Updates 2023-05-09

Posted on May 9, 2023 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for May, 2023.

This month brings news that the current stable release of Windows 10 will be the last version released until it is end of life (EOL) in October 2025. This means it is mature and won’t have annoying operating system changes on a regular basis, unlike Windows 11. There were over 150 major hacks, and over 215 application updates this month. All in all it’s a big month, with about 3.5 GB of updates for most users.

This Month in Technology

Alto Calore Servizi, American Bar Association, Americold, Amnesty International Australia, an African telecommunications organization, Apache Superset, APC’s Easy UPS Online Monitoring Software, Apro.cl, automotive Controller Area Network, AvidXchange, Banco de Venezuela, Berkeley, Bitmarck Germany, Bitrue, Blue Shield of California, Bluefield University, Brightline, Caltech, Capita, Cementos Bio-Bio S.A, Cementos Progreso, CH Media, Cisco IOS routers, Cisco PCD, Cisco Phone Adapters, City of Dallas, Texas, Conagua, Constellation Software, 9 cryptocurrency exchange websites, Cummins Behavioral Health Systems, 13 internet domains used for DDoS-for-hire services, Delphi Drug & Alcohol Council, Diocese of Las Vegas, Elastic, Ethan Health, LLC, Eurasia Group, Fairfax County Public Schools, Fincantieri Marine Group, Fortra, FTX, Fullerton India, GDAC, Genova Burns LLC, Google Chrome, Graceworks Lutheran Services, Group Euromotors, Guam Memorial Hospital, a Haarlem (NL) company, Hardenhuish School, HealthPlan Services, Inc., Henry County Hospital, Hillsborough County Supervisor of Elections Office, Hundred Finance, Hyundai, Illumina’s Universal Copy Service, Intel Boot Guard, Intel CPUs, Intel TDX, Iowa Department of Health and Human Services, John Muir Health – Walnut Creek Medical Center, Kabarak University, Kodi Foundation, KuCoin, La Clinica de La Raza, Inc., Lake Dallas Independent School District, Latitude Financial, Level Finance, Lürssen, Mars Area School District, Medtronic, MEO, Merlin, MetaMask, Methodist Family Health, Microsoft SQL servers, MiniMed Distribution Corp., MIT, Modern Cardiology Associates, Montgomery General Hospital, Monument Inc. and Tempest, MSI OEM Signing Keys, Murfreesboro Medical Clinic & SurgiCenter, Naivas Kenya, National Smallbore Rifle Association, NationsBenefits Holdings, LLC, NCR Aloha POS, NextGen Healthcare, Northeastern University, OGUsers, One Brooklyn Health, OrangeTee & Tie, Orqa, Packagist, Papercut, Pathway Healthcare, LLC, Philippines State Agencies, Point32Health, PrestaShop, RaidForums, RentoMojo, Retina & Vitreous of Texas, PLLC, Rheinmetall, Robeson Health Care Corporation, Roskomnadzor, Ruckus Wireless, SafeMoon, Saville Row, Seguros la Occidental, St. Vincent’s Ambulatory Care, Inc., Stanford, SushiSwap, T-Mobile (again), Tasmanian Government, TBK DVR, Tencent QQ, Terravision, TP-Link Archer A21, Trust Wallet, Twitter, two critical infrastructure organizations in the energy sector, two organizations involved in financial trading, Two Rivers Public Health Department, Ukraine, Ukrainian state networks, UMass Amherst, Unique Imaging, Inc, UniSat Wallet, United HealthCare, United Steelworkers Local 286, University of California, San Francisco, University Urology, Unlimited Care, Inc., Upper Peninsula Health Plan, US Consumer Financial Protection Bureau, US military “legacy weapons systems“, Valid Certifcadora, Veeam backup servers, VMware vRealize Log Insight, VMware, Western Digital, WP Advanced Custom Fields, WP Eval PHP, Yearn Finance, Yellow Pages Group, Yucatan government, and Z-Library (again) have reportedly been hacked or compromised this month.

1Password, Bank of Scotland, Google Search, Halifax, Lloyds Bank, Microsoft 365 and Exchange, Reddit, TSB Bank, and Twitter (twice) have suffered from outages this month.

Last months updates broke Microsoft Defender.

Google is finally adding end-to-end encryption to their security authenticator. However, they’re now weakening the security of your Google account by allowing anyone with any of your device PINs or patterns to access your account. If you’ve ever loaned your cell phone or tablet to a five year old to get them to be quiet during a conversation with family, Amazon is giving you another reason to avoid that.

Advertisements (especially via Google and Facebook) remain the #1 method of infecting victims. As if on queue, there will now be more ads in the Microsoft Windows Start Menu. Pirated software is still a very common method to hack a network. Microsoft is adding the ability to opt out of presence detection within Windows 11.

Apple’s new “rapid security response” patching platform is failing. macOS Silicon isn’t safe from ransomware.

QR codes are much more dangerous than you can imagine. Know the risks of reselling your used hardware.

Still no punishment when government violates their own rules. The EU is planning to scan all private files on personal devices in violation of privacy rights. The goal of securely classifying and validating organizational ownership of online resources is a lofty one, but this transparency – as proposed via QWACs – would put privacy at increased risk.

Now for the good news:

Apple and Google are finally taking an interest in how their platforms are abused for stalking via Bluetooth.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is large this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Windows 10 and Windows 11 versions 22H2 should now be installed. Sadly, the new “Moments” features on Windows 11 will insert advertisements in the Start menu and Control Panel. Just another sign of the continuing decline of Windows.

Microsoft released updates to address 49 vulnerabilities in Microsoft Bluetooth Driver, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Teams, Microsoft Windows Codecs Library, Reliable Multicast Transport Driver (RMCAST), Remote Desktop Client, SysInternals, Visual Studio Code, Windows Backup Engine, Windows Installer, Windows iSCSI Target Service, Windows Kernel, Windows LDAP – Lightweight Directory Access Protocol, Windows MSHTML Platform, Windows Network File System, Windows NFS Portmapper, Windows NTLM, Windows OLE, Windows RDP Client, Windows Remote Procedure Call Runtime, Windows Secure Boot, Windows Secure Socket Tunneling Protocol (SSTP), Windows SMB, Windows Win32K, and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for AirPods and Beats. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Fedora 38-1.6 is a security update. This major version adds improved hardware support, modern security benefits, and updates libraries and resources.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Ventura (13.x) means that macOS Catalina (10.15) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.4.3 improves performance and compatibility. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 11.2.0 adds VeraCrypt support, improves ARM compatibility and resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Display Driver Uninstaller 18.0.6.3 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Drivers by Seagull 2023.2 adds another 300+ printer and device drivers, encrypted hardware and RFID support. This is a security update.
https://www.seagullscientific.com/support/downloads/drivers/

DS4Windows 3.2.10 resolves several bugs. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Netgear Genie R6400 1.0.1.78 is a security update.
https://www.netgear.com/support/product/R6400.aspx#download

TP-Link Archer AX21 v1.20.230426 is a security update.
https://www.tp-link.com/us/support/download/archer-ax21/v1.20/#Firmware

Wacom Driver 6.4.2-1 resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.51.110 is a security update.
https://brave.com/

Firefox 113.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Google Chrome 113.0.5672.92 is a security update.
https://www.google.com/chrome/

Google Chrome 109.0.5414.141 is a security update. The 109 version is now only supported on Windows Server 2012 and 2012r2.
https://www.google.com/chrome/

Microsoft Edge 112.0.1722.71 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge 109.0.1518.78 is a security update. The 109 version is now only supported on Windows Server 2012 and 2012r2.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge WebView2 113.0.1774.35 is a security update.
https://developer.microsoft.com/en-us/microsoft-edge/webview2/

Vivaldi 6.0.2979.18 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.50 adds From and To scan filtering. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

ProtonMail (Android) 3.0.14 improves stability and performance. This is not a security update.
https://proton.me/mail/download

Spark 3.4.2.48202 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.4.2.48201 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.10.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.1.11 improves stability. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 7.0.2 resolves several bugs and improves integration. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 173.4.6706 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 186.0.0.10.221 is a security update.
https://www.messenger.com/download

FileZilla Client 3.64.0 updates libraries. This should be treated as a security update.
https://filezilla-project.org/

Google Drive 74.0 is a security update.
https://drive.google.com/start

Microsoft Teams 1.6.00.11166 is a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 26.0.1 is a security update.
https://nextcloud.com/

Npcap 1.75 is a security update.
https://nmap.org/npcap/

Signal 6.16.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.19.8 doesn’t provide a changelog so should be treated as a security update.
https://signal.org/android/apk/

Skype 8.96.0.403 adds several new features and improves stability. This is not a security update.
https://www.skype.com/

Technitium DNS Server 11.1.1 is a security update.
https://technitium.com/dns/

Telegram 4.8.1 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 9.6.0 resolves several bugs. This is not a security update.
https://telegram.org/apps

WinSCP 5.21.8 is a security update.
https://winscp.net/eng/index.php

Zoom 5.14.7.15877 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.7 is a security update.
https://en.3tene.com/

Plex Desktop 1.67.2.3705 is a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.38.2.3738 resolves several bugs. This is a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.1.6999 resolves several bugs. This is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Winamp 5.9.1 is a security update.
https://www.winamp.com/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.4.0.84 resolves dozens of bugs.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.23.4.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Nintendo Switch 16.0.3 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 23.01-07.20.00 improves stability and performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2023.04.26 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 23.001.20143 is a security update.
https://get.adobe.com/reader

Adobe Substance 3D Painter 8.3.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html

Audacity 3.3.2 doesn’t provide a changelog so should be treated as a security update.
https://www.audacityteam.org/download/

Calibre 6.17.0 resolves several bugs and improves compression. This is not a security update.
https://calibre-ebook.com/

ImageMagick 7.1.1-8 resolves several bugs. This is not a security update.
https://imagemagick.org/

LibreOffice Fresh 7.5.3 resolves over a hundred bugs. This is a security update. The “Fresh” line is beta software. Please use the Still version which is stable software.
https://www.libreoffice.org/

Nextcloud Desktop 3.8.1 is a security update.
https://nextcloud.com/

PDF Candy Desktop 2.94 doesn’t provide a changelog so should be treated as a security update.
https://pdfcandy.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Cloudflare WARP 2023.04.27 doesn’t provide a changelog so should be treated as a security update.
https://1.1.1.1/

Cloudflare WARP (macOS) 2023.04.17 doesn’t provide a changelog so should be treated as a security update.
https://1.1.1.1/

HTTP Toolkit 1.12.6 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.5.27 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 2.4.2 provide cosmetic improvements. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.1.3 improves proof of effect cosmetics and compatibility. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.9.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 12.2.0.603 adds detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 5.12 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.49.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

YARA 3.1 fixes several bugs. This should be treated as a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 23.0.2 resolves several bugs. This is not a security update.
https://www.techsmith.com/video-editor.html

Open Broadcaster Software 29.1.0 resolves dozens of bugs. This should be treated as a security update.
https://obsproject.com/

ScreenToGif 2.38 improves high-DPI compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.1.0.5 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.7 doesn’t have a changelog so should be treated as a security update.
https://imazing.com/heic

PDF Creator 5.1 adds ARM64 support, improves automation, and resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.2.1 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 1.0.1.8 improves performance. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.26 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.10.6 resolves dozens of bugs and improves compatibility. This is a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.10.6 resolves dozens of bugs and improves compatibility. This is not a security update.
https://1password.com/downloads/windows/

Agent Ransack 2022.3389 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2023.4.0 is a security update.
https://bitwarden.com/

CCleaner 6.11.10455 resolves several bugs and improves compatibility. This is not a security update.
https://www.ccleaner.com/

DesktopOK 10.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 4.0.6.806 resolves several bugs. This is not a security update.
https://dmde.com/

dnGrep 3.2.306.0 updates libraries and implements several new features. This is not a security update.
https://dngrep.github.io/

Everything Toolbar 1.0.5 resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.45 removes Windows 7 ISO download option since it’s no longer available for download. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3389 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.2 no longer provides a changelog so should be treated as a security update.
https://www.fing.com/products/fing-desktop-download-windows

Git SCM 2.40.1 is a security update.
https://git-scm.com/

Go 1.20.4 is a security update.
https://go.dev/

GoodSync 12.2.2 resolves several bugs and introduces a new encrypted file system option. This is not a security update.
https://www.goodsync.com/

grepWin Portable 2.0.13 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

IsMyHdOK 3.88 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.2.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

Memtest86+ 6.20 adds support for newer hardware and resolves a couple bugs. This is not a security update.
https://www.memtest.org/

NetworkInterfacesView 1.30 adds secondary sorting and sorting by menu. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

NetworkTrafficView 2.44 adds dark background option and sort by to the toolbar. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

NTLite 2023.4.9228 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1010 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.69.1 improves stability adn resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.9.3 resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

PsExec 2.43 fixes a regression with -c. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec

RoboForm 9.4.7 is a security update.
https://www.roboform.com/

Rufus 4.0 resolves several bugs and improves stability. This version now requires Windows 8 and newer. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.3.13.8507 resolves several bugs and breaks application compatibility with older instances. This is not a security update.
https://www.connectwise.com/software/control/download

Synergy 1.14.7 adds ability to bind client to specific network and resolves several bugs. This is not a security update.
https://symless.com/synergy/

Sysmon 14.16 adds new ArchiveDirectory system integrity controls and improves compatibility. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.19 fixes a bug with the 32-bit version. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.41.9 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.2.18 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WifiInfoView 2.80 adds full screen mode. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2022.2.1.19 adds several new features. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.2.3 resolves a dozen bugs. This is not a security update.
https://desktop.github.com/

Java 8u371 is a security update.
https://www.java.com/en/download/manual.jsp

MySQL ConnectorNet 8.0.33 is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.33 is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 18.16.0 adds single-file executable support, improved URL parsing, and resolves a dozen bugs. This is not a security update.
https://nodejs.org/en/

Node.js 19.9.0 improves URL parsing and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.1.0 adds several new features and updates dependencies. This is not a security update.
https://nodejs.org/en/

Rustup 1.26.0 resolves a dozen bugs and adds several new features. This is not a security update.
https://www.rust-lang.org/

VC Runtime 14.34.31938.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Visual Studio Code 1.78.1 improves accessibility, color schemes, profile templates, and other features. This is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.8 is a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.25 resolves several bugs. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.4.15 is a security update.
https://drupal.org/download

Joomla 4.3.1 resolves several bugs. This is not a security update.
https://www.joomla.org/

OpenCart 4.0.2.1 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.opencart.com/

Antispam Bee 2.11.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

Autoptimize 3.1.7 is a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.7.6 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.4 doesn’t provide a changelog so should be treated as a security update.
https://wordpress.org/plugins/duplicator/#developers

Sucuri Security 1.8.39 resolves an API error. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

Widgets on Pages 1.7.0 is a security update.
https://wordpress.org/extend/plugins/widgets-on-pages/

WooCommerce 7.6.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Importer 0.8.1 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

WP Cerber Security 9.5.4 improves compatibility. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.8.0 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

W3 Total Cache 2.3.2 resolves several bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WPBakery 6.11.0 resolves several bugs. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2023-04-11

Posted on April 11, 2023 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for April, 2023.

This month brings over 160 significant hacks, and over 170 application updates. This is pretty normal these days, and the updates will weigh in at a little over 2.5 GB of updates for most users.

This Month in Technology

3CX, 51,000 websites, Ace Nursing, Activision, Adobe ColdFusion, Alivia Health, AllCare Plus Pharmacy, Inc, Allied Benefit, American Pain and Wellness, PLLC, an “East Asian company that develops data-loss prevention software for government and military,” Apple Safari, Aspire Public Schools, Associates in Dermatology, Atlantic Dialysis Management Services, Atlantic General Hospital, Autoridad de Acueductos y Alcantarillados, Bing.com search (via Azure AD), BitGo, BitKeep, Bitzlato, Black & McDonald, Blue Shield of California, Breached, Brooks Rehabilitation, Capita, ChatGPT, Chippewa County, CHU University hospitals, City of Oakland, City of Toronto, CloudPanel, Community Health Systems, Crown Resorts, Dole Food Company, a Dutch maritime logistics company, eFile-com, El Camino Health, El Consejo Nacional de Supervisión del Sistema Financiero, Elementor Pro WordPress plugin, Elmbrook School District, Essendant, Eye4Fraud, Fabrega Molino, Federal Law Enforcement Database, Ferrari, Florida-based community healthcare system, Frideres Dental LLC, Gala Games, General Bytes, 130+ organizations using GoAnywhere MFT, Guam Memorial Hospital, Hatch Bank, Hawaiian death registry, HDB Financial Services, Health Plan of San Mateo, Hitachi Energy, Homewood Health, HP LaserJet printers, Independent Living Systems, India’s Defense Research and Development Organization, Indian health system, Instituto De Educación Secundaria Ies Emilio Canalejo Olmeda, Integrated Supports for Living, Inc, Killer Instinct, Latitude Financial Services, Leaked Reality, LinusTechTips, Lionsgate, Long Son Petrochemicals, Lumen, Majestic Care Middletown Assisted Living LLC, McDonald’s, Medellin government, MedEx, Medminder, Merritt Healthcare Advisors, Microsoft SharePoint, Microsoft Teams, Mozilla Firefox, MSI, National Basketball Association, NCB Management Services, Nebu, Netgear Orbi, New Medical Healthcare, New York City public school special education students, New York-Presbyterian Hospital, NewBridge Services, NewYork-Presbyterian Hospital, Nexx smart devices, NHS Highland, Nonstop Administration and Insurance Services, Inc, NorthStar Emergency Medical Services, NS, Open University of Cyprus, Oracle VirtualBox, ParaSpace, Pension Protection Fund, PetroVietnam, Poolz Finance, POSCO Engineering & Construction, Postal Prescription Services – Kroger, Procter & Gamble, Proskauer Rose, QNAP, Rio Tinto, Rochester Public Schools, Rubrik, SafeMoon, Saks Fifth Avenue, Samsung, SD Worx, Shopper+, South Texas Health System, Sundry Files, Tallahassee Memorial Healthcare, Inc, Tasmanian Education Department, Telegram, Tesla Model 3, the WiFi protocol (this is big), TheGradCafe, Throne, TMX Finance (TitleMax, TitleBucks, InstaLoan), Top of the World Ranch Treatment Center, Toyota Italy, Tusla, Twitter, Uber, Ubuntu Desktop, UC San Diego Health, UHS of Delaware, Inc, UK’s Criminal Records Office, UK’s Virgin Red, Ukrainian utility company, US Congress, US Department of Defense, US Federal Bureau of Investigation, US Marshals Service, US Special Operations Command, US Wellness Inc, US Wellness, Vazquez Nava Consultores y Abogados, Veeam’s Backup & Replication, Veritas Backup Exec, VM2, VMware Workstation, WellBe, Wells Fargo, West Virginia hospital, Western Digital, Wilkes-Barre Career and Technical Center, WinRAR SFX, WooCommerce, Yardley Dermatology Associates, PC, Yucatan government, Yum! Brands (Taco Bell, KFC, Pizza Hut), Z2U, ZenGo, Zimbra Collaboration Suite, and Zoll have reportedly been hacked or compromised this month.

Amazon has pulled the plug on their most successful charitable endeavor, AmazonSmile.

According to the FBI, 860 “critical” infrastructure organizations were hit with ransomware in 2022. Shouldn’t they just stop if they’re so concerned, since they’re usually the ones behind most terrorists?

It should come as no surprise that the recent spate of train derailments comes not long after a manager at one of the largest rail companies told inspectors to stop marking rail cars that needed repairs.

Apple Weather, Microsoft Defender, Reddit, and WD My Cloud suffered from outages this month.

Last months updates broke Red Dead Redemption 2, and caused problems for many printers by replacing the vendor print drivers with Microsoft’s incompatible drivers. But at least Microsoft is now inserting ads in the Start menu, right? Grrr.

Here’s yet another demonstration of how your “smart device” can be exploited without your knowledge. GM’s Cruise robotaxis have been recalled after they caused an accident in San Francisco.

Now for the good news:

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly
GB in updates today. Let’s get started.

Windows 10 and Windows 11 22H2 should now be installed. Sadly, the new “Moments” features on Windows 11 will insert advertisements in the Start menu and Control Panel. Just another sign of the continuing decline of Windows.

Microsoft released updates to address 93 vulnerabilities in .NET Core, Azure Machine Learning, Azure Service Connector, Microsoft Bluetooth Driver, Microsoft Defender for Endpoint, Microsoft Dynamics, Microsoft Dynamics 365 Customer Voice, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Message Queuing, Microsoft Office, Microsoft Office Publisher, Microsoft Office SharePoint, Microsoft Office Word, Microsoft PostScript Printer Driver, Microsoft Printer Drivers, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Visual Studio, Visual Studio Code, Windows Active Directory, Windows ALPC, Windows Ancillary Function Driver for WinSock, Windows Boot Manager, Windows Clip Service, Windows CNG Key Isolation Service, Windows Common Log File System Driver, Windows DHCP Server, Windows Enroll Engine, Windows Error Reporting, Windows Group Policy, Windows Internet Key Exchange (IKE) Protocol, Windows Kerberos, Windows Kernel, Windows Layer 2 Tunneling Protocol, Windows Lock Screen, Windows Netlogon, Windows Network Address Translation (NAT), Windows Network File System, Windows Network Load Balancing, Windows NTLM, Windows PGM, Windows Point-to-Point Protocol over Ethernet (PPPoE), Windows Point-to-Point Tunneling Protocol, Windows Raw Image Extension, Windows RDP Client, Windows Registry, Windows RPC API, Windows Secure Boot, Windows Secure Channel, Windows Secure Socket Tunneling Protocol (SSTP), Windows Transport Security Layer (TLS), Windows Win32K and MSRT (~
GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.7.5 and 16.4.1, iPadOS 15.7.5 and 16.4.1, macOS Big Sur 11.7.6, macOS Monterey 12.6.5, macOS Ventura 13.3.1, Safari 16.4.1, Studio Display Firmware Update 16.4, tvOS 16.4, and watchOS 9.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.4.1 and 15.7.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.4.1 and 15.7.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.4 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 16.4 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 112.0.5615.62 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The now-current release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.4.1 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.6.2 resolves a stability bug. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Nvidia Driver 474.30 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.50.114 is a security update.
https://brave.com/

Google Chrome 112.0.5615.49 is a security update.
https://www.google.com/chrome/

Microsoft Edge 112.0.1722.34 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge 109.0.1518.78 is a security update. This version should be used only on devices where the current stable release is not available.
https://www.microsoft.com/en-us/edge/business/download

Firefox 112.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

SeaMonkey 2.53.16 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.7.2921.65 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.48 adds sort-by to the toolbar. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.3.6.46134 improves stability. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.3.6.46132 improves stability. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.9.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.1.11 is a bug fix for a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.55 adds sort-by to the toolbar. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.0.1 resolves dozens of bugs. This should be treated as a security update.
https://curl.haxx.se/windows/

Dropbox 171.4.6182 improves stability. This is not a security update.
https://www.dropbox.com/

FreeFileSync 12.2 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 73.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.6.00.6754 is a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 26.0.0 is a major update with improvements across a dozens features and many bug fixes. This is not a security update.
https://nextcloud.com/

Npcap 1.73 is a security update.
https://nmap.org/npcap/

Omada Software Controller 5.9.31 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.62.2 resolves several bugs. This is not a security update.
https://rclone.org/

Signal (Android) 6.16.2 doesn’t provide a detailed changelog so should be treated as a security update.
https://signal.org/android/apk/

Signal 6.13.0 improves dark mode and cosmetics. This is not a security update.
https://signal.org/download/windows/

Syncthing 1.23.4 resolves several bugs. This should be treated as a security update.
https://syncthing.net/

Telegram 4.7.1 resolves a couple bugs. This is not a security update.
https://telegram.org/

Trillian 6.5.0.28 resolves several bugs. This is not a security update.
https://www.trillian.im/

WinSCP 5.21.8 is a security update.
https://winscp.net/eng/index.php

Zoom 5.14.2.14578 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4.10 improves stability. This is not a security update.
https://www.bitwig.com/download/

iTunes 12.12.8.1 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.67.1.3665 fixes the subtitle render/crash issue. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.37.2.3674 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.0.6918 resolves a font bug and a certificate installation bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.2.1.75 adds a new particle editor to the IDE and reworks some of the interface. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.1.160 resolves several bugs and adds more than a dozen new assets and feature improvements. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.23.3.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Nintendo Switch 16.0.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 23.01-07.01.01 resolves a cosmetic bug. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2023.03.15 resolves dozens of bugs. This should be treated as a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 23.001.20143 is a security update.
https://get.adobe.com/reader

Adobe Digital Editions 4.5.11.187658 is a security update.
https://www.adobe.com/solutions/ebook/digital-editions/download.html

Adobe InCopy 18.2 and 17.4.1 are security updates. Use Creative Cloud to install the update.

Adobe Acrobat and Reader 23.001.20143 and 20.005.30467 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb23-24.html

Adobe Substance 3D Stager 2.0.2 is a security update.
https://www.adobe.com/products/substance3d-stager.html

Adobe Dimension 3.4.9 is a security update.
https://www.adobe.com/products/dimension.html

Adobe Substance 3D Designer 12.4.1 is a security update.
https://www.adobe.com/products/substance3d-designer.html

Artweaver 7.0.15 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 6.15.1 resolves several bugs and improves document compatibility. This is not a security update.
https://calibre-ebook.com/

ImageMagick 7.1.1-6 resolves several bugs. This is not a security update.
https://imagemagick.org/

LibreOffice Fresh 7.5.2 resolves over 90 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most users.
https://www.libreoffice.org/

Nextcloud Desktop 3.8.0 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.5.2 resolves several context menu and cosmetic bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.3 adds center-point shape drawing and resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.5.368.0 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Caine 13.0 is a security update.
https://www.caine-live.net/

Chainsaw 2.6.0 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

FSS 2023.3.19 updates service list. This is not a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

MalwareBytes Anti-Malware 4.5.26 improves reporting and resolves several bugs. This should be treated as a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 2.4.1 improves stability. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.15 resolves several bugs. This is not a security update.
https://protonvpn.com/download

QubesOS 4.1.2 is a security update.
https://www.qubes-os.org/downloads/

RogueKiller 15.8.2 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 12.2.0.570 improves detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1250 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

Tails 5.11 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.48.4 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.6.8 integrates several net
https://github.com/Velocidex/velociraptor/releases/latest

Wireless Network Watcher 2.31 adds a dark mode option and updates internal MAC address database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

YARA 4.3.0 resolves several bugs and adds new functions and behaviors. This should be treated as a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 22.5.3 resolves several crash bugs, installation issues and improves the UI. This is not a security update.
https://www.techsmith.com/video-editor.html

SnagIt 23.1.1 resolves several bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.1.0.3 improves compatibility. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.1.6 improves compatibility and provides new output options. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 1.0.1.7 improves compatibility. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.10.4 fixes of a dozen bugs. This is a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.10.4 fixes over a dozen bugs. This is a security update.
https://1password.com/downloads/windows/

AstroGrep 4.4.9 updates libraries, adds dark theme, improves filters and resolves several bugs. This is a security update.
http://astrogrep.sourceforge.net/

Bitwarden 2023.3.3 adds domain verification, improved browser security, and resolves several bugs. This is a security update.
https://bitwarden.com/

CalyxOS Device Flasher 1.0.7 doesn’t provide a changelog so should be treated as a security update.
https://calyxos.org/install/

Carbonite 6.4.6 is a security update.
https://account.carbonite.com/

CCleaner 6.10.10347 improves cleaning and adds to the their driver update solution. This is not a security update.
https://www.ccleaner.com/

CrucialScan 20230308 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/store/systemscanner

CurrPorts 2.71 adds full screen display option. This is not a security update.
https://www.nirsoft.net/utils/cports.html

DesktopOK 10.77 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 4.0.6.806 fixes several bugs. This is a security update.
https://dmde.com/

Everything Toolbar 1.0.5 improves stability and compatibility. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

FolderChangesView 2.35 adds dark mode support and sort-by to the toolbar. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

Go 1.20.3 is a security update.
https://go.dev/

GoodSync 12.2.0 resolves several bugs. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 3.88 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2023.4.9191 adds components, new settings and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.8.2 is a security update.
https://osquery.io/downloads

PowerToys 0.69.0 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Explorer 17.04 is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

PsExec 2.42 adds support for long paths. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec

Regedix 2.0.0.0 adds registry scan and resolves paste bug. This is not a security update.
https://regedix.webrox.fr/

RoboForm 9.4.6 is a security update.
https://www.roboform.com/

Rufus 3.22 resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.2.9.8466 improves compatibility. This is not a security update.
https://www.connectwise.com/software/control/download

TCPView 4.18 resolves a crash bug and improves dark mode. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.40.8 resolves a LAN bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.2.14 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

Ventoy 1.0.91 resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WifiInfoView 2.79 resolves a display bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 8.55 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.13 adds regexp search, search history, command line options, virtual drives, sorting options, and resolves a couple bugs. This is not a security update.
https://www.diskanalyzer.com/

XnConvert 1.98 doesn’t provide a changelog so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2023 2023.2303.77.400 adds tethered view. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

ADB 34.0.1 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

GitHub Desktop 3.2.1 resolves a dozen bugs and provides several improvements. This is not a security update.
https://desktop.github.com/

Node.js 16.20.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 19.9.0 adds a new tracing feature, URL parser improvements, and resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.41.2 resolves several bugs and improves several features. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.77.1 improves stability. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.24 resolves several bugs. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.4.12 is a security update.
https://drupal.org/download

Drupal 9.5.7 resolves a bug in the editor. This is not a security update.
https://drupal.org/download

WordPress 6.2 adds several new native features – custom CSS, sticky positions, new site editor, block management, Openverse media access, and more. This is not a security update.
https://wordpress.org/

Akismet 5.1 resolves several bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.6 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.7.5.1 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.3.1 doesn’t provide a change log so should be treated as a security update.
https://wordpress.org/plugins/duplicator/

Limit Login Attempts 1.7.2 is a security update.
https://wordpress.org/extend/plugins/limit-login-attempts/

Redirection 5.3.10 resolves a save bug. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

W3 Total Cache 2.3.1 improves compatibility and resolves several bugs. This is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 7.5.1 improves stability. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Cerber Security 9.5.3 improves compatibility. This is not a security update.
https://wpcerber.com/

WPtouch 4.3.52 resolves a cosmetic bug. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-12-13

Posted on December 13, 2022 by Shawn K. Hall

Merry Christmas, Folks!

Today is Patch Tuesday for December, 2022.

This month brings a new version of Windows 10 (v22H2), critical security updates for all supported Apple products, and (literally) new security updates every single week since the last update cycle on November 8th. That’s on top of the 150+ major hacks, and over 165 application updates this month. Prepare yourself, there will be about 4 GB of updates for most devices this month.

This Month in Technology

Over 15,000 websites, Abandonia2022, ABB Totalflow, Accuro, Acer UEFI Secure Boot, dozens of apps using the Algolia API, Amazon ECR, Amnesty International Canada, Android, Android OEM certificates, André-Mignot Hospital, Ankr, Antwerp, Belgium, Argentina de Soluciones Satelitales, Arkansas Department of Human Services, Atlassian Bitbucket Server, Bahrain, Bank of Russia, Boa web server, California’s Department of Finance, Canadian Teachers Union, Canon hardware, CareFirst Administrators, CCA Health Plans of California, Inc d/b/a CCA Health CA, Central Depository Services Ltd, Chiropractic Board of New Zealand, Cincinnati State Technical and Community College, Cisco IP phones, Citrix ADC and Gateway, CloudSEK, Codesys, CoinTracker, CommonSpirit Health, Community Health Network, Inc. as an Affiliated Covered Entity, Connexin Software, Consumer Directed Services In Texas, Inc., CorrectCare Integrated Health Inc, County of Tehama, California, Dallam Hartley Counties Hospital District, Deribit, Dermatology & Skin Cancer Ctr, PC, Dialpad, Inc., Dietitians Board of New Zealand, Docs Medical Inc, Doctors’ Center Hospital, Dr. Douglas C. Shoenberger,PC, Durham District School Board, Dutch LNG Terminal, Easton Cardiovascular, Ellen M. Field, M.D., Epic Management LLC, European Parliament, F5 BIG-IP and BIG-IQ, Fars News Agency, Festo, FortiOS SSL-VPN, FTX, GATE Petroleum Company Employee Benefits Plan, Gateway Rehabilitation Center, General Council of the Judiciary, GGCorp, Google Pixel 5 and 6, Google’s Looker Studio, GoTo, Guatemala’s Ministry of Foreign Affairs, Health Care Management Solutions, LLC, Health New Zealand, Hope Health Systems Inc., Hospital Center of Versailles, HP hardware, Hyundai and Genesis cars, Indian Central Board of Higher Education, Indian Community Health Network, Indian Council of Medical Research, Indian electrical grid operators, Innovative Service Technology Management Services, Inc., Kaiser Foundation Health Plan of the Mid-Atlantic States, Inc., Keralty Group, Lake Charles Memorial Health System, LastPass (again), Lehigh Valley Women’s Specialties, Lenovo UEFI Secure Boot, Lexmark hardware, Magento 2, Manassas Surgery Center Anesthesia Services, MaryAnne Freeman Brndjar, DO, PC, Medibank, Mena Regional Health System, Mercury IT, Microsoft Exchange, Mikrotik hardware, NETGEAR hardware, New York-Presbyterian Hospital, New Zealand Ministry of Justice, New Zealand Psychologists Board, New York-Presbyterian Hospital, a NY salon, NU House Calls, PC, Nuance Communications, Inc., OakBend Medical Center, One Brooklyn Health System, Optometrists and Dispensing Opticians Board of New Zealand, Oracle Fusion, Orange Telecom, Orlando Health, Pendurthi Surgical Associates, Peter J. Isaac, D.O., Physiotherapy Board of New Zealand, Plascar Participacoes Industriais, Podiatrists Board of New Zealand, Polsinelli PC, Quarkus Java Framework, Rackspace, Radio Free Asia, Receivables Performance Management, Restaurants in Cincinnati, Roman Catholic Church, Rosenfeld VanWirt, PC, Royal Mail, Samsung Galaxy S22, Sequoia One, Seville Urban Transport Company, Silverstone Circuit, Sobeys, Sonder, Sonos hardware, South Staffordshire Water, South Walton Fire District, Southampton County, Virginia, Sree Saran Medical Centre, Stanley Street Treatment and Resources, Inc., Synology hardware, Tata Power, Telstra, The Smith Family, TP-Link hardware, Tuloso-Midway Independent School District, Twitter, Uber, Ubiquiti hardware, University Medical Center of Southern Nevada, UOB KayHian, Uruguay’s Ministry of Transport and Public Works, the US government, VMware ESXi, VTB Bank, Western Digital hardware, Whoosh, Work Health Solutions, Wright & Filippis LLC, Xavier College, Yakima Neighborhood Health Services, Yale University, and the Zwijndrecht police have reportedly been hacked or compromised this month.

There’s another novel method for exfiltrating information from air-gapped devices: the power supply. Most US DoD contractors fail to implement basic security controls.

Windows updates last month broke DirectAccess, gaming performance, ODBC database connections, Remote Desktop, Task Manager, Windows Kerberos, caused Windows freezes and domain controller freezes.

Meta (Facebook and Instagram) has acknowledged they’ve been used by the US Military for propaganda.

Now for the good news:

Apple is finally adding end-to-end encryption for some iCloud backups.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released updates to address 57 vulnerabilities in .NET Framework, Azure, Client Server Run-time Subsystem (CSRSS), Microsoft Bluetooth Driver, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Windows Codecs Library, Windows Hyper-V, SysInternals, Windows Certificates, Windows Contacts, Windows DirectX, Windows Error Reporting, Windows Fax Compose Form, Windows HTTP Print Provider, Windows Kernel, Windows PowerShell, Windows Print Spooler Components, Windows Projected File System, Windows Secure Socket Tunneling Protocol (SSTP), Windows SmartScreen, Windows Subsystem for Linux, Windows Terminal and MSRT (~ 2.5 GB). This includes security updates. A reboot is required.

Apple released updates for iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2, iOS 16.2 and iPadOS 16.2, macOS Big Sur 11.7.2, macOS Monterey 12.6.2, macOS Ventura 13.1, Safari 16.2, tvOS 16.1.1, tvOS 16.2, and watchOS 9.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.7.2, 16.1.2, and 16.2 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.7.2, 16.1.2, and 16.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 16.1.1 and 16.2 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 108.0.5359.75 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 37-1.7 is a major update, adding support for Raspberry Pi 4, new editions, and updates libraries. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.11.2 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.5.9 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.1.11 resolves several bugs. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Garmin Express 7.15.2 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

NVcleanstall 1.14.0 resolves several bugs. This is not a security update.
https://www.techpowerup.com/download/techpowerup-nvcleanstall/

Nvidia Driver 474.06 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Drivers by Seagull 2022.3 adds support for over 200 new devices. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

Wacom Driver 6.4.0-11 resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.46.134 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 108.0.5359.98 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 108.0.1462.46 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 108.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Vivaldi 5.6.2867.40 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.7 resolves a couple bugs and improves cosmetic options. This is not a security update.
https://getmailspring.com/

OutlookAttachView 3.47 adds option to cancel scan with Esc key. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.2.1.40643 resolves many bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.2.1.40641 resolves many bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.6 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 7.0.0 resolves several bugs and improves interface and Settings. This is not a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.53 adds multiple profile support to several browsers and adds the ability to cancel scan with the Esc key. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

DNSDataView 1.70 adds support for collecting A records of all PTR record. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 162.4.5419 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 172.0.0.23.215 is a security update.
https://www.messenger.com/download

FileZilla Client 3.62.2 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.6.1 resolves an installation bug and improves certificate controls. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.28 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 68.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.5.00.33362 adds HOSI support for compatible hardware. This is not a security update.
https://teams.microsoft.com/downloads

Minds (Android) 4.30.1 resolves several bugs. This is not a security update.
https://www.minds.com/

Nextcloud Server 25.0.2 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.7.4 improves the user interface, adds several new options, and resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.20.29 resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.34 resolves several bugs. This is not a security update.
https://pocketnet.app/

Qbox 4.0.5.35 doesn’t provide a changelog so should be treated as a security update.
https://www.coraltreetech.com/qbox

Rclone 1.60.1 resolves several bugs and improves compatibility. This is not a security update.
https://rclone.org/

Signal 6.0.1 adds Stories support. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.3.6 adds donation support. This is not a security update.
https://signal.org/android/apk/

Skype 8.91.0.404 adds universal translation and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.22.2 resolves several bugs and updates libraries. This is not a security update.
https://syncthing.net/

Technitium DNS Server 10.0.1 adds several features and resolves bugs. This is a security update.
https://technitium.com/dns/

Telegram 4.4.1 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 9.2.1 doesn’t provide a detailed changelog so should be treated as a security update.
https://telegram.org/apps

TP-Link Archer AX21 v1.3.6 is a security update.
https://www.tp-link.com/us/support/download/archer-ax21/v1.20/#Firmware

WinSCP 5.21.6 is a security update.
https://winscp.net/eng/index.php

Zoom 5.12.9.10650 improves policy controls, CC and translation, and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4.3 fixes a couple stability bugs. This is not a security update.
https://www.bitwig.com/download/

Picard 2.8.5 resolves several bugs. This is a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.59.1.3398 adds support for AV1 and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.30.1.3391 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.30.0.6486 adds pattern matching, improves scheduled tasks, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.18 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2022.11.0.54 resolves dozens of bugs and improves usability. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.1.152 adds new features, including monetization through assets, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.22.12.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Steam 2022.12.01 resolves 20 bugs. This is not a security update.
https://steamcommunity.com/news/client

SteamOS SteamDeck Update 2022-11-21 resolves many bugs including hardware compatibility, performance and stability issues. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Campaign Classic 7.3.2 and 8.4.2 are security updates.
https://helpx.adobe.com/security/products/campaign/apsb22-58.html

Adobe Experience Manager 2022.10.0 and 6.5.15.0 resolve almost three dozen security vulnerabilities.
https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html

Illustrator 2023 27.0.1 and 2022 26.5.2 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-60.html

Artweaver 7.0.14 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.63.1 is the final release of Atom before it is to be EOL in a couple days. Please switch to another editor.
https://atom.io/

Audacity 3.2.2 adds VST2 realtime effect support and resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 6.9.0 adds signing to all binaries and resolves several bugs. This should be treated as a security update.
https://calibre-ebook.com/

Inkscape 1.2.2 resolves dozens of bugs. This is not a security update.
https://inkscape.org/release/

Kindle for PC 1.39.65383 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 7.4.3 resolves 100 bugs. This is a security update. Remember that the Fresh line is beta software. Most users should use the Still line.
https://www.libreoffice.org/

Nextcloud Desktop 3.6.4 improves stability. This is not a security update.
https://nextcloud.com/

PDF-XChange Editor 9.5.366.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.3.0 improves culprit tracking. This should be treated as a security update.
https://github.com/countercept/chainsaw

HTTP Toolkit 1.12.1 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware Mac 4.17.8 adds support for macOS Ventura/13. This is not a security update.
https://www.malwarebytes.com/mac/

ProtonVPN 2.3.1 improves user interface. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.10 improves the user interface. This is not a security update.
https://protonvpn.com/download

Radmin VPN 1.3.4568.3 adds ability to add exceptions from within the software. This is not a security update.
https://www.radmin-vpn.com/

RogueKiller 15.6.3 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 5.7 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.45.2 resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.6.7 adds PGP automation and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

WebBrowserPassView 2.12 adds High-DPI support and improves portable browser support. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 22.4.1 resolves several bugs. This is not a security update.
https://www.techsmith.com/video-editor.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.9.4 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.3 doesn’t provide a changelog so should be treated as a security update.
https://imazing.com/heic

IsoBuster 5.1 adds support for reading the FAT directly, improves performance and stability, and resolves dozens of bugs. This is not a security update.
https://www.isobuster.com/download.php

PDF Creator 5.0.3 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.0.0.7 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.18 resolves a merge bug. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.9.10 improves 2FA support and compatibility, and resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.9.10 improves 2FA support and compatibility, and resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/windows/

Agent Ransack 2022.3349 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2022.11.0 implements 2-step authentication and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.06.10144 adds and improves cleanup for over a dozen applications. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.4.1 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 10.51 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.1.197.0 adds recycle bin support, resolves several bugs, and improves bookmark behavior. This is not a security update.
https://dngrep.github.io/

Etcher 1.10.6 updates dependencies. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 2022.3349 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.39.0 resolves several bugs. This is not a security update.
https://git-scm.com/

Go 1.19.4 is a security update.
https://go.dev/

GoodSync 12.1.2 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

Homedale 2.04 removes log headers and updates languages. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.48 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NetConnectChoose 1.10 adds Metric column and resolves a network selection bug. This is not a security update.
https://www.nirsoft.net/utils/net_connect_choose.html

NTLite 2.3.9.9018 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1006 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.6.0 resolves several bugs, adds new columns and controls. This is not a security update.
https://osquery.io/downloads

AOMEI Partition Assistant 9.13.0 resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 6.11 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.65.0 upgrades dependencies and resolves a couple bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Explorer 17.02 resolves stability bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

RoboForm 9.3.8 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 3.21 updates dependencies, libraries, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 22.9.10589.8370 resolves dozens of bugs including stability and reliability. This is a security update.
https://www.connectwise.com/software/control/download

Sysmon 14.13 resolves a stability bug. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TeamViewer 15.36.9 improves terminal and scripting support. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.22 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Unity 2022.2.0 resolves over a hundred bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WinScan2PDF 8.31 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.12 resolves a couple bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomText 2022 2022.2211.5.400 improves integration and stability, and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2023 2023.2210.28.400 is a new major version adding tethered view and improves compatibility. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.36.02 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Docker Desktop 4.14.1 improves stability and performance, adds WebAssembly support, user interface improvements, upgrades libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Node.js 14.21.2 updates certificates and timezone information. This should be treated as a security update.
https://nodejs.org/en/

Node.js 16.19.0 updates certificates and timezone information. This should be treated as a security update.
https://nodejs.org/en/

Node.js 19.2.0 updates libraries and resolves over a dozen bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.40.0 improves support for data recovery, performance, and reliability. This is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.74 adds several new features. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.4 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.4.9 resolves several bugs. This is not a security update.
https://drupal.org/download

HumHub 1.12.3 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 4.2.6 improves compatibility and resolves several bugs. This is not a security update.
https://www.joomla.org/

jQuery 3.6.2 improves compatibility and resolves several bugs. This is not a security update.
https://code.jquery.com/

MailEnable 9.86 is a security update.
https://www.mailenable.com/

MailEnable 10.43 is a security update.
https://www.mailenable.com/

ownCloud Client 3.0.0.9215 resolves dozens of bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 13.3.0 resolves several bugs. This is not a security update.
https://piwigo.org/

SMF 2.1.3 resolves dozens of bugs. This should be treated as a security update.
https://www.simplemachines.org/

WordPress 6.1.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/

Akismet 5.0.2 is a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.4 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.7 resolves dozens of bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.1 adds support for the latest build of WordPress and resolves several bugs. This is a security update.
https://wordpress.org/plugins/duplicator/#developers

Redirection 5.3.6 improves translations. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Simple Lightbox 2.9.3 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/simple-lightbox/

Sucuri Security 1.8.36 is a cosmetic update. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.2.9 improves translation support. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 7.1.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPtouch 4.3.46 is a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-10-11

Posted on October 11, 2022 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for October, 2022. This month brings a new major version of Windows 11, and impending new version of Windows 10. That’s on top of the 120 major hacks, and another 150+ application updates this month. This is actually the lightest month we’ve had in a while, with less than 3 GB of updates for most users.

This Month in Technology

MEC has shared with us why Microsoft Exchange has proven to be such a large target. 350+ million email accounts spread across over 300,000 physical servers, where (demonstrably) security lapses are commonplace. Even with that, it has nothing to do with the recent spate of outlook crashes or certificate issues on MS products.

There’s more evidence demonstrating the risk of pirated software. Twitter neglected to log out devices after password resets. And Dell drivers are being used to hijack computers.

The newest version of Windows 11 was released less than 3 weeks ago. It has problems. Among the many issues with the latest release of Windows 11 include
file copy performance, Windows Hello failure, provisioning, Remote Desktop, printer issues, Intel audio, NVIDIA GeForce Experience, and NVIDIA gaming performance, and those are just the ones that have made the news so far. If you’re planning to upgrade to the latest build of Windows 11, wait another month or two.

Now for the good news:

It turns out the theoretial protection of tinfoil hats may have actually been a government conspiracy. Really. How is this good news? You don’t have to worry about making sure you have tinfoil available anymore! 🙂

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly
GB in updates today. Let’s get started.

Windows 11 22H2 (22621) is a major update for Windows 11, but it has been plagued with issues over the last couple weeks. Give it time before you willingly update.

Microsoft released updates to address 90 vulnerabilities in Active Directory Domain Services, Azure, Azure Arc, Client Server Run-time Subsystem, Microsoft Edge, Microsoft Graphics Component, Microsoft Office, Microsoft Office 365 2209 (15629.20156), Microsoft Office SharePoint, Microsoft Office Word, Microsoft WDAC OLE DB provider for SQL, NuGet Client, Remote Access Service Point-to-Point Tunneling Protocol, Role: Windows Hyper-V, Service Fabric, Visual Studio Code, Windows Active Directory Certificate Services, Windows ALPC, Windows CD-ROM Driver, Windows COM+ Event System Service, Windows Connected User Experiences and Telemetry, Windows CryptoAPI, Windows Defender, Windows DHCP Client, Windows Distributed File System, Windows DWM Core Library, Windows Event Logging Service, Windows Group Policy, Windows Group Policy Preference Client, Windows Internet Key Exchange Protocol, Windows Kernel, Windows Local Security Authority, Windows Local Security Authority Subsystem Service, Windows Local Session Manager, Windows NTFS, Windows NTLM, Windows ODBC Driver, Windows Perception Simulation Service, Windows Point-to-Point Tunneling Protocol, Windows Portable Device Enumerator Service, Windows Print Spooler Components, Windows Resilient File System, Windows Secure Channel, Windows Security Support Provider Interface, Windows Server Remotely Accessible Registry Keys, Windows Server Service, Windows Storage, Windows TCP/IP, Windows USB Serial Driver, Windows Web Account Manager, Windows Win32K, Windows WLAN Service, Windows Workstation Service, and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 16.0.3 and watchOS 9.0.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS iOS 16.0.3 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 9.0.2 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 105.0.5195.134 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.10.1 improves stability. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 8.03 does not provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.5.5 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.1.6 resolves dozens of issues. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Epson ET-4800 3.01 adds support for newer Remote Print Driver and Epson Photo+ Software. This is not a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4800/s/SPT_C11CJ65201

Garmin Express 7.14.0 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Intel Driver and Support Assistant 22.6.39 resolves several bugs and improves feedback. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Netgear Nighthawk R7960P 1.4.4.94 is a security update.
https://www.netgear.com/support/product/R7960P.aspx#download

Wacom Driver 6.4.0-8 adds support for newer hardware. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.44.108 is a security update.
https://brave.com/

Google Chrome 106.0.5249.103 is a security update.
https://www.google.com/chrome/

Microsoft Edge 106.0.1370.34 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 105.0.3 is a security update.
https://www.mozilla.org/en-US/firefox/new/

SeaMonkey 2.53.14 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.5.2805.35 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.45 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

OutlookAttachView 3.46 improves visual feedback. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 102.3.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.52 improves visual feedback. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Dropbox 158.4.4564 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 164.0.0.8.109 is a security update.
https://www.messenger.com/download

FileZilla Client 3.61.0 should be treated as a security update.
https://filezilla-project.org/

FreeFileSync 11.26 improves performance and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 64.0.4 resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.5.00.21668 adds support for Apple Silicon, group chat reply suggestions, and improves management features. This is not a security update.
https://teams.microsoft.com/downloads

Mumble 1.4.287 improves compatibility. This is not a security update.
https://www.mumble.info/

Nextcloud Server 24.0.6 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Rclone 1.59.2 improves stability. This is not a security update.
https://rclone.org/

Signal 5.62.0 resolves several bugs and improves contact property view. This is not a security update.
https://signal.org/download/windows/

Skype 8.88.0.401 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.22.0 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 9.1 adds certbot support, dashboard improvements, and several other features. This is not a security update.
https://technitium.com/dns/

Telegram 4.2.4 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 5.21.5 is a security update.
https://winscp.net/eng/index.php

Zoom 5.12.2.9281 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4 improves stability, adds new audio FX packages, and new “spectral devices.” This is not a security update.
https://www.bitwig.com/download/

darktable 4.0.1 resolves dozens of bugs. This is not a security update.
https://www.darktable.org/

MediaMonkey 5.1 resolves several bugs. This is not a security update.
https://www.mediamonkey.com/windows#download

Plex Desktop 1.55.0.3278 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.26.1.3276 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.29.0.6244 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.2.4 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.9.0.49 improves stability. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.22.9.3 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Nintendo Switch 15.0.0 improves stability, changes a menu, and adds ability to take screenshots in NSO. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS4 10.01 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

PS5 22.02-06.00.01 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2022.10.06 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 21.0.12 and 22.0.8 are security updates.
https://helpx.adobe.com/security/products/animate/apsb22-54.html

Adobe Bridge 12.0.3 and 11.1.4 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb22-49.html

Adobe Experience Manager CS and 6.5.14.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html

Adobe Illustrator 26.5 and 25.4.8 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-55.html

Adobe InCopy 17.4 and 16.4.3 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb22-53.html

Adobe InDesign 17.4 and 16.4.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb22-50.html

Adobe Photoshop 22.5.9 and 23.5 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-52.html

Adobe Reader DC 22.003.20258 is a security update.
https://get.adobe.com/reader

Audacity 3.2.1 improves stability. This is not a security update.
https://www.audacityteam.org/download/

Blender 3.3.1 adds hair geometry, improves deforming tools, and several other features. This is not a security update.
https://www.blender.org/download/

Krita 5.1.1 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.4.1 resolves dozens of bugs. This is not a security update.
https://www.libreoffice.org/

Notepad++ 8.4.6 adds change history markers and tab context menu improvements. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 9.4.364.0 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Calibre 6.6.1 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Kindle for PC 1.39.65306 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.1.1 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

HTTP Toolkit 1.11.0 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

OnionShare 2.6 adds several new features. This is a security update.
https://onionshare.org/

OpenSSL 3.0.6 is a security update.
https://www.openssl.org/source/

OpenSSL 1.1.1r is a security update.
https://www.openssl.org/source/

OSFClone 1.4.1000 updates libraries and core OS. This is a security update.
https://www.osforensics.com/tools/create-disk-images.html

ProtonVPN 2.1.1 is a cosmetic update. This is not a security update.
https://protonvpn.com/download

ProtonVPN for macOS 3.0.3 is a cosmetic update. This is not a security update.
https://protonvpn.com/download

ReactOS 0.4.14.24 resolves dozens of bugs. This should be treated as a security update.
https://reactos.org/

uBlock Origin 1.44.4 resolves the broken :not() operator. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.10.3 adds directory scanning and improves compatibility. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 28.0.3 resolves several bugs. This is not a security update.
https://obsproject.com/

ScreenToGif 2.37.1 resolves several bugs to improves compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 22.1.2 resolves an activation bug. This is not a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.8.9 adds support for new encodings and improved hardware support. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.2 doesn’t provide a changelog. This is not a security update.
https://imazing.com/heic

PDF Creator 5.0 is a major update adding new features and organizational tools. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 5.0.5.6 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.15 adds split view improvements, adds math support, PDF improvements, and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

BgInfo 4.32 now reports Windows Insider builds. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/bginfo

Bitwarden 2022.9.1 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.04.10044 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Coreinfo 3.6 adds and option to measure inter-CPU latency. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/coreinfo

DesktopOK 10.34 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.7.9 adds update notification and resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything 1.4.1.1022 is a security update.
https://www.voidtools.com/

Everything CLI 1.1.0.26 adds -exit, -reindex, and -utf8bom options, and resolves a Unicode write bug. This is not a security update.
https://www.voidtools.com/

Fido 1.35 is the fourth compatibility release for Windows 11 22H2. This is not a security update.
https://github.com/pbatard/Fido/releases

Git SCM 2.38.0 resolves over a dozen bugs. This is not a security update.
https://git-scm.com/

Go 1.19.2 is a security update.
https://go.dev/

GoodSync 12.0.7 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.0.11 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

Kingston SSD Manager 1.5.2.4 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2.3.8.8945 improves compatibility. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1004 improves documentation and reports, and updates several features. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.63.0 resolves several bugs and updates dependencies. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 22.8.9612.8308 adds key rotation, improved session management, improved compatibility and resolves several bugs. This is a security update.
https://www.connectwise.com/software/control/download

Sysmon 14.1 adds monitoring for FileBlockShredding events. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TaskSchedulerView 1.72 improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.34.4 improves multi-tab display. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.19 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WinGet 1.3.2691 updates dependencies. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2021.3.1.16 improves wear OS compatibility. This is not a security update.
https://developer.android.com/studio

AutoIt 3.3.16.1 resolves several bugs. This is not a security update.
https://www.autoitscript.com/autoit3/docs/history.htm

GitHub Desktop 3.1.1 resolves several bugs. This is not a security update.
https://desktop.github.com/

MySQL Server 8.0.31 resolves dozens of bugs. This is not a security update.
https://dev.mysql.com/downloads/installer/

MySQL ConnectorNet 8.0.31 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 14.20.1 is a security update.
https://nodejs.org/en/

Node.js 16.17.1 is a security update.
https://nodejs.org/en/

Node.js 18.10.0 is a security update.
https://nodejs.org/en/

SQLite 3.39.4 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseSVN 1.14.5 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.72.1 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.0 is a major update adding full encryption support, cloud interop connectivity, new hardware virtualization features and resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.20 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.4.8 is a security update.
https://drupal.org/download

Joomla 4.2.3 resolves several bugs. This is not a security update.
https://www.joomla.org/

MailEnable 10.42 and 9.85 are security updates.
https://www.mailenable.com/

Piwigo 13.0.0 adds several new features and updates compatibility options. This is not a security update.
https://piwigo.org/

Akismet 5.0.1 resolves several bugs.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

myStickymenu 2.6.1 removes the contact form character limit. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.62 resolves a timezone bug. This is not a security update.
https://wordpress.org/extend/plugins/postie/

Redirection 5.3.4 resolves a “not” bug. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Simple Lightbox 2.9.2 should be treated as a security update.
https://wordpress.org/extend/plugins/simple-lightbox/

Slider Revolution 6.6.3 resolves a couple bugs. This is not a security update.
https://revolution.themepunch.com/

W3 Total Cache 2.2.6 resolves a Cloudfront compatibility bug. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WP Mail SMTP 3.6.1 resolves several bugs and improves debug controls. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WooCommerce 6.9.4 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Importer 0.8 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-07-12

Posted on July 12, 2022 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for July, 2022. You know how you say something like “biggest update series in well over a year” and the next month just blows that out of the water? We’re there now.

This Month in Technology

Advocates, Inc., Aerojet Rocketdyne, Alabama Eye & Cataract, P.C., Alameda Health System, Aloha Laser Vision, Amagasaki, Japan, Amazon Photos, AMD, Anker Eufy, Aon, Aruba Networks Switches, ATC Healthcare, Bangladeshi government, Bank of the West, Baptist Medical Center and Resolute Health Hospital, Bayhealth Medical Center, Inc., BeanVPN, Benefit Plan Administrators, Inc., Bookchor, Bourse des Vols, Capital Economics, Carnival Corporation, Carolina Behavioral Health Alliance, Carolina Eyecare Physicians, LLC, Catholic Health System, Center for Sight, Inc., Central Florida Inpatient Medicine, Charlotte Radiology, Cherry Creek Eye Physicians and Surgeons, P.C., CHRISTUS Spohn Health System Corporation, Cisco Secure Email, Cisco VPN routers, Citrix Application Delivery Management, CoDeSys Automation Software, Community of Hope D.C., Crema Finance, Customer.io, Disneyland’s Facebook and Instagram accounts, DivX SubTitles, Django, DTEK Group, ExpressLRS, Fast Shop, Flagstar Bank, Florida Birth-Related Neurological Injury Compensation Association, Foxhall Ob Gyn Associates, Geographic Solutions, Gol Tours LTD, Grab, Harmony, Hillrom Medical, Honda cars, Hudson Regional Hospital, IBM, Ignitis Group, Indian Flood Monitors, Indian government, thousands of industrial devices, Israeli Defense, Kaiser Foundation Health Plan of Washington, Kaiser Permanente, Kernersville Eye Surgeons, P.C., Khouzestan Steel Company, almost a million Kubernetes clusters, La Poste Mobile, Latvian government, Lithuanian government, Long Vision Center, Macmillan Publishing, Mangatoon, Marriott International, Massachusetts Child and Family Services, Inc., Mattax Neu Prater Eye Center, Inc., MCG Health and Eye Care Leaders, Medical University of Innsbruck, MEGA, Michigan Avenue Immediate Care, Microsoft Azure FabricScape, Microsoft Exchange, Microsoft Windows Domain Servers, Mitel VoIP, New Jersey Health Information Management, Nichirin-Flex U.S.A., North American Spine Society, Norway govt sites, OpenSea, OrthoNebraska, Phelps Care Regional Medical Center, Preferred Hospital Leasing Coleman Inc., Professional Finance Company, Renton School District, Resolute Health Hospital, Rodeo Pharmacy Inc, Shanghai National Police, Sharper Vision P.A., SHI International, Shoprite, Sight Partners Physicians, P.C., Sophos Firewall, Southwest Health Center, St Joseph Heritage Health, Stanford University, Stokes Regional Eye Centers, TB Kawashima, The People Concern, The Vicksburg Clinic, LLC, Tosoh America, Inc., UK Army’s Twitter & YouTube, UNC Lenoir Health Care, University of Pisa, University Pediatric Dentistry, US Bank, Walmart, WellDyneRx, LLC, Wiltshire Farm Foods, Yodel, Yuma Regional Medical Center, and Zimbra reportedly been hacked or compromised this month.

Some vendors, like CafePress, simply don’t care about security – and do their best to conceal when they’re hacked. I contacted them to report when they were hacked back in 2014 and they ignored me. Sigh.

Microsoft 365, Cloudflare, Microsoft Teams, Rogers (it was a big one), and Microsoft Office / OneDrive had widespread outages.

Facebook is collecting the patient data of millions, and is also blocking the link to the Facebook settlement class action website. You think they would have learned.

Attackers are using Google Chrome Extension fingerprinting to uniquely identify you. This method works in any Chromium browser.

Spam is still the #1 method of exploiting users. Whether it is a fake renewal notice, fake copyright complaints, or fake invoice, most spams will include a fake login form or a fake support number. In both cases they depend on the user to actually enter the login details or call the scammer to fall prey to their attacks. Online development environments are even being used for these attacks.

Counterfeit hardware can be far more dangerous than the real thing. Even though some vendors only support their hardware a few years before you have to replace it, counterfeits are never supported and often have malicious implants.

Microsoft has rolled back (temporarily) their decision to block macros by default.

MITRE staff didn’t understand that publishing vulnerable sites, not just vulnerability information was bad, while a HackerOne employee was selling exploits before they were published, and an Amazon employee installed cryptominers on Capital One servers. Adobe is using malware traits to block antivirus software from scanning PDF files. How quickly these organizations can shatter their trust.

Here’s a great example of how a single vulnerability will be used to get far deeper into your network and hardware.

Storing your password directly in the browser is dangerous. Use a password manager.

Now for the good news:

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates to address 74 vulnerabilities in Azure Site Recovery, Azure Storage Library, DNS Server, Microsoft Defender for Endpoint, Microsoft Edge, Microsoft Graphics Component, Microsoft Lync, Microsoft Office, Open Source Software, Skype for Business, Windows Active Directory, Windows Advanced Local Procedure Call, Windows BitLocker, Windows Boot Manager, Windows Client/Server Runtime Subsystem, Windows Connected Devices Platform Service, Windows Credential Guard, Windows Fast FAT Driver, Windows Fax and Scan Service, Windows Fax Service, Windows Group Policy, Windows Hyper-V, Windows IIS, Windows Kernel, Windows Media, Windows Network File System, Windows Performance Counters, Windows Point-to-Point Tunneling Protocol, Windows Portable Device Enumerator Service, Windows Print Spooler Components, Windows Remote Procedure Call Runtime, Windows Security Account Manager, Windows Server Service, Windows Shell, Windows Storage, XBox, and MSRT (~3 GB). This includes security updates. A reboot is required.

Google Chrome OS 103.0.5060.114 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.6.1 adds support for newer hardware. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 7.12 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.5.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver and Support Assistant 22.4.26 improves user interface. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Samsung DeX 2.4.0.29 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.41.96 is a security update.
https://brave.com/

SeaMonkey 2.53.13 is a security update.
https://www.seamonkey-project.org/

Google Chrome 103.0.5060.114 is a security update.
https://www.google.com/chrome/

Microsoft Edge 103.0.1264.51 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 102.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 5.3.2679.68 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.45 adds a command-line option to control columns in exports. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 102.0.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

curl 7.84.0 resolves over a hundred bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 152.4.4880 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 153.0.0.19.110 is a security update.
https://www.messenger.com/download

FreeFileSync 11.22 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 60.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Nextcloud Server 24.0.2 updates libraries, and resolves over 50 bugs. This is a security update.
https://nextcloud.com/

Npcap 1.70 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Rclone 1.59.0 adds support for new backends, metadata framework, resolves several bugs, and updates libraries. This is not a security update.
https://rclone.org/

Signal 5.49.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://signal.org/download/windows/

Skype 8.85.0.409 improves their propaganda tools and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.20.3 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 8.1.4 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 4.0.2 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 5.21.2 is a security update.
https://winscp.net/eng/index.php

Zoom 5.11.1.6602 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.2 updates libraries and resolves several bugs. This is not a security update.
https://en.3tene.com/

darktable 4.0.0 is a major update. This version improves color space, exposure, contrast controls and hundreds of other features, as well as resolving over 100 issues. This should be treated as a security update.
https://www.darktable.org/

Picard 2.8.2 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.48.2.3124 adds option to disable some Discover features, resolves several bugs with Search and Watchlist. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.20.2.3110 resolves a stability bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.27.2.5929 improves logging, adds support for Musicbrainz tags, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.1.2 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.6.0.23 adds Feather support, room editor filters, additional extension features, and resolves dozens of bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.22.6.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

PlayStation PS5 22.01-05.50.00 resolves several bugs and improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

PlayStation PS4 9.60 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe RoboHelp RH2020.0.8 is a security update.
https://www.adobe.com/support/robohelp/downloads.html

Adobe Acrobat and Reader 22.001.20169, 20.005.30362, and 17.012.30249 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb22-32.html

Adobe Character Animator 22.5 is a security update.
https://www.adobe.com/creativecloud/catalog/desktop.html

Adobe Photoshop 22.5.8 and 23.4.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-35.html

Artweaver 7.0.13 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 6.0 is a major update. This version adds full text search, new hardware support and performance improvements, a new URL scheme, and read-aloud support. It also removed 32-bit support. This is not a security update.
https://calibre-ebook.com/

Gimp 2.10.32 adds HiDPI, high bit-depth and multi-threading support, dark theme, improved color control, masking, and warp. This is not a security update.
https://www.gimp.org/

Kindle for PC 1.37.65274 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Nextcloud Desktop 3.5.2 resolves over a dozen bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4.3 adds option to limit search results to one line per file, adds EOL customization, adds new document shortcuts, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Intel CSMEVDT 7.0.2.0 resolves a documentation error. This is not a security update.
https://www.intel.com/content/www/us/en/download/19392/28632/intel-converged-security-and-management-engine-version-detection-tool-intel-csmevdt.html

FSS 2022.6.14 doesn’t provide a changelog so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

Gpg4win 4.0.3 is a security update.
https://www.gpg4win.org/download.html

HTTP Toolkit 1.9.0 improves issue tracking and feedback. This is not a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.5.10.200 is a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL (SLP) 3.0.5 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

OpenSSL 1.1.1q is a security update.
https://www.openssl.org/source/

ProtonVPN 2.0.3 resolves several bugs. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.1 resolves several bugs. This is not a security update.
https://protonvpn.com/download

SanDisk PrivateAccess 6.3.10 does not provide a changelog so should be considered a security update.
https://kb.sandisk.com/app/answersweb/detailweb/a_id/21996

Tails 5.2 is a security update.
https://tails.boum.org/install/dvd/index.en.html

YARA 4.2.2 is a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 22.1.0 adds several new features, improves performance, and resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.7.8 adds support for new encodings and resolves several stability bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.0 doesn’t provide a changelog so should be considered a security update.
https://imazing.com/heic

IsoBuster 5.0 is a major update that adds a 64-bit version, high-DPI scaling, themes, improved media support and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.17.0 improves reliability, adds support for new encodings, and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.9 adds PDF rotation and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 8.7.3 is a major update adding several new cosmetic and integration improvements, and search and filter options. This is a security update.
https://1password.com/downloads/windows/

1Password for Mac 8.7.3 is a major update adding several new cosmetic and integration improvements, and search and filter options. This is a security update.
https://1password.com/downloads/mac/

7-Zip 22.00 adds support for APFS, pax, adds zone.id, and resolves several bugs. This is not a security update.
https://www.7-zip.org/

8GadgetPack 35.0 improves compatibility, adds keyboard shortcuts, and resolves several bugs. This is not a security update.
https://8gadgetpack.net/

Agent Ransack 2022.3335 adds new columns, improves view state restoration, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

CCleaner 6.01.9825 adds support for new apps and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Dell OS Recovery Tool 2.3.7012.0 doesn’t provide a changelog so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 9.97 expands toolset. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.0.84.0 adds personalization, search statistics, Excel row numbers, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

dupeGuru 4.3.1 resolves a false duplication detection bug. This should be treated as a security update if you use dupeGuru to remove duplicate files.
https://dupeguru.voltaicideas.net/

FileLocator Pro 2022.3335 adds new columns, improves view state restoration, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.37.0 resolves several bugs and improves CLI support. This is a security update.
https://git-scm.com/

GoodSync 11.11.5 resolves dozens of bugs. This is a security update.
https://www.goodsync.com/

Intel CPU Diagnostic 4.1.7.39 adds tests for newer hardware, resolves several bugs, and updates components. This is not a security update.
https://www.intel.com/content/www/us/en/download/15951/intel-processor-diagnostic-tool.html

IsMyHdOK 3.66 improves compatibility and SSD/SSHD detection. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.3.6.8804 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PointerStick 5.88 improves support for virtual desktops and multiple screens. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.60.0 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.3.3 adds (and resolves bugs within) OTP feature, improves search, and resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 3.19 adds an option for setup customization, updates drivers, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

SearchMyFiles 3.20 adds filename length filter. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Synergy 1.14.5 resolves several bugs. This is not a security update.
https://symless.com/synergy/

TeamViewer 15.31.5 improves video experience and adds remote terminal to the Computers & Contacts list. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.8 updates libraries and resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WhyNotWin11 2.5.0.1 resovles several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WifiInfoView 2.77 improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

ZoomText 2022.2206.7.400 adds languages and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

GitHub Desktop 3.0.3 resolves several bugs. This is not a security update.
https://desktop.github.com/

Node.js 18.5.0 is a security update.
https://nodejs.org/en/

Node.js 16.16.0 is a security update.
https://nodejs.org/en/

Node.js 14.20.0 is a security update.
https://nodejs.org/en/

Rustup 1.25.0 adds support for arm64, improved integration and resolves several bugs. This is not a security update.
https://www.rust-lang.org/

Redemption 6.2.0.6122 resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

SQLite 3.39.0 adds support for right and full outer join, distinct from, and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.69.1 adds 3-way merge, improved command center UI for search, DND mode, and resolves several bugs. This is a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.3.18 is a security update.
https://drupal.org/download

Drupal 9.4.0 is a security update.
https://drupal.org/download

HumHub 1.11.4 is a security update.
https://www.humhub.com/en/download

Joomla 4.1.5 resolves several bugs. This is the last of the 4.1 series. This is not a security update.
https://www.joomla.org/

jQuery 3.6.0
https://code.jquery.com/

MailEnable 10.40 updates libraries and resolves over a dozen bugs. This is a security update.
https://www.mailenable.com/

Piwigo 12.3.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.0.1 resolves over two dozen bugs. This is not a security update.
https://wordpress.org/

Akismet 4.2.5 resolves a bug. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Antispam Bee 2.11.1 cleans up code. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

Contact Form 7 5.6 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.4.7 improves compatibility. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Interactive World Map 3.2.0 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/interactive-world-map/

Postie 1.9.61 resolves a MIME warning. This is not a security update.
https://wordpress.org/extend/plugins/postie/

NextScripts Social Networks Auto-Poster 4.3.26 is a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Slider Revolution 6.5.25 resolves a dozen bugs. This is not a security update.
https://revolution.themepunch.com/

Sucuri Security 1.8.32 is a critical security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.2.3 is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 6.6.1 resolves dozens of bugs. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/