Updates 2020-10-13

Welcome back, Folks!

Today is Patch Tuesday for October 2020.

This Month in Technology

For those in our local community, the biggest news is that AT&T has abandoned DSL in rural America, reducing Internet access options even further for our friends and neighbors.

The US Treasury has announced that it is now illegal to pay your federal taxes.

The Universal Health Services was hacked (all 400+ locations!) and infected with ransomware, so was Software AG, the U.S. Department of Veterans Affairs (VA) was hacked again, the Department of Homeland Security (DHS) was hacked, the Las Vegas school system was hacked – and since they didn’t pay the ransom student details were leaked, Docsketch was hacked, and the United Nations (UN) International Maritime Organization was hacked. Razer made a boo-boo, and even coffee makers are now being used for ransomware distribution. Grindr was hacked, Microsoft’s Windows XP source code was leaked, almost any current iPhone can be listened into from 20 feet away using only an AM radio, and access to your RMM (Remote Monitoring and Management) is being sold to attackers. Evidence exists that your anti-virus is helping the bad guys, and BitDefender is still weak security.

Facebook has been hacked (for years), Facebook for Android has been hacked again, Office 365 & Outlook have been down repeatedly over the last month, Fitbit malware – distributed by Fitbit – can be used to take over your internal network and exfiltrate your data to the web, Bluetooth is still the weakest wireless link, your Comcast XR11 TV remote can be used to listen in to your conversations, BitLocker encryption is vulnerable to a sleep-mode bypass (aka, yet another reason not to use sleep mode), HP Device Manager flaw is a big deal, but not as big a deal as Windows Error Reporting being used to infect your PC.

Apple’s initial iOS 14 release killed batteries on many iPhones, (so did the recent ChromeOS update), Apple’s latest security fix (10.15.7) can kill performance on your Mac, but only if you use Mac software (rolls eyes). Hint: disable and re-enable Find My Mac to fix it. And that’s nothing compared to their T2 security chip vulnerability.

“The” secure reimplementation of BIOS, UEFI, was designed to make security at boot a thing of beauty and prevent third-parties from being able to hijack the boot process. Unfortunately, it simply provided a false sense of security.

2FA via SMS is also a much lower fruit than many realize, but not nearly as bad as SSO.

Many others have joined in the case against Apple & Google’s rent-seeking, who charge significantly more for their “services” than even the federal government, but portray themselves as victims. Insane rules and hypocritical requirements force developers to charge for free services or force users out of their application in order to even be allowed into the Apple ecosystem. What can we really expect from a SF bay area “green” company that lies about their recycling program? Hopefully the courts will use Apple’s own words against them, in that Apple claims that their AppStore is a place to “reliably” download “safeapps.

Former Facebook data scientist exposes her complicity with atrocities and abuse by governments and MNCs.

The Supreme Court heard arguments on the Oracle v Google IP fight suffered the same problem that most legal battles over technology do: poor arguments. Google’s defense failed to explain the distinctive nature of APIs as guides rather than code. Sure, they provide access to the functionality of the code, but are not, in and of themselves, code. The entire argument could be easily equated to vehicles. One does not need to know nor expose the specific design of a Ferrari 911 to know that the vehicle should stop at a stop sign nor yield at a yield sign. The vehicle itself (code – reasonably subject to IP) can operate on any road as long as the traffic signs (APIs) are in place. The signage is consistent across most of the world, even where languages differ greatly. So should the APIs be universally available.

In the current world of tech censorship and cancel culture, nobody can really argue against the necessity for Section 230 to be revised. However, most calls for revision would create an even more abhorrent system where public discourse can not be held without risk of liability to completely unrelated parties.

If you take government money, you are subject to the same rules as government, so says RFK, Jr.

In the new “get woke, go broke” era, it should come as no surprise that when you pander to racists and terrorists, you will be investigated.

Research shows that the lockdowns were not only anti-science, but caused far more harm than the virus itself. On the subject of fraud, are we still supposed to believe that the government’skill a fly with a nukeresponse to COVID is really all the result of bats in an Asian wet market or that masks actually do anything at all?

One would think fraud would be front page news, but the MSM is much more likely to ignore than acknowledge it. To paraphrase Stalin, “A single case of fraud is a tragedy; a million cases are just a statistic.”

The moment I read that Nintendo’s lawyers said Joy-Con Drift “wasn’t a real problem” I knew they would be sued.

Now for the good news – since I’m making up for last month, I’ll give you three:

Adobe Flash will finally be dead in only 79 days.

Free, limitless power from graphene could literally change everything.

A “vaccine” of sorts has been developed to protect against some forms of ransomware.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Flash, and MSRT (~ 1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.0.1 and iPadOS 14.0.1, tvOS 14.0.2, Safari 14.0, watchOS 7.0.2, macOS Catalina 10.15.7, macOS Mojave 10.14.6, macOS High Sierra 10.13.6, iCloud for Windows 7.21, iCloud for Windows 11.4, iTunes for Windows 12.10.9, and Xcode 12.0. These are security updates.

iOS 14.0.1 is a security update. Use Settings, General, Software Update to install the most current version. This version also adds the Orwellian contact tracing feature at the system level. While “disabled” by default, you may validate that it is disabled in Settings, Privacy, Health, COVID-19 Exposure Logging, and turn off Exposure Logging.

iPadOS 14.0.1 is a security update. Use Settings, General, Software Update to install the most current version.

tvOS 14.0.2 is a security update. Use Settings, General, Updates to install the most current version.

watchOS 7.0.2 is a security update. Use your updated iPhone to install the most current version through the Watch app.

Adobe Flash Player 32.0.0.445 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google has released security updates for Android 9 and 10 which will gradually be published by individual vendors and available to you in the coming weeks. This version also adds the Orwellian contact tracing feature. Disabling Location and Bluetooth will disable the current version of contact tracing.

Google Chrome OS 85.0.4183.133 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (2004) is a huge (about 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.3.3 improves removal of DCH CP on older builds of Windows. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 8.30.310 resolves several bugs adds profiles for Zoom and MS Teams. This is not a security update.
https://www.logitech.com/en-us/product/options

Logitech Options (macOS) 8.30.293 resolves several bugs adds profiles for Zoom and MS Teams. This is not a security update.
https://www.logitech.com/en-us/product/options

nVidia 456.71 adds support for new hardware and improves support for COD beta and other games. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Crucial Storage Executive 6.06 doesn’t provide a changelog so should be treated as a a security update.
https://www.crucial.com/support/storage-executive

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.15.72 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 86.0.4240.80 is a security update. Use Menu, Help, About to install the most current version.

Microsoft Edge 86.0.622.38 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 81.0.2 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 78.3.1 is a security update. Use Menu, Help, About to install the most current version.

SeaMonkey 2.53.4 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 3.3.2022.47 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.3.2 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 107.4.443 resolves bugs and adds more. This is not a security update.
https://www.dropbox.com/

Zoom 5.3.53291.1011 changes automatic update behavior, and improves poll and link behaviors. This is not a security update.
https://zoom.us/

Prosody 0.11.7 is a security update.
https://prosody.im/download/start

FreeFileSync 11.2 resolves several bugs, improves layout and key bindings. This is not a security update.
https://www.freefilesync.org/download.php

Nmap 7.91 adds support for new profiles and fingerprints, and resolves several bugs. This is a security update.
https://nmap.org/

Npcap 1.00 resolves two minor bugs. This is not a security update.
https://nmap.org/npcap/

Technitium DNS Server 5.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.6 improves sensitivity calculations, light focal management, and resolves several bugs. This is not a security update.
https://en.3tene.com/

iTunes for Windows 12.10.9 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.10.07 resolves several bugs. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.9 adds several new features and fixes over a dozen bugs. This is not a security update.
https://notepad-plus-plus.org/

Adobe Reader DC 20.012.20048 resolves several bugs. This is not a security update.

Artweaver 7.0.7 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.52.0 updates libraries and resolves several bugs. This is not a security update.
https://atom.io/

Blender 2.90.1 resolves several bugs. This is not a security update.
https://www.blender.org/download/

Lightworks NLE 2020.1.1 resolves several bugs. This is not a security update.
https://www.lwks.com/

Microsoft Office for Mac 2016/2019 is a security update.

Krita 4.4.0 improves fill layers, multigrid, screentone, brushes, API improvements and more. This is a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.0.2 resolves over a hundred bugs. This is a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.0.2 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

OpenSSL 1.1.1h resolves several bugs and improves compatibility. This is not a security update.
https://www.openssl.org/source/

KeePass 2.46 adds several features including TLS 1.3 and mass edit capabilities, as well as resolving bugs, and other improvements. This is not a security update.
https://keepass.info/

RogueKiller 14.7.3 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.0.8 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.30.4 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.27.3 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2020.1.5 resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.0.1 is a major update with several improvements. This version improves the GUI and adds several new output profiles. This is not a security update.
https://www.dvdfab.cn/download.htm

AVStoDVD 2.8.9 resolves several bugs, improves performance and updates libraries. This should be treated as a security update.
https://sites.google.com/site/avstodvdmain/

MakeMKV 1.15.3 resolves several bugs, introduces TOR/VPN support, adds support for new stream types. This is not a security update.
https://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.6.785 resolves a bug. This is not a security update.
https://1password.com/downloads/windows/

Beyond Compare 4.3.7.25118 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 1.22.2 resolves bugs. This should be treated as a security update.
https://bitwarden.com/

CCleaner 5.72.7994 resolves several bugs and improves compatibility. This is not a security update.
https://www.ccleaner.com/

CPU-Z 1.94 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 7.95 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.72 resolves an output bug. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Etcher 1.5.109 is a security update.
https://www.balena.io/etcher/

Everything 1.4.1.992 is a security update.
https://www.voidtools.com/

GoodSync 11.3.8 resolves several bugs. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 2.51 resolves bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 1.7.0 improves messaging. This is not a security update.
https://lessmsi.activescott.com/

MS ISO Downloader 8.40 adds support for new Dell models and images, new Win10 builds and adds hash reporting to images. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 2.0.0.7656 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 8.10 improves display and startup. This is not a security update.
https://www.diskpart.com/

PSAppDeploy 3.8.3 adds several new features and resolves bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 8.9.4 resolves several bugs, including the QuickBooks compatibility issue that prevented display of registers and Chrome that caused freezes.
https://12pd.com/click?rf

Process Monitor 3.60 adds support for multiple filter item selection and decoding for new file system control operations and error status codes. While not a security updates, this improves the analytical data collection, thus increasing security awareness.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Procdump 10.0 adds support for dump cancellation and CoreCLR processes. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procdump

Sysmon 12.0 resolves several bugs and adds support for capturing clipboard operations. While not a security updates, this improves the analytical data collection, thus increasing security awareness.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

SysInternals released new builds of many of their applications, as well as ARM versions. While the changes on many of the updates are poorly documented and SysInternals apps are generally more secure than apps distributed elsewhere, you should assume that any updates have security ramifications. If they’re not security updates, they may improve the context or analytical data that is exposed, thus increasing the security awareness of the tools.
https://live.sysinternals.com/

TeamViewer 15.10.5 resolves a licensing bug. This is not a security update.
https://www.teamviewer.com/en/download/windows/

USBDeview 3.01 adds an option to copy the contents of the active cell. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

USB Oblivion 1.14.0.0 addes support for new modules. This is not a security update.
http://www.cherubicsoft.com/en/projects/usboblivion

WifiChannelMonitor 1.65 adds support for detection of new protocols. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.65 adds support for detection of new protocols. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WirelessKeyView 2.20 adds support for displaying WiFi QR Codes. This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

WinGet 0.2.2521 updates libraries and adds new verbs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 6.06 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 4.1.0.19 integrates database and emulation, improves diagnostics, and resolves several bugs. This is not a security update.
https://developer.android.com/studio

Godot 3.2.3 resolves over a hundred bugs and improves stability. This is not a security update.
https://godotengine.org/

Node.js 14.13.1 resolves several bugs. This is a security update.
https://nodejs.org/en/

Node.js 12.19.0 updates libraries, and resolves dozens of bugs. This is a security update.
https://nodejs.org/en/

Visual Studio Code 1.50 improves accessibility features, pinned tabs, adds ARM support, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

TortoiseGit 2.11.0 updates libraries and resolves several bugs. This is not a security update.
https://tortoisegit.org/

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.12.0 adds image embedding and resizing, improved scheduling capabilities, library updates and bug fixes. This is not a security update.
http://dadamailproject.com/

Drupal 9.0.7 resolves dozens of bugs. This is a security update.
https://drupal.org/download

Docker Desktop 2.4.0.0 updates libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Nextcloud Server 20.0.0 updates libraries, adds a new dashboard, Talk bridging support, and several other new features and improvements. This is not a security update.
https://nextcloud.com/

HumHub 1.6.4 is a security update.
https://www.humhub.com/en/download

Joomla 3.9.22 resolves several bugs. This is not a security update.
https://www.joomla.org/

OpenPetra 2020.09 resolves several bugs. This is not a security update.
https://www.openpetra.org/

phpMyAdmin 4.9.6 and 5.0.3 are security updates.
https://www.phpmyadmin.net/

Autoptimize 2.7.8 is a security update.

BuddyPress 6.3.0 resolves bugs. This is not a security update.

Email Log 2.4.3 adds a new filter and enhances nonce. This is not a security update.

Social Post Feed 2.17 adds support for new embed types. This is not a security update.

WooCommerce 4.5.2 resolves a couple bugs. This is not a security update.

WP Mail SMTP 2.4.0 updates libraries, improves compatibility, and resolves several bugs. This is not a security update.

W3 Total Cache 0.15.1 resolves several bugs. This is not a security update.

WordPress Zero Spam 4.10.2 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-08-11

Welcome back, Folks!

Today is Patch Tuesday for August 2020.

This Month in Technology

I pride myself in my sarcastic wit and infinite patience, but these days I spend so much time shaking my head in such shame for humanity that I’m afraid I’m going to get whiplash.

I’m trying to keep on the topic of technology, but it’s hard when that very technology is being used to silence, stalk, abuse, and defame so many. What’s worse is that when they’re caught they just throw money at those investigating them in order to escape culpability.

Cancel Culture was obvious to authors in the 1930s, but has been ignored over the last decade because those who speak up are themselves cancelled. Richard Stallman explains his position on digital currencies being evil, and how technological tracking will inevitably be used for cancel culture. (Heck, even Bill Maher opposes cancel culture!) Sadly, it may be too late to stop at this point, since cancel culture has now escaped planet Earth to infect the cosmos.

Canon was hacked, Avon was hacked, Intel was hackedGarmin was hacked, Walmart was hacked and is being sued under the CCPA over it, Capital One was finally punished for being hacked, Dave was hackedLedger was hacked, exposing a million accounts and emails, Tor has been hacked (the vulnerabilities have actually been known for *years*), nearly a thousand enterprise VPN servers have been hacked, 62,000 NAS devices have been hacked and infected, and Twitter was hacked (by a Florida teen who exposed Twitter’s “nonexistent” censorship tools). Is it any wonder Twitter was hacked since it took them almost two years to patch an app vulnerability?

A dozen VPN providers used an unprotected and insecure storage to harvest details of over twenty million (20,000,000) users, including payment details and traffic history.

Google is harvesting data from third parties to build rival apps, but it doesn’t stop there – they also “accidentally” enabled their Google Home smart devices to listen 24/7 and record their environments.

A TeamViewer vulnerability allows anyone running a version older than those released *yesterday* to be hacked, and of the 79 Netgear router models that have known security vulnerabilities, Netgear has announced they won’t patch 45 of them – including several AC models that are only 3 years old, and Snapdragon chip vulnerabilities put over a billion Android devices at risk. On the subject of defective hardware, BadPower can light you up!

Microsoft is flagging HOSTS files used to block unwanted telemetry as malicious. Evil extensions continue to be evil. AT&T “accidentally” tells all their customers they have to replace their brand new phones in order to continue to use cell service, Humana (Tricare) “accidentally” told 600,000 US military veterans that they were infected with COVID-19.

Advertisements are evil privacy-erasing monsters, but Ad URLs are worse.

Now for the good(?) news:

Recently, the lockdowns are responsible for more suicides and deaths by overdose than COVID-19. That’s gotta be a silver lining somehow, right?

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Internet Explorer, Office, Servicing Stack, and MSRT (~1.3 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra, Safari 13.1.2, Xcode 11.6, iCloud for Windows 11.3, iCloud for Windows 7.20, iTunes 12.10.8 for Windows. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 13.6 and 12.4.8, and iPadOS 13.6 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 6.2.8 and 5.3.8 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 13.4.8 is a security update. Use System, Software Update to install the most current version.

Adobe Flash Player 32.0.0.414 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google Chrome OS 84.0.4147.110 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (2004) is a huge (about 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.2.8 resolves issues with NVIDIA removal. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.11.104 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 79.0 is a security update. Use Menu, Help, About to install the most current version

Firefox ESR 68.11.0 is a security update. Use Menu, Help, About to install the most current version.

Google Chrome 84.0.4147.125 is a security update. Use Menu, Help, About to install the most current version.

Microsoft Edge 84.0.522.59 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 3.2.1967.41 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.1.0 is a security update. Direct updates are disabled for 78.x so you will need to download and install the update from the Thunderbird website:
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.41 adds support for local /cfg file. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Dropbox 103.4.383 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.49.1 resolves a cosmetic bug. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.0 improves Google Drive sync and backups, adds WSL symlink support, and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Npcap 0.9996 resolves several bugs, including stability/crash problems. This is not a security update.
https://nmap.org/npcap/

Technitium DNS Server 5.0.2 resolves several bugs and updates libraries. This is not a security update.
https://technitium.com/dns/

WinSCP 5.17.7 is a security update.
https://winscp.net/eng/index.php

Zoom 5.2.42619.0804 resolves several bugs, improves compatibility and hardware support, and adds several new features. This is not a security update.
https://zoom.us/

Line 9.6.0 adds effects stickers. This is not a security update.
http://line.me/update

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.2 updates libraries, improves compatibility, and resolves several bugs. This is not a security update.
https://en.3tene.com/

iTunes 12.10.8 is a security update. Use Apple Software Update to install the most current version.

darktable 3.2.1 resolves almost 100 bugs, improves lighttable, CSS styles, Color Picker, preferences, and many more. This is not a security update.
https://www.darktable.org/install/

Picard 2.4.1 resolves a dozen bugs and adds support for new formats, improves functions and stability. This is not a security update.
https://picard.musicbrainz.org/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 20.012.20041 is a security update. Use Menu, Check for updates to get the most current version.

Adobe Lightroom 9.3 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb20-51.html

Magento 2.4.0 and 2.3.5-p2 are security updates.
https://helpx.adobe.com/security/products/magento/apsb20-47.html

Adobe Reader Mobile 20.3 is a security update.
https://helpx.adobe.com/security/products/reader-mobile/apsb20-50.html

Adobe Prelude 9.0.1 is a security update.
https://helpx.adobe.com/security/products/prelude/apsb20-46.html

Adobe Photoshop 20.0.10 and 21.2.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb20-45.html

Adobe Bridge 10.1.1 is a security update.
https://helpx.adobe.com/security/products/bridge/apsb20-44.html

Atom 1.50.0 resolves several bugs and updates libraries. This is not a security update.
https://atom.io/

Blender 2.83.4 resolves dozens of bugs and improves performance. This is not a security update.
https://www.blender.org/download/

LibreOffice Still 6.4.5 is a major update to the stable version of LibreOffice. This build resolves over 100 bugs and improves stability over the previous beta “Fresh” line. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.0.0 is beta software. While this is a major update to the beta version of LibreOffice, nearly 200 bugs were resolved over the last few days so you should only use this if you are comfortable using beta software that is very likely to crash. This is not a security update.
https://www.libreoffice.org/

Notepad++ 7.8.9 resolves 9 bugs that improve cosmetics after the recent updates. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.2.13 resolves several bugs and improves low-quality exports. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

DNSQuerySniffer 1.81 adds local /cfg file support and adds Select/Deselect All to column settings. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

Gpg4win 3.1.12 resolves several bugs and improves reliability. This is a security update.
https://www.gpg4win.org/download.html

Hashcat 6.1.1 resolves several bugs and adds support for new algorithms. This is not a security update.
https://hashcat.net/hashcat/#downloadlatest

RogueKiller 14.6.3 updates core engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.29.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2020.1.4 improves cosmetic controls and resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.1.0.1 adds support for new encodings, adds output configuration exports, batch reporting, and new output profiles. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.15.2 updates muxer to the latest matroska specification, resolves several bugs and adds drive speed control and standalone sdftool. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 4.1.2 resolves a COM interface error and several other bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.6.780 resolves several bugs and improves cosmetics. This is a security update.
https://1password.com/downloads/windows/

Bitwarden 1.20.1 resolves a crash bug and adds support for Windows Hello or TouchID on macOS to unlock the vault. This is not a security update.
https://bitwarden.com/

CCleaner 5.70.7909 improves compatibility, but is still detected as a “potentially unwanted program” by Windows Defender (and with all the problems CCleaner has had in the last couple years, they could be right).
https://www.ccleaner.com/

CPU-Z Installer 1.93 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

CurrPorts 2.62 adds ‘Copy Remote Address’ option. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Dell Command Update 3.1.3 improves reliability, compatibility, and stability. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 7.71 resolves several bugs and adds HTTPS updates. This is a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Eraser 6.2.0.2990 adds exFAT support but doesn’t have a changelog. This should be treated as a security update.
https://eraser.heidi.ie/download/

Etcher 1.5.102 updates libraries, and resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything 1.4.1.988 reworks some Lite behavior, ensures volumes are mounted before use, and resolves several bugs. This is not a security update.
https://www.voidtools.com/

FolderChangesView 2.32 adds local /cfg support. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

GoodSync 11.2.8 resolves several bugs and improves reliability. This is not a security update.
https://www.goodsync.com/

Homedale 1.88 adds OWE encryption support. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 2.21 vastly improves SSD support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.0.0.7596 resolves several bugs and adds new settings options. This is not a security update.
https://www.ntlite.com/download/

PointerStick 4.25 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.20.1 resolves several bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 8.9.1 adds import from Edge and resolves several bugs. This is not a security update.
https://www.roboform.com/

Sysmon 11.11 fixes a bug that prevented USB media from being ejected. This should be treated as a security update.
https://live.sysinternals.com/

TaskSchedulerView 1.56 improves compatibility for devices where the Remote Registry service is disabled. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.8.3 is a security update.
https://www.teamviewer.com/en/download/windows/

TraceRouteOK 1.77 resolves several bugs and improves GUI. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

USBDeview 3.00 adds several new timestamp columns that can be read when running elevated, and renames the other timestamp fields. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

USB Oblivion 1.13.0.0 adds ability to clean the Partition Diagnostic journal. This is not a security update.
https://www.cherubicsoft.com/en/projects/usboblivion

WifiInfoView 2.62 improves local /cfg file behavior. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 5.88 improves compatibility with multifunction devices. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

ADB 30.0.4 resolves several bugs and improves fastboot. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

AutoHotkey 1.1.33.02 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Node.js 14.8.0 resolves dozens of bugs and updates libraries. This should be treated as a security update.
https://nodejs.org/en/

Node.js v12 12.18.3 updates libraries and resolves dozens of bugs. This should be treated as a security update.
https://nodejs.org/en/

Redemption 5.24.0.5736 adds several new methods and properties, and resolves several bugs. This is not a security update.
http://www.dimastr.com/redemption/

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.11.0 adds Scheduling and validation, makes Open Discussion Lists always available, significantly improves active troubleshooting, and resolves compatibility with StopForumSpam. This is not a security update.
http://dadamailproject.com/

Docker Desktop 2.3.0.4 improves cross-platform compatibility, installation troubleshooting, and WSL 2 support. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.0.3 resolves over 100 bugs. This is not a security update.
https://drupal.org/download

HumHub 1.6.2 resolves dozens of bugs. This is not a security update.
https://www.humhub.com/en/download

MailEnable 10.31 improves logging, and resolves over 30 bugs. This is not a security update.
https://www.mailenable.com/

Nextcloud Server 19.0.1 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

OpenCart 3.0.3.6 adds PayPal extensions and removes Openbay Pro. This is not a security update.
https://www.opencart.com/

OpenPetra 2020.06 adds consent storage for compatibility with legal requirements,
https://www.openpetra.org/

ScreenConnect 20.8.29574.7520 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Autoptimize 2.7.6 resolves several bugs. This is not a security update.

BuddyPress 6.2.0 resolves several bugs. This is not a security update.

Contact Form 7 5.2.1 resolves several bugs. This is not a security update.

Social Post Feed 2.16 resolves a couple bugs. This is not a security update.

Register IP – Multisite 1.8.2 resolves a cosmetic bug and improves compatibility. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.16 improves compatibility and resolves two bugs. This is not a security update.

W3 Total Cache 0.14.3 resolves several bugs. This is not a security update.

WooCommerce 4.3.2 resolves several bugs. This is not a security update.

WP Add Custom CSS 1.1.6 updates code editor and improves compatibility. This is not a security update.

WordPress Zero Spam 4.9.12 is the latest in a series of fixes to the 4.0 rewrite. Over a hundred changes and many new features and controls are added. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-05-12

Welcome back, Folks!

Today is Patch Tuesday for May 2020.

The next build of Windows 10 will be released in only two weeks. If you don’t want to be the guinea pig I strongly suggest you update to v1909 as soon as possible if you’re running an older build. This will grant you a reprieve from the new version for a couple months. Let everyone else beta test and you can upgrade when they’ve worked out the bugs.

Furthermore, yesterday was the last day of support for commercial versions of Windows 10 prior to v1809 (build 17763). If you’re running an older version upgrade to v1909 ASAP to maintain security updates for your device.

This Month in Technology

Send a text, get root.

Even more bad news for Apple devices, as Google’s Project Zero has discovered “numerous new vulnerabilities” on all Apple hardware, and all Apple devices with Thunderbolt ports are vulnerable to an unpatchable security exploit.

But it’s not just Apple. Samsung is patching recent devices from their Galaxy line, though every Galaxy device they produced over the last 7 years is vulnerable to a similar “perfect 10” vulnerability in image parsing.

Ghost and LineageOS were hacked using known vulnerabilities in SaltStack that were left unaddressed. Fortunately it doesn’t look like any serious damage was done.

Pitney Bowes has been hacked again.

Watering holes (places that aggregate data from many accounts and services) will always be prime targets. If you’re not increasing your defense-in-depth posture at your watering hole, expect to be repeatedly violated. Ask LabCorp.

Government-approved monopolies are far too frequently granted exceptions others are not. PG&E, despite causing the fires that killed over a hundred people and destroyed over 25,000 homes and triggering the current insurance crisis in California, has had their $200 million fine waived.

Racists take aim at technology, banning the use of names of colors in the UK.

If you support the lockdown, is it because you hate science or just math? Face masks increase your risk, not the other way around. There’s no such thing as perfect safety.

I won’t try to make a distinction between the junk science you worship and actual science. You’re too far gone for that.

The lockdown is proving more lethal than the coronavirus as suicides exceed COVID-19 deaths in Australia.

Now for the good news:

A massive 10,000+ device botnet is dying out. Sadly, this isn’t one of the truly evil ones that was used for severe malicious actions, but rather just for downloading Anime.

Let’s Get Busy

Now back to our regularly scheduled program. Thanks to the unstopping barrage of updates pushed during “weekly update quarantine”, Patch Tuesday this month is not that bad. The typical computer should see roughly 1.2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, .NET, Internet Explorer, Servicing Stack, and MSRT (~800 MB). This includes security updates. A reboot is required.

Adobe Flash Player 32.0.0.371 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (1909) is a pretty small update so will install quickly. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.8.95 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 81.0.4044.138 is a security update. Use Menu, Help, About to install the most current version.

Microsoft Edge 81.0.416.72 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 76.0.1 follows shortly after 76.0 which is a security update. 76.0.1 resolves several compatibility issues. Use Menu, Help, About to install the most current version.

Firefox ESR 68.8.0 is a security update. Use Menu, Help, About to install the most current version.

SeaMonkey 2.53.2 is a security update.
https://www.seamonkey-project.org/releases/

Vivaldi 3.0.1874.38 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 68.8.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Trillian 6.3.0.4 resolves several bugs. This is not a security update.
https://www.trillian.im/

Npcap 0.9991 resolves several bugs and improves compatibility. This is not a security update.
https://nmap.org/npcap/

Zoom 5.0.24046.0510 improves local privacy. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Picard 2.3.2 resolves several bugs and improves compatibility. This is not a security update.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

Nintendo Switch 10.0.2 resolves a pairing bug and improves stability. This is not a security update.

Tekkit Server 1.2.9i disables mod update checks resolving a crash bug. This is not a security update.
http://www.technicpack.net/modpack/tekkitmain

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 20.009.20063 is a security update. Use Help, Check for updates to install the most current version.

Adobe Acrobat 2020.009.20063, 2017.011.30171, and 2015.006.30523 are security updates. Use Help, Check for updates to install the most current version.

Atom 1.46.0 resolves several bugs. This is not a security update.
https://atom.io/

Adobe DNG Software Development Kit (SDK) 1.5.1 is a security update.
Win: https://supportdownloads.adobe.com/product.jsp?product=120&platform=Windows
Mac: https://supportdownloads.adobe.com/product.jsp?product=120&platform=Macintosh

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 14.4.2 resolves a crash bug and updates service. This is not a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.0.4 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.24 resolves several bugs and adds two-pass FFmpeg option. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2020.1.2 resolves several crash bugs and improves compatibility. This is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

MKVToolnix 46.0.0 resolves several bugs. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

HandBrake 1.3.2 resolves several bugs. This is not a security update.
https://handbrake.fr/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.5 adds password sharing by link, and resolves several bugs. This is a security update.
https://1password.com/downloads/mac/

DesktopOK 7.17 adds silent install support, resolves several bugs, and updates language files. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.5.87 resolves several bugs and improves compatibility. This is not a security update.
https://www.balena.io/etcher/

GoodSync 11.1.8 improves compatibility. This is not a security update.
https://12pd.com/click?goodsync

IsMyHdOK 2.15 improves drive type detection. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

MS ISO Downloader 8.36 updates libraries and adds new disk images. This should be treated as a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

OSFMount 3.0.1006 resolves several bugs. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

PointerStick 4.01 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.17.0 adds native automatic update and updates FancyZones behavior. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.8.2 resolves several bugs. This is a security update.
https://psappdeploytoolkit.com/

WifiChannelMonitor 1.60 updates the internal MAC addresses file. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WinScan2PDF 5.33 improves WIA compatibility and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 3.6.3.0 resolves a caching bug. This is not a security update.
https://developer.android.com/studio

Node.js 14.2.0 improves error handling and monitoring with assertions, and resolves several bugs. This is a security update.
https://nodejs.org/en/

Visual Studio Code 1.45 improves accessibility, color, syntax, and semantic highlighting, performance, and GitHub integration. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

OpenCart 3.0.3.3 replaces all PayPal extensions with PayPal Commerce platform. This is not a security update.
https://www.opencart.com/

Adminer 4.7.7 is a security update.
https://www.adminer.org/en/

OpenPetra 2020.04 resolves several bugs, adds Sponsorship module, improves initial setup and updates libraries. This is a security update.
https://www.openpetra.org/

Autoptimize 2.7.1 resolves several bugs. This is not a security update.

Social Post Feed 2.14.1 resolves a bug in notices. This is not a security update.

Postie 1.9.51 removes functions from logon screen. This is not a security update.

Redirection 4.7.2 resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.15 improves compatibility. This is not a security update.

Top Commentators Widget 1.6 removes deprecated functions. This is not a security update.

WooCommerce 4.1.0 updates dependencies, resolves several bugs. This is a security update.

WP Mail SMTP 2.0.1 improves compatibility. This is not a security update.

Show IDs 1.1.4 improves compatibility with WordPress 5.4.1.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-04-01

Happy April Fools’ Day, Folks!

It’s not Patch Tuesday, but updates from Microsoft, Apple, Google, and others have triggered an out-of-cycle update.

This Month/Week in Technology

The FCC announced that by July 2021 every US phone company (landline and mobile) must adopt STIR/SHAKEN which will massively reduce the amount of robocalls and phone spam people receive and ensure that call blocking features work as intended.

Microsoft has rebranded Office 365 to Microsoft 365 and is launching more features and cross-platform monitoring across the system. Is this the next step towards Windows-as-a-Service?

Dell and HP Enterprise have issued updates for the runtime bug in certain Enterprise solid-state drives (SSDs) that will begin bricking them in only a couple months.

The latest to jumping on the virus-free-trial bandwagon is Plex.

The country of Georgia has been hacked, with data on almost every citizen being posted online.

How bad are companies at dealing with ransomware? Most corporations and governments just give in and negotiate the ransom. Others pay insurance through companies like Chubb, a cyber-insurer for this type of thing. Can a company insure itself?

For a couple days, the latest builds of iOS and macOS wouldn’t let you search for a “+” sign. This is more common than you might think, and one of the pieces of advice in my Selecting the Perfect Domain” guide.

#3 Don’t use any strange characters

CloudFlare’s 1.1.1.1 public DNS resolver received glowing marks in a recent study. While it’s very private and fast, it doesn’t provide built-in security as does OpenDNS, though.

Now for the good news:

Even the scientist most cited for his chicken-little response to COVID-19 has reversed course and said he over-estimated lethality and virulence.

Let’s Get Busy

Microsoft released an out-of-cycle update to address connectivity problems for VPN users. If you’re using a VPN, use Windows Update to install the most current version.

Apple released security updates for iCloud for Windows 7.18 and iCloud for Windows 10.9.3. Use Apple Software Update to install the most current versions.

Google Chrome OS 80.0.3987.158 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.2.3 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 80.0.3987.162 is a security update. Use Menu, Help, About to get the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

WinSCP 5.17.3 is a security update.
https://winscp.net/eng/index.php

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.03.26 resolves several bugs. This is not a security update.

PlayStation PS3 4.86 improves system performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps3/

Office Updates

One or more of these are likely to be of interest to most people.

Krita 4.2.9 adds Airbrush and Ratio controls to the Color Smudge brush, and resolves 70 bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 14.4.0 resolves several bugs, improves compatibility and adds warnings to certain scans.
https://www.adlice.com/download/roguekiller/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.0.8.2 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.6.8 improves data synchronization, Windows Hello integration, and resolves several bugs. This is not a security update.
https://12pd.com/click?rf

GoodSync 10.11.4 resolves several bugs and improves compatibility. This is not a security update.
https://12pd.com/click?goodsync

DesktopOK 6.91 improves compatibility with the next build of Windows. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

NetworkInterfacesView 1.20 adds option to open device properties window with F2. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

PSAppDeploy 3.8.1 adds Repair action and new installation controls, and resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

MS ISO Downloader 8.34 adds several new ISOs. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

WinScan2PDF 5.25 resolves a TWAIN bug under Windows 10 x64. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 3.6.2.0 resolves over a dozen bugs. This is not a security update.
https://developer.android.com/studio/index.html

Node.js 13.12.0 improves build notarization for macOS, upgrades libraries, adds option to disable proto to CLI, moves diagnostic reports to stable, and now allows URL in worker constructor. This is not a security update.
https://nodejs.org/en/

Web Package Updates

These are likely to be of interest only to web developers.

OpenPetra 2020.03 resolves the PDF printing bug, as well as several other bugs. This is not a security update.
https://www.openpetra.org/

WordPress 5.4 improves the block editor, adds Social Icons and Buttons, gradients to Buttons and Cover block, color options to Group, Columns, and Rich Text, improved consistency, as well as many developer and privacy improvements. This is not a security update.
https://wordpress.org/

Postie 1.9.45 resolves an email notification bug. This is not a security update.
https://wordpress.org/extend/plugins/postie/

Custom Facebook Feed 2.13 adds a Block. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2016-11-08

Hi, Folks!

It’s Patch Tuesday.

The typical computer should see roughly 2.2gb in updates today. It’s another big one. The Microsoft-specific updates should be easier, but no smaller, since they’re now packaging almost all updates in only two files for each supported version of Windows. Apple has updated all supported versions of their operating systems between 2 and 5 times this last month, and they seem to be stable now – so it’s probably safe to upgrade your Apple hardware. Let’s get started.

Microsoft released updates to Windows, Internet Explorer, Edge, drivers, .NET, Active Directory, VHD, RDP, and MSRT (~1.3gb). This includes security updates. A reboot is required.

Apple released updates for OS X, macOS, iOS, iTunes, Pro Video Formats, Xcode, tvOS, Safari, watchOS and iCloud for Windows. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Google Chrome OS 54.0.2840.93 is a security update. Use Menu, Help, About to install the most current version.

Oracle: everything. Oracle released security updates for 76 product lines covering over 230 applications. It’s easier to say, patch all Oracle software now than to try to even identify what the all are.

Adobe Flash Player 23.0.0.207 is a security update. Flash is being actively replaced with HTML5 on most sites and services, however, so unless you’re 110% positive you need it for critical functions, you should remove it instead. And, within those browsers that have it embedded (Chrome, Edge, Internet Explorer 11+) disable it. It’s just not worth the risk.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.3.0 improves cleanup. This is not a security update.
http://www.wagnardmobile.com/DDU/

HP Laserjet Stub 4.5.2942.27 doesn’t provide a changelog, so should be treated as a security update.
http://123.hp.com/us/en/devices/LASERJET

nVidia 375.70 improves performance. This is not a security update.
http://www.geforce.com/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 54.0.2840.87 is a security update. Use Menu, Help, About to install the most current version.

Firefox 49.0.2 is a security update. Use Menu, Help, About to install the most current version.

Blisk 1.0.125.166 is the first stable release of Blisk. This version replaces all previous versions.
https://blisk.io/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 45.4.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Silverlight 5.1.50901 is a security update.
http://www.microsoft.com/silverlight/

Java 8u111 is a security update. If you’re not 110% sure you need Java, remove it instead of upgrading.
http://www.java.com/en/download/manual.jsp

Skype 7.29.0.102 does not provide a changelog, so should be treated as a security update.
https://12pd.com/click?skype

aria2 1.28.0 fixes several bugs and improves output for conditional get. This is not a security update.
https://aria2.github.io/

curl 7.51.0 is a security update.
http://winampplugins.co.uk/curl/

Evernote 6.4.2.3788 does not provide a changelog, so should be treated as a security update.
http://www.evernote.com/

Nmap 7.31 fixes several bugs, updates libraries and improves scanning signatures. This is a security update.
http://nmap.org/

FileZilla 3.22.2.2 fixes several bugs. This is not a security update.
http://filezilla-project.org/

MaxMind GeoIP 201611 is a data refresh. This is not a security update.
http://dev.maxmind.com/geoip/

IPNetInfo 1.73 improves reliability of information parsing. This is not a security update.
http://www.nirsoft.net/utils/ipnetinfo.html

Google Earth 7.1.7.2606 improves stability. This is not a security update.
http://earth.google.com/index.html

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.5.3 is a security update. Use Apple Software Update to get the most current version.

CDBurnerXP 4.5.7.6389 fixes several bugs and improves reliability. This is not a security update.
http://cdburnerxp.se/

FastStone Viewer 6.0 improves straighten and adds several new features. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.2.1.38915 fixes several bugs. This is not a security update.
https://www.origin.com/en-us/download

Office Updates

One or more of these are likely to be of interest to most people.

LibreOffice 5.2.3 does not yet provide a changelog for the current version. Treat this as a security update.
http://www.libreoffice.org/

OpenOffice 4.1.3 is a security update. I remind you that OpenOffice is gradually being killed off, so you would be well served by removing OpenOffice and installing LibreOffice instead.
http://www.openoffice.org/download/

Notepad++ 7.2 improves smart highlighting to support multiple views, and fixes several bugs. This is not a security update.
https://12pd.com/click?npp

Inkscape 0.48.5 fixes several bugs and adds support for new file formats. This is not a security update.
http://www.inkscape.org/

OpenPetra 2016.10.2.0 adds MySQL support and fixes several bugs. This is not a security update.
http://www.openpetra.org/

SketchUp 17.0.18899 is a new major update with significant changes to the graphics capabilities and support, High-DPI, extension management, tool improvements and more. This is not a security update.
http://www.sketchup.com/

Adobe Connect 9.5.7 is a security update.
https://helpx.adobe.com/security/products/connect/apsb16-35.html

Adobe Drive CC 5.0.3 fixes several bugs. This is not a security update.
Win: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6105
Mac: http://www.adobe.com/support/downloads/detail.jsp?ftpID=6106

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 12.8.0 improves customization, adds detections and improves several scans. This is a security update.
http://www.adlice.com/softwares/roguekiller/

Caine 8.0 upgrades many tools, and updates core OS. This is a security update.
http://www.caine-live.net/

TDSSKiller 3.1.0.12 adds new detections. This is a security update.
http://support.kaspersky.com/viruses/utility#TDSSKiller

SuperAntiSpyware 6.0.1228 fixes several bugs. This is not a security update.
http://www.superantispyware.com/download.html

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 2.8.1607.1952 fixes a bug with certain hardware. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 9.3.2.1 improves compatibility with new encodings, fixes several bugs. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

GoodSync2Go 10.1.8 fixes quite a few bugs with the new v10 release. This is not a security update.
https://12pd.com/click?goodsync

RoboForm 7.9.23 fixes several bugs primarily with browser and individual site compatibility. This it not a security update.
https://12pd.com/click?rfe

CintaNotes 3.4 adds drag-and-drop tab reordering, improves rule behaviors and fixes a keyboard bug. This is not a security update.
http://cintanotes.com/download

Agent Ransack 2016.865 fixes several bugs. This is not a security update.
http://mythicsoft.com/agentransack/download

FileLocator Pro 8.1.2680 fixes several bugs. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

Everything 1.4.1.782b fixes several bugs. This is not a security update.
http://www.voidtools.com/

GPU-Z 1.12.0 adds new hardware support and fixes cosmetic bugs. This is not a security update.
http://www.techpowerup.com/downloads/SysInfo/GPU-Z/

HWMonitor 1.30 adds support for newer hardware. This is not a security update.
http://www.cpuid.com/softwares/hwmonitor.html

CurrPorts 2.30 improves filtering. This is not a security update.
http://www.nirsoft.net/utils/cports.html

DriveLetterView 1.45 adds option to perform Google search on product name. This is not a security update.
http://www.nirsoft.net/utils/drive_letter_view.html

SearchMyFiles 2.76 fixes UTF-8 content search. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

WifiChannelMonitor 1.46 updates the internal MAC address list. This is not a security update.
http://www.nirsoft.net/utils/wifi_channel_monitor.html

CCleaner 5.23.5808 improves cleaning. This is not a security update.
http://www.piriform.com/ccleaner

ProduKey 1.87 fixes MS Office parsing. This is not a security update.
http://www.nirsoft.net/utils/product_cd_key_viewer.html

SystemRescueCD 4.9.0 is a security update.
http://www.sysresccd.org/

NTLite 1.2.0.4510 fixes several bugs. This is not a security update.
https://www.ntlite.com/download/

Developer Updates

These are unlikely to be of interest to most people.

GitHub Desktop 3.3.2 updates included libraries. This is a security update.
https://desktop.github.com/

MySQL 5.7.16 is a security update.
http://www.mysql.com/downloads/installer/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 12.5.1 is a security update.
http://www.vmware.com/products/player/

VirtualBox 5.1.8-111374 is a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 8.2.2 fixes several bugs. This is not a security update.
http://drupal.org/download

Joomla 3.6.4 is a security update.
http://www.joomla.org/

BuddyPress 2.7.2 fixes several bugs. This is not a security update.

Multisite Enhancements 1.3.7 fixes several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 3.7.5 adds new networks and bug fixes. This is not a security update.

Postie 1.8.17 fixes several bugs. This is not a security update.

Simple Lightbox 2.6.0 adds several features and fixes a bug. This is not a security update.

Theme My Login 6.4.6 fixes several bugs and adds new hooks. This is not a security update.

WooCommerce 2.6.7 fixes several bugs. This is not a security update.

WPtouch 4.3.5 fixes several bugs. This is not a security update.
That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/