of Greater Manchester, Twitter, U.S. DoD, UK Ministry of Defense, UK NHS, Ukrainian government, Urgent Team Holdings, US Department of Homeland Security (DHS) (with permission), US Health and Human Services, VMware Workspace ONE Access, Wayne Family Practice Associates, PC, WellDyneRx, LLC, Windows Event Logs, and WSO2 have reportedly been hacked or compromised this month.

Atlassian, Google Docs, WhatsApp, and Xbox have suffered from widespread outages.

A software bug in Harris County Jail has caused problems with hundreds of cases, preventing access to arrest and hearing information, resulting in major issues for law enforcement and the DA.

Google has added a feature to fight doxxing by removing supplied personal information from search results. This would, of course, not be so ridiculous if they hadn’t recently shared victim information with scammers so they could be scammed or abused all over again.

Science is still a joke. So is the news. And yes, the vaccines are shedding. Yet, governments are still penalizing those who refuse to participate in the experiments. VAERS is being purged in violation of federal law. Search warrants are passé. Did you know that the USPS is a spying agency?  Facebook’s Meta is a bunch of hypocrites.

The US federal government has announced a new Disinformation Governance Board under the Department of Homeland Security to combat “disinformation,” staffed by the same people that have promulgated lies and deceit for years, complicit in the very deception they claim to want to prevent. It’s different when they do it, though.

There is a very dark side of electric vehicles, including child slavery, and they still produce CO2 directly, too.

Various open source projects, node-ipc, which wiped the drives of Russian users, and event-source-polyfill “protest” by changing their behavior based on the user, or who they perceive the user to be. Projects like this destroy the trust of all of their users, even if they agree with their agenda. You never know what signal they’ll choose to use against you in the future. Others, including Avast, Coinbase, even CAs (certificate authorities), Dell, DuckDuckGo, GitHub, hacked WordPress sites, Google Play, Google News, Mozilla Firefox, and many others, are projecting their own politics on the world. Disagree and be censored.

iOS and iPadOS updates, security updates, are now being delayed by up to four weeks after release for those who have automatic updates enabled. Just how defective does your release quality testing have to be to postpone security updates for a month?

There’s yet another speculative execution vulnerability in pretty much every CPU. UPS (uninterruptible power supplies/battery backups) demonstrate the significance of a default password vulnerability. The Smart Meters that were promised to never be used to collect personal information are now being used with AI to profile individuals and households.

In an effort to make everyone want to abandon Windows, Microsoft is now pushing ads within the new File Explorer on Windows 11.

Cloud service providers can disappear on a whim. The recent disappearance of the entire Insteon service from under the feet of those that, in some cases, paid thousands of dollars for hardware to work with this home automation provider, demonstrates the insanity of reliance on external services.

Nigeria has blocked 73 million mobile phones (more than half of the Internet-connected population!) for failing to sign up for their digital identity/social credit ecosystem. Most people in Nigeria, like the vast majority of people in nations across the planet, only have access to the Internet through their mobile phones, so this digital identity implementation is intentionally cutting many users in that tiny nation from the Internet.

There is growing evidence that the entire national food supply is at risk, as well as dozens of food processing facilities (much more than in previous years). In response, California is paying farmers not to grow food.

Now for the good news:

When you think about how similar search results have become, this video will blow your mind: Where did the rest of the Internet go? Consider Swisscows for better variety, privacy and breadth of search.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is quite large this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates to address 77 vulnerabilities in .NET and Visual Studio, .NET Framework, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Local Security Authority Server, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Windows ALPC, Remote Desktop Client, Servicing Stack Update, Servicing Stack Updates, Tablet Windows User Interface, Visual Studio, Visual Studio Code, Windows Active Directory, Windows Address Book, Windows Authentication Methods, Windows BitLocker, Windows Cluster Shared Volume (CSV), Windows Failover Cluster Automation Server, Windows Fax Service, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows LDAP – Lightweight Directory Access Protocol, Windows Media, Windows Network File System, Windows NTFS, Windows Point-to-Point Tunneling Protocol, Windows PowerShell, Windows Print Spooler Components, Windows Push Notifications, Windows Remote Access Connection Manager, Windows Remote Desktop, Windows Remote Procedure Call Runtime, Windows Server Service, Windows Storage Spaces Controller, Windows WLAN Auto Config Service, and MSRT (~2 GB). This includes security updates. A reboot is required.

Google Chrome OS 101.0.4951.59 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 36-1.5 is a major update, including library and dependency updates. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.5.0 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

HP M281cdw Firmware 20220414 is a security update.
https://support.hp.com/us-en/drivers/selfservice/hp-color-laserjet-pro-m280-m281-multifunction-printer-series/14142489/model/16748237

Logitech Unify 2.52.33 is a security update.
https://support.logitech.com/en_us/software/unifying

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.38.111 is a security update. Use Menu, Help, About to get the most current version.
https://brave.com/

Google Chrome 101.0.4951.54 is a security update. Use Menu, Help, About to get the most current version.
https://www.google.com/chrome/

Microsoft Edge 101.0.1210.39 is a security update. Use Menu, Help, About to get the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 100.0 is a security update. Use Menu, Help, About to get the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.9.0 is a security update. Use Menu, Help, About to get the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.12 is a security update. Use Menu, Help, About to get the most current version.
https://www.seamonkey-project.org/

Vivaldi 5.2.2623.41 is a security update. Use Menu, Help, About to get the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.3 resolves several bugs. This is not a security update.
https://getmailspring.com/

NK2Edit 3.44 adds column sorting from menus. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

Thunderbird 91.9.0 is a security update. Use Menu, Help, About to get the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.8 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 6.5.1 resolves several bugs and adds option to remove all stored session profiles. This is not a security update.
https://anydesk.com/en/downloads

curl 7.83.0 adds several new features and resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 147.4.4800 adds backup settings and sync configuration, right-click menu capabilities, and taskbar icon changes. This is not a security update.
https://www.dropbox.com/

FileZilla Server 1.4.1 resolves several bugs and improves upgrade converter. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.20 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 57.0 improves notifications and resolves several bugs. This is not a security update.
https://drive.google.com/start

Omada Software Controller 5.3.1 adds over 20 new features and a dozen fixes. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Java 8u333 is a security update. This is the second update in two weeks, and one of the rare out-of-cycle updates from Oracle. If you have Java installed, update as soon as possible.
https://www.java.com/en/download/manual.jsp

Nextcloud Server 23.0.4 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.58.1 resolves several bugs. This is not a security update.
https://rclone.org/

Syncthing 1.20.1 resolves a stability bug. This is not a security update.
https://syncthing.net/

Signal 5.42.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Technitium DNS Server 8.1 resolves several bugs and improves reliability. This is not a security update.
https://technitium.com/dns/

Telegram 3.7.3 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.10.4.5035 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Plex Desktop 1.44.0.2981 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.15.1.2976 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.26.0.5715 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.17.4 should be treated as a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

Battle.net Client 2.9.0.13279 resolves several bugs. This is not a security update.
https://us.battle.net/en/app/

Epic Games 14.0.7 resolves several bugs. This is not a security update.
https://www.epicgames.com/

Nintendo Switch 14.1.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS3 4.89 reduces on-device features (such as account creation and management) to improve device security.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

PlayStation PS5 22.01-05.02.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.12 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Krita 5.0.6 resolves two crash bugs, and follows shortly after the 5.0.5 release which resolves dozens of outstanding bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.3.3 resolves nearly 100 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.5.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4 updates the Scintilla library. Be aware that some plugins may not work after this update until they’re made compatible with the new release. This is not a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.12 resolves several bugs. This is not a security update. I recommend using LibreOffice instead of OpenOffice. It’s much better maintained and does not rely on an external 32-bit Java dependency.
http://www.openoffice.org/download/

PDF-XChange Editor 9.3.361.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Calibre 5.42.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Kindle for PC 1.36.65107 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Adobe Reader DC 22.001.20117 is a security update. Use Help, Check for Updates to get the most current version.
https://get.adobe.com/reader

Adobe Reader DC (Mac) 22.001.20112 is a security update. Use Help, Check for Updates to get the most current version.
https://get.adobe.com/reader

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 5.0 is a major update with updates to several libraries, newer hardware support, and resolving several bugs. This is a security update.
https://tails.boum.org/install/dvd/index.en.html

Gpg4win 4.0.2 resolves dozens of bugs and updates libraries. This is a security update.
https://www.gpg4win.org/download.html

KeePass 2.51.1 resolves dozens of bugs. This is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.5.8 improves performance and resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.15 resolves several bugs. This is not a security update.
https://www.malwarebytes.com/mac/

OpenSSL 3.0.3 is a security update.
https://curl.se/windows/

RogueKiller 15.5.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.41.0 adds dark mode, and resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.10.2 improves collection management. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

YARA 4.2.1 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.37 updates libraries, resolves several bugs, and adds AV1 export. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 22.0.2 is a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.7.1 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.7 adds new features and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

Bitwarden 1.33.0 resolves several bugs. This is not a security update.
https://bitwarden.com/

CPU-Z Installer 2.01 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 9.85 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.7.9 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Git SCM 2.36.1 resolves several bugs. This is not a security update.
https://git-scm.com/

GoodSync 11.10.9 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWMonitor 1.46 adds support for new hardware and new sensors. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NTLite 2.3.4.8675 cleans up leftovers from previous updates. This is not a security update.
https://www.ntlite.com/download/

OpenToonz 1.6.0 adds several new features, bug fixes and performance improvements. This is not a security update.
https://github.com/opentoonz/opentoonz/

osquery 5.2.3 is a security update.
https://osquery.io/downloads

AOMEI Partition Assistant 9.7.0 adds speed test, and app mover improvements. This is not a security update.
https://www.diskpart.com/

PointerStick 5.77 adds support for dark mode, improves DPI scaling, and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.58.0 resolves a dozen bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.2.7 resolves compatibility issues. This is not a security update.
https://www.roboform.com/

ScreenConnect 22.4.7745.8154 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SmartMonTools 7.3 resolves several bugs, adds support for new hardware, and several new diagnostic and testing options. This is not a security update.
https://smartmontools.org/

Speccy 1.32.774 improves hardware support. This is not a security update.
https://www.piriform.com/speccy

Synergy 1.14.3 improves compatibility. This is not a security update.
https://symless.com/synergy/

TeamViewer 15.29.4 resolves a file transfer bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.0 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WhyNotWin11 2.4.3.2 resolves several bugs and improves detection and command-line support. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinScan2PDF 7.77 improves TWAIN support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

ZoomText 2022.2204.21.400 resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.34.01 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

AutoIt 3.3.16.0 resolves dozens of bugs and adds several new features. This is not a security update.
https://www.autoitscript.com/autoit3/docs/history.htm

Docker Desktop 4.8.1 adds several new features, updates libraries, and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

GitHub Desktop 3.0.0 updates notification capabilities, and resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.2.1 is a security update.
https://www.jrsoftware.org/isdl.php

MySQL Server 8.0.29 is a security update.
https://dev.mysql.com/downloads/installer/

MySQL ConnectorNet 8.0.29 is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 14.19.2 is a security update.
https://nodejs.org/en/

Node.js 16.15.0 adds fetch API and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 18.1.0 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.38.5 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.67.1 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.34 resolves dozens of bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.19 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.2.17 resolves several bugs. This is not a security update.
https://drupal.org/download

Drupal 9.3.12 is a security update.
https://drupal.org/download

HumHub 1.11.1 is a security update.
https://www.humhub.com/en/download

Joomla 4.1.3 resolves several bugs. This is not a security update.
https://www.joomla.org/

SMF 2.1.2 is a security update.
https://www.simplemachines.org/

YOURLS 1.9 is a security update.
https://yourls.org/

Akismet 4.2.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.0.4 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

Slider Revolution 6.5.20 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Social Post Feed 4.1.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Duplicator 1.4.5 improves several features, This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Interactive World Map 3.1.9.2 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/interactive-world-map/

Postie 1.9.60 improves translatable strings. This is not a security update.
https://wordpress.org/extend/plugins/postie/

WooCommerce 6.4.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.4.0 improves compatibility, integration, and resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-10-12

Welcome back, Folks!

Today is Patch Tuesday for October, 2021.

This month we’ve got the new Microsoft Office, Windows 11, iOS 15, iPhone 13, and Windows Server 2022…so far. A new build of Windows 10 is still on the horizon, and a security update for Java is slated for next week. That said, Patch Tuesday this month is very large. The typical computer should see roughly 2.3 GB in updates today.

This Month in Technology

Amnesty InternationalAjarnApple AirTag, Apple Game CenterAzure DevOpsBanco PichinchaBank of AmericaBitcoin.orgBrewDog, the Canadian Vaccine Passport systemCanopy Parental ControlCoinbaseCompoundCox Media GroupCrystal ValleyDahua cams, various DVR devicesElastic StackFantasy Football HubGiant GroupForward AirHorizon HouseHuawei Cloud, various IT companiesJVCKenwoodMarketronMedtronic insulin pump controllers, Microsoft Windows Platform Binary TableMoneyLionNeiman MarcusNEW CooperativeOlympus USPacific City BankPlaybookPort of HoustonSandhills GlobalSimon Eye Management90% of the supply chainSyniverseThe TelegraphTwitch (there’s a lot of information out there about this Amazon property hack), United Health Centers, the US Navy, various aerospace and telco firms, various Apache Airflow servers, various Apache services, various Confluence servers, various hotels, various healthcare facilities, various real estate organizations, various University Wi-Fi networks, various VMware ESXi serversVertafore, and Weir Group.

The assets and financial information of 35 world leaders have been exposed in the Pandora Papers.

A Microsoft Azure customerBandwidth.com, and VoIP.ms have been struck by major denial of service attacks.

How serious are the privacy risks of RFID? The US military is using RFID to track their guns. This results in the ability to track (and target) those carrying the weapons.

How serious is ransomware? Another child has died as a result of equipment that was disabled during an attack.

The Google idle detection API can be used to abuse you only when it knows you’re not looking. For a company whose slogan was “don’t be evil,” and that has the highest paid programmers in the world, between idle detection and FLoC, they’re really proving to either not be able to anticipate the potential risks or they simply don’t care.

Firefox is now injecting ads into the address bar. Apple Pay allows hackers to take your money from your locked iPhonePhishing messages posing as Verizon are using mathematical symbols to evade detection. Intuit is warning users of phishing attacks targeting QuickBooks users. Popular projects on public repositories remain high profile targets. If you can’t trust the hacker you bought your exploit kit from, who can you trust? Sigh.

The biggest outage this month was the Facebook, Messenger, Instagram, Oculus, and WhatsApp that has lead to millions of users abandoning FacebookTrello has had a couple outages, too.

Microsoft is planning to randomly disable access to their customers to see if they’re using their services. Personally, I would just check the logs.

Microsoft 365 broke MFA again, locking users out of their accounts. And a bug in their Exchange Autodiscover implementation has leaked over a 100,000 credentials. A newly discovered UEFI bootkit has been backdooring Windows devices for almost a decade.

Google, the same company that warned of the risks of compromise through 2FA (as have many others), will be forcing 150 million accounts to use 2FA.
This is the same company that accidentally sent thousands of past due messages to their users last month. Their Android operating system is very privacy-averse, too.

A new ransomware strain doesn’t even both encrypting your files anymore, simply collecting a copy of your data and using the threat of release to extort their users.

If you’re still using a landline phone it’s probably because you don’t like change. Get ready, change is coming anyway. In order to more easily assist those having a mental health crisis, the FCC is going to require you to use full 1+10-digit dialing
when making any calls on a landline and 10-digit dialing from most mobile phones starting in late October. The intent is to make dialing a 3-digit number possible for the suicide hotline (988).

PG&E has been charged with causing yet another wildfire.

Now for the good news:

For what it’s worth, robocalls are now illegal.

Even the majority of IT professionals think patching is too hard. Don’t do it yourself, let me.

Let’s Get Busy

Now back to our regularly scheduled program.

Windows 11 is out. Even if your hardware supports it, don’t install it yet. Consider it in the “open beta” phase. The new build of macOS (12.0 / Monterey) should be released sometime soon, too. The same goes for that: consider it a beta for at least the first couple months.

Patch Tuesday this month is very large. The typical computer should see roughly 2.9 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~2.3 GB). This includes updates for Windows Server 2008. This includes security updates. A reboot is required.

Apple released updates for watchOS 8.0.1, iOS 12.5.5, iOS 15.0.2, iPadOS 15.0.2, and Security Update 2021-006 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.0.2 and 12.5.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.0.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 8.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 93.0.4577.95 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.4 adds support for Windows 11 and improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

HP LaserJet Stub 13.4.8 doesn’t provide a detailed changelog so should be considered a security update.
https://123.hp.com/us/en/devices/LASERJET

MS Mouse and Keyboard Center 14 adds support for newer hardware, Spotlight and improves Smart Switch. This is not a security update.
https://www.microsoft.com/accessories/en-us/downloads/mouse-keyboard-center

Xerox Smart Start 1.6.26.0 doesn’t provide a detailed changelog so should be considered a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.30.89 is a security update.
https://brave.com/

Google Chrome 94.0.4606.81 is a security update.
https://www.google.com/chrome/

Microsoft Edge 94.0.992.47 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 93.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.15.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.9.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 4.3.2439.44 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.43 adds hi-DPI support and improves sorting behavior. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 91.2.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Telegram 3.1.8 resolves several bugs. This is not a security update.
https://telegram.org/

curl 7.79.1 resolves several bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 132.4.3800 does not provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.56.0 is a security update.
https://filezilla-project.org/

Omada Software Controller 4.4.6 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.56.2 resolves several bugs. This is not a security update.
https://rclone.org/

Syncthing 1.18.3 improves reliability and resolves a cosmetic bug. This should be treated as a security update.
https://syncthing.net/

Technitium DNS Server 7.0 is a major update to the API and Apps feature, each of the Apps, adds several more Apps, and resolves several bugs. This is not a security update.
https://technitium.com/dns/

WGet 1.21.2 is a security update.
https://eternallybored.org/misc/wget/

WinSCP 5.19.3 is a security update.
https://winscp.net/eng/index.php

Zoom 5.8.1.1435 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.12.1.1 doesn’t provide a changelog so should be treated as a security update.
https://www.apple.com/itunes/download/

Picard 2.6.4 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.35.1.2632 corrects a couple minor bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS5 21.02-04.02.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2021.10.07 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.10 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Audacity 3.0.5 resolves bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.5 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.blender.org/download/

LibreOffice Fresh 7.2.1 resolves over 80 bugs. This is not a security update. The “Fresh” line is beta software and should be avoided in favor of the “Still” line.
https://www.libreoffice.org/

LibreOffice Still 7.1.6 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.5 improves security. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.5 adds date insertion and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.11 is a security update.
https://www.openoffice.org/download/

Adobe Reader DC 21.007.20099 is a security update.
https://get.adobe.com/reader

Adobe Acrobat DC 21.007.20099 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb21-104.html

Adobe Connect 11.2.3 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-91.html

Adobe Reader Mobile 21.9.0 is a security update.
https://helpx.adobe.com/security/products/reader-mobile/apsb21-89.html

Adobe ops-cli 2.0.5 is a security update.
https://helpx.adobe.com/security/products/ops_cli/apsb21-88.html

Adobe Commerce 2.4.3-p1 and 2.3.7-p2 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-86.html

Adobe Campaign 21.3.1 is a security update.
https://helpx.adobe.com/security/products/campaign/apsb21-52.html

Security Software Updates

One or more of these is likely to be of interest to most people.

PureOS 10.0 is a security update.
https://pureos.net/download/

Tails 4.23 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

OnionShare 2.4 is a security update.
https://onionshare.org/

RogueKiller 15.1.1 is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.1.1 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.38.4 resolves Twitch filtering and important filters. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.34 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.2 resolves several bugs. This is not a security update.
https://handbrake.fr/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9 adds the ability to “securely” share a link with others. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.9.822 adds the ability to “securely” share a link with others. This is not a security update.
https://1password.com/downloads/windows/

Autoruns 14.03 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Bitwarden 1.28.3 resolves several bugs. This is not a security update.
https://bitwarden.com/

ControlMyMonitor 1.29 adds the ability to set font options. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

dnGrep 2.9.400.0 improves bookmarks and adds option to hide missing files in Everything search. This is not a security update.
https://dngrep.github.io/

Etcher 1.6.0 adds basic auth support and updates libraries. This is not a security update.
https://www.balena.io/etcher/

Everything CLI 1.1.0.20 doesn’t provide a changelog so should be treated as a security update.
https://www.voidtools.com/

Fido 1.26 adds Windows 11 downloads. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 2.7.0 adds user-presence tracking, improves the security tab, and updates libraries. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 11.8.6 resolves several bugs, updates certificates and libraries. This is not a security update.
https://www.goodsync.com/

Homedale 1.99 resolves a privacy bug. This is not a security update.
https://www.the-sz.com/products/homedale/

NTLite 2.3.0.8394 updates libraries and assignment options. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.4.1 adds Windows 11 compatibility. This is not a security update.
https://www.diskpart.com/

PowerToys 0.47.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.85 doesn’t provide a changelog so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Samsung Magician 7.0.0 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

TCPView 4.15 doesn’t provide a changelog so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.22.3 improves chat notification and resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WhyNotWin11 2.4.2.1 improves compatibility and accuracy. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

Windows 11 RCT 1.2.1 updates libraries and improves compatibility. This is not a security update.
https://bytejams.com/

WinGet 1.1.12653 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WizTree 4.03 improves reliability, and improves details when loading exports. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.3.4 resolves over a dozen bugs. This is not a security update.
https://godotengine.org/

Node.js 12.22.7 is a security update.
https://nodejs.org/en/

Node.js 14.18.1 is a security update.
https://nodejs.org/en/

Node.js 16.11.1 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.61 adds split views, improved locking, new decorations, improved pair guides and more. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.12.2 adds support for Android 12, scoped storage, and resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.15 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Dada Mail 11.16.3 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 4.1.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.7 resolves over a dozen bugs. This is not a security update.
https://drupal.org/download

MailArchiva 8.3.2 resolves several bugs. This is a security update.
https://mailarchiva.com/

Nextcloud Server 22.2.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

phpList 3.6.5 resolves several bugs. This is not a security update.
https://www.phplist.org/

ScreenConnect 21.13.5058.7951 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Slider Revolution 6.5.9 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Akismet 4.2.1 resolves an AMP validation bug. This is not a security update.

Contact Form 7 5.5.1 resolves a couple bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.23 is a security update.

Sucuri Security 1.8.30 is now a non-GoDaddy project. This is not a security update.

Visual Composer 39.1 resolves a cosmetic bug. This is not a security update.
https://visualcomposer.com/

WooCommerce 5.7.1 reverts a path change bug. This is not a security update.

WP Mail SMTP 3.1.0 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2021-05-11

Welcome back, Folks!

Today is Patch Tuesday for May, 2021. There have been a couple dozen major hacking incidents and critical security issues, and every browser has now continued their weekly security update cadence through the third month.

This Month in Technology

Apple (Quanta Computer), Apple’s AirDrop, Apple’s iOS 14.5, Apple’s macOS Big Sur 11.3, Cellebrite, Celsius Network, Colonial Pipeline, Dell dbutil, Dominion election hardware, various DNS implementations, mostly on IoT devices, various medical devices, Elliman Property Management, Facebook, Geico, enterprise password app Passwordstate, various Police Departments, Pulse Connect Secure, Tesla’s Model X, and Trend Micro’s Apex One were hacked this month.

Linux banned University of Minnesota from submitting code because they intentionally submitted patches that would have intentionally made Linux devices insecure.

The FBI is violating the Computer Fraud and Abuse Act.

It’s illogical to justify or mandate an experimental treatment that increases your risk for a disease and creates side-effects on its own that are equivalent to the disease. When you can’t win your arguments using actual science you have to ignore the inserts, the numbers, falsify the data, falsify the tests, censor, attack their education, ridicule and intimidate, hide the dead children, secretly destroy the unused ventilators, ignore the tens of thousands of barrels of DDT dumped in the ocean by the same  companies making the experimental vaccines today, make sure nobody knows you have no idea what you’re doing, or just straight-up kill people. A Jedi mind trick or two goes a long way, too. By the way, the COVID-19 mortality rate for vaccinated test subjects dwarfs the rate for the “control group.” France is at least capable of putting two and two together. It’s sad that American doctors can’t.

In a surprise move, Apple & Google have actually stood by their privacy policies forbidding the UK from collecting additional location details through the NHS COVID-19 tracking app. That said, no matter how much they try to limit data exposure, if it’s collected, it can be compromised.

Piracy is bad and FLoC is worse10DLC is a step in the right direction, but will likely only result in increased text messaging forgery.

USPS is violating the first amendment but that pales in comparison to what state and federal governments are doing, and what the Speaker has done to keep her seat. Christianity isn’t illegal, yet. Violence is, but it has proven to be effective anyway, so will continue unabated.

There are still some wins coming in, so I guess we haven’t quite devolved into communism, but it doesn’t look good when censorship is so pervasive and ambiguous, and officials openly engage in fraud during an audit, and blame the victims for being assaulted.

The Epic vs Apple suit is currently underway and has proven to be what you’d expect from a conflict between a monopoly and a video game company. Meanwhile, Apple is now being sued for terminating accounts for customers that have “bought” apps and services through them, and the EU has declared Apple’s App Store a monopoly. Seeing the writing on the wall, Microsoft has lowered it’s Windows Store cut.

Google, which dropped Fortnite last year for violating the terms of a contract, just sidestepped Roku’s removal of the YouTube TV app by inserting the functionality of  YouTube TV app into the YouTube app. Demonstrating the flaws in their app compatibility argument Google broke YouTube TV on their own Chromecast platform during this circus.

Now for the good news:

Dogecoin for the win. Just make sure you are the only one with the keys to your wallet!

Oh, and Samsung is planning to provide a way so you can still make use of some of your archaic hardware.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge – with well over a hundred common applications and operating systems releasing fixes. The typical computer should see roughly 3.2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iCloud for Windows 12.3, iTunes 12.11.3 for Windows, Safari 14.1, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, Xcode 12.5, iOS 14.5.1 and iPadOS 14.5.1, iOS 12.5.3, macOS Big Sur 11.3.1, tvOS 14.5, and watchOS 7.4.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.5.1 and 12.5.3 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 14.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.4.1 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 90.0.4430.100 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 34-1.2 has a lot of changes under the hood, such as UEFI improvements, driver and updated libraries. This is a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v2009) is huge (about 18% larger than v2004, which was 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.3.9 improves diagnostics and removal. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 8.54.106 resolves several bugs. This version does not provide a detailed changelog so should be treated as a security update.
https://www.logitech.com/en-us/product/options

Nvidia 466.27 improves compatibility. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Engine 3.20.0 resolves several bugs. This is not a security update.
https://steelseries.com/engine

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.24.84 is a security update.
https://brave.com/

Google Chrome 90.0.4430.212 is a security update.
https://www.google.com/chrome/

Microsoft Edge 90.0.818.56 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 88.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.10.1 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.7.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 3.8.2259.42 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.9.1 is a security update.
https://getmailspring.com/

Thunderbird 78.10.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.48 adds a QR code toolbar button and resolves a bug in the SaveDirect command-line switch. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 7.76.1 resolves several bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 121.4.4267 doesn’t provide a changelog, so should be treated as a security update.
https://www.dropbox.com/

FreeFileSync 11.10 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Java 8u291 is a security update.
https://www.java.com/en/download/manual.jsp

Npcap 1.31 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 4.3.5 resolves several bugs and improves compatibility. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

PuTTY 0.75 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Technitium DNS Server 6.2.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 2.7.4 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.6.5.823 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.11.3 is a security update.
https://www.apple.com/itunes/download/

Picard 2.6.2 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Media Server 1.22.3.4392 resolves several bugs with collections. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.14 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS4 8.03 improves notification controls and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PlayStation PS5 21.01-03.10.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.9 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.57.0 updates libraries, and resolves several bugs. This is not a security update.
https://atom.io/

LibreOffice Fresh 7.1.3 resolves over a hundred bugs. This is a security update. Be aware that LibreOffice Fresh is a beta version and should be avoided in favor of the Still (stable) version.
https://www.libreoffice.org/

Lightworks NLE 2021.2 resolves dozens of bugs and improves reliability. This is not a security update.
https://www.lwks.com/

Nextcloud Desktop 3.2.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

OpenOffice 4.1.10 is a security update.
https://www.openoffice.org/download/

Paint.net 4.2.16 resolves several bugs. This is not a security update.
https://www.getpaint.net/

Adobe Creative Cloud Desktop Application 5.4.3 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-31.html

Adobe Genuine Service 7.3 is a security update.
https://helpx.adobe.com/security/products/integrity_service/apsb21-27.html

Adobe Acrobat and Reader 2021.001.20155, 2020.001.30025, and 2017.011.30196 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-29.html

Adobe After Effects 18.2 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb21-33.html

Adobe Animate 21.0.6 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-35.html

Adobe Experience Manager 6.5.8.0 and 6.4.8.4 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb21-15.html

Adobe InDesign 16.2.1 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb21-22.html

Adobe Illustrator 25.2.3 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb21-24.html

Adobe InCopy 16.2.1 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-25.html

Magento 2.4.2-p1 and 2.3.7 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-30.html

Adobe Media Encoder 15.2 is a security update.
https://helpx.adobe.com/security/products/media-encoder/apsb21-32.html

Adobe Medium 2.4.5.332 is a security update.
https://helpx.adobe.com/security/products/medium/apsb21-34.html

Security Software Updates

One or more of these is likely to be of interest to most people.

HTTP Toolkit 1.3.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://httptoolkit.tech/

KeePass 2.48.1 improves compatibility and resolves several bugs. This is not a security update.
https://keepass.info/

uBlock Origin 1.35.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.9.6 doesn’t provide a changelog so should be treated as a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Tails 4.18 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.30 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.3.1 resolves two minor bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Education updates

One or more of these are likely to be of interest to most people.

Zotero 5.0.96.2 optimizes online storage and resolves a hang in generating citations. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8.2 resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.6.801 is a security update.
https://1password.com/downloads/windows/

Autoruns 13.100 resolves a crash bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

CCleaner 5.79.8704 adds cleaning of Slack cache, adds ability to wipe free space, and improves debug logging. This is a security update.
https://www.ccleaner.com/

CPU-Z Installer 1.96 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

CurrPorts 2.65 resolves a kernel tracing bug and improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Etcher 1.5.120 is a documentation change. This is not a security update.
https://www.balena.io/etcher/

Fing 2.6.0 adds Deep Scan and updates libraries. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 11.6.6 resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWMonitor 1.44 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NTLite 2.1.0.7862 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.2 adds ability to free up space on Windows partitions by moving apps to another partition. This is not a security update.
https://www.diskpart.com/

PowerToys 0.37.2 updates all components, settings app and configuration, and improves silent installation behavior. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.70 allows constraining the number of events and fixes several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

ProduKey 1.97 adds command-line configuration processing. This is not a security update.
https://www.nirsoft.net/utils/product_cd_key_viewer.html

RoboForm 9.1.3 resolves several bugs. This is not a security update.
https://www.roboform.com/

SearchMyFiles 3.11 adds high-DPI support and adds a sorting as a menu option. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TCPView 4.01 is a cosmetic update. This is not a security update.
https://sysinternals.com/

WinRAR 6.01 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WinScan2PDF 7.07 improves compatibility with Windows. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.41 resolves several bugs. This is not a security update.
https://wiztreefree.com/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.33.09 resolved several bugs. This is not a security update.
https://www.autohotkey.com/download/

Godot 3.3 improves reliability and adds several new features. This is not a security update.
https://godotengine.org/

MySQL ConnectorNet 8.0.25 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 16.1.0 resolves dozens of bugs and compatibility issues with the new major v16 update to Node.js, which removes support for Python 2 and updates system requirements. This is not a security update.
https://nodejs.org/en/

Node.js 14.17.0 updates libraries, resolves dozens of bugs, improves diagnostic capabilities, and backports several features from stable. This is not a security update.
https://nodejs.org/en/

SQLite 3.35.5 is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.56 improves hover feedback, terminal profile, debugger, and more. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.12 adds ARM64 support and resolves dozens of bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.22-144080 is a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.12 updates libraries. This is not a security update.
https://coppermine-gallery.net/

Dada Mail 11.13.0 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 3.3.3 updates libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.0.13 updates libraries and resolves several bugs. This should be treated as a security update.
https://drupal.org/download

HumHub 1.8.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

OpenPetra 2021.04 improves contact and import, and resolves several bugs. This is not a security update.
https://www.openpetra.org/

ScreenConnect 21.6.3280.7796 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.7.1 is a security update.
https://wordpress.org/

Autoptimize 2.8.4 is a security update.

BuddyPress 7.3.0 is a security update.

Contact Form 7 5.4.1 resolves several bugs and compatibility issues. This is not a security update.

WooCommerce 5.3.0 resolves dozens of bugs and introduces several new features. This is not a security update.

WP Mail SMTP 2.8.0 resolves several bugs. This is not a security update.

WPtouch 4.3.41 resolves a cosmetic bug. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-02-09

Welcome back, Folks!

Today is Patch Tuesday for February, 2021.

This Month in Technology

Malware planted during the SolarWinds hack is still being discovered and SolarWinds is still vulnerable.

ADT (not just employee abuse), Amazon Kindle e-readersAzure Functions, the Australian Securities and Investments CommissionCisco DNA CenterCyberpunk 2077Excellus Health Plan, Inc., ExperianFiberHome routers, Forward AirGolang, various Home Assistant integrationsiOSlibgcrypt, Linux (and macOS) SUDOMalwarebytesMeetMindfulMimecast (also a SolarWinds victim), Nespresso smart cards, New Zealand Central BankNoxPlayerOffice 365OpenWRT forumPalo Alto Networks, the PentagonPerl[.]comPfizerSonicWallStormshieldUK Research and Innovationthe UNUScellularUSDA (again), Vermont Dept of LaborVIPGamesWashington State Auditor’s OfficeWestRock Co., WhatsApp, and Wind River Systems have been hacked.

The EU is fining (victims) of data breaches 39% more than two years ago. Grindr is exposing your information. SpamCop made a boo-boo by not renewing their domain on time, resulting in a huge amount of legitimate messages being treated as spam. The LogoKit phishing platform has been updated to “improve” effectiveness.

The UK Government is giving malware-infected laptops to students and the US federal government has repeatedly supported violation of the third and fourth amendments to plant recording devices on private property. There has been an increase of 93% of leaks and data breaches in 2020.

Whether you pay the ransom or restore from backups: PATCH the vulnerabilities!

I have always called for avoiding pirated software because it poses a unique security risk. Here’s an example. (avoid travelling by train in China)

Federally funded censorship and double-standards are being used to advance cancel culture in bankscoffeejournalism, patriotism, by mere association, while actually inciting violence with absurd rhetoric such as calling a kindly neighbor a terrorist for plowing your snow are being excused as acceptable. While censorship isn’t left or right only one side is willing to ban those most likely to join the military from joining.

Worse yet, they’re even targeting third-parties for cancellation for daring to support free speech. Heck, even Mike Rowe is being cancelled.

Some are actually upset that not enough censorship is taking place while ignoring actual calls for violence, funding terroristsopenly supporting child porn, hypocritically calling censorship a violation of election integrity, and arresting people for posting memes.

No matter how much the narrative is disproven – this was planned by others well in advance, and the capitol police were directly involved, which is probably why they refused assistance from the National Guard and DoD when offered multiple times. There’s plenty more.

At least there’s finally some pushback. Hopefully it’s not too little, too late.

Meanwhile, TIME acknowledges that they did, in fact, collude with big tech, large corporations and foreign governments in violation of state and federal laws in order to steal the election. (But don’t talk about it online!) By the way, is it just a coincidence that so many opponents of free speech are pedophiles?

Facebook will pay $300/ea to Illinois users for violating state biometric laws and yet, they have still violated Polish law and blocked & banned small investors while Zuckerberg bragged about how he censored Trump to prevent a free election. WhatsApp users are leaving in droves, while WhatsApp has shifted messaging to explain that user messages (notably not their “data”) can still be removed.

There’s been a surge in BSODs for some Windows devices after January updates. Microsoft has been beaten to the patch (again) by 0patch for a vulnerability in their installer system.

Google is above the law or at least, demands the ability to be excluded from it. They’ve also banned one app for supporting a popular open source file type and another for allowing access to content it doesn’t control (like Google’s own browsers), and violated their own terms to purge negative reviews in their App Store. YouTube is removing Senate testimony. It should come as no surprise then, that developers are realizing that “doing business with [Google] is a liability.” Do you really need more justification to de-Google?

Mozilla fixed a browser bug that could trigger physical damage to your SSD.

Amazon has been caught colludingendangering privacyhypocritically inciting violence, and stealing, all while pursuing the ability to run the Pentagon Defense Systems (in violation of their own Terms of Service).

Apple is throttling iPhones again, preventing sideloading on M1’s, and took five years to discover a widespread crypto miner in macOS.

Still trust your mobile security? Your operating systems have intentionally designed vulnerabilities/weaknesses.

Especially when it comes to science, sunlight remains the best disinfectant. It turns out “global warming” is worse when humans aren’t polluting the air. But sadly, facts don’t matter anymore, so months have passed and hundreds of thousands of lives were lost before political and social science caught up with actual science to acknowledge HCQ is, in fact, an effective treatment. And surely it’s just a coincidence that testing processes were changed immediately after inauguration?

Investigating and/or punishing people for refusing an experimental treatment (according to the FDA they’re not vaccines) is a violation of the Nuremberg Code, but that won’t prevent governments and corporations from doing it anyway, no matter how many times that is struck down as unconstitutional.

The CDC has illegally inflated COVID statistics, but is suppressing VAERS information about people dying like flies after injections.

Really though, can you trust any medical treatment created by people that struggle with math?

Now for the good news:

The Biden administration has dropped the federal lawsuit against the California Net Neutrality law. This will eventually be what breaks the Big Tech monopoly.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, and MSRT (~ 2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iCloud for Windows 12.0 (off and on again), iOS 14.4, iPadOS 14.4, Safari 14.0.3, tvOS 14.4, watchOS 7.3, and Xcode 12.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.4 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 14.4 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.3 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 14.4 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 88.0.4324.109 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.0) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v2009) is huge (about 18% larger than v2004, which was 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.3.6 improves cleanup. This is a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

nVidia 461.40 resolves a dozen bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.19.92 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 88.0.4324.150 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 88.0.705.63 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 85.0.2 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.7.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.6 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 3.6.2165.36 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.8.0 adds account colors, and resolves several bugs. This is not a security update.
https://getmailspring.com/

Thunderbird 78.7.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.46 adds support for Brave. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 7.75.0 resolves dozens of bugs and adds several new features. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 115.4.601 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.52.2 resolves several bugs. This is not a security update.
https://filezilla-project.org/

Pocketnet-Core 0.18.18 resolves several bugs. This is not a security update.
https://pocketnet.app/

WinSCP 5.17.10 is a security update.
https://winscp.net/eng/index.php

Zoom 5.5.12494.0204 resolves a couple minor bugs. This is not a security update.
https://zoom.us/

Java 8u281 is a security update.
https://www.java.com/en/download/manual.jsp

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.10 resolves several bugs. This is not a security update.
https://en.3tene.com/

darktable 3.4.1 resolves about 20 bugs. This is not a security update.
https://www.darktable.org/install/

VLC Media Player 3.0.12 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

Steam 2021.02.05 resolves several bugs, improves compatibility, and improves cosmetics. This is not a security update.

PlayStation PS5 20.02-02.50.00 resolves a PS4 installation compatibility issue, improves editing video clips and improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Atom 1.54.0 updates libraries and resolves several bugs. This is not a security update.
https://atom.io/

Blender 2.91.2 doesn’t have a detailed changelog so should be treated as a security update.
https://www.blender.org/download/

IcoFX 3.5 resolves several bugs. This is not a security update.
https://icofx.ro/

Krita 4.4.2 adds mesh gradients, mesh transform, gradient editor and halftone filter, new brushes, and resolves dozens of bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.1.0 resolves hundreds of bugs and improves reliability, stability, and compatibility. This is not a security update. This is beta software and should be avoided by most users.
https://www.libreoffice.org/

Lightworks NLE 2021.1 adds dozens of new features and improvements, and resolves many bugs. This is not a security update.
https://www.lwks.com/

Nextcloud Desktop 3.1.2 adds several new features: SVG client branding, push notifications for file changes, conflict resolution trigger and more. This is not a security update.
https://nextcloud.com/

OpenOffice 4.1.9 improves stability and compatibility. This is not a security update.
https://www.openoffice.org/download/

Paint.net 4.2.15 resolves several bugs. This is not a security update.
https://www.getpaint.net/

FrameMaker 2019 Update 8 64bit (2019.0.8) doesn’t provide a changelog, so should be treated as a security update.
64-bit: https://supportdownloads.adobe.com/detail.jsp?ftpID=7063
32-bit: https://supportdownloads.adobe.com/detail.jsp?ftpID=7065

Adobe Acrobat and Reader 2021.001.20135, 2020.001.30020, and 2017.011.30190 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-09.html

Adobe Animate 21.0.3 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-11.html

Adobe Dreamweaver 20.2.1 and 21.1 are security updates.
https://helpx.adobe.com/security/products/dreamweaver/apsb21-13.html

Adobe Illustrator 25.2 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb21-12.html

Adobe Photoshop 21.2.5 and 22.2 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-10.html

Magento 2.4.2, 2.4.1-p1, and 2.3.6-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-08.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.15.1 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

RogueKiller 14.8.4 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.33.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.9.0 resolves a bug with URL parsing. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2021.2.0 resolves several bugs. This is not a security update.
https://12pd.com/click?snagit

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.6.791 resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

Bitcoin 0.21.0 resolves over a dozen bugs and improves networking. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 1.24.6 improves biometrics, search, and usability. This is not a security update.
https://bitwarden.com/

Carbonite 6.3.8 resolves a bug with NAS backups. This is not a security update.
https://account.carbonite.com/

CCleaner 5.76.8269 improves cleaning and accessibility, and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z 1.95 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 8.44 improves toolset. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DriveImage XML 2.60 doesn’t provide a changelog so should be treated as a security update.
https://www.runtime.org/driveimage-xml.htm

Etcher 1.5.116 updates libraries and improves cleanup of temp files. This is not a security update.
https://www.balena.io/etcher/

Everything 1.4.1.1005 is a security update.
https://www.voidtools.com/

Fido 1.18 adds support for the latest 20H2 refresh. This is not a security update.
https://github.com/pbatard/Fido/releases

GoodSync 11.5.6 improves stability, reliability and sync, and resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

Homedale 1.92 resolves several bugs. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 2.81 adds automatic update and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 1.8.1 resolves a display bug. This is not a security update.
https://lessmsi.activescott.com/

NTLite 2.0.0.7784 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

ProduKey 1.95 adds option to extract partial key from WMI. This is not a security update.
https://www.nirsoft.net/utils/product_cd_key_viewer.html

PSAppDeploy 3.8.4 resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

RAMDisk 4.4.0.RC36 resolves several bugs and updates libraries. This is not a security update.
http://memory.dataram.com/products-and-services/software/ramdisk

RoboForm 9.1.1 updates credit card storage data, resolves several bugs, and now uses secure transmission for automatic updates. This is a security update.
https://12pd.com/click?rf

SimpleWMIView 1.42 adds an option to start hidden. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

TaskSchedulerView 1.66 adds pagination to the properties widow and adds Task Filename column. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.14.5 was released. The TeamViewer release notes have been unavailable for over a month, so while it might be a security update, it would be safer to remove TeamViewer until these issues are resolved.
https://www.teamviewer.com/en/download/windows/

USB Oblivion 1.16.0.0 adds ability to preserve desktop settings and clean UserAssist keys. This is not a security update.
http://www.cherubicsoft.com/en/projects/usboblivion

WinScan2PDF 6.55 resolves several bugs and improves scanner compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 4.1.2.0 resolves a dozen bugs. This is not a security update.
https://developer.android.com/studio

MySQL ConnectorNet 8.0.23 is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 15.8.0 resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 14.15.5 resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.34.1 adds new features and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

StrawberryPerl 5.32.1.1 resolves several bugs. This is not a security update.
https://strawberryperl.com/

Visual Studio Code 1.53 resolves several bugs and adds several features and controls. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.10 resolves several bugs and adds new command-line switches and features. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.11 resolves dozens of bugs. This is not a security update.
https://ppsspp.org/downloads.html

VirtualBox 6.1.18-142142 resolves several stability and reliability bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.7.9 is a security update.
https://www.adminer.org/en/

Coppermine Gallery 1.6.10 improves compatibility with PHP 8.01. This is not a security update.
https://coppermine-gallery.net/

Docker Desktop 3.1.0 resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.0.11 is a security update.
https://drupal.org/download

Drupal 9.1.4 resolves dozens of bugs. This is not a security update.
https://drupal.org/download

HumHub 1.7.2 resolves over a dozen bugs. This is a security update.
https://www.humhub.com/en/download

Nextcloud Server 20.0.7 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

OpenCart 3.0.3.7 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.opencart.com/

Piwigo 11.3.0 resolves several bugs. This is a security update.
https://piwigo.org/

ScreenConnect 21.2.2159.7699 adds a security tile to configure security options and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SMF 2.0.18 is a security update.
https://www.simplemachines.org/

WordPress 5.6.1 resolves several bugs. This is not a security update.
https://wordpress.org/

Social Post Feed 2.18.2 improves GDPR compatibility and resolves a deletion bug. This is not a security update.

Multisite Enhancements 1.6.1 resolves a path bug. This is not a security update.

Redirection 5.0.1 adds support for PHP 8 and resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.20 resolves several bugs. This is not a security update.

Sucuri Security 1.8.25 updates the password reset process. This is not a security update.

W3 Total Cache 2.1.0 resolves several bugs and adds cache groups. This is not a security update.

WooCommerce 4.9.2 improves compatibility and disables untested plugins from status and plugin pages. This is not a security update.

WP Mail SMTP 2.6.0 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/