Updates 2024-04-09

Welcome back, Folks!

Today is Patch Tuesday for April, 2024.

There were 370+ major hacks, and over 160 application updates this month. It’s a small month though, with only about 1.5 GB of updates for most users.

This Month in Technology

A5 PHARMACY INC., 6,000 ASUS routers, Ace Hardware, Acer Philippines, Activision, Acuity, Adobe Reader, Affinity Health Services, Air Europa, AirDAO, Alabama State Government, Alamo Insurance, Alsaree3, Amazon’s AWS Airflow Service, AMD Zen CPUs (ZenHammer), American Renal Associates, Apex Legends Global Series, Apotheka pharmacy, Apple Safari, Apple’s M Chips (GoFetch), Apple, Arcserve UDP, Argo, AT&T (after denying it), Aussizz Group, Aveanna Healthcare, Axis Direct, BabyTV, Bank of America, Bank of Tanzania, Bank Syariah Indonesia, Banregio, Battle Mountain General Hospital, Benetton Group, Bernalillo County, Better Accounting Solutions, BigBasket, BioLife Plasma Services, L.P., Bira91, boAt Lifestyle, Bonney Forge Corporation, Brewer & Company Of West Virginia, British Tobacco, BSR Infratech India Ltd, Bticino Club, California Correctional Health Care Services, California Department of Food and Agriculture (CDFA), Carolina Foods, Carrozzeria Aretusa, CASIO India, CCM Health, Chambers Construction, ChatGPT Plugin, Cherry Health, City of Conneaut, Ohio, City of Hope Cancer Center, City of Jacksonville Beach, Florida, City of Pensacola, Florida, City of St. Cloud, Florida, ClickASnap, Colorado Public Defender, Commerce Dental Group, Commonwealth Healthcare Corporation, Communications Workers Union, Cornerstone Healthcare Group Management Services LLC, Cornerstone Specialty Hospitals, Credit China, Crinetics Pharmaceuticals, Curio smart contracts, CVS Group, D-Link NAS (and several router models), DBS Bank, Delhi Police, Delta Dental of California, Delta Pipeline, Inc., Dental Health Services, Designed Receivable Solutions, Inc., Diabetes WA, Docker, Doctorim, Dolomite Exchange, Domestic Violence Project, Inc, Dormakaba’s Saflok, Dr. Cafe Coffee, Dunn, Pittman, Skinner & Cushman, PLLC, Duty Free Americas, Eagle Bank, Eagle Hydraulic, EAS Change Systems, East Baton Rouge Sheriff’s Office (EBRSO), Eastern Radiologists, Eastside Union School District, EBlock Corp, Ecuador’s Ministerio de Economía, Editorialist, El Salvador’s citizen database, Eland Energy, Inc., Ellsworth Cooperative Creamery, Emergency Medical Services Authority (EMSA), Encina Wastewater Authority, England and Wales Cricket Board, EquiLend, Ernest Health, eSIMs, Ethos/Southwest Boston Senior Services, Europol, Everbrite, LLC., Exvagos, Ezras Choilim Health Center, Inc., Family Health Center, Farmacia Ettore Florio SNC, Fidelity Investments Life Insurance Company, Fiduciary Outsourcing, LLC, FileCatalyst Transfer Tool, Fire Rescue Victoria, 223 million exposed Firebase records, Five Eyes Intelligence Group, Flipkart, Florida Department of Juvenile Justice, Florida Pediatric Associates, FortiClient EMS, France Travail (Government Unemployment Agency), French Football Federation, Fujitsu Corporate Networks, G&S Japan, Gamooga, GardaWorld Cash, Gerson Lehrman Group, most modern CPUs (GhostRace), Giant Tiger, Gilmer County, Georgia, Google Chrome, Google DoubleClick, Google Pixel, Government Employees Pension Fund (GEPF), Greensboro College, Greenwood Regional Rehabilitation Hospital, Gresser Inc. and Affiliates, Greylock McKinnon Associates, Group Health Cooperative of South Central Wisconsin, GSM Hosting, Guardian Life Insurance Company, Guy’s Floor Service Inc., HALO Branded Solutions, Hamilton, Canada, Harvard Pilgrim Health Care, Health Plan Intermediaries Holdings, Healthfirst Health Plan, Inc., Healthfirst Insurance Company, Inc., Healthfirst PHSP, Inc., Henry County, Illinois, High Wycombe Cressex Community School, Home Depot, Homeocan, Hot Topic, Houser LLP, Hoya Corporation, HTTP/2 “continuation” frames, Hudson Supplies Inc, Human Development Services of Westchester, Inc., Huntsville, Ontario, IATSE Staff Retirement and National Pension Funds, ICICIPruLife, ICN Assessoria, IKF Finance, Imperva WAF, Indian Defense & Energy Sectors, Indian S3WaaS website, InfoHit, INNO-SOFT Info Systems Pte Ltd, Inspection Services, Inc., Integration International Inc., INTEGRIS Health, International Monetary Fund (IMF), Irish Health Service Executive (HSE), Israeli Justice Ministry, Israeli LGBTQ App Atraf, Ivanti Connect Secure, Ivanti Policy Secure, Ivanti VPN gateways, Jackson County, Missouri, John R. Wood Properties, Johnson Matthey, Jordano’s Inc., JSC Kaluzhskoe, Kaspersky Fan Club, Keenan & Associates, KidSecurity, Kyivstar, Leicester City Council, Lewis & Clark College, Lindsay Municipal Hospital, London Mayor’s Office for Policing and Crime (MOPAC), Los Angeles Department of Mental Health, M&D Capital Premier Billing, Maccarinelli Luciano, macOS, Macuz, Madero, Magento, Magnum, Mahoney Foundries Inc., Malaysian Industrial Development Finance, MarineMax, Mary H. Makhlouf, DMD, MS, PA, Massachusetts Mutual Life Insurance Company, MediaWorks, Meson, Metropolitan Life Insurance Company, Microsoft, Microsoft Edge, Microsoft Exchange Server, Microsoft SharePoint, Midlands Regional Rehabilitation Hospital, Minecraft, Mintlify, Monmouth College, Motilal Oswal, MotorCycle Holdings, Mozilla Firefox, Multi-Fill, Munchables, Nampak, National Amusements, National Home Mortgage Finance Corporation (NHMFC), National Insurance Institute of Israel, National Public Data, Nations Direct Mortgage, Nationstar Mortgage, Nemesis Market, New Mexico Administrative Office of the District Attorneys, New York State Education Department, Newport Group, NHS Dumfries and Galloway, NHS Scotland, Nissan, NorthBay VacaValley Hospital, Northern Virginia Oral, Maxillofacial & Implant Surgery, Nykaa, Oak View Group, Olea Kiosks Inc., Omni Hotels & Resorts, On Q Financial, Open Automation Software OAS Engine, Oracle VirtualBox, Orange County’s Credit Union, Orsini Pharmaceutical Services, Otolaryngology Associates, OWASP, Pacific Guardian Life Insurance, Paducah Dermatology, Palau National Government, PandaBuy, Panera Bread, Paulmann, Pembina County Memorial Hospital, PGF Technology Group, Inc., Philips Respironics, Phillipine Department of Science and Technology, Plymouth Tube Company Employee Benefit Plan, Polycab, Pomona Valley Hospital Medical Center, Ponoka, Canada, Powerhost, Precision Tune Auto Care, Inc., Prisma Finance, ProcessMaker, Prudential Insurance, Punjab Police, Pakistan, Quality Education and Skills Training (QUEST) App, R1 RCM Inc., Radiant Logistics, Rairdon Automotive Group, Ray AI Framework, Redbus, Regional One Health, Rent Go, REV Drill Sales & Rentals, Risas Dental & Braces, Rockland, Roi Et Rajabhat University, Roku, Rudman Winchell Law Firm, SAC Constelacion, Saint Louis University, Santa Clarita Community College District, Saudi Arabia Railways, Scranton School District, PA, Scullion Law, Select Education Group (SEG), Services Informatiques Pour Professionnels, Shopify plugins, Simpson Strong-Tie Co. Inc., Sit ‘n Sleep, Skyway Coach Lines, South China Athletic Association, SouthState Bank, Spa Grand Prix, Spartanburg Rehabilitation Institute, Spedition Langen, Stanford University, Sugargoo, Summit State Bank, Super Sushi Samurai, SurveyLama, Swiggy, SwordFantasy, Sycamore Rehabilitation Services, Inc., Targus, Tarrant Appraisal District, Tarrant County, Texas, TataMotors, Teleflora, Tesla, Tesla ECU, Tesla Model 3, The Big Issue, The Law Firm of Friedman + Bartoumian, The Pokémon Company, TIAA, Top.gg Discord bot, Torre Pacheco Town Hall, Spain, Trezor’s X Account, Tri-City Healthcare District, True Homes, Trustpoint Rehabilitation Hospital, Ubuntu desktop, UC San Diego Health, Ultra Intelligence & Communications, United Network for Organ Sharing (UNOS), University of Winnipeg, US Department of Health and Human Services (HHS), US Department of Justice (DoJ), US Department of State, US Environmental Protection Agency (EPA), US National Security Agency (NSA), US Vision, Inc., UT Southwestern, V12 Software, Valley Oaks Health, Venmo, Veritas Genetics, Viber, VMware Workstation, VNDirect, Void Interactive, Walmart, Washington State Food Worker Card, Weirton Medical Center, Wells Fargo, Wendy’s, WeRize, Western New York Independent Living, Inc., White Oak Partners, Windows 11, Windows SmartScreen, Woodruff-Sawyer & Co., 39,000 WordPress sites, WordPress Essential Addons for Elementor plugin, WordPress LayerSlider plugin, WordPress miniOrange plugins, WordPress Rank Math SEO plugin, Wyatt Detention Facility, XpressBees, XZ Utils, Yale University, and Z Development Services have reported hacking or compromises this month.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is pretty small this month. The typical computer should see roughly 1.5 GB in updates today. Let’s get started.

Microsoft released updates to address 100 vulnerabilities in .NET and Visual Studio, Azure, Azure Compute Gallery, Azure Migrate, Azure Monitor, Azure Private 5G Core, Azure SDK, Internet Shortcut Files, Microsoft Azure Kubernetes Service, Microsoft Brokering File System, Microsoft Defender for IoT, Microsoft Edge (Chromium-based), Microsoft Install Service, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Open Management Infrastructure, Role: DNS Server, Servicing Stack Updates, SQL Server, Windows Authentication Methods, Windows BitLocker, Windows Compressed Folder, Windows Cryptographic Services, Windows Defender Credential Guard, Windows DHCP Server, Windows Distributed File System (DFS), Windows DWM Core Library, Windows File Server Resource Management Service, Windows HTTP.sys, Windows Internet Connection Sharing (ICS), Windows Kerberos, Windows Kernel, Windows Local Security Authority Subsystem Service (LSASS), Windows Message Queuing, Windows Mobile Hotspot, Windows Proxy Driver, Windows Remote Access Connection Manager, Windows Remote Procedure Call, Windows Routing and Remote Access Service (RRAS), Windows Secure Boot, Windows Telephony Server, Windows Update Stack, Windows USB Print Driver, Windows Virtual Machine Bus, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.

Apple released updates for GarageBand 10.4.11, iOS 16.7.7, iOS 17.4.1, iPadOS 16.7.7, iPadOS 17.4.1, macOS Sonoma 14.4.1, macOS Ventura 13.6.6, Safari 17.4.1, and visionOS 1.1.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.7 and 17.4.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.7 and 17.4.1 are security updates. Use Settings, General, Software Update to install the most current update.

visionOS 1.1.2 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 123.0.6312.94 is security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.3.1 resolves several bugs and compatibility issues. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 10.01 does not provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.7.4 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

UniFi airMAX NanoStation 5AC Loco 8.7.12 is a security update.
https://www.ui.com/download/software/loco5ac

UniFi Network Server 8.1.113 resolves dozens of bugs and improves management and features. This is not a security update.
https://www.ui.com/download/releases/network-server

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.64.116 is a security update.
https://brave.com/

Firefox 124.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.9.1 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 123.0.6312.86 is a security update.
https://www.google.com/chrome/

Microsoft Edge 123.0.2420.81 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Opera 109.0.5097.38 is a security update.
https://www.opera.com/browsers/opera

Opera GX 107.0.5045.86 is a security update.
https://www.opera.com/gx

SeaMonkey 2.53.18.2 is a security update. They’ve *finally* removed support for NPAPI plugins like Flash.
https://www.seamonkey-project.org/

Vivaldi 6.6.3271.57 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

DavMail Gateway 6.2.2 resolves dozens of bugs. This is a security update.
https://davmail.sourceforge.net/

OutlookAttachView 3.52 adds a cosmetic option to align numeric columns. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.14.5.68977 resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.14.5.68976 resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.9.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 8.0.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 8.7.1 is a security update.
https://curl.haxx.se/windows/

Dropbox 196.4.6900 is a security update.
https://www.dropbox.com/

Facebook Messenger 208.0.0.9.229 is a security update.
https://www.messenger.com/download

FreeFileSync 13.5 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 89.0 is a security update.
https://drive.google.com/start

Grocy Desktop 2.10.0 updates bundled Grocy. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.22 resolves dozens of bugs and updates libraries. This is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.7956 reduces default permissions. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0.4 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Signal (Android) 7.2.4 takes a few more steps away from dependence on a phone number. This is not a security update.
https://signal.org/android/apk/

Signal 7.4.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Syncthing 1.27.6 resovles several bugs. This should be treated as a security update.
https://syncthing.net/

Technitium DNS Server 12.1 is a security update.
https://technitium.com/dns/

Telegram 4.16.6 resolves several bugs. This is not a security update.
https://telegram.org/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.3 resolves several compatibility and cosmetic issues. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.6 resolves a couple bugs. This is not a security update.
https://www.bitwig.com/download/

Plex Desktop 1.90.1.118 improves collection management. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.59.0.121 updates engine. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.1.8227 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GDevelop 5.3.198 introduces feedback rewards, updates dependencies and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.73.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 18.0.0 adds a 15 minute option to sleep mode, Korean language, and resolves several bugs. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.315 adds brightness controls, improves mic and speaker support for DualSense controllers, and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe After Effects 24.2 and 23.6.5 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb24-09.html

Adobe Photoshop 24.7.3 and 25.4 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-16.html

Adobe Commerce 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8, 2.4.3-ext-7, 2.4.2-ext-7, 2.4.1-ext-7, 2.4.0-ext-7, and 2.3.7-p4-ext-7 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-18.html

Adobe InDesign 19.3 and 18.5.2 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-20.html

Adobe Experience Manager 2024.03 and 6.5.20 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-21.html

Adobe Media Encoder 24.3 and 23.6.5 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb24-23.html

Adobe Bridge 13.0.7 and 14.0.3 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-24.html

Adobe Illustrator 28.4 and 27.9.3 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-25.html

Adobe Animate 23.0.5 and 24.0.2 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-26.html

Adobe Reader DC 24.001.20643 improves GenAI stability. This is not a security update.
https://get.adobe.com/reader

Aronium 1.42 adds custom labels, database improvements and resolves several bugs. This should be treated as a security update.
https://aronium.com/

Calibre 7.8 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

GnuCash 5.6 resolves dozens of bugs. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.02.1 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

LibreOffice 7.6.6 resolves almost 40 bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.2 resolves over 70 bugs. This is not a security update. The “Fresh” line is beta software so you should be avoided by most.
https://www.libreoffice.org/

Manager 24.4.8.1419 doesn’t provide a change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.12.3 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.6.5 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

QuickBooks Pro 2022 R14_41 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 R11_35 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Zotero (macOS) 6.0.37 improves Google Docs integration and improves messaging. This is not a security update.
https://www.zotero.org/

Zotero 6.0.36 updates digital signature. This should be treated as a security update.
https://www.zotero.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes Anti-Malware 4.6.10 is not a security update.
https://www.malwarebytes.org/antimalware/

OnionShare 2.6.2 is a security update.
https://onionshare.org/

OpenSSL 3.3.0 is a security update.
https://www.openssl.org/source/

ProtonVPN (macOS) 4.1.11 improves stability and resolves several bugs. This is not a security update.
https://protonvpn.com/download

QubesOS 4.2.1 is a security update.
https://www.qubes-os.org/downloads/

Stinger 13.0.0.90 adds new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1264 improves browser extension. This is not a security update.
https://www.superantispyware.com/download.html

Tails 6.1 is a security update.
https://tails.net/install/download/index.en.html

uBlock Origin 1.57.2 resolves a bug in differential updates. This should be treated as a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.1.2 adds several features and resolves a dozen bugs. This version requires NVIDIA 531.61 or newer drivers. This is not a security update.
https://obsproject.com/

ScreenToGif 2.41 updates libraries and adds click tracking. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.5 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

PDF Creator 5.2.1 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.7.0 resolves several bugs and improves compatibility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.1.6 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.28 resolves several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.3.1 improves duplicate detection and resolves several bugs. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.3.1 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.22.10977 resolves several bugs and improves compatibility. This is not a security update.
https://www.ccleaner.com/

ControlMyMonitor 1.38 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Cygwin 3.5.3 resolves several bugs. This is a security update.
https://cygwin.com/

DesktopOK 11.19 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.47.0 resolves several bugs and updates dependencies. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-03-15 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.3.3 resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3296.64.1 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FoneTool 2.5.2 improves licensing process. This is not a security update.
https://www.fonetool.com/download.html

Go 1.22.2 is a security update.
https://go.dev/

GoodSync 12.6.2 resolves several bugs and improves compatibility. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.00 doesn’t provide a change log so should be treated as a security update.
https://www.hwinfo.com/download/

Kingston SSD Manager 1.5.4.5 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 1.11.0 improves GUI. This is not a security update.
https://lessmsi.activescott.com/

ManageWirelessNetworks 1.13 resolves a data export bug. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NTLite 2024.4.9860 updates controls and improves compatibility. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1007 updates libraries and improves documentation. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 6.37 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.80.0 improves stability and resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.10.0 resolves dozens of bugs and improves compatibility. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 9.5.7 improves defaults and resolves several bugs. This is not a security update.
https://www.roboform.com/

SearchMyFiles 3.25 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TraceRouteOK 3.35 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinGet 1.7.10861 resolves dependency issues and a couple other bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

Developer Updates

These are unlikely to be of interest to most people.

ADB 35.0.1 updates libraries. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2023.2.1.24 resolves several bugs. This is a security update.
https://developer.android.com/studio

AutoHotkey 1.1.37.02 resolves several bugs related to hotkeys and clipboard control. This is not a security update.
https://www.autohotkey.com/download/

AutoHotkey 2.0.12 resolves several bugs. This should be treated as a security update.
https://www.autohotkey.com/download/

GitHub Desktop 3.3.13 resolves several bugs. This is not a security update.
https://desktop.github.com/

NASM 2.16.02 resolves several bugs and improves dependency controls. This should be treated as a security update.
https://www.nasm.us/index.php

Node.js 18.20.1 is a security update.
https://nodejs.org/en/

Node.js 20.12.1 is a security update.
https://nodejs.org/en/

Node.js 21.7.2 is a security update.
https://nodejs.org/en/

Python 3.12.3 is a security updae.
https://www.python.org/downloads/windows/

Unreal Engine 5.3 adds dozens of new features and hundreds of changes. This is not a security update.
https://unrealengine.com/en-US/

Visual Studio Code 1.88 adds several new features. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Grocy 4.2.0 resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.15.4 resolves several bugs. This is not a security update.
https://www.humhub.com/en

SpamAssassin 4.0.1 improves compatibility. This is not a security update.
https://spamassassin.apache.org/downloads.cgi

WordPress 6.5 is a major update adding several new features and font controls. This is not a security update.
https://wordpress.org/

Akismet 5.3.2 resolves a couple bugs and adds support for new webhooks. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Antispam Bee 2.11.6 resolves several bugs and updates dependencies. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

BuddyPress 12.4.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Social Post Feed 4.2.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Interactive World Map 3.4.4 is a security update.
https://wordpress.org/extend/plugins/interactive-world-map/

My Sticky Bar 2.6.9 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Really Simple CAPTCHA 2.3 flags compatibility requirements. This is not a security update.
https://wordpress.org/extend/plugins/really-simple-captcha/

Sucuri Security 1.8.43 updates license and improves notifications. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.7.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.7.0 resolves over a hundred bugs and almost one hundred other issues. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-01-09

Happy New Year, Folks!

Today is Patch Tuesday for January, 2024.

There were over 200 major hacks, but only about 130 application updates this month. It’s a very light month, with about 1.3 GB of updates for most users.

This Month in Technology

360 Physical Therapy, LLC, 3CX, 70% of Iran’s gas stations, Academy Mortgage Corporation, AccessDx Laboratory, LLC, AccessOne Medcard, Inc., AI Engine plugin for WordPress, Air Albania, Albanian Parliament, Albanian telecom, Americold, Amerigroup Iowa, Inc, Amwins Group, Inc., Apache OFBiz, Apache RocketMQ, Apache Struts, Asper Biogene, Ateam, Austal USA, Barracuda ESG, Battelle Energy Alliance, LLC, Beirut Airport, BELLIN HEALTH, Bezeq, BlueCross BlueShield of Tennessee, Inc., Booking.com, Box.com, Brown & Streza LLP, Buckley King LPA, Bunker Hill Community College, California Northstate University, Capital Health, Cardiothoracic and Vascular Surgeons, P.A., CareTree, Inc., Cellcom, CertiK on X, Chilean Government, City of Hope, Clay County Social Services, Co-Founder of Nest Wallet, Coin Cloud, Comcast Cable Communications LLC, Comcast/Xfinity, ConsensioHealth, LLC, Cooper Aerobics Enterprises, Inc., Corewell Health, County of Los Angeles Department of Mental Health, Court Services Victoria, Australia, D.C. Board of Elections, defense contractors, Delta Dental of California, Downfall, Drug Emporium, Eagers Automotive, EasyPark, EMSI, Enstar (US) Inc, Erie Family Health Centers, ESO Solutions, ESSEMTEC, Estes Express Lines, Eye Physicians of Central Florida, PLLC, Eyefinity, Inc., Fallon Ambulance Services, Federal Tax Service of Russia, Fidelity National Financial, Fincantieri Marine Group, LLC, First American Financial Corporation, First Choice Dental, Flagstar Bank, N.A., Florida Water Products, Fred Hutchinson Cancer Center, French company, Fresno Regional Workforce Development Board, Fresno Surgical Hospital, Gallery Systems, German H-Hotels, Glendale Community College, Greater Cincinnati Behavioral Health Services, GTKWave, Healix Infusion Therapy, LLC, Health Diagnostic Management, LLC, Health Net Community Solutions, HealthEC LLP, Heart of Texas Behavioral Health Network, Housing Authority of the County of San Bernardino, HTC Global Service, Humana Inc, Hyundai on X, Idaho National Labs, Independent Vision Group, LTD, Insomniac Games, Insurance ACE/Humana Inc., Integris Health, Italian military gear shop, Ivanti Avalanche, Ivanti Endpoint Management, Jell-O, JetBrains TeamCity, Judiciary of Córdoba in Argentina, Katholische Hospitalvereinigung Ostwestfalen, Keenan & Associates, Kimco Staffing Services Inc., Knox Ricksen LLP, Kraft Heinz, Kyivstar, Ledger dApp, LegendasTV, LoanCare, loanDepotLone Peak Physical Therapy, Inc., Los Altos Food Products, LLC, Los Angeles County Department of Mental Health, ManageEngine OpManager, Mandiant, Maxco Supply, Inc., Maytronics, Mellow Massage Hollywood, Memorial University of Newfoundland, Merced City School District, Meridian Behavioral Healthcare, Inc., Merrick Bank, Mexican banks, Microsoft Xamarin, Mint Mobile, Molina Healthcare of Ohio, Inc., MongoDB, Mountain Dermatology Specialists, PC, Movistar, Mr. Cooper, Musick, Peeler & Garrett LLP, National Amusements, National Student Clearinghouse, Nationstar Mortgage LLC, Navvis & Company, LLC, Netgear on X, Network180, North Face, North Kansas City Hospital, Norton Healthcare, NYC Health + Hospitals, Ohio Lottery, Orange Spain, Orbit Chain, Orcutt Union School District, Orrick, Herrington & Sutcliffe, Oscar Mayer, Panasonic Avionics Corporation, Pandol Brothers, Inc., Perforce Helix Core Server, pfSense, Philippine credit services provider, Primary Health & Wellness Center, LLC, ProSmile Holdings, LLC, QNAP VioStor NVR, Recology Inc., Regional Family Medicine, Retina Group of Washington, PLLC, Riverside County Office Of Education, Riverside Unified School District, Rockstar Games (GTA5 + GTA6), Rush System for Health, Russian sushi restaurant, Senior Scripts, Shufersal, Sony, Southeastern Orthopaedic Specialists, PA, Supreme, Swedish fintech company, Talus Pay, TaxPlus, The Foleck Center, LTD, The Jacmar Companies, LLC, The Middlefield Banking Company, Thunder Terminal, Tigo Business, Timberland, Tipalti, Toronto Zoo, Toyota Financial Services, Transformative Healthcare, TRISTAR Insurance Group, TTM Technologies, Ubiquiti, Ubisoft, Ukrainian security cameras, University of Buenos Aires, Vans, Velveeta, VF Corp, Vi Living, Vietnamese fashion store, Viking Therapeutics, Wabtec Corporation, Wealth Network, Welltok, Inc. (and many more), WICR Waterproofing and Construction Inc., WordPress Backup Migration plugin, Xerox Business Solutions, Yakult Australia, Yorkshire Wellness Group, Corp., and ZOLL Medical Corporation have reported hacking or compromised this month.

Box.com, Kyivstar, loanDepot, and First American have suffered from outages this month.

Last months updates broke Avira Antivirus, NPS (Radius) servers, various Tesla functions, Windows Explorer & task bar, and Windows Wi-Fi.

Microsoft can’t convince Microsoft to use Microsoft services.

Central authentication services like OAuth and SSO still cause all sorts of problems. And ads are still very very bad for you.

23andMe is blaming their users for exposing the data of almost 7 million users.

LastPass now requires slightly less horrible passwords. (They’re still not good.)

You should assume that software setting-based security will always fail you. Hardware switches are the only reliable method.

Now for the good news:

The FTC has ordered X-Mode to stop selling and preserving cell phone location data, a surprising win for privacy. If this is obeyed, only government agencies, hardware vendors, and operating system vendors will be able to trade in your location information.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is pretty small this month. The typical computer should see roughly 1.3 GB in updates today. Let’s get started.

Microsoft released updates to address 62 vulnerabilities in .NET, .NET Core, .NET Framework, Azure Storage Mover, Microsoft Bluetooth Driver, Microsoft Devices, Microsoft Edge, Microsoft Identity Services, Microsoft Office SharePoint, Microsoft Office, Microsoft Virtual Hard Drive, Remote Desktop Client, Servicing Stack Updates, SQL Server, SQLite, Unified Extensible Firmware Interface (UEFI), Visual Studio, Windows Active Directory, Windows AllJoyn API, Windows Authentication Methods, Windows BitLocker, Windows Cloud Files Mini Filter Driver, Windows Collaborative Translation Framework, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Group Policy, Windows Hyper-V, Windows Kernel, Windows Kernel-Mode Drivers, Windows Libarchive, Windows Local Security Authority Subsystem Service (LSASS), Windows Message Queuing, Windows Nearby Sharing, Windows ODBC Driver, Windows Online Certificate Status Protocol (OCSP) SnapIn, Windows Scripting, Windows Server Key Distribution Service, Windows Subsystem for Linux, Windows TCP/IP, Windows Themes, Windows Win32 Kernel Subsystem, Windows Win32K, and MSRT (~1 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 16.7.4, iOS 17.2.1, iPadOS 16.7.4, Safari 17.2.1, and macOS Sonoma 14.2.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.4 and 17.2.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.4 is a security update. Use Settings, General, Software Update to install the most current update.

Google Chrome OS 119.0.6045.214 and 120.0.6099.203 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Zorin OS 17.0 is a major update, with added hardware and software compatibility, improved design and reduced hardware requirements.
https://zorin.com/os/mirrors/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

DS4Windows 3.3.3 resolves several bugs. This is the final version so you should consider removing it instead of updating.
https://github.com/Ryochan7/DS4Windows/releases/latest

Epson ET-5880 3.04.00 doesn’t provide a changelog so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-5880/s/SPT_C11CJ28201

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.61.114 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 121.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.6.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 120.0.6099.200 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 120.0.2210.121 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.5.3206.50 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.13.3 resolves a couple bugs and adds a new security filter for HTML rendering. This is a security update.
https://getmailspring.com/

OutlookAttachView 3.51 improves warnings. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.12.0.63910 adds Shared Drafts and Email Labels. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.12.0.63909 adds Shared Drafts and Email Labels. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.6.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 189.4.8427 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 202.0.0.15.225 is a security update.
https://www.messenger.com/download

FileZilla Client 3.66.4 is a security update.
https://filezilla-project.org/

FreeFileSync 13.3 resolves several compatibility issues. This is not a security update.
https://www.freefilesync.org/download.php

jq 1.7.1 is a security update.
https://jqlang.github.io/jq/

Nextcloud Server 28.0.1 is a security update.
https://nextcloud.com/

Pocketnet-GUI 0.8.76 adds support for new video servers and a Christmas theme. This is not a security update.
https://pocketnet.app/

PuTTY 0.80 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Rclone 1.65.1 is a security update.
https://rclone.org/

Signal 6.43.2 resolves several bugs. This is not a security update.
https://signal.org/download/

Signal (Android) 6.42.3 updates buttons. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.27.2 is a security update.
https://syncthing.net/

Telegram (Android) 10.5.0 doesn’t provide a change log so should be treated as a security update.
https://telegram.org/apps

Telegram 4.14.4 resolves several bugs. This is not a security update.
https://telegram.org/

Trillian 6.5.0.34 resolves several bugs. This is not a security update.
https://www.trillian.im/

Zoom 5.17.2 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.0 adds several new tracking features. This is not a security update.
https://en.3tene.com/

darktable 4.6.0 improves performance and resolves dozens of bugs. This is not a security update.
https://www.darktable.org/

Grayjay 227 improves stability and resolves dozens of bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.1.3 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.84.1.4069 doesn’t provide a change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.53.0.4063 doesn’t provide a change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

TuneIn 1.28.0 doesn’t provide a change log so should be treated as a security update.
https://tunein.com/radio/home/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.11.1.129 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.186 improves performance and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.51.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2024.104 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2023-12-11 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024-01-03 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Experience Manager Forms 6.5.13.0+ and 6.5.19.1 are security updates.
https://helpx.adobe.com/security/products/aem-forms/apsb23-77.html

Adobe Reader DC Patch 23.008.20458 is a security update.
https://get.adobe.com/reader

Adobe Substance 3D Stager 2.1.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-06.html

Calibre 7.3.0 adds a tag browser, OpenType improvements, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

GnuCash 5.5 resolves over two dozen bugs. This is not a security update.
https://www.gnucash.org/

ImageMagick 7.1.1-26 resolves dozens of bugs. This is not a security update.
https://imagemagick.org/

Kindle for PC 2.3.70673 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Manager 24.1.9.1264 adds the ability to use codes and reference numbers in batch operations. This is not a security update.
https://www.manager.io/

Notepad++ 8.6.1 updates libraries, adds a couple features, and resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.15 is a security update.
http://www.openoffice.org/download/

PDF-XChange Editor 10.2.0.384 improves control for compression, comments and margins, and adds support to search within comments and open email messages in the editor. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20231120-R13_53 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20231107-R9_116 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

ProtonVPN (macOS) 4.1.1 improves stability. This is not a security update.
https://protonvpn.com/download

QubesOS 4.2.0 updates libraries, updates default behaviors, and resolves several bugs. This is a security update.
https://www.qubes-os.org/downloads/

Stinger 12.2.0.709 updates detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 5.21 updates libraries and resolves several bugs. This is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.55.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.7.1 updates notebooks, improves plugins, and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.40.1 resolves a couple minor bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 24.0.4 resolves a couple crash bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.0.9 resolves several bugs and improves compatibility. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.7.2 resolves several bugs. This is not a security update.
https://handbrake.fr/

PDF Creator 5.2.0 adds Outlook Web Access support and resolves several bugs. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.5.8 resolves dozens of bugs and improves reliability. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.0.7 improves performance and stability. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.23 resolves a bug. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.2.2 resolves a couple bugs. This is not a security update.
https://www.diskpart.com/

Bitwarden 2023.12.1 improves auto-fill. This is not a security update.
https://bitwarden.com/

CCleaner 6.19.10858 resolves several stability bugs. This is not a security update.
https://www.ccleaner.com/

CurrPorts 2.77 improves IPv6 compatibility. This is not a security update.
https://www.nirsoft.net/utils/cports.html

DesktopOK 11.15 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.0.189.0 resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2023-12-19 is a security update.
https://github.com/simonrob/email-oauth2-proxy

ExplorerPatcher 22621.2861.62.2 resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.54 adds support for Windows 11 23H2v2. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 3.6.0 resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync and GoodSync2Go 12.5.3 improves compatibility, stability and security. This is not a security update.
https://www.goodsync.com/

Homedale 2.09 adds MAC grouping and improves oui.txt support. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 7.68 doesn’t provide a detailed change log so should be treated as a security update.
https://www.hwinfo.com/download/

Kingston SSD Manager 1.5.3.4 doesn’t provide a detailed change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

Memtest86+ 7.00 adds support for new hardware, improves debugging and resolves several bugs. This is not a security update.
https://www.memtest.org/

NTLite 2023.12.9552 improves controls and resolves a couple bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.77.0 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ripgrep 14.1.0 resolves several bugs. This is not a security update.
https://github.com/BurntSushi/ripgrep/releases/latest

TcpLogView 1.41 adds support for setting CaptureInterval in cfg file. This is not a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

WifiInfoView 2.92 adds an option to start as hidden. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinGet 1.6.3482 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.1 is a security update. Expect well-maintained applications that package .NET Runtime with them to release new versions in the near future.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.1.1.27 resolves a couple bugs. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.11 resovles several bugs. This is not a security update.
https://www.autohotkey.com/download/

Node.js 21.5.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

TortoiseSVN 1.14.6 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.85.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.2 resolves over a dozen bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.0.2 and 4.4.2 resolve several bugs. This is not a security update.
https://www.joomla.org/

Piwigo 14.1.0 improves compatibility and resolves several bugs. This is not a security update.
https://piwigo.org/

Contact Form 7 5.8.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

My Sticky Bar 2.6.7 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Redirection 5.4.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Social Post Feed 4.2.1 improves reliability. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.40 improves cleanup. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WooCommerce 8.4.0 resolves dozens of bugs and provides almost 100 improvements. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Cerber Security 9.6.1 fixes a 2FA bug and a crash bug. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.11.0 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2023-05-09

Welcome back, Folks!

Today is Patch Tuesday for May, 2023.

This month brings news that the current stable release of Windows 10 will be the last version released until it is end of life (EOL) in October 2025. This means it is mature and won’t have annoying operating system changes on a regular basis, unlike Windows 11. There were over 150 major hacks, and over 215 application updates this month. All in all it’s a big month, with about 3.5 GB of updates for most users.

This Month in Technology

Alto Calore Servizi, American Bar Association, Americold, Amnesty International Australia, an African telecommunications organization, Apache Superset, APC’s Easy UPS Online Monitoring Software, Apro.cl, automotive Controller Area Network, AvidXchange, Banco de Venezuela, Berkeley, Bitmarck Germany, Bitrue, Blue Shield of California, Bluefield University, Brightline, Caltech, Capita, Cementos Bio-Bio S.A, Cementos Progreso, CH Media, Cisco IOS routers, Cisco PCD, Cisco Phone Adapters, City of Dallas, Texas, Conagua, Constellation Software, 9 cryptocurrency exchange websites, Cummins Behavioral Health Systems, 13 internet domains used for DDoS-for-hire services, Delphi Drug & Alcohol Council, Diocese of Las Vegas, Elastic, Ethan Health, LLC, Eurasia Group, Fairfax County Public Schools, Fincantieri Marine Group, Fortra, FTX, Fullerton India, GDAC, Genova Burns LLC, Google Chrome, Graceworks Lutheran Services, Group Euromotors, Guam Memorial Hospital, a Haarlem (NL) company, Hardenhuish School, HealthPlan Services, Inc., Henry County Hospital, Hillsborough County Supervisor of Elections Office, Hundred Finance, Hyundai, Illumina’s Universal Copy Service, Intel Boot Guard, Intel CPUs, Intel TDX, Iowa Department of Health and Human Services, John Muir Health – Walnut Creek Medical Center, Kabarak University, Kodi Foundation, KuCoin, La Clinica de La Raza, Inc., Lake Dallas Independent School District, Latitude Financial, Level Finance, Lürssen, Mars Area School District, Medtronic, MEO, Merlin, MetaMask, Methodist Family Health, Microsoft SQL servers, MiniMed Distribution Corp., MIT, Modern Cardiology Associates, Montgomery General Hospital, Monument Inc. and Tempest, MSI OEM Signing Keys, Murfreesboro Medical Clinic & SurgiCenter, Naivas Kenya, National Smallbore Rifle Association, NationsBenefits Holdings, LLC, NCR Aloha POS, NextGen Healthcare, Northeastern University, OGUsers, One Brooklyn Health, OrangeTee & Tie, Orqa, Packagist, Papercut, Pathway Healthcare, LLC, Philippines State Agencies, Point32Health, PrestaShop, RaidForums, RentoMojo, Retina & Vitreous of Texas, PLLC, Rheinmetall, Robeson Health Care Corporation, Roskomnadzor, Ruckus Wireless, SafeMoon, Saville Row, Seguros la Occidental, St. Vincent’s Ambulatory Care, Inc., Stanford, SushiSwap, T-Mobile (again), Tasmanian Government, TBK DVR, Tencent QQ, Terravision, TP-Link Archer A21, Trust Wallet, Twitter, two critical infrastructure organizations in the energy sector, two organizations involved in financial trading, Two Rivers Public Health Department, Ukraine, Ukrainian state networks, UMass Amherst, Unique Imaging, Inc, UniSat Wallet, United HealthCare, United Steelworkers Local 286, University of California, San Francisco, University Urology, Unlimited Care, Inc., Upper Peninsula Health Plan, US Consumer Financial Protection Bureau, US military “legacy weapons systems“, Valid Certifcadora, Veeam backup servers, VMware vRealize Log Insight, VMware, Western Digital, WP Advanced Custom Fields, WP Eval PHP, Yearn Finance, Yellow Pages Group, Yucatan government, and Z-Library (again) have reportedly been hacked or compromised this month.

1Password, Bank of Scotland, Google Search, Halifax, Lloyds Bank, Microsoft 365 and Exchange, Reddit, TSB Bank, and Twitter (twice) have suffered from outages this month.

Last months updates broke Microsoft Defender.

Google is finally adding end-to-end encryption to their security authenticator. However, they’re now weakening the security of your Google account by allowing anyone with any of your device PINs or patterns to access your account. If you’ve ever loaned your cell phone or tablet to a five year old to get them to be quiet during a conversation with family, Amazon is giving you another reason to avoid that.

Advertisements (especially via Google and Facebook) remain the #1 method of infecting victims. As if on queue, there will now be more ads in the Microsoft Windows Start Menu. Pirated software is still a very common method to hack a network. Microsoft is adding the ability to opt out of presence detection within Windows 11. 

Apple’s new “rapid security response” patching platform is failing. macOS Silicon isn’t safe from ransomware. 

QR codes are much more dangerous than you can imagine. Know the risks of reselling your used hardware.

Still no punishment when government violates their own rules. The EU is planning to scan all private files on personal devices in violation of privacy rights. The goal of securely classifying and validating organizational ownership of online resources is a lofty one, but this transparency – as proposed via QWACs – would put privacy at increased risk.

Now for the good news:

Apple and Google are finally taking an interest in how their platforms are abused for stalking via Bluetooth.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is large this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Windows 10 and Windows 11 versions 22H2 should now be installed. Sadly, the new “Moments” features on Windows 11 will insert advertisements in the Start menu and Control Panel. Just another sign of the continuing decline of Windows.

Microsoft released updates to address 49 vulnerabilities in Microsoft Bluetooth Driver, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Teams, Microsoft Windows Codecs Library, Reliable Multicast Transport Driver (RMCAST), Remote Desktop Client, SysInternals, Visual Studio Code, Windows Backup Engine, Windows Installer, Windows iSCSI Target Service, Windows Kernel, Windows LDAP – Lightweight Directory Access Protocol, Windows MSHTML Platform, Windows Network File System, Windows NFS Portmapper, Windows NTLM, Windows OLE, Windows RDP Client, Windows Remote Procedure Call Runtime, Windows Secure Boot, Windows Secure Socket Tunneling Protocol (SSTP), Windows SMB, Windows Win32K, and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for AirPods and Beats. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Fedora 38-1.6 is a security update. This major version adds improved hardware support, modern security benefits, and updates libraries and resources.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Ventura (13.x) means that macOS Catalina (10.15) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.4.3 improves performance and compatibility. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 11.2.0 adds VeraCrypt support, improves ARM compatibility and resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Display Driver Uninstaller 18.0.6.3 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Drivers by Seagull 2023.2 adds another 300+ printer and device drivers, encrypted hardware and RFID support. This is a security update.
https://www.seagullscientific.com/support/downloads/drivers/

DS4Windows 3.2.10 resolves several bugs. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Netgear Genie R6400 1.0.1.78 is a security update.
https://www.netgear.com/support/product/R6400.aspx#download

TP-Link Archer AX21 v1.20.230426 is a security update.
https://www.tp-link.com/us/support/download/archer-ax21/v1.20/#Firmware

Wacom Driver 6.4.2-1 resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.51.110 is a security update.
https://brave.com/

Firefox 113.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Google Chrome 113.0.5672.92 is a security update.
https://www.google.com/chrome/

Google Chrome 109.0.5414.141 is a security update. The 109 version is now only supported on Windows Server 2012 and 2012r2.
https://www.google.com/chrome/

Microsoft Edge 112.0.1722.71 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge 109.0.1518.78 is a security update. The 109 version is now only supported on Windows Server 2012 and 2012r2.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge WebView2 113.0.1774.35 is a security update.
https://developer.microsoft.com/en-us/microsoft-edge/webview2/

Vivaldi 6.0.2979.18 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.50 adds From and To scan filtering. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

ProtonMail (Android) 3.0.14 improves stability and performance. This is not a security update.
https://proton.me/mail/download

Spark 3.4.2.48202 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.4.2.48201 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.10.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.1.11 improves stability. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 7.0.2 resolves several bugs and improves integration. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 173.4.6706 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 186.0.0.10.221 is a security update.
https://www.messenger.com/download

FileZilla Client 3.64.0 updates libraries. This should be treated as a security update.
https://filezilla-project.org/

Google Drive 74.0 is a security update.
https://drive.google.com/start

Microsoft Teams 1.6.00.11166 is a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 26.0.1 is a security update.
https://nextcloud.com/

Npcap 1.75 is a security update.
https://nmap.org/npcap/

Signal 6.16.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.19.8 doesn’t provide a changelog so should be treated as a security update.
https://signal.org/android/apk/

Skype 8.96.0.403 adds several new features and improves stability. This is not a security update.
https://www.skype.com/

Technitium DNS Server 11.1.1 is a security update.
https://technitium.com/dns/

Telegram 4.8.1 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 9.6.0 resolves several bugs. This is not a security update.
https://telegram.org/apps

WinSCP 5.21.8 is a security update.
https://winscp.net/eng/index.php

Zoom 5.14.7.15877 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.7 is a security update.
https://en.3tene.com/

Plex Desktop 1.67.2.3705 is a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.38.2.3738 resolves several bugs. This is a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.1.6999 resolves several bugs. This is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Winamp 5.9.1 is a security update.
https://www.winamp.com/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.4.0.84 resolves dozens of bugs.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.23.4.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Nintendo Switch 16.0.3 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 23.01-07.20.00 improves stability and performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2023.04.26 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 23.001.20143 is a security update.
https://get.adobe.com/reader

Adobe Substance 3D Painter 8.3.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html

Audacity 3.3.2 doesn’t provide a changelog so should be treated as a security update.
https://www.audacityteam.org/download/

Calibre 6.17.0 resolves several bugs and improves compression. This is not a security update.
https://calibre-ebook.com/

ImageMagick 7.1.1-8 resolves several bugs. This is not a security update.
https://imagemagick.org/

LibreOffice Fresh 7.5.3 resolves over a hundred bugs. This is a security update. The “Fresh” line is beta software. Please use the Still version which is stable software.
https://www.libreoffice.org/

Nextcloud Desktop 3.8.1 is a security update.
https://nextcloud.com/

PDF Candy Desktop 2.94 doesn’t provide a changelog so should be treated as a security update.
https://pdfcandy.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Cloudflare WARP 2023.04.27 doesn’t provide a changelog so should be treated as a security update.
https://1.1.1.1/

Cloudflare WARP (macOS) 2023.04.17 doesn’t provide a changelog so should be treated as a security update.
https://1.1.1.1/

HTTP Toolkit 1.12.6 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.5.27 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 2.4.2 provide cosmetic improvements. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.1.3 improves proof of effect cosmetics and compatibility. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.9.0 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 12.2.0.603 adds detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 5.12 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.49.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

YARA 3.1 fixes several bugs. This should be treated as a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 23.0.2 resolves several bugs. This is not a security update.
https://www.techsmith.com/video-editor.html

Open Broadcaster Software 29.1.0 resolves dozens of bugs. This should be treated as a security update.
https://obsproject.com/

ScreenToGif 2.38 improves high-DPI compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.1.0.5 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.7 doesn’t have a changelog so should be treated as a security update.
https://imazing.com/heic

PDF Creator 5.1 adds ARM64 support, improves automation, and resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.2.1 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 1.0.1.8 improves performance. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.26 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.10.6 resolves dozens of bugs and improves compatibility. This is a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.10.6 resolves dozens of bugs and improves compatibility. This is not a security update.
https://1password.com/downloads/windows/

Agent Ransack 2022.3389 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2023.4.0 is a security update.
https://bitwarden.com/

CCleaner 6.11.10455 resolves several bugs and improves compatibility. This is not a security update.
https://www.ccleaner.com/

DesktopOK 10.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 4.0.6.806 resolves several bugs. This is not a security update.
https://dmde.com/

dnGrep 3.2.306.0 updates libraries and implements several new features. This is not a security update.
https://dngrep.github.io/

Everything Toolbar 1.0.5 resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.45 removes Windows 7 ISO download option since it’s no longer available for download. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3389 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.2 no longer provides a changelog so should be treated as a security update.
https://www.fing.com/products/fing-desktop-download-windows

Git SCM 2.40.1 is a security update.
https://git-scm.com/

Go 1.20.4 is a security update.
https://go.dev/

GoodSync 12.2.2 resolves several bugs and introduces a new encrypted file system option. This is not a security update.
https://www.goodsync.com/

grepWin Portable 2.0.13 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

IsMyHdOK 3.88 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.2.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

Memtest86+ 6.20 adds support for newer hardware and resolves a couple bugs. This is not a security update.
https://www.memtest.org/

NetworkInterfacesView 1.30 adds secondary sorting and sorting by menu. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

NetworkTrafficView 2.44 adds dark background option and sort by to the toolbar. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

NTLite 2023.4.9228 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1010 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.69.1 improves stability adn resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.9.3 resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

PsExec 2.43 fixes a regression with -c. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec

RoboForm 9.4.7 is a security update.
https://www.roboform.com/

Rufus 4.0 resolves several bugs and improves stability. This version now requires Windows 8 and newer. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.3.13.8507 resolves several bugs and breaks application compatibility with older instances. This is not a security update.
https://www.connectwise.com/software/control/download

Synergy 1.14.7 adds ability to bind client to specific network and resolves several bugs. This is not a security update.
https://symless.com/synergy/

Sysmon 14.16 adds new ArchiveDirectory system integrity controls and improves compatibility. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.19 fixes a bug with the 32-bit version. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.41.9 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.2.18 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WifiInfoView 2.80 adds full screen mode. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2022.2.1.19 adds several new features. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.2.3 resolves a dozen bugs. This is not a security update.
https://desktop.github.com/

Java 8u371 is a security update.
https://www.java.com/en/download/manual.jsp

MySQL ConnectorNet 8.0.33 is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.33 is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 18.16.0 adds single-file executable support, improved URL parsing, and resolves a dozen bugs. This is not a security update.
https://nodejs.org/en/

Node.js 19.9.0 improves URL parsing and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.1.0 adds several new features and updates dependencies. This is not a security update.
https://nodejs.org/en/

Rustup 1.26.0 resolves a dozen bugs and adds several new features. This is not a security update.
https://www.rust-lang.org/

VC Runtime 14.34.31938.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Visual Studio Code 1.78.1 improves accessibility, color schemes, profile templates, and other features. This is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.8 is a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.25 resolves several bugs. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.4.15 is a security update.
https://drupal.org/download

Joomla 4.3.1 resolves several bugs. This is not a security update.
https://www.joomla.org/

OpenCart 4.0.2.1 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.opencart.com/

Antispam Bee 2.11.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

Autoptimize 3.1.7 is a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.7.6 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.4 doesn’t provide a changelog so should be treated as a security update.
https://wordpress.org/plugins/duplicator/#developers

Sucuri Security 1.8.39 resolves an API error. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

Widgets on Pages 1.7.0 is a security update.
https://wordpress.org/extend/plugins/widgets-on-pages/

WooCommerce 7.6.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Importer 0.8.1 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

WP Cerber Security 9.5.4 improves compatibility. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.8.0 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

W3 Total Cache 2.3.2 resolves several bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WPBakery 6.11.0 resolves several bugs. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2023-04-11

Welcome back, Folks!

Today is Patch Tuesday for April, 2023.

This month brings over 160 significant hacks, and over 170 application updates. This is pretty normal these days, and the updates will weigh in at a little over 2.5 GB of updates for most users.

This Month in Technology

3CX, 51,000 websites, Ace Nursing, Activision, Adobe ColdFusion, Alivia Health, AllCare Plus Pharmacy, Inc, Allied Benefit, American Pain and Wellness, PLLC, an “East Asian company that develops data-loss prevention software for government and military,” Apple Safari, Aspire Public Schools, Associates in Dermatology, Atlantic Dialysis Management Services, Atlantic General Hospital, Autoridad de Acueductos y Alcantarillados, Bing.com search (via Azure AD), BitGo, BitKeep, Bitzlato, Black & McDonald, Blue Shield of California, Breached, Brooks Rehabilitation, Capita, ChatGPT, Chippewa County, CHU University hospitals, City of Oakland, City of Toronto, CloudPanel, Community Health Systems, Crown Resorts, Dole Food Company, a Dutch maritime logistics company, eFile-com, El Camino Health, El Consejo Nacional de Supervisión del Sistema Financiero, Elementor Pro WordPress plugin, Elmbrook School District, Essendant, Eye4Fraud, Fabrega Molino, Federal Law Enforcement Database, Ferrari, Florida-based community healthcare system, Frideres Dental LLC, Gala Games, General Bytes, 130+ organizations using GoAnywhere MFT, Guam Memorial Hospital, Hatch Bank, Hawaiian death registry, HDB Financial Services, Health Plan of San Mateo, Hitachi Energy, Homewood Health, HP LaserJet printers, Independent Living Systems, India’s Defense Research and Development Organization, Indian health system, Instituto De Educación Secundaria Ies Emilio Canalejo Olmeda, Integrated Supports for Living, Inc, Killer Instinct, Latitude Financial Services, Leaked Reality, LinusTechTips, Lionsgate, Long Son Petrochemicals, Lumen, Majestic Care Middletown Assisted Living LLC, McDonald’s, Medellin government, MedEx, Medminder, Merritt Healthcare Advisors, Microsoft SharePoint, Microsoft Teams, Mozilla Firefox, MSI, National Basketball Association, NCB Management Services, Nebu, Netgear Orbi, New Medical Healthcare, New York City public school special education students, New York-Presbyterian Hospital, NewBridge Services, NewYork-Presbyterian Hospital, Nexx smart devices, NHS Highland, Nonstop Administration and Insurance Services, Inc, NorthStar Emergency Medical Services, NS, Open University of Cyprus, Oracle VirtualBox, ParaSpace, Pension Protection Fund, PetroVietnam, Poolz Finance, POSCO Engineering & Construction, Postal Prescription Services – Kroger, Procter & Gamble, Proskauer Rose, QNAP, Rio Tinto, Rochester Public Schools, Rubrik, SafeMoon, Saks Fifth Avenue, Samsung, SD Worx, Shopper+, South Texas Health System, Sundry Files, Tallahassee Memorial Healthcare, Inc, Tasmanian Education Department, Telegram, Tesla Model 3, the WiFi protocol (this is big), TheGradCafe, Throne, TMX Finance (TitleMax, TitleBucks, InstaLoan), Top of the World Ranch Treatment Center, Toyota Italy, Tusla, Twitter, Uber, Ubuntu Desktop, UC San Diego Health, UHS of Delaware, Inc, UK’s Criminal Records Office, UK’s Virgin Red, Ukrainian utility company, US Congress, US Department of DefenseUS Federal Bureau of Investigation, US Marshals Service, US Special Operations Command, US Wellness Inc, US Wellness, Vazquez Nava Consultores y Abogados, Veeam’s Backup & Replication, Veritas Backup Exec, VM2, VMware Workstation, WellBe, Wells Fargo, West Virginia hospital, Western Digital, Wilkes-Barre Career and Technical Center, WinRAR SFX, WooCommerce, Yardley Dermatology Associates, PC, Yucatan government, Yum! Brands (Taco Bell, KFC, Pizza Hut), Z2U, ZenGo, Zimbra Collaboration Suite, and Zoll have reportedly been hacked or compromised this month.

Amazon has pulled the plug on their most successful charitable endeavor, AmazonSmile.

According to the FBI, 860 “critical” infrastructure organizations were hit with ransomware in 2022. Shouldn’t they just stop if they’re so concerned, since they’re usually the ones behind most terrorists?

It should come as no surprise that the recent spate of train derailments comes not long after a manager at one of the largest rail companies told inspectors to stop marking rail cars that needed repairs.

Apple Weather, Microsoft Defender, Reddit, and WD My Cloud suffered from outages this month.

Last months updates broke Red Dead Redemption 2, and caused problems for many printers by replacing the vendor print drivers with Microsoft’s incompatible drivers. But at least Microsoft is now inserting ads in the Start menu, right? Grrr.

Here’s yet another demonstration of how your “smart device” can be exploited without your knowledge. GM’s Cruise robotaxis have been recalled after they caused an accident in San Francisco. 

Now for the good news:

 

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly
GB in updates today. Let’s get started.

Windows 10 and Windows 11 22H2 should now be installed. Sadly, the new “Moments” features on Windows 11 will insert advertisements in the Start menu and Control Panel. Just another sign of the continuing decline of Windows.

Microsoft released updates to address 93 vulnerabilities in .NET Core, Azure Machine Learning, Azure Service Connector, Microsoft Bluetooth Driver, Microsoft Defender for Endpoint, Microsoft Dynamics, Microsoft Dynamics 365 Customer Voice, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Message Queuing, Microsoft Office, Microsoft Office Publisher, Microsoft Office SharePoint, Microsoft Office Word, Microsoft PostScript Printer Driver, Microsoft Printer Drivers, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Visual Studio, Visual Studio Code, Windows Active Directory, Windows ALPC, Windows Ancillary Function Driver for WinSock, Windows Boot Manager, Windows Clip Service, Windows CNG Key Isolation Service, Windows Common Log File System Driver, Windows DHCP Server, Windows Enroll Engine, Windows Error Reporting, Windows Group Policy, Windows Internet Key Exchange (IKE) Protocol, Windows Kerberos, Windows Kernel, Windows Layer 2 Tunneling Protocol, Windows Lock Screen, Windows Netlogon, Windows Network Address Translation (NAT), Windows Network File System, Windows Network Load Balancing, Windows NTLM, Windows PGM, Windows Point-to-Point Protocol over Ethernet (PPPoE), Windows Point-to-Point Tunneling Protocol, Windows Raw Image Extension, Windows RDP Client, Windows Registry, Windows RPC API, Windows Secure Boot, Windows Secure Channel, Windows Secure Socket Tunneling Protocol (SSTP), Windows Transport Security Layer (TLS), Windows Win32K and MSRT (~
GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.7.5 and 16.4.1, iPadOS 15.7.5 and 16.4.1, macOS Big Sur 11.7.6, macOS Monterey 12.6.5, macOS Ventura 13.3.1, Safari 16.4.1, Studio Display Firmware Update 16.4, tvOS 16.4, and watchOS 9.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.4.1 and 15.7.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.4.1 and 15.7.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.4 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 16.4 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 112.0.5615.62 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Ventura (13.x) means that macOS Catalina (10.15) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.4.1 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.6.2 resolves a stability bug. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Nvidia Driver 474.30 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.50.114 is a security update.
https://brave.com/

Google Chrome 112.0.5615.49 is a security update.
https://www.google.com/chrome/

Microsoft Edge 112.0.1722.34 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Microsoft Edge 109.0.1518.78 is a security update. This version should be used only on devices where the current stable release is not available.
https://www.microsoft.com/en-us/edge/business/download

Firefox 112.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

SeaMonkey 2.53.16 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.7.2921.65 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.48 adds sort-by to the toolbar. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.3.6.46134 improves stability. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.3.6.46132 improves stability. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.9.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.1.11 is a bug fix for a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.55 adds sort-by to the toolbar. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.0.1 resolves dozens of bugs. This should be treated as a security update.
https://curl.haxx.se/windows/

Dropbox 171.4.6182 improves stability. This is not a security update.
https://www.dropbox.com/

FreeFileSync 12.2 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 73.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.6.00.6754 is a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 26.0.0 is a major update with improvements across a dozens features and many bug fixes. This is not a security update.
https://nextcloud.com/

Npcap 1.73 is a security update.
https://nmap.org/npcap/

Omada Software Controller 5.9.31 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.62.2 resolves several bugs. This is not a security update.
https://rclone.org/

Signal (Android) 6.16.2 doesn’t provide a detailed changelog so should be treated as a security update.
https://signal.org/android/apk/

Signal 6.13.0 improves dark mode and cosmetics. This is not a security update.
https://signal.org/download/windows/

Syncthing 1.23.4 resolves several bugs. This should be treated as a security update.
https://syncthing.net/

Telegram 4.7.1 resolves a couple bugs. This is not a security update.
https://telegram.org/

Trillian 6.5.0.28 resolves several bugs. This is not a security update.
https://www.trillian.im/

WinSCP 5.21.8 is a security update.
https://winscp.net/eng/index.php

Zoom 5.14.2.14578 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4.10 improves stability. This is not a security update.
https://www.bitwig.com/download/

iTunes 12.12.8.1 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.67.1.3665 fixes the subtitle render/crash issue. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.37.2.3674 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.0.6918 resolves a font bug and a certificate installation bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.2.1.75 adds a new particle editor to the IDE and reworks some of the interface. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.1.160 resolves several bugs and adds more than a dozen new assets and feature improvements. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.23.3.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Nintendo Switch 16.0.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 23.01-07.01.01 resolves a cosmetic bug. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2023.03.15 resolves dozens of bugs. This should be treated as a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 23.001.20143 is a security update.
https://get.adobe.com/reader

Adobe Digital Editions 4.5.11.187658 is a security update.
https://www.adobe.com/solutions/ebook/digital-editions/download.html

Adobe InCopy 18.2 and 17.4.1 are security updates. Use Creative Cloud to install the update.

Adobe Acrobat and Reader 23.001.20143 and 20.005.30467 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb23-24.html

Adobe Substance 3D Stager 2.0.2 is a security update.
https://www.adobe.com/products/substance3d-stager.html

Adobe Dimension 3.4.9 is a security update.
https://www.adobe.com/products/dimension.html

Adobe Substance 3D Designer 12.4.1 is a security update.
https://www.adobe.com/products/substance3d-designer.html

Artweaver 7.0.15 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 6.15.1 resolves several bugs and improves document compatibility. This is not a security update.
https://calibre-ebook.com/

ImageMagick 7.1.1-6 resolves several bugs. This is not a security update.
https://imagemagick.org/

LibreOffice Fresh 7.5.2 resolves over 90 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most users.
https://www.libreoffice.org/

Nextcloud Desktop 3.8.0 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.5.2 resolves several context menu and cosmetic bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.3 adds center-point shape drawing and resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.5.368.0 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Caine 13.0 is a security update.
https://www.caine-live.net/

Chainsaw 2.6.0 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

FSS 2023.3.19 updates service list. This is not a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

MalwareBytes Anti-Malware 4.5.26 improves reporting and resolves several bugs. This should be treated as a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 2.4.1 improves stability. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.15 resolves several bugs. This is not a security update.
https://protonvpn.com/download

QubesOS 4.1.2 is a security update.
https://www.qubes-os.org/downloads/

RogueKiller 15.8.2 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 12.2.0.570 improves detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1250 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

Tails 5.11 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.48.4 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.6.8 integrates several net
https://github.com/Velocidex/velociraptor/releases/latest

Wireless Network Watcher 2.31 adds a dark mode option and updates internal MAC address database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

YARA 4.3.0 resolves several bugs and adds new functions and behaviors. This should be treated as a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 22.5.3 resolves several crash bugs, installation issues and improves the UI. This is not a security update.
https://www.techsmith.com/video-editor.html

SnagIt 23.1.1 resolves several bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.1.0.3 improves compatibility. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.1.6 improves compatibility and provides new output options. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 1.0.1.7 improves compatibility. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.10.4 fixes of a dozen bugs. This is a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.10.4 fixes over a dozen bugs. This is a security update.
https://1password.com/downloads/windows/

AstroGrep 4.4.9 updates libraries, adds dark theme, improves filters and resolves several bugs. This is a security update.
http://astrogrep.sourceforge.net/

Bitwarden 2023.3.3 adds domain verification, improved browser security, and resolves several bugs. This is a security update.
https://bitwarden.com/

CalyxOS Device Flasher 1.0.7 doesn’t provide a changelog so should be treated as a security update.
https://calyxos.org/install/

Carbonite 6.4.6 is a security update.
https://account.carbonite.com/

CCleaner 6.10.10347 improves cleaning and adds to the their driver update solution. This is not a security update.
https://www.ccleaner.com/

CrucialScan 20230308 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/store/systemscanner

CurrPorts 2.71 adds full screen display option. This is not a security update.
https://www.nirsoft.net/utils/cports.html

DesktopOK 10.77 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 4.0.6.806 fixes several bugs. This is a security update.
https://dmde.com/

Everything Toolbar 1.0.5 improves stability and compatibility. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

FolderChangesView 2.35 adds dark mode support and sort-by to the toolbar. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

Go 1.20.3 is a security update.
https://go.dev/

GoodSync 12.2.0 resolves several bugs. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 3.88 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2023.4.9191 adds components, new settings and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.8.2 is a security update.
https://osquery.io/downloads

PowerToys 0.69.0 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Explorer 17.04 is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

PsExec 2.42 adds support for long paths. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec

Regedix 2.0.0.0 adds registry scan and resolves paste bug. This is not a security update.
https://regedix.webrox.fr/

RoboForm 9.4.6 is a security update.
https://www.roboform.com/

Rufus 3.22 resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.2.9.8466 improves compatibility. This is not a security update.
https://www.connectwise.com/software/control/download

TCPView 4.18 resolves a crash bug and improves dark mode. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.40.8 resolves a LAN bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.2.14 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

Ventoy 1.0.91 resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WifiInfoView 2.79 resolves a display bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 8.55 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.13 adds regexp search, search history, command line options, virtual drives, sorting options, and resolves a couple bugs. This is not a security update.
https://www.diskanalyzer.com/

XnConvert 1.98 doesn’t provide a changelog so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2023 2023.2303.77.400 adds tethered view. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

ADB 34.0.1 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

GitHub Desktop 3.2.1 resolves a dozen bugs and provides several improvements. This is not a security update.
https://desktop.github.com/

Node.js 16.20.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 19.9.0 adds a new tracing feature, URL parser improvements, and resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.41.2 resolves several bugs and improves several features. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.77.1 improves stability. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.24 resolves several bugs. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.4.12 is a security update.
https://drupal.org/download

Drupal 9.5.7 resolves a bug in the editor. This is not a security update.
https://drupal.org/download

WordPress 6.2 adds several new native features – custom CSS, sticky positions, new site editor, block management, Openverse media access, and more. This is not a security update.
https://wordpress.org/

Akismet 5.1 resolves several bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.6 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.7.5.1 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.3.1 doesn’t provide a change log so should be treated as a security update.
https://wordpress.org/plugins/duplicator/

Limit Login Attempts 1.7.2 is a security update.
https://wordpress.org/extend/plugins/limit-login-attempts/

Redirection 5.3.10 resolves a save bug. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

W3 Total Cache 2.3.1 improves compatibility and resolves several bugs. This is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 7.5.1 improves stability. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Cerber Security 9.5.3 improves compatibility. This is not a security update.
https://wpcerber.com/

WPtouch 4.3.52 resolves a cosmetic bug. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2022-12-13

Merry Christmas, Folks!

Today is Patch Tuesday for December, 2022.

This month brings a new version of Windows 10 (v22H2), critical security updates for all supported Apple products, and (literally) new security updates every single week since the last update cycle on November 8th. That’s on top of the 150+ major hacks, and over 165 application updates this month. Prepare yourself, there will be about 4 GB of updates for most devices this month.

This Month in Technology

Over 15,000 websites, Abandonia2022, ABB Totalflow, Accuro, Acer UEFI Secure Boot, dozens of apps using the Algolia API, Amazon ECR, Amnesty International Canada, Android, Android OEM certificates, André-Mignot Hospital, Ankr, Antwerp, Belgium, Argentina de Soluciones Satelitales, Arkansas Department of Human Services, Atlassian Bitbucket Server, Bahrain, Bank of Russia, Boa web server, California’s Department of Finance, Canadian Teachers Union, Canon hardware, CareFirst Administrators, CCA Health Plans of California, Inc d/b/a CCA Health CA, Central Depository Services Ltd, Chiropractic Board of New Zealand, Cincinnati State Technical and Community College, Cisco IP phones, Citrix ADC and Gateway, CloudSEK, Codesys, CoinTracker, CommonSpirit Health, Community Health Network, Inc. as an Affiliated Covered Entity, Connexin Software, Consumer Directed Services In Texas, Inc., CorrectCare Integrated Health Inc, County of Tehama, California, Dallam Hartley Counties Hospital District, Deribit, Dermatology & Skin Cancer Ctr, PC, Dialpad, Inc., Dietitians Board of New Zealand, Docs Medical Inc, Doctors’ Center Hospital, Dr. Douglas C. Shoenberger,PC, Durham District School Board, Dutch LNG Terminal, Easton Cardiovascular, Ellen M. Field, M.D., Epic Management LLC, European Parliament, F5 BIG-IP and BIG-IQ, Fars News Agency, Festo, FortiOS SSL-VPN, FTX, GATE Petroleum Company Employee Benefits Plan, Gateway Rehabilitation Center, General Council of the Judiciary, GGCorp, Google Pixel 5 and 6, Google’s Looker Studio, GoTo, Guatemala’s Ministry of Foreign Affairs, Health Care Management Solutions, LLC, Health New Zealand, Hope Health Systems Inc., Hospital Center of Versailles, HP hardware, Hyundai and Genesis cars, Indian Central Board of Higher Education, Indian Community Health Network, Indian Council of Medical Research, Indian electrical grid operators, Innovative Service Technology Management Services, Inc., Kaiser Foundation Health Plan of the Mid-Atlantic States, Inc., Keralty Group, Lake Charles Memorial Health System, LastPass (again), Lehigh Valley Women’s Specialties, Lenovo UEFI Secure Boot, Lexmark hardware, Magento 2, Manassas Surgery Center Anesthesia Services, MaryAnne Freeman Brndjar, DO, PC, Medibank, Mena Regional Health System, Mercury IT, Microsoft Exchange, Mikrotik hardware, NETGEAR hardware, New York-Presbyterian Hospital, New Zealand Ministry of Justice, New Zealand Psychologists Board, New York-Presbyterian Hospital, a NY salon, NU House Calls, PC, Nuance Communications, Inc., OakBend Medical Center, One Brooklyn Health System, Optometrists and Dispensing Opticians Board of New Zealand, Oracle Fusion, Orange Telecom, Orlando Health, Pendurthi Surgical Associates, Peter J. Isaac, D.O., Physiotherapy Board of New Zealand, Plascar Participacoes Industriais, Podiatrists Board of New Zealand, Polsinelli PC, Quarkus Java Framework, Rackspace, Radio Free Asia, Receivables Performance Management, Restaurants in Cincinnati, Roman Catholic Church, Rosenfeld VanWirt, PC, Royal Mail, Samsung Galaxy S22, Sequoia One, Seville Urban Transport Company, Silverstone Circuit, Sobeys, Sonder, Sonos hardware, South Staffordshire Water, South Walton Fire District, Southampton County, Virginia, Sree Saran Medical Centre, Stanley Street Treatment and Resources, Inc., Synology hardware, Tata Power, Telstra, The Smith Family, TP-Link hardware, Tuloso-Midway Independent School District, Twitter, Uber, Ubiquiti hardware, University Medical Center of Southern Nevada, UOB KayHian, Uruguay’s Ministry of Transport and Public Works, the US government, VMware ESXi, VTB Bank, Western Digital hardware, Whoosh, Work Health Solutions, Wright & Filippis LLC, Xavier College, Yakima Neighborhood Health Services, Yale University, and the Zwijndrecht police have reportedly been hacked or compromised this month.

There’s another novel method for exfiltrating information from air-gapped devices: the power supply. Most US DoD contractors fail to implement basic security controls.

Windows updates last month broke DirectAccess, gaming performance, ODBC database connections, Remote Desktop, Task Manager, Windows Kerberos, caused Windows freezes and domain controller freezes.

Meta (Facebook and Instagram) has acknowledged they’ve been used by the US Military for propaganda

Now for the good news:

Apple is finally adding end-to-end encryption for some iCloud backups.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released updates to address 57 vulnerabilities in .NET Framework, Azure, Client Server Run-time Subsystem (CSRSS), Microsoft Bluetooth Driver, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Windows Codecs Library, Windows Hyper-V, SysInternals, Windows Certificates, Windows Contacts, Windows DirectX, Windows Error Reporting, Windows Fax Compose Form, Windows HTTP Print Provider, Windows Kernel, Windows PowerShell, Windows Print Spooler Components, Windows Projected File System, Windows Secure Socket Tunneling Protocol (SSTP), Windows SmartScreen, Windows Subsystem for Linux, Windows Terminal and MSRT (~ 2.5 GB). This includes security updates. A reboot is required.

Apple released updates for iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2, iOS 16.2 and iPadOS 16.2, macOS Big Sur 11.7.2, macOS Monterey 12.6.2, macOS Ventura 13.1, Safari 16.2, tvOS 16.1.1, tvOS 16.2, and watchOS 9.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.7.2, 16.1.2, and 16.2 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.7.2, 16.1.2, and 16.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 9.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 16.1.1 and 16.2 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 108.0.5359.75 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 37-1.7 is a major update, adding support for Raspberry Pi 4, new editions, and updates libraries. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.11.2 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.5.9 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.1.11 resolves several bugs. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Garmin Express 7.15.2 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

NVcleanstall 1.14.0 resolves several bugs. This is not a security update.
https://www.techpowerup.com/download/techpowerup-nvcleanstall/

Nvidia Driver 474.06 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Drivers by Seagull 2022.3 adds support for over 200 new devices. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

Wacom Driver 6.4.0-11 resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.46.134 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 108.0.5359.98 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 108.0.1462.46 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 108.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Vivaldi 5.6.2867.40 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.7 resolves a couple bugs and improves cosmetic options. This is not a security update.
https://getmailspring.com/

OutlookAttachView 3.47 adds option to cancel scan with Esc key. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.2.1.40643 resolves many bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.2.1.40641 resolves many bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 102.6 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 7.0.0 resolves several bugs and improves interface and Settings. This is not a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.53 adds multiple profile support to several browsers and adds the ability to cancel scan with the Esc key. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

DNSDataView 1.70 adds support for collecting A records of all PTR record. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 162.4.5419 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 172.0.0.23.215 is a security update.
https://www.messenger.com/download

FileZilla Client 3.62.2 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.6.1 resolves an installation bug and improves certificate controls. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.28 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 68.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Microsoft Teams 1.5.00.33362 adds HOSI support for compatible hardware. This is not a security update.
https://teams.microsoft.com/downloads

Minds (Android) 4.30.1 resolves several bugs. This is not a security update.
https://www.minds.com/

Nextcloud Server 25.0.2 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.7.4 improves the user interface, adds several new options, and resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.20.29 resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.34 resolves several bugs. This is not a security update.
https://pocketnet.app/

Qbox 4.0.5.35 doesn’t provide a changelog so should be treated as a security update.
https://www.coraltreetech.com/qbox

Rclone 1.60.1 resolves several bugs and improves compatibility. This is not a security update.
https://rclone.org/

Signal 6.0.1 adds Stories support. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.3.6 adds donation support. This is not a security update.
https://signal.org/android/apk/

Skype 8.91.0.404 adds universal translation and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.22.2 resolves several bugs and updates libraries. This is not a security update.
https://syncthing.net/

Technitium DNS Server 10.0.1 adds several features and resolves bugs. This is a security update.
https://technitium.com/dns/

Telegram 4.4.1 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 9.2.1 doesn’t provide a detailed changelog so should be treated as a security update.
https://telegram.org/apps

TP-Link Archer AX21 v1.3.6 is a security update.
https://www.tp-link.com/us/support/download/archer-ax21/v1.20/#Firmware

WinSCP 5.21.6 is a security update.
https://winscp.net/eng/index.php

Zoom 5.12.9.10650 improves policy controls, CC and translation, and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Bitwig Studio 4.4.3 fixes a couple stability bugs. This is not a security update.
https://www.bitwig.com/download/

Picard 2.8.5 resolves several bugs. This is a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.59.1.3398 adds support for AV1 and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.30.1.3391 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.30.0.6486 adds pattern matching, improves scheduled tasks, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.18 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2022.11.0.54 resolves dozens of bugs and improves usability. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.1.152 adds new features, including monetization through assets, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.22.12.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Steam 2022.12.01 resolves 20 bugs. This is not a security update.
https://steamcommunity.com/news/client

SteamOS SteamDeck Update 2022-11-21 resolves many bugs including hardware compatibility, performance and stability issues. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Campaign Classic 7.3.2 and 8.4.2 are security updates.
https://helpx.adobe.com/security/products/campaign/apsb22-58.html

Adobe Experience Manager 2022.10.0 and 6.5.15.0 resolve almost three dozen security vulnerabilities.
https://helpx.adobe.com/security/products/experience-manager/apsb22-59.html

Illustrator 2023 27.0.1 and 2022 26.5.2 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-60.html

Artweaver 7.0.14 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.63.1 is the final release of Atom before it is to be EOL in a couple days. Please switch to another editor.
https://atom.io/

Audacity 3.2.2 adds VST2 realtime effect support and resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 6.9.0 adds signing to all binaries and resolves several bugs. This should be treated as a security update.
https://calibre-ebook.com/

Inkscape 1.2.2 resolves dozens of bugs. This is not a security update.
https://inkscape.org/release/

Kindle for PC 1.39.65383 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 7.4.3 resolves 100 bugs. This is a security update. Remember that the Fresh line is beta software. Most users should use the Still line.
https://www.libreoffice.org/

Nextcloud Desktop 3.6.4 improves stability. This is not a security update.
https://nextcloud.com/

PDF-XChange Editor 9.5.366.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.3.0 improves culprit tracking. This should be treated as a security update.
https://github.com/countercept/chainsaw

HTTP Toolkit 1.12.1 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware Mac 4.17.8 adds support for macOS Ventura/13. This is not a security update.
https://www.malwarebytes.com/mac/

ProtonVPN 2.3.1 improves user interface. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.10 improves the user interface. This is not a security update.
https://protonvpn.com/download

Radmin VPN 1.3.4568.3 adds ability to add exceptions from within the software. This is not a security update.
https://www.radmin-vpn.com/

RogueKiller 15.6.3 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 5.7 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.45.2 resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.6.7 adds PGP automation and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

WebBrowserPassView 2.12 adds High-DPI support and improves portable browser support. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 22.4.1 resolves several bugs. This is not a security update.
https://www.techsmith.com/video-editor.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.9.4 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.3 doesn’t provide a changelog so should be treated as a security update.
https://imazing.com/heic

IsoBuster 5.1 adds support for reading the FAT directly, improves performance and stability, and resolves dozens of bugs. This is not a security update.
https://www.isobuster.com/download.php

PDF Creator 5.0.3 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.0.0.7 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.18 resolves a merge bug. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 8.9.10 improves 2FA support and compatibility, and resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 8.9.10 improves 2FA support and compatibility, and resolves dozens of bugs. This is not a security update.
https://1password.com/downloads/windows/

Agent Ransack 2022.3349 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2022.11.0 implements 2-step authentication and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.06.10144 adds and improves cleanup for over a dozen applications. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.4.1 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 10.51 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.1.197.0 adds recycle bin support, resolves several bugs, and improves bookmark behavior. This is not a security update.
https://dngrep.github.io/

Etcher 1.10.6 updates dependencies. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 2022.3349 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.39.0 resolves several bugs. This is not a security update.
https://git-scm.com/

Go 1.19.4 is a security update.
https://go.dev/

GoodSync 12.1.2 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

Homedale 2.04 removes log headers and updates languages. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.48 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

NetConnectChoose 1.10 adds Metric column and resolves a network selection bug. This is not a security update.
https://www.nirsoft.net/utils/net_connect_choose.html

NTLite 2.3.9.9018 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 10.0.1006 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.6.0 resolves several bugs, adds new columns and controls. This is not a security update.
https://osquery.io/downloads

AOMEI Partition Assistant 9.13.0 resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 6.11 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.65.0 upgrades dependencies and resolves a couple bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Explorer 17.02 resolves stability bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

RoboForm 9.3.8 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 3.21 updates dependencies, libraries, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 22.9.10589.8370 resolves dozens of bugs including stability and reliability. This is a security update.
https://www.connectwise.com/software/control/download

Sysmon 14.13 resolves a stability bug. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TeamViewer 15.36.9 improves terminal and scripting support. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.22 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Unity 2022.2.0 resolves over a hundred bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WinScan2PDF 8.31 improves compatibility with Windows 11. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.12 resolves a couple bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomText 2022 2022.2211.5.400 improves integration and stability, and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2023 2023.2210.28.400 is a new major version adding tethered view and improves compatibility. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.36.02 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Docker Desktop 4.14.1 improves stability and performance, adds WebAssembly support, user interface improvements, upgrades libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Node.js 14.21.2 updates certificates and timezone information. This should be treated as a security update.
https://nodejs.org/en/

Node.js 16.19.0 updates certificates and timezone information. This should be treated as a security update.
https://nodejs.org/en/

Node.js 19.2.0 updates libraries and resolves over a dozen bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.40.0 improves support for data recovery, performance, and reliability. This is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.74 adds several new features. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.4 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.4.9 resolves several bugs. This is not a security update.
https://drupal.org/download

HumHub 1.12.3 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 4.2.6 improves compatibility and resolves several bugs. This is not a security update.
https://www.joomla.org/

jQuery 3.6.2 improves compatibility and resolves several bugs. This is not a security update.
https://code.jquery.com/

MailEnable 9.86 is a security update.
https://www.mailenable.com/

MailEnable 10.43 is a security update.
https://www.mailenable.com/

ownCloud Client 3.0.0.9215 resolves dozens of bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 13.3.0 resolves several bugs. This is not a security update.
https://piwigo.org/

SMF 2.1.3 resolves dozens of bugs. This should be treated as a security update.
https://www.simplemachines.org/

WordPress 6.1.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/

Akismet 5.0.2 is a security update.
https://wordpress.org/extend/plugins/akismet/

Autoptimize 3.1.4 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

Contact Form 7 5.7 resolves dozens of bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.1 adds support for the latest build of WordPress and resolves several bugs. This is a security update.
https://wordpress.org/plugins/duplicator/#developers

Redirection 5.3.6 improves translations. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Register IP – Multisite 1.8.3 is a security update.
https://wordpress.org/extend/plugins/register-ip-multisite/

Simple Lightbox 2.9.3 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/simple-lightbox/

Sucuri Security 1.8.36 is a cosmetic update. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.2.9 improves translation support. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 7.1.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPtouch 4.3.46 is a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/