Updates 2022-06-14

Welcome back, Folks!

Today is Patch Tuesday for June, 2022. It’s the biggest update series in well over a year.

This Month in Technology

AA Traveller, Acuity International’s Comprehensive Health Services, Adecco, Aesto Health, Aimware, Alameda Health System, Allaire Healthcare Group, Allwell Behavioral Health Services, Amart Furniture, Aon PLC, Apple iPhones (even when off), Apple M1 CPUs, Apple Watches, Arnprior Regional Health, Associated Ophthalmologists of Kansas City, P.C., Atlassian Confluence Server and Data Center, AU Health, Bangladesh government, Bank of Zambia, Behavioral Health Partners of Metrowest, LLC, BJC Health System, BlackBerry Fans, Bored Ape Yacht Club, Bryan County Ambulance Authority, Burman & Zuckerbrod Ophthalmology Associates, P.C., Capital One, Capsule, Carinthia, Austria, Central Florida Inpatient Medicine, Chicago Public Schools, CHRISTUS Health, Cisco IOS, Comstar LLC, Costa Rican Social Security Fund, Cypress Healthcare, LLC, Dis-Chem, DivX SubTitles, East Tennessee Children’s Hospital, Fanpass, Finkelstein Eye Associates, Fishman Vision, Football World Cup 2022 qualifier between Wales and Ukraine, Foxconn, Fred Hutchinson Cancer Center, General Motors, Genetics & IVF Institute, GitHub, GitLab, Greenland’s healthcare services, Healthcare Assistance Plan for Employees of Seventh-day Adventist Organization of the North American Division, Heidell, Pittoni, Murphy & Bach, LLP, Heroku, Homestead Hospice & Palliative Care, HP BIOS, 70 Indian government websites, John Knox Village of Florida, Kaiser Foundation Health Plan of Washington, Kaiser Permanente, Kiddos’ Clubhouse, Mandiant, McCoy Vision Center, McKenzie Health System, Memorial Community Health, Inc., MGM Resorts, Microsoft Teams, Mindpath Care Centers, North Carolina, PLLC, Mississippi Sports Medicine and Orthopaedic Center, Moyes Eye Center, PC, Nikkei, NLB Corporation, North Alabama Bone & Joint Clinic, P.C., North Lakes Pain Consultants, Northern Rockies Orthopaedics, Novartis, NuLife Med, LLC, Numrich Gun Parts, OE Enterprises, Inc, OGUsers, Oklahoma City Indian Clinic, Omnicell, Orangeburg Eye Center, Oswego County Opportunities, Inc, Otherside Metaverse, Palermo, Italy, Paragon Cheats, Parker-Hannifin Corporation, Partnership HealthPlan of California, PayHere, Pegasus Airlines, Platinum Hospitalists LLP, Preen.Me, QNAP NAS, Quantum Imaging & Therapeutic Associates, Quincy, Illinois, Rainier Arms, ReadNovel, RiverKids Pediatric Home Health, Russian Ministry of Construction, Housing and Utilities, Sberbank, Scarborough Health Network, Schneck Medical Center, Screencastify, Shaker Heights City School District in Ohio, Shields Health Care Group, Shoreline Eye Group, SirHurt, SonicWall Secure Mobile Access (SMA) 1000 Series, South Australia’s Treasury, SpiceJet, Stevens & Lee, Summit Healthcare Association, Sylvester Eye Care, Telegraph, Tesla Model 3, Tesla Model Y, Texas Department of Insurance, Texas Department of Transportation, The Multiple Sclerosis Center of Atlanta, Travis-CI, Trend Micro, U.S. Drug Enforcement Administration (DEA), University of Chicago Medical Center, Val Verde Regional Medical Center, Versus Market, Viasat, Virginia Mason Medical Center, Wagner Heights Nursing and Rehabilitation Center, Washington University School of Medicine, Wendy’s, and Windows 11 have reportedly been hacked or compromised this month.

Netgear broke the Orbi firmware. I’ve been warning about the privacy risks of Wi-Fi for years. It’s finally going mainstream. A pirated version of CCleaner is yet again being used to hijack user accounts.

Apple allowed 1.6 million malicious apps onto the Apple AppStore, then later removed them.

The next time someone uses the argument that “how is a web-based business supposed to stay alive without ads” to decry your use of an ad blocker, send them this link about how third-party trackers (like the ones used in Google and DuckDuckGo) are collecting everything you type.

Now for the good news:

Intuit has finally acknowledged they’re being used to send phishing messages. They’re not going to put an end to it, but they finally have admitted that it’s a widespread source of phishing emails.

Oh, and the UK has declared that defensive attacks” are legal.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates to address 62
vulnerabilities in .NET Framework, AV1 Video Extension, Azure OMI, Azure RTOS, Azure Service Fabric Container, HEVC Video Extensions, Microsoft Endpoint Configuration Manager, Microsoft File Server, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Photos App, Microsoft SharePoint Server, Microsoft SQL Server, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Microsoft Windows Support Diagnostic Tool (MSDT), Remote Volume Shadow Copy Service (RVSS), Visual Studio, Windows App Store, Windows Autopilot, Windows Container Isolation FS Filter Driver, Windows Container Manager Service, Windows DCOM Server, Windows Defender, Windows Encrypting File System (EFS), Windows File History Service, Windows Hyper-V, Windows Installer, Windows iSCSI, Windows Kerberos, Windows Kernel, Windows LDAP, Windows Media, Windows Media Center, Windows Network Address Translation, Windows Network File System, Windows PowerShell, Windows SMB, Windows WinSock, and MSRT (~2.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.5, iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.7, Security Update 2022-004 Catalina, watchOS 8.6, tvOS 15.5.1, Safari 15.5, Xcode 13.4, and iTunes 12.12.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.5 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 15.5 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 15.5.1 is a security update. Use System, Software Update to install the most current version.

watchOS 8.6 are security updatess. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 101.0.4951.72 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Garmin Express 7.13.1 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Nvidia Driver 473.62 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.39.111 is a security update.
https://brave.com/

Google Chrome 102.0.5005.115 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 102.0.1245.41 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 101.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.10.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Iridium 2022.04.100 is a security update. Use Menu, Help, About to install the most current version.
https://iridiumbrowser.de/

Vivaldi 5.3.2679.55 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.10.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.10 resolves an error reporting bug. This is not a security update.
https://anydesk.com/en/downloads

curl 7.83.1 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

DNSDataView 1.65 adds a new command-line parameter. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 150.4.5000 resolves several bugs. This is not a security update. (btw, thank you Dropbox for finally releasing a changelog!)
https://www.dropbox.com/

FileZilla Client 3.60.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.21 adds volume GUID support, case conflicts, and resolves several bugs. This is a security update.
https://www.freefilesync.org/download.php

Google Drive 59.0 adds support for client-side encryption, system-level search shortcuts, and resolves several bugs. This is not a security update.
https://drive.google.com/start

Nextcloud Server 24.0.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

Prosody 0.12.1 adds CORS controls and resolves several bugs. This is not a security update.
https://prosody.im/download/start

PuTTY 0.77 is a major update adding several new features, networking and security features, and resolves many bugs. This should be treated as a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Signal 5.45.1 improves language leveling and data sync. This is not a security update.
https://signal.org/download/windows/

Skype 8.83.0.408 resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.20.2 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 8.1.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Trillian 6.5.0.20 resolves several bugs. This is not a security update.
https://www.trillian.im/

Trillian Mac 6.5.0.14 resolves dozens of bugs. This is not a security update.
https://www.trillian.im/

TrueNAS Core 13.0 resolves dozens of bugs. This is a security update.
https://www.truenas.com/download-truenas-core/

Wget2 2.0.1 is a security update.
https://gitlab.com/gnuwget/wget2/-/releases

Zoom 5.10.7.6120 adds Zoom Whiteboard sharing and resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.12.4.1 is a security update.
https://www.apple.com/itunes/download/

Picard 2.8.1 updates libraries and resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.46.1.3056 improves compatibility and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.18.0.3023 improves compatibility and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.27.0.5897 resolves several bugs and improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.0.12 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.5.1.16 updates runtime. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Nintendo Switch 14.1.2 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PlayStation PS5 22.01-05.10.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2022.05.31 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Calibre 5.43.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Inkscape 1.2 adds pages, markers and dashes, more gradient controls, performance improvements and resolves several bugs. This is not a security update.
https://inkscape.org/release/

LibreOffice Fresh 7.3.4 resolves over 80 bugs. This is not a security update. Remember that the Fresh line is beta software and should be avoided by most users.
https://www.libreoffice.org/

LibreOffice 7.2.7 resolves almost 50 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.5.1 resolves 20 bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4.2 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.11 improves dark theme and updates plugins. This is not a security update.
https://www.getpaint.net/

PDF Candy Desktop 2.93 doesn’t provide a changelog so should be treated as a security update.
https://pdfcandy.com/

Adobe Animate 21.0.11 and 22.0.6 are security updates.
https://helpx.adobe.com/security/products/animate/apsb22-24.html

Adobe Bridge 12.0.2 is a security update.
https://helpx.adobe.com/security/products/bridge/apsb22-25.html

Adobe Illustrator 26.3.1 and 25.4.6 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html

Adobe InCopy 17.3 and 16.4.2 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb22-29.html

Adobe InDesign 17.3 and 16.4.2 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb22-30.html

RoboHelp Server 11.3 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb22-31.html

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 15.5.3 is a security update.
https://www.adlice.com/download/roguekiller/

Tails 5.1 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.43.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.7.4 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.8 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9.5 is a security update.
https://1password.com/downloads/mac/

AccessChk 6.15 resolves a crash bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/accesschk

Agent Ransack 2022.3326 resolves several bugs and dds support for new policies and file types. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AOMEI Partition Assistant 9.8.0 improves compatibility. This is not a security update.
https://www.diskpart.com/

Bitwarden 2022.5.1 resolves several bugs and improves integration and compatibility. This is not a security update.
https://bitwarden.com/

Cygwin 3.3.5 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 9.91 adds system-wide dark theme controls. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.0.64.0 resolves several bugs, improves performance and reliability. This is not a security update.
https://dngrep.github.io/

Everything 1.4.1.1017 updates localizations and resolves a search history bug. This is not a security update.
https://www.voidtools.com/

Fido 1.29 adds UEFI Shell 2.2 support. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3326 resolves several bugs and dds support for new policies and file types. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Go 1.18.3 is a security update.
https://go.dev/

GoodSync 11.11.2 is a security update.
https://www.goodsync.com/

NTLite 2.3.6.8785 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSFMount 3.1.1001 improves command-line verbosity and error reporting. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

osquery 5.3.0 resolves several bugs. This is not a security update.
https://osquery.io/downloads

PowerToys 0.59.0 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RAMMap 1.61 improves compatibility. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/rammap

ScreenConnect 22.5.7881.8171 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SmartMonTools 7.3 resolves several bugs and improves compatibility. This is not a security update.
https://smartmontools.org/

Sysmon 13.34 resolves several bugs. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TaskSchedulerView 1.71 adds a new switch to control column display and export. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 15.30.3 improves user interface and resolves a send-to bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

TraceRouteOK 3.01 improves internal networking. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Unity 2022.1.4 improves performance and resolves several bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

USBDeview 3.05 adds WCID column. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WinScan2PDF 7.81 improves multi-monitor support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.34.03 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Android Studio 2021.2.1.15 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.0.2 resolves several bugs. This is not a security update.
https://desktop.github.com/

Node.js 14.19.3 updates OpenSSL. This is not a security update.
https://nodejs.org/en/

Node.js 16.15.1 updates OpenSSL. This is not a security update.
https://nodejs.org/en/

Node.js 17.9.1 is a security update.
https://nodejs.org/en/

Node.js 18.3.0 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.68.0 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.2.21 is a security update.
https://drupal.org/download

Drupal 9.3.15 resolves several bugs. This is not a security update.
https://drupal.org/download

HumHub 1.11.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 4.1.4 resolves several bugs. This is not a security update.
https://www.joomla.org/

OpenCart 4.0.0.0 is major update adding many new features and libraries. This is not a security update.
https://www.opencart.com/

phpList 3.6.8 resolves several bugs. This is not a security update.
https://www.phplist.org/

phpMyAdmin 5.2.0 updates libraries and resolves several bugs. This is not a security update.
https://www.phpmyadmin.net/

YOURLS 1.9.1 updates libraries and resolves several bugs. This is not a security update.
https://yourls.org/

WordPress 6.0 is a major update adding several new features, including block locking, performance, accessibility and new design tools. This is not a security update.
https://wordpress.org/

Akismet 4.2.4 only updates documentation. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

BuddyPress 10.3.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.5.6.1 resolves Constant Contact API changes and improves compatibility. This should be treated as a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Social Post Feed 4.1.4 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Duplicator 1.4.6 resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

myStickymenu 2.5.9 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Slider Revolution 6.5.24 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Sucuri Security 1.8.31 resolves a path bug. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

Theme My Login 7.1.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/

WooCommerce 6.5.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2022-03-08

Welcome back, Folks!

Today is Patch Tuesday for March, 2022. It’s a big one. This month is ugly – and not just in the tech world. It seems that in the same breath that the elite acknowledged and swept the COVID hysteria under the rug, admitting their intervention was entirely propaganda, every government, financial system, media outlet, and software vendor has chosen to simultaneously swallowed a new collection of (quickly disproven) propaganda without the slightest hint of irony. Sigh. We can only do what we can do, but do not be afraid to talk about it. Censorship is how you make enemies, not friends.

This Month in Technology

A1 Hrvatska, Adafruit, Aetna ACE, Allen ISD, Alliance Physical Therapy Group, LLC, Amazon Alexa, AON, Ascension Michigan (single affiliated covered entity) ACE, Asterisk, Asustor NAS devices, Axeda agent, Axis Communications, Baltimore Mayor’s Office of Children and Family Success, Beetle Eye, Belarus online services, Bible Fellowship Church Homes, Bronx Addiction Services Integrated Concepts Systems, Inc., CA State Bar, CareOregon Advantage, Caritas Internationalis, CBORD’s GET Mobile security platform, Charlotte Radiology, Cisco’s Email Security Appliance, Coinbase, Community Medical Center, Comprehensive Health Services LLC, Conti ransomware gang, Credit Suisse, Crossroads Health, CVS Pharmacy, dozens of COVID passport apps, Dr. Morrow, Element Vape, Englewood Health, EPIC Pharmacy Network, Inc., Expeditors International, Extend Fertility, Family Christian Health Center, Family Fare LLC, Fleetwood Area School District, FlexBooker, Gems Education, GiveSendGo/Canadian Freedom Convoy, Google Android, Harbour Plaza Hotel, Hays USD 489, Highland Hospital, Houston Health Department, Intel CPU vulnerabilities can expose your cryptographic keys, International Committee of the Red Cross, Internet Society (ISOC), Ireland’s Health Service, Jackson County Hospital District, JAX Spine and Pain Centers, Jersey City Medical Center, KLAYswap, La Posada at Park Centre, Inc., LAPSUS$, LendUs, Liberty of Oklahoma Corporation, Logan Health Medical Center, MacGeneration, Memorial Hermann Health System, Meyer, Microsoft, Microsoft App Store, Microsoft Azure, Microsoft Exchange, Microsoft SQL Servers, Mizuno, Monongalia Health System, more than 500 Magento 1-based online stores, Morley Companies, Moscow Stock Exchange, Motorola Solutions Inc, new form of distributed denial of service attack, New York State’s Joint Commission on Public Ethics, Nvidia (and it’s BAD), Ohlone College, Oklahoma City Police Department Rape Kit information, Okta Advanced Server Access, PressReader, Priority Health, PROMESA, Puma, Reality Winner’s Twitter account, Rompetrol, Russian TV stations, Samsung Electronics (including source code), San Francisco 49ers, SAP Internet Communication Manager, Sberbank, Sea Mar Community Health Centers, Seneca Nation Health System, South Shore Hospital, Swissport, T-Mobile, Taylor, Ganson & Perrin LLP, TfNSW, the Russian Military, Town Home Care, LLC, Toyota Motor Corp., UK’s Foreign Office, UK’s Information Commissioner’s Office, Ukraine local government websites, Ukrainian Cabinet of Ministers, Ukrainian Ministry of Defense, Ukrainian Ministry of Foreign Affairs, Ukrainian Verkhovna Rada, UMass Memorial Health, Inc., 52 organizations from multiple US critical infrastructure sectors, US defense contractors, US Radiology Specialists, Inc., Viasat, Visual Voice Mail, Vodafone Portugal, VxWorks-based Smart Infusion Pumps, Washington Department of Licensing, WatchGuard firewalls, Williamsville Central School District, Zabbix servers, Zenly, and Zoe Therapy Services have been hacked.

Slack and Twitter both had large outages.

AB Volvo, Activision Blizzard, Adobe, Airbnb, Apple, Apple Maps, Apple Pay, Aston Martin, BMW, Cisco, Coinbase, Daimler Truck, Dell, Epic Games, Ford Motor Company, Google, Google AdWords, Google Maps, Harley-Davidson, Intel, Jaguar Land Rover, Jolla, Mastercard, Mercedes-Benz, Microsoft, Mitsubishi Motors, Namecheap, Netflix, Nintendo, PayPal, Reddit, Readdle, Samsung Electronics, Snapchat, Spotify, SWIFT, Telegram, The EU, TikTok, Toyota Motor Corporation, Twitter, Ubisoft, Visa, Volkswagen, and YouTube have imposed their own private sanctions on Russia and sometimes Belarus.

In response to software vendors (Apple, Microsoft, Readdle and others) imposing their own form of sanctions on Russia, Russia has passed new a licensing law, effectively greenlighting piracy. After ceasing reporting from Russia, the BBC has launched Tor access in several languages. Meanwhile Russia blocks sites that violate their new propaganda law and even rocket sales to the US.

Elon Musk, never a stranger to controversy, has declared that his Starlink service will not bow to censorship demands.

It was disheartening when Canada stole the bank accounts of anyone who dared to donate to a legal protest and dispatched Antifa and the UN to put down protestors

it was worse when they simply locked down all the banks (or at least realized the damage they were doing to themselves), even if they did quickly reverse their insanity. The Mercury account lockouts affected “a large set of accounts” throughout Africa. Worse yet, the entire world banking system has locked out Russia. By the way, do Google and Apple think that disabling their pay platforms in Russia will be the move that will encourage adoption by the rest of the world?

On the topic of social credit systems, I’d like to address the theory that cryptocurrency can be used in spite of bank interventions and government lockdowns. That’s not always the case, as Coinbase demonstrated this week.

As if spurned to action by the recent release of vaccine information and bribery, Twitch is now banning streamers that share “misinformation,” such as the actual medical fraud vaccine information and research by the vaccine manufacturers themselveswill now be banned.

That’s ok, you can go back to “real life” now that cities are opening back up. Did the science change, is it all part of some greater agenda, or are people just bored?

With such a war on truth and science, how can anyone fall for the Battle of Snake Island, Ghost of Kiev, Ukrainian ransomware, or any of the dozen other examples of legacy media propaganda right now?

The CIA has been conducting bulk surveillance on US citizens and the Supreme Court is okay with police planting hidden cameras throughout your property. Telegram isn’t as secure as you might think it is.

Oh – Let’s talk about Apple AirTags…one lady tracked her shipped goods with them and caught the mover lying about it. I’m more skeptical of this story about exposing a secret intelligence service, but the reality is that stalking and tracking for vehicle/home theft are part of the downside.

Microsoft is testing a new build of Windows 11 Pro that will now require a Microsoft account in order to be able to use Windows. This directly violates their previous statements about not forcing Windows Professional and Enterprise versions to use Microsoft accounts. While this will increase deployment and maintenance costs, the real trouble is going to be with transient users that are forced to login with “a” Microsoft account on a business machine and will no longer be able to easily untie that machine or role account from the deeply embedded Microsoft “features.”

Meris Botnet was used to target a single website with over 21 million requests per second. Google Drive is flagging native macOS files as violating copyright. Another new rootable vulnerability has been discovered for Linux. The EU is trying to mandate weakened security so they can better enforce the GDPR, digital identity and social credit systems.

Now for the good news:

The problem with cryptocurrency is that it necessarily depends on a public ledger (the blockchain). Espresso intends to fix that.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is a big one. The typical computer should see roughly 2.2 GB in updates today. Let’s get started.

Microsoft released updates for .NET and Visual Studio, HEIF Image Extension, HEVC Video Extension, Microsoft 365, Raw Image Extension, Remote Desktop client, VP9 Video Extension, Windows 10, Windows 7, Windows 8.1, Windows RT, Windows Server, Azure Site Recovery, Microsoft Defender for Endpoint, Microsoft Defender for IoT, Microsoft Edge, Microsoft Exchange Server, Microsoft Intune, Microsoft Office Visio, Microsoft Office Word, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Paint 3D, Role: Windows Hyper-V, Skype Extension for Chrome, Tablet Windows User Interface, Visual Studio Code, Windows Ancillary Function Driver for WinSock, Windows CD-ROM Driver, Windows Cloud Files Mini Filter Driver, Windows COM, Windows Common Log File System Driver, Windows DWM Core Library, Windows Event Tracing, Windows Fastfat Driver, Windows Fax and Scan Service, Windows HTML Platform, Windows Installer, Windows Kernel, Windows Media, Windows PDEV, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Remote Desktop, Windows Security Support Provider Interface, Windows SMB Server, Windows Update Stack, XBox, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.3.1 and iPadOS 15.3.1, macOS Monterey 12.2.1, macOS Big Sur 11.6.4, Security Update 2022-002 Catalina, Safari 15.3, and watchOS 8.4.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.3.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 15.3.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 8.4.2 are security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 98.0.4758.107 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.9 improves cleanup. This is not a security update.

HP M281cdw Firmware 20211221 resolves the network stability issue from the previous firmware that effectively disabled the device.

Logitech Options 9.60.87 is a security update.

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.36.111 is a security update.

Firefox 98.0 is a security update.

Firefox ESR 91.7.0 is a security update.

Google Chrome 99.0.4844.51 is a security update.

Microsoft Edge 99.0.1150.36 is a security update.

SeaMonkey 2.53.11 is a security update.

Vivaldi 5.1.2567.57 is a security update.

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.10.0 is a major update to the underlying code, adding ARM support, improved spellcheck, performance, and port improvements. This is not a security update.

Thunderbird 91.6.2 is a security update.

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.6 improves password management and resolves several bugs. This should be treated as a security update.

curl 7.82.0 resolves dozens of bugs and adds several new automations. This is not a security update.

Dropbox 143.4.4161 doesn’t provide a changelog so should be treated as a security update.

FileZilla Client 3.58.0 updates libraries, log details and prepares for 2FA support. This is not a security update.

FileZilla Server 1.3.0 is a security update.

FreeFileSync 11.18 resolves several bugs. This is not a security update.

Omada Software Controller 5.1.7 resolves several bugs, adds new services and features, increases hard limits, and adds support for newer hardware. This is not a security update.

Skype 8.81.0.268 resolves several bugs and adds ability to revoke and recreate profile. This is not a security update.

Syncthing 1.19.1 resolves several bugs. This is not a security update.

WinSCP 5.19.6 is a security update.

Zoom 5.9.7.3931 is a security update.

Media Updates

These are unlikely to be of interest to most people.

darktable 3.8.1 improves performance and stability, and resolves several bugs. This is not a security update.

iTunes 12.12.2.2 doesn’t provide a changelog so should be treated as a security update.

Plex Desktop 1.41.0.2876 resolves DVR and LiveTV bugs, and improves search. This is not a security update.

Plex Home Theater 1.12.0.2884 resolves several bugs, resolution and MPV improvements, and improves stability. This is not a security update.

Plex Media Server 1.25.6.5577 resolves several bugs, improves collection, smart filtering, and reliability during media changes and replacement. This is not a security update.

Adobe Photoshop 22.5.6 and 23.2 are security updates.

Adobe Illustrator 26.1.0 is a security update.

Adobe After Effects 22.2.1 and 18.4.5 are security updates.

Game Updates

These are unlikely to be of interest to most people.

Epic Games 13.2.0 resolves several bugs. This is not a security update.

GameMaker Studio 2022.2.0.614 adds Text-In-Sequence, Track-In-Sequence, changes array behavior, updates libraries, and resolves dozens of bugs. This is not a security update.

Steam 2022.03.04 resolves over 20 bugs. This is not a security update.

PlayStation PS5 21.02-04.51.00 improves performance. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Atom 1.60.0 improves usability and resolves dozens of bugs. This is not a security update.

IcoFX 3.7 resolves several bugs and improves compatibility. This is not a security update.

LibreOffice Fresh 7.3.1 resolves over a hundred bugs, including crash and freeze issues. This is not a security update. Remember that the Fresh line is beta software and should be avoided in favor of the Still (stable) version by most users.

Nextcloud Desktop 3.4.3 resolves several bugs. This is not a security update.

Notepad++ 8.3.2 resolves several bugs. This is not a security update.

Paint.net 4.3.8 resolves several bugs and updates libraries. This is not a security update.

Calibre 5.38.0 resolves several bugs and adds new news sources. This is not a security update.

Adobe Reader DC 22.001.20085 is a security update.

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes Anti-Malware 4.5.4 resolves a dozen bugs. This is not a security update.

RogueKiller 15.4.0 resolves several bugs. This is not a security update.

uBlock Origin 1.41.8 resolves several bugs. This is not a security update.

Velociraptor 0.6.3 adds several new features and improves performance. This is not a security update.

Wireless Network Watcher 2.30 adds custom context menu items option. This is not a security update.

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD 3.70.56 updates Twitch API. This is not a security update.

Open Broadcaster Software 27.2.3 resolves dozens of bugs. This is not a security update.

ScreenToGif 2.36 resolves several bugs and adds new installation packages and package types. This is not a security update.

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.6.3 adds support for new encodings and resolves several bugs. This is not a security update.

IsoBuster 4.9.1 doesn’t provide a detailed changelog so should be treated as a security update.

MakeMKV 1.16.7 improves reliability and resolves several bugs. This is not a security update.

Utility Updates

These are unlikely to be of interest to most people.

Agent Ransack 2022.3307 resolves several bugs and adds new columns for Folder Depth, Product Version, File Version, and filtering for Owner and Product Version. This is not a security update.

Autoruns 14.09 resolves a reliability bug. This is not a security update.

Bitwarden 1.31.3 resolves several bugs. This is not a security update.

Carbonite 6.4.1 resolves two bugs. This is not a security update.

CPU-Z 2.00 adds support for new hardware. This is not a security update.

DesktopOK 9.71 resolves several bugs. This is not a security update.

DMDE 4.0.0.800 adds Btrfs support, improves ReFS, and resolves several bugs. This is not a security update.

dnGrep 3.0.29.0 resolves several bugs. This is not a security update.

Etcher 1.7.7 updates libraries, improves updater, and resolves several bugs. This is a security update.

FileLocator Pro 2022.3307 resolves several bugs and adds new columns for Folder Depth, Product Version, File Version, and filtering for Owner and Product Version. This is not a security update.

GoodSync 11.10.5 resolves dozens of bugs. This is not a security update.

grepWin 2.0.10 improves cosmetics. This is not a security update.

Nextcloud Server 23.0.2 updates libraries and resolves dozens of bugs. This is not a security update.

NTLite 2.3.4.8643 resolves several bugs. This is not a security update.

osquery 5.2.2 updates libraries, improves compatibility, and resolves several bugs. This is a security update.

AOMEI Partition Assistant 9.6.1 resolves several bugs. This is not a security update.

PowerToys 0.56.2 adds new features and resolves several bugs. This is not a security update.

ProcessMonitor 3.89 resolves a crash bug. This is not a security update.

Recuva 1.53.2065 adds telemetry. This is not a security update.

Macrium Reflect 8.0.6636 resolves several bugs. This is not a security update.

ScreenConnect 22.2.7029.8094 resolves several bugs. This is not a security update.

SimpleWMIView 1.48 adds quick-filter option “begins with.”

Sysmon 13.33 resolves a crash bug and improves memory handling. This is not a security update.

TaskSchedulerView 1.70 adds option to open task folder and enable or disable header line in exports. This is not a security update.

Unity 2021.2.14 updates libraries and resolves several bugs. This is not a security update.

Wazuh Agent 4.2.5 resolves several bugs. This is a security update.

WifiInfoView 2.75 adds MAC Group column, MAC Group filtering and 64-bit build. This is not a security update.

WinGet 1.1.12653 resolves dozens of bugs. This is not a security update.

WinRAR 6.11 improves reliability and compatibility. This is not a security update.

WinScan2PDF 7.55 improves reliability. This is not a security update.

WizTree 4.08 adds custom filtering for full scan results. This is not a security update.

ZoomText 2022.2202.36.400 adds new voices and languages, improves compatibility, and resolves several bugs. This is not a security update.

Developer Updates

These are unlikely to be of interest to most people.

ADB 33.0.0 resolves a crash bug. This is not a security update.

Docker Desktop 4.5.1 is a security update.

GitHub Desktop 2.9.11 resolves several bugs. This is not a security update.

Godot 3.4.3 resolves dozens of bugs. This is not a security update.

Node.js 16.14.0 resolves dozens of bugs. This is not a security update.

Node.js 17.6.0 updates libraries and resolves dozens of bugs. This is not a security update.

SQLite 3.38.0 resolves several bugs and updates syntax and compatibility. This is not a security update.

Visual Studio Code 1.65.1 is a security update.

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.18.0 adds LWP support and resolves an invalid mailbox bug. This is not a security update.

Drupal 9.2.13 is a security update.

Drupal 9.3.7 is a security update.

Joomla 4.1.0 is a major update adding task scheduling, child template overrides, accessibility improvements and syntax highlighting. This is not a security update.

MailArchiva 8.7.4 improves performance. This is not a security update.

MailEnable 10.38 updates libraries and resolves several bugs. This is not a security update.

phpList 3.6.7 resolves several bugs. This is not a security update.

phpMyAdmin 5.1.3 is a security update.

SMF 2.1.1 is a major update release with several new features, and improves compatibility and reliability. This update will disable any mods and custom themes and some older mods and themes will need changes to be compatible. This is not a security update.

WordPress 5.9.1 resolves over 80 bugs. This is not a security update.

Antispam Bee 2.11.0 resolves several bugs. This is not a security update.

BuddyPress 10.1.0 resolves several bugs. This is not a security update.

Contact Form 7 5.5.6 resolves several bugs. This is not a security update.

Slider Revolution 6.5.18 resolves several bugs. This is not a security update.

Social Post Feed 4.1.2 resolves several bugs. This is not a security update.

myStickymenu 2.5.8 resolves a couple bugs and adds cosmetic and layout features. This is not a security update.

Widgets on Pages 1.6.0 is a security update.

WooCommerce 6.3.0 is a security update.

WP Mail SMTP 3.3.0 improves compatibility and resolves several bugs.

WordPress Zero Spam 5.2.15 is a security and woke-ness update. Since they’re now injecting content of their own choice into your website, they can no longer be trusted and you should remove this plugin from your websites.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-12-14

Welcome back, Folks!

Today is Patch Tuesday for December, 2021. This month has been relatively mild, especially for the typical user. Businesses are facing some serious Christmas disasters including massive botnets targeting WordPress, Log4j, payment platforms, and state-run “passport” systems. Nevertheless, the grind continues.

This Month in Technology

ActMobile Networks (VPN), Alberta HealthAstoria Company LLC, thousands of AT&T Edgewater Networks devicesAtrafBay Village High SchoolBeaverhead County High SchoolBioPlus Specialty Pharmacy Services, LLCBitmartBrazilian Ministry of HealthBroward Public SchoolsBrussels Bru-VaxBureau VeritasCentral Depository Services LtdCalifornia Pizza KitchenCostcoCox CommunicationsDeKalb County School DistrictDelta-Montrose Electric AssociationDNA Diagnostics CenterEpiscopal Retirement ServicesEscambia County School DistrictEskenazi HealthEvanston Township High SchoolFlorida Heart AssociatesFrench-Public School BoardFrontier SoftwareGoDaddy Inc (and 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple, and tsoHost), GravatarHeadwaters Health Care CentreHealth Service ExecutiveHellman Worldwide LogisticsHikvision surveillance systemsHisar health departmentHPE, dozens of HP printer modelsHuntington HospitalIDC GamesIKEAIndonesian police, various Iranian gas stationsJohnson Memorial HealthKisters AGKMSPicoKronosLakeside SchoolLINE PayLewis and Clark Community CollegeMaryland Department of HealthManhasset School DistrictMicrosoft Exchange ServersMedsurant HealthMNG CargoNewfoundland and Labrador Health-Care SystemNordic Choice HotelsNorth Oklahoma County Mental Health CenterNortheastern UniversityNowiny Commune OfficeOld Pulaski Middle SchoolOne Community HealthOregon Anesthesiology Group, P.C.Pakistan’s National Database Biometric DataPanasonicPellissippi State Community CollegePlanned Parenthood Los Angeles, millions of PlayStation 5 devicesQNAP NAS devicesRedDoorzRideau Valley Health CentreRiverhead Central School DistrictRobinhoodS&R Membership ShoppingSanDisk SecureAccessSea Mar Community Health CentersShelley School DistrictSimon Eye Management, millions of Sky RoutersSonicWall SMA 100 VPNsSouth Australian GovernmentSouthern Ohio Medical CenterSPAR StoresSpotswood Public SchoolsStor-a-file LimitedStripchatSupernus Pharmaceuticals, Inc., Swire Pacific OffshoreTATATP-Link routersTrue Health New MexicoTulane University Medical CenterUlss 6 EuganeaUS defense contractorsU.S. State DepartmentUtah Imaging AssociatesVirginia’s Division of Legislative Automated SystemsVestasVolvoWaikato DHBYemeksepetiZa: Standard Bank, and Zoho ServiceDesk have reportedly been hacked this month.

A Tesla server outage prevented owners worldwide from unlocking their cars.

Another 5 hour outage at AWS caused problems for thousands of websites that depend upon the “reliability” of cloud services. Netflix, Ring, Amazon Prime Video, Amazon deliveries, and Roku were just a few affected sites and services.

Google Photos suffered from a bug for 10 days that damaged all downloads over 128 MB. They alerted their customers to the problem about a month after fixing the bug.

Instead of focusing on providing a more secure product, Apple is suing the NSO Group for developing malware that exploits vulnerabilities in Apple products.

Google, Apple and Samsung payment services exposed to provide unlimited access to digital wallets without authentication.

Grafana – used in thousands of applications for the gorgeous displays it can provide – has patched multiple critical security vulnerabilities. Expect vendors to play catch-up as they release updates that update their Grafana libraries.

Like Grafana, Log4j is another widely used engine across thousands of applications – mostly in corporate and enterprise applications. It’s been exploited in 40% of corporate networks globally, so far. It’s not just corporate risk – even Minecraft is vulnerable.

A massive series of attacks targeting managed WordPress websites has compromised at least 1.8 million sites so far. Merely patching the sites and removing unused and out-dated plugins and themes would have eliminated the risk here.

Now for the good news:

Alexa.com is finally being shut down after 25 years of misrepresenting the web.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is smaller than it has been in months. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, and MSRT (~1.5 GB). This includes updates for Windows Server 2008. This includes security updates. A reboot is required.

Apple released updates for macOS Monterey 12.1, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, tvOS 15.2, watchOS 8.3, and watchOS 8.1.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.2 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 15.2 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 15.2 is a security update. Use System, Software Update to install the most current version.

watchOS 8.3 and 8.1.1 are security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 96.0.4664.77 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Citizen Driver 2021.3 adds support for over 430 hardware printer models and resolves several minor bugs. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/citizen/download/

CognitiveTPG Driver 2021.3 adds support for over 430 hardware printer models and resolves several minor bugs. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/cognitivetpg/download/

Logitech Options 9.40.86 adds support for new hardware and resolves several bugs. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025297893

Logitech SetPoint 6.70.55 adds support for new hardware and resolves several bugs. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025141274

Xerox Smart Start 1.6.28.0 adds support for newer drivers. This is not a security update.
https://www.support.xerox.com/en-us/content/143617

Zebra Driver 2021.3 adds support for over 430 hardware printer models and resolves several minor bugs. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/zebra/download/

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.32.115 is a security update.
https://brave.com/

Google Chrome 96.0.4664.110 is a security update.
https://www.google.com/chrome/

Microsoft Edge 96.0.1054.53 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 95.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.4.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.10.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 5.0.2497.28 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.4.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 7.0.4 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk for macOS 6.3.3 improves M1 compatibility. This is not a security update.
https://anydesk.com/en/downloads

curl 7.80.0 resolves over 100 bugs. This should be treated as a security update.
https://curl.haxx.se/windows/

Dropbox 136.4.4345 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.57.0 updates libraries and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.15 resolves several bugs and improves user interface and compatibility. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 54.0 improves compatibility and resolves several bugs. This is not a security update.
https://drive.google.com/start

Npcap 1.60 resolves over a dozen bugs and improves stability. This is not a security update.
https://nmap.org/npcap/

Syncthing 1.18.5 resolves several bugs. This is not a security update.
https://syncthing.net/

Telegram 3.3.0 adds media distribution controls, bot improvements and channel controls. This is not a security update.
https://telegram.org/

WinSCP 5.19.5 resolves several bugs and adds Google Cloud S3 API support. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.8.7.2058 adds many new features and resolves a dozen bugs, mostly with compatibility. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.19 improves compatibility with VRoid Studio and adds Leap Motion. This is not a security update.
https://en.3tene.com/

Plex Desktop 1.39.1.2763 resolves code signing. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.9.0.2741 adds audio stream selection, resolves several bugs, and improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.25.2.5319 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2.3.7.606 improves reliability and performance, and resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Nintendo Switch 13.2.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 21.02-04.50.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2021.11.19 resolves several bugs, improves reliability and stability. This is a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 3.1.2 improves stability. This is not a security update.
https://www.audacityteam.org/download/

Blender 3.0 is a major new version with dozens of new features, improvements in modeling, shadows, geometry and more. This is not a security update.
https://www.blender.org/download/

LibreOffice Fresh 7.2.4 is a security update.
https://www.libreoffice.org/

LibreOffice Still 7.1.8 is a security update.
https://www.libreoffice.org/

Notepad++ 8.1.9.3 resolves several bugs and improves diagnostics to troubleshoot a persistent crash bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.3.4 resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 9.2.359.0 resolves several bugs. This is not a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

Adobe Premiere Rush 2.0 is a security update.
https://helpx.adobe.com/security/products/premiere_rush/apsb21-101.html

Adobe Experience Manager 6.5.11 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb21-103.html

Adobe Connect 11.4 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-112.html

Adobe Photoshop 22.5.4 and 23.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-113.html

Adobe Prelude 22.1.1 is a security update.
https://helpx.adobe.com/security/products/prelude/apsb21-114.html

Adobe After Effects 22.1.1 and 18.4.3 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb21-115.html

Adobe Dimension 3.4.4 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb21-116.html

Adobe Premiere Pro 15.4.3 and 22.1.1 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html

Adobe Media Encoder 15.4.3 and 22.1.1 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb21-118.html

Adobe Lightroom 5.1 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb21-119.html

Adobe Audition 14.4.3 and 22.1.1 are security updates.
https://helpx.adobe.com/security/products/audition/apsb21-121.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.25 adds backups, external storage support, updates applications and resolves several bugs. This is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

BelArc Advisor 11.1 doesn’t provide a changelog so should be treated as a security update.
https://www.belarc.com/products_belarc_advisor

Chainsaw 1.1.4 improves logging, error handling, and removes progress bar for reliability. This is not a security update.
https://github.com/countercept/chainsaw

Hashcat 6.2.5 improves improves hardware compatibility, performance, and resolves several bugs. This is a security update.
https://hashcat.net/hashcat/#downloadlatest

RogueKiller 15.1.4 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.39.2 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.10.0 adds support for managing collections. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Wireless Network Watcher 2.26 updates internal MAC address database and improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2022.0.0 adds several new features including a universal file format, cross-platform markup, and cloud storage, improves performance, and resolves several bugs.
https://download.techsmith.com/snagit/releases/snagit.msi

VideoCacheView 3.08 adds compatibility with newer browser builds. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

PDF Creator 4.4.1 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9.2 improves compatibility and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

7-Zip 21.06 adds memory controls, dictionary size improvements, hash validation support, and resolves several bugs. This is not a security update.
https://www.7-zip.org/

Agent Ransack 2022.3277 adds OCR, new themes, improves indexing, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitcoin 22.0 removes defunct protocols, updates privacy and resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

Carbonite 6.4.0 improves compatibility. This is not a security update.
https://account.carbonite.com/

Cygwin 3.3.3 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 9.44 adds dark theme support, high-DPI improvements, and several bug fixes. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.7.1 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Fido 1.27 adds support for Windows 10 v21H2. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3277 adds OCR, new themes, improves indexing, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.34.1 resolves several bugs. This is not a security update.
https://git-scm.com/

GoodSync 11.9.7 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.0.9 improves reliability and adds exact match support. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

Homedale 2.01 improves MAC Address vendor detection and IE DFS dump. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 3.44 improves accuracy. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.3.2.8519 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PointerStick 5.61 improves high-DPI support and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.51.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ReactOS 0.4.13.32 resolves over a hundred bugs, and improves stability, compatibility and reliability. This is a security update.
https://reactos.org/

SearchMyFiles 3.15 improves summary mode, zero-value filters, and search improvements. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Synergy 1.14.2 resolves over a dozen bugs, improves reliability, adds M1 support, and adds automatic restart on settings change. This is not a security update.
https://symless.com/synergy/

TraceRouteOK 2.66 adds dark theme support, high-DPI improvements, and several bug fixes. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

USB Oblivion 1.17.0.0 resolves a key name bug and improves performance. This is not a security update.
http://www.cherubicsoft.com/en/projects/usboblivion

WakeMeOnLan 1.90 adds global and bulk WOL support and updates MAC addresses databases. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WhyNotWin11 2.4.3.1 improves stability, hardware detection, and compatibility improvements. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WinScan2PDF 7.51 resolves several minor bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.07 improves MTP/PTP compatibility, reliability, and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomText 2021 2021.2111.4.400 improves compatibility. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2022 2022.2110.70.400 improves compatibility. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Docker Desktop 4.3.1 is a security update.
https://www.docker.com/products/docker-desktop

Node.js v14 14.18.2 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js v16 16.13.1 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js v17 17.2.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Redemption 6.1.0.6054 adds MarkSaved and OverridePSTDisableGrow, and IMAP4 controls, and resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

SQLite 3.37.0 improves STRICT, CHECK constraints, and CLI improvements. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.63 adds several features and improves compatibility. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.30 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.16 improves compatibility and resolves a couple bugs. This is not a security update.
https://coppermine-gallery.net/

Drupal 9.3.0 updates libraries and dependencies, improves compatibility, and resolves a couple bugs. This is not a security update.
https://drupal.org/download

HumHub 1.10.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

MailArchiva 8.4.1 is a security update.
https://mailarchiva.com/

Nextcloud Server 23.0.0 is a major update adding massing performance improvements, improved external integrations, Backup and more. This is not a security update.
https://nextcloud.com/

ownCloud Client 2.9.2.6206 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

phpList 3.6.6 is a security update.
https://www.phplist.org/

Piwigo 12.1.0 resolves several bugs. This is not a security update.
https://piwigo.org/

ScreenConnect 21.14.5791.8004 improves reliability and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.8.2 is a security update.
https://wordpress.org/

Autoptimize 2.9.3 improves multisite support and resolves several bugs. This is not a security update.

bbPress 2.6.9 resolves several bugs. This is not a security update.

Contact Form 7 5.5.3 improves Constant Contact integration, filters and form properties. This is not a security update.

Slider Revolution 6.5.11 resolves several bugs. This is not a security update.

Social Post Feed 4.1 updates libraries and resolves several bugs. This version will need to reconnect to any Facebook feeds you use. This is not a security update.

Theme My Login 7.1.4 resolves several bugs. This is not a security update.

W3 Total Cache 2.2.1 resolves several bugs. This is not a security update.

WP Mail SMTP 3.2.1 improves compatibility. This is not a security update.

WordPress Zero Spam 5.2.8 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-10-12

Welcome back, Folks!

Today is Patch Tuesday for October, 2021.

This month we’ve got the new Microsoft Office, Windows 11, iOS 15, iPhone 13, and Windows Server 2022…so far. A new build of Windows 10 is still on the horizon, and a security update for Java is slated for next week. That said, Patch Tuesday this month is very large. The typical computer should see roughly 2.3 GB in updates today.

This Month in Technology

Amnesty InternationalAjarnApple AirTag, Apple Game CenterAzure DevOpsBanco PichinchaBank of AmericaBitcoin.orgBrewDog, the Canadian Vaccine Passport systemCanopy Parental ControlCoinbaseCompoundCox Media GroupCrystal ValleyDahua cams, various DVR devicesElastic StackFantasy Football HubGiant GroupForward AirHorizon HouseHuawei Cloud, various IT companiesJVCKenwoodMarketronMedtronic insulin pump controllers, Microsoft Windows Platform Binary TableMoneyLionNeiman MarcusNEW CooperativeOlympus USPacific City BankPlaybookPort of HoustonSandhills GlobalSimon Eye Management90% of the supply chainSyniverseThe TelegraphTwitch (there’s a lot of information out there about this Amazon property hack), United Health Centers, the US Navy, various aerospace and telco firms, various Apache Airflow servers, various Apache services, various Confluence servers, various hotels, various healthcare facilities, various real estate organizations, various University Wi-Fi networks, various VMware ESXi serversVertafore, and Weir Group.

The assets and financial information of 35 world leaders have been exposed in the Pandora Papers.

A Microsoft Azure customerBandwidth.com, and VoIP.ms have been struck by major denial of service attacks.

How serious are the privacy risks of RFID? The US military is using RFID to track their guns. This results in the ability to track (and target) those carrying the weapons.

How serious is ransomware? Another child has died as a result of equipment that was disabled during an attack.

The Google idle detection API can be used to abuse you only when it knows you’re not looking. For a company whose slogan was “don’t be evil,” and that has the highest paid programmers in the world, between idle detection and FLoC, they’re really proving to either not be able to anticipate the potential risks or they simply don’t care.

Firefox is now injecting ads into the address bar. Apple Pay allows hackers to take your money from your locked iPhonePhishing messages posing as Verizon are using mathematical symbols to evade detection. Intuit is warning users of phishing attacks targeting QuickBooks users. Popular projects on public repositories remain high profile targets. If you can’t trust the hacker you bought your exploit kit from, who can you trust? Sigh.

The biggest outage this month was the Facebook, Messenger, Instagram, Oculus, and WhatsApp that has lead to millions of users abandoning FacebookTrello has had a couple outages, too.

Microsoft is planning to randomly disable access to their customers to see if they’re using their services. Personally, I would just check the logs.

Microsoft 365 broke MFA again, locking users out of their accounts. And a bug in their Exchange Autodiscover implementation has leaked over a 100,000 credentials. A newly discovered UEFI bootkit has been backdooring Windows devices for almost a decade.

Google, the same company that warned of the risks of compromise through 2FA (as have many others), will be forcing 150 million accounts to use 2FA.
This is the same company that accidentally sent thousands of past due messages to their users last month. Their Android operating system is very privacy-averse, too.

A new ransomware strain doesn’t even both encrypting your files anymore, simply collecting a copy of your data and using the threat of release to extort their users.

If you’re still using a landline phone it’s probably because you don’t like change. Get ready, change is coming anyway. In order to more easily assist those having a mental health crisis, the FCC is going to require you to use full 1+10-digit dialing
when making any calls on a landline and 10-digit dialing from most mobile phones starting in late October. The intent is to make dialing a 3-digit number possible for the suicide hotline (988).

PG&E has been charged with causing yet another wildfire.

Now for the good news:

For what it’s worth, robocalls are now illegal.

Even the majority of IT professionals think patching is too hard. Don’t do it yourself, let me.

Let’s Get Busy

Now back to our regularly scheduled program.

Windows 11 is out. Even if your hardware supports it, don’t install it yet. Consider it in the “open beta” phase. The new build of macOS (12.0 / Monterey) should be released sometime soon, too. The same goes for that: consider it a beta for at least the first couple months.

Patch Tuesday this month is very large. The typical computer should see roughly 2.9 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~2.3 GB). This includes updates for Windows Server 2008. This includes security updates. A reboot is required.

Apple released updates for watchOS 8.0.1, iOS 12.5.5, iOS 15.0.2, iPadOS 15.0.2, and Security Update 2021-006 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.0.2 and 12.5.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.0.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 8.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 93.0.4577.95 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.4 adds support for Windows 11 and improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

HP LaserJet Stub 13.4.8 doesn’t provide a detailed changelog so should be considered a security update.
https://123.hp.com/us/en/devices/LASERJET

MS Mouse and Keyboard Center 14 adds support for newer hardware, Spotlight and improves Smart Switch. This is not a security update.
https://www.microsoft.com/accessories/en-us/downloads/mouse-keyboard-center

Xerox Smart Start 1.6.26.0 doesn’t provide a detailed changelog so should be considered a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.30.89 is a security update.
https://brave.com/

Google Chrome 94.0.4606.81 is a security update.
https://www.google.com/chrome/

Microsoft Edge 94.0.992.47 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 93.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.15.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.9.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 4.3.2439.44 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.43 adds hi-DPI support and improves sorting behavior. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 91.2.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Telegram 3.1.8 resolves several bugs. This is not a security update.
https://telegram.org/

curl 7.79.1 resolves several bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 132.4.3800 does not provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.56.0 is a security update.
https://filezilla-project.org/

Omada Software Controller 4.4.6 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.56.2 resolves several bugs. This is not a security update.
https://rclone.org/

Syncthing 1.18.3 improves reliability and resolves a cosmetic bug. This should be treated as a security update.
https://syncthing.net/

Technitium DNS Server 7.0 is a major update to the API and Apps feature, each of the Apps, adds several more Apps, and resolves several bugs. This is not a security update.
https://technitium.com/dns/

WGet 1.21.2 is a security update.
https://eternallybored.org/misc/wget/

WinSCP 5.19.3 is a security update.
https://winscp.net/eng/index.php

Zoom 5.8.1.1435 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.12.1.1 doesn’t provide a changelog so should be treated as a security update.
https://www.apple.com/itunes/download/

Picard 2.6.4 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.35.1.2632 corrects a couple minor bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS5 21.02-04.02.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2021.10.07 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.10 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Audacity 3.0.5 resolves bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.5 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.blender.org/download/

LibreOffice Fresh 7.2.1 resolves over 80 bugs. This is not a security update. The “Fresh” line is beta software and should be avoided in favor of the “Still” line.
https://www.libreoffice.org/

LibreOffice Still 7.1.6 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.5 improves security. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.5 adds date insertion and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.11 is a security update.
https://www.openoffice.org/download/

Adobe Reader DC 21.007.20099 is a security update.
https://get.adobe.com/reader

Adobe Acrobat DC 21.007.20099 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb21-104.html

Adobe Connect 11.2.3 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-91.html

Adobe Reader Mobile 21.9.0 is a security update.
https://helpx.adobe.com/security/products/reader-mobile/apsb21-89.html

Adobe ops-cli 2.0.5 is a security update.
https://helpx.adobe.com/security/products/ops_cli/apsb21-88.html

Adobe Commerce 2.4.3-p1 and 2.3.7-p2 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-86.html

Adobe Campaign 21.3.1 is a security update.
https://helpx.adobe.com/security/products/campaign/apsb21-52.html

Security Software Updates

One or more of these is likely to be of interest to most people.

PureOS 10.0 is a security update.
https://pureos.net/download/

Tails 4.23 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

OnionShare 2.4 is a security update.
https://onionshare.org/

RogueKiller 15.1.1 is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.1.1 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.38.4 resolves Twitch filtering and important filters. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.34 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.2 resolves several bugs. This is not a security update.
https://handbrake.fr/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9 adds the ability to “securely” share a link with others. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.9.822 adds the ability to “securely” share a link with others. This is not a security update.
https://1password.com/downloads/windows/

Autoruns 14.03 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Bitwarden 1.28.3 resolves several bugs. This is not a security update.
https://bitwarden.com/

ControlMyMonitor 1.29 adds the ability to set font options. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

dnGrep 2.9.400.0 improves bookmarks and adds option to hide missing files in Everything search. This is not a security update.
https://dngrep.github.io/

Etcher 1.6.0 adds basic auth support and updates libraries. This is not a security update.
https://www.balena.io/etcher/

Everything CLI 1.1.0.20 doesn’t provide a changelog so should be treated as a security update.
https://www.voidtools.com/

Fido 1.26 adds Windows 11 downloads. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 2.7.0 adds user-presence tracking, improves the security tab, and updates libraries. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 11.8.6 resolves several bugs, updates certificates and libraries. This is not a security update.
https://www.goodsync.com/

Homedale 1.99 resolves a privacy bug. This is not a security update.
https://www.the-sz.com/products/homedale/

NTLite 2.3.0.8394 updates libraries and assignment options. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.4.1 adds Windows 11 compatibility. This is not a security update.
https://www.diskpart.com/

PowerToys 0.47.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.85 doesn’t provide a changelog so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Samsung Magician 7.0.0 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

TCPView 4.15 doesn’t provide a changelog so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.22.3 improves chat notification and resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WhyNotWin11 2.4.2.1 improves compatibility and accuracy. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

Windows 11 RCT 1.2.1 updates libraries and improves compatibility. This is not a security update.
https://bytejams.com/

WinGet 1.1.12653 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WizTree 4.03 improves reliability, and improves details when loading exports. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.3.4 resolves over a dozen bugs. This is not a security update.
https://godotengine.org/

Node.js 12.22.7 is a security update.
https://nodejs.org/en/

Node.js 14.18.1 is a security update.
https://nodejs.org/en/

Node.js 16.11.1 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.61 adds split views, improved locking, new decorations, improved pair guides and more. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.12.2 adds support for Android 12, scoped storage, and resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.15 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Dada Mail 11.16.3 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 4.1.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.7 resolves over a dozen bugs. This is not a security update.
https://drupal.org/download

MailArchiva 8.3.2 resolves several bugs. This is a security update.
https://mailarchiva.com/

Nextcloud Server 22.2.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

phpList 3.6.5 resolves several bugs. This is not a security update.
https://www.phplist.org/

ScreenConnect 21.13.5058.7951 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Slider Revolution 6.5.9 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Akismet 4.2.1 resolves an AMP validation bug. This is not a security update.

Contact Form 7 5.5.1 resolves a couple bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.23 is a security update.

Sucuri Security 1.8.30 is now a non-GoDaddy project. This is not a security update.

Visual Composer 39.1 resolves a cosmetic bug. This is not a security update.
https://visualcomposer.com/

WooCommerce 5.7.1 reverts a path change bug. This is not a security update.

WP Mail SMTP 3.1.0 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2021-08-10

Welcome back, Folks!

Today is Patch Tuesday for August, 2021. It’s a big one. There have been a series of Apple, Microsoft, and various hardware vulnerabilities, as well as the quarterly Oracle updates that kept the industry hopping. Couple that with Black Hat 2021 last week, which kept reminding us how poorly those who design our technology have done and continue to do.

This Month in Technology

Apple devices via Pegasus, IOMobileFrameBuffer, and Wi-Fi namesAtlassianCharming Kitten (hacking group), Cloudstar, cdnjs, FortiNet FortiManager and FortiAnalyzer, HP (and Samsung and Xerox) printer driver, Illinois State Police, Linux via SequoiaPulse Connect Secure, SonicWall Secure VPN, Swisslog Healthcare’s Translogic PTSVMware ESXiWindows via a SAM security bug, Hello, PrintNightmare (x3+), and PetitPotam, and a new exploit method for wiretapping DNS.

Apple announced a new feature where they scan your content “only” for images of child exploitation provided by an unaccountable third-party, while they assure their customers’ “screeching voices” that they won’t allow governments to directly access the data or feed the database or algorithms (uh-huh), just remember that this is the same company that vowed to silence online dissent and already works with governments to expose their users’ activity. Oh, and they’re launching their own VPN service which they claim even they won’t know what you’re using it for. Wink, wink.

While I’m on the subject of VPNs, Windscribe (a “secure” VPN service) servers were seized and were discovered to not use encryption. Talk about a false promise of privacy!

Now let’s do security. If you still thought Avast (the “get hacked every year” anti-virus company) was worth anything, knowing that Norton (the “we’ll just run our own crypto mining software on your hardware and you can pay us for it” people) was in talks to buy them for about $8B should make your skin crawl. Zoom lost an $85 million class-action cybersecurity lawsuit, and Colonial Pipeline is being targeted now.

The US Federal Government received a C- grade for their IT security. Half of the agencies tested received D grades. These are the same agencies that recently made a claim about the most secure election in history. Pay no attention to the missing 95% of ballots or remote access to voting machines. Or else!

Edward Snowden has a great writeup of physical vs theoretical security concerns,
and another on how the “security” industry is failing everyone. Regular maintenance (of everything!) is critical to technology security. Stale hardware & software are responsible for nearly every security incident. This is what we do and why this newsletter is even being published.

There was a major outage at Akamai that took down a large portion of the Internet.

Google broke ChromeOS twice this month for many users, once by preventing users from being able to login due to a single character coding error. I’m reminded of a Mark Twain quote: “Be careful about reading health books. You may die of a misprint.”

The thing about someone willing to buy your ransomware: when they feel wronged they’re likely to betray your ransomware gang.

Amazon is losing employees while CNN is firing them. Property owners are being ripped off by the state, and their tenants. There are child predators at Disney World.

There’s now a lawsuit over CDC under-counting vaccine deaths, meanwhile they’re over-counting infectionsignoring the risks, downplaying the ineffectiveness of the vaccine-induced herd immunity, and mandating cancer in children. Multiple pharmaceutical giants neglected to keep records of which “vaccines” were placebos and the European Parliament is being held liable for vaccine injuries and deaths. At least there has been victory in Alberta. It’s hard to take them seriously when they’re demonizing free will, treating dictates as law, government agencies are concealing their own violations of international lawmandating doctors violate their medical licenses in order to keep them, while flip-flopping like fish, and imposing prison time for unlawful parading. Would you trust someone with your life who thinks you should be in prison for disagreeing with them? It’s not enough for government to take 13%+ of what you pay at the pump (most gas stations profit is 1% or less) and force you into electric vehicles that they can pull the plug on anytime, they want to charge you for every mile you travel, too, personal or business.

Now for the good news:

Andy’s Mountain Grill & Deli is coming back! Starlink is growing fast and improving reliability and environmental tolerances.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.7.1 and iPadOS 14.7.1, macOS Big Sur 11.5.1, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, watchOS 7.6.1, tvOS 14.7, Safari 14.1.2, and iTunes 12.11.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.7.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 14.7.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.6.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 14.7 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 92.0.4515.130 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Nvidia 471.68 resolves several bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Xerox Smart Start 1.6.25.0 doesn’t provide a changelog so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.27.111 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 92.0.4515.131 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 92.0.902.67 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 91.0 is a security update. Use Help, Check for updates to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.13.0 is a security update. Use Help, Check for updates to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.8.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 4.1.2369.16 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk for macOS 6.3.0 improves scam handling, adds PKG release, and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 7.78.0 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 128.4.2870 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.55.1 resolves a couple bugs. This is not a security update.
https://filezilla-project.org/

Google Earth 7.3.4 is a security update.
https://earth.google.com/

Java 8u301 is a security update.
https://www.java.com/en/download/manual.jsp

Nmap 7.92 resolves dozens of bugs. This is not a security update.
https://nmap.org/

Prosody 0.11.10 is a security update.
https://prosody.im/download/start

PuTTY 0.76 resolves several bugs. This is not a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Rclone 1.56.0 adds many new features, improves compatibility, and resolves several bugs. This is not a security update.
https://rclone.org/

Skype 8.73.0.124 resolves several bugs. This is not a security update.
https://www.skype.com/

Telegram 2.9.0 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 5.19.2 updates libraries and resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.7.4.804 improves notifications and resolves several bugs. This is not a security update.
https://zoom.us/

Email updates

These are unlikely to be of interest to most people.

Thunderbird 78.13.0 is a security update. Use Help, Check for updates to get the most current version.
https://www.thunderbird.net/en-US/

Media Updates

These are unlikely to be of interest to most people.

Flickr Downloadr 3.4.1.1 updates libraries. This is not a security update.
https://flickrdownloadr.com/downloads/

iTunes 12.11.4 is a security update.
https://apple.com/itunes

Plex Media Server 1.23.6.4881 resolves several bugs and improves scanner. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 12.2.12 resolves several bugs. This is not a security update.
https://www.epicgames.com/

Nintendo Switch 12.1.0 improves stability. This is not a security update.

Steam 2021.07.21 resolves a path bug. This is not a security update.
https://www.steampowered.com/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Connect 11.2.3 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-66.html

Adobe Magento Commerce 2.4.3, 2.4.2-p2, and 2.3.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-64.html

Adobe Reader DC 21.005.20060 improves reliability. This is not a security update.
https://get.adobe.com/reader

Atom 1.58.0 improves cosmetics and resolves several bugs. This is not a security update.
https://atom.io/

Audacity 3.0.3 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.2 resolves dozens of bugs. This is not a security update.
https://www.blender.org/download/

Krita 4.4.7 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.1.5 resolves over 50 bugs. This is not a security update. The “Fresh” line is beta software and should be avoided for the stable release.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.0 resolves over 50 bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.2 improves dark mode. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

DNSQuerySniffer 1.85 adds sort menu options and improves high DPI support. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

elementary OS 6 is a major update that integrates several new features and controls and a simplified installer. This is not a security update.
https://elementary.io/

RogueKiller 15.0.9 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.37.2 resolves several books. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Tails 4.21 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD 3.70.51 adds PS5 and Xbox Series X/S to input and resolves several bugs. This is not a security update.
https://www.elgato.com/en/game-capture-software

ScreenToGif 2.33.1 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.4.3 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.0 adds several new filters, improves hardware encoding, resolves several bugs, and updates libraries. This is not a security update.
https://handbrake.fr/

Utility Updates

These are unlikely to be of interest to most people.

Dell Command Update 4.3 is a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 9.15 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

GoodSync 11.8.0 resolves several bugs and improves compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 1.98 improves CLI support. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 3.33 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.2.0.8152 adds several new features, improves performance, updates libraries and resolves bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.4 adds Disk Defrag and resolves a bug. This is not a security update.
https://www.diskpart.com/

ProcDump 10.1 adds an option to specify a dumpfile comment and supports triage dumps. This is not a security update.
https://live.sysinternals.com/

PowerToys 0.43.0 improves stability and accessibility, and resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RDCMan 2.82 resolves a couple bugs. This is not a security update.
https://live.sysinternals.com/

RoboForm 9.1.9 resolves several bugs. This follows shortly after a security update.
https://www.roboform.com/

Rufus 3.15 updates libraries and resolves several bugs. This is not a security update.
https://rufus.ie/en/

Sigcheck 2.82 resolves a stability bug. This is not a security update.
https://live.sysinternals.com/

Synergy 1.14.0 is a security update.
https://symless.com/synergy/

Sysmon 13.23 resolves a stability bug. This is not a security update.
https://live.sysinternals.com/

ZoomText 2021 2021.2107.13.400 adds support for new hardware and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Node.js 16.6.1 resolves several bugs. This build closely follow 16.6.0, which was a security update.
https://nodejs.org/en/

Node.js 14.17.4 is a security update.
https://nodejs.org/en/

Node.js 12.22.4 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.59 improves extensions, finalizes the Testing API, adds Remote Containers, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.14 resolves dozens of bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.26-145957 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.14.2 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 3.5.2 resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.3 is a security update.
https://drupal.org/download

HumHub 1.9.0 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

MailArchiva 8.1.0 resolves several bugs. This is not a security update.
https://mailarchiva.com/

Nextcloud Server 22.1.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

ownCloud Server 10.8 resolves dozens of bugs. This is not a security update.
https://owncloud.org/install/

phpList 3.6.4 improves compatibility. This is not a security update.
https://www.phplist.org/

ScreenConnect 21.10.4238.7885 resolves a couple bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.8 integrates Blocks into Widget logic, adds new patterns, and styles. This is not a security update.
https://wordpress.org/

Antispam Bee 2.10.0 resolves several bugs. This is not a security update.

Autoptimize 2.9.0 improves customization and controls. This is not a security update.

BuddyPress 9.0.0 improves compatibility, block support, and resolves several bugs. This is not a security update.

Contact Form 7 5.4.2 resolves several bugs. This is not a security update.

Interactive World Map 3.1.9.1 improves compatibility. This is not a security update.

myStickymenu 2.5.6 resolves several bugs. This is not a security update.

Postie 1.9.56 resolves a couple bugs. This is not a security update.

Redirection 5.1.3 resolves a couple bugs. This is not a security update.

Slider Revolution 6.5.6 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Social Post Feed 2.19.3 improves compatibility. This is not a security update.

Sucuri Security 1.8.27 improves compatibility. This is not a security update.

Visual Composer 38.0 resolves several bugs. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.6 resolves several bugs. This is not a security update.

WooCommerce 5.5.2 resolves several bugs. This is not a security update.

WordPress Zero Spam 5.0.13 resolves several bugs. This is a security update.

WP Mail SMTP 3.0.3 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/