Updates 2021-08-10

Posted on August 10, 2021 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for August, 2021. It’s a big one. There have been a series of Apple, Microsoft, and various hardware vulnerabilities, as well as the quarterly Oracle updates that kept the industry hopping. Couple that with Black Hat 2021 last week, which kept reminding us how poorly those who design our technology have done and continue to do.

This Month in Technology

Apple devices via Pegasus, IOMobileFrameBuffer, and Wi-Fi names, Atlassian, Charming Kitten (hacking group), Cloudstar, cdnjs, FortiNet FortiManager and FortiAnalyzer, HP (and Samsung and Xerox) printer driver, Illinois State Police, Linux via Sequoia, Pulse Connect Secure, SonicWall Secure VPN, Swisslog Healthcare’s Translogic PTS, VMware ESXi, Windows via a SAM security bug, Hello, PrintNightmare (x3+), and PetitPotam, and a new exploit method for wiretapping DNS.

Apple announced a new feature where they scan your content “only” for images of child exploitation provided by an unaccountable third-party, while they assure their customers’ “screeching voices” that they won’t allow governments to directly access the data or feed the database or algorithms (uh-huh), just remember that this is the same company that vowed to silence online dissent and already works with governments to expose their users’ activity. Oh, and they’re launching their own VPN service which they claim even they won’t know what you’re using it for. Wink, wink.

While I’m on the subject of VPNs, Windscribe (a “secure” VPN service) servers were seized and were discovered to not use encryption. Talk about a false promise of privacy!

Now let’s do security. If you still thought Avast (the “get hacked every year” anti-virus company) was worth anything, knowing that Norton (the “we’ll just run our own crypto mining software on your hardware and you can pay us for it” people) was in talks to buy them for about $8B should make your skin crawl. Zoom lost an $85 million class-action cybersecurity lawsuit, and Colonial Pipeline is being targeted now.

The US Federal Government received a C- grade for their IT security. Half of the agencies tested received D grades. These are the same agencies that recently made a claim about the most secure election in history. Pay no attention to the missing 95% of ballots or remote access to voting machines. Or else!

Edward Snowden has a great writeup of physical vs theoretical security concerns,
and another on how the “security” industry is failing everyone. Regular maintenance (of everything!) is critical to technology security. Stale hardware & software are responsible for nearly every security incident. This is what we do and why this newsletter is even being published.

There was a major outage at Akamai that took down a large portion of the Internet.

Google broke ChromeOS twice this month for many users, once by preventing users from being able to login due to a single character coding error. I’m reminded of a Mark Twain quote: “Be careful about reading health books. You may die of a misprint.”

The thing about someone willing to buy your ransomware: when they feel wronged they’re likely to betray your ransomware gang.

Amazon is losing employees while CNN is firing them. Property owners are being ripped off by the state, and their tenants. There are child predators at Disney World.

There’s now a lawsuit over CDC under-counting vaccine deaths, meanwhile they’re over-counting infections, ignoring the risks, downplaying the ineffectiveness of the vaccine-induced herd immunity, and mandating cancer in children. Multiple pharmaceutical giants neglected to keep records of which “vaccines” were placebos and the European Parliament is being held liable for vaccine injuries and deaths. At least there has been victory in Alberta. It’s hard to take them seriously when they’re demonizing free will, treating dictates as law, government agencies are concealing their own violations of international law, mandating doctors violate their medical licenses in order to keep them, while flip-flopping like fish, and imposing prison time for unlawful parading. Would you trust someone with your life who thinks you should be in prison for disagreeing with them? It’s not enough for government to take 13%+ of what you pay at the pump (most gas stations profit is 1% or less) and force you into electric vehicles that they can pull the plug on anytime, they want to charge you for every mile you travel, too, personal or business.

Now for the good news:

Andy’s Mountain Grill & Deli is coming back! Starlink is growing fast and improving reliability and environmental tolerances.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.7.1 and iPadOS 14.7.1, macOS Big Sur 11.5.1, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, watchOS 7.6.1, tvOS 14.7, Safari 14.1.2, and iTunes 12.11.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.7.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 14.7.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.6.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 14.7 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 92.0.4515.130 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Nvidia 471.68 resolves several bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Xerox Smart Start 1.6.25.0 doesn’t provide a changelog so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.27.111 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 92.0.4515.131 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 92.0.902.67 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 91.0 is a security update. Use Help, Check for updates to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.13.0 is a security update. Use Help, Check for updates to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.8.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 4.1.2369.16 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk for macOS 6.3.0 improves scam handling, adds PKG release, and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 7.78.0 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 128.4.2870 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.55.1 resolves a couple bugs. This is not a security update.
https://filezilla-project.org/

Google Earth 7.3.4 is a security update.
https://earth.google.com/

Java 8u301 is a security update.
https://www.java.com/en/download/manual.jsp

Nmap 7.92 resolves dozens of bugs. This is not a security update.
https://nmap.org/

Prosody 0.11.10 is a security update.
https://prosody.im/download/start

PuTTY 0.76 resolves several bugs. This is not a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Rclone 1.56.0 adds many new features, improves compatibility, and resolves several bugs. This is not a security update.
https://rclone.org/

Skype 8.73.0.124 resolves several bugs. This is not a security update.
https://www.skype.com/

Telegram 2.9.0 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 5.19.2 updates libraries and resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.7.4.804 improves notifications and resolves several bugs. This is not a security update.
https://zoom.us/

Email updates

These are unlikely to be of interest to most people.

Thunderbird 78.13.0 is a security update. Use Help, Check for updates to get the most current version.
https://www.thunderbird.net/en-US/

Media Updates

These are unlikely to be of interest to most people.

Flickr Downloadr 3.4.1.1 updates libraries. This is not a security update.
https://flickrdownloadr.com/downloads/

iTunes 12.11.4 is a security update.
https://apple.com/itunes

Plex Media Server 1.23.6.4881 resolves several bugs and improves scanner. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 12.2.12 resolves several bugs. This is not a security update.
https://www.epicgames.com/

Nintendo Switch 12.1.0 improves stability. This is not a security update.

Steam 2021.07.21 resolves a path bug. This is not a security update.
https://www.steampowered.com/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Connect 11.2.3 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-66.html

Adobe Magento Commerce 2.4.3, 2.4.2-p2, and 2.3.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-64.html

Adobe Reader DC 21.005.20060 improves reliability. This is not a security update.
https://get.adobe.com/reader

Atom 1.58.0 improves cosmetics and resolves several bugs. This is not a security update.
https://atom.io/

Audacity 3.0.3 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.2 resolves dozens of bugs. This is not a security update.
https://www.blender.org/download/

Krita 4.4.7 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.1.5 resolves over 50 bugs. This is not a security update. The “Fresh” line is beta software and should be avoided for the stable release.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.0 resolves over 50 bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.2 improves dark mode. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

DNSQuerySniffer 1.85 adds sort menu options and improves high DPI support. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

elementary OS 6 is a major update that integrates several new features and controls and a simplified installer. This is not a security update.
https://elementary.io/

RogueKiller 15.0.9 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.37.2 resolves several books. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Tails 4.21 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD 3.70.51 adds PS5 and Xbox Series X/S to input and resolves several bugs. This is not a security update.
https://www.elgato.com/en/game-capture-software

ScreenToGif 2.33.1 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.4.3 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.0 adds several new filters, improves hardware encoding, resolves several bugs, and updates libraries. This is not a security update.
https://handbrake.fr/

Utility Updates

These are unlikely to be of interest to most people.

Dell Command Update 4.3 is a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 9.15 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

GoodSync 11.8.0 resolves several bugs and improves compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 1.98 improves CLI support. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 3.33 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.2.0.8152 adds several new features, improves performance, updates libraries and resolves bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.4 adds Disk Defrag and resolves a bug. This is not a security update.
https://www.diskpart.com/

ProcDump 10.1 adds an option to specify a dumpfile comment and supports triage dumps. This is not a security update.
https://live.sysinternals.com/

PowerToys 0.43.0 improves stability and accessibility, and resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RDCMan 2.82 resolves a couple bugs. This is not a security update.
https://live.sysinternals.com/

RoboForm 9.1.9 resolves several bugs. This follows shortly after a security update.
https://www.roboform.com/

Rufus 3.15 updates libraries and resolves several bugs. This is not a security update.
https://rufus.ie/en/

Sigcheck 2.82 resolves a stability bug. This is not a security update.
https://live.sysinternals.com/

Synergy 1.14.0 is a security update.
https://symless.com/synergy/

Sysmon 13.23 resolves a stability bug. This is not a security update.
https://live.sysinternals.com/

ZoomText 2021 2021.2107.13.400 adds support for new hardware and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Node.js 16.6.1 resolves several bugs. This build closely follow 16.6.0, which was a security update.
https://nodejs.org/en/

Node.js 14.17.4 is a security update.
https://nodejs.org/en/

Node.js 12.22.4 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.59 improves extensions, finalizes the Testing API, adds Remote Containers, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.14 resolves dozens of bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.26-145957 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.14.2 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 3.5.2 resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.3 is a security update.
https://drupal.org/download

HumHub 1.9.0 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

MailArchiva 8.1.0 resolves several bugs. This is not a security update.
https://mailarchiva.com/

Nextcloud Server 22.1.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

ownCloud Server 10.8 resolves dozens of bugs. This is not a security update.
https://owncloud.org/install/

phpList 3.6.4 improves compatibility. This is not a security update.
https://www.phplist.org/

ScreenConnect 21.10.4238.7885 resolves a couple bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.8 integrates Blocks into Widget logic, adds new patterns, and styles. This is not a security update.
https://wordpress.org/

Antispam Bee 2.10.0 resolves several bugs. This is not a security update.

Autoptimize 2.9.0 improves customization and controls. This is not a security update.

BuddyPress 9.0.0 improves compatibility, block support, and resolves several bugs. This is not a security update.

Contact Form 7 5.4.2 resolves several bugs. This is not a security update.

Interactive World Map 3.1.9.1 improves compatibility. This is not a security update.

myStickymenu 2.5.6 resolves several bugs. This is not a security update.

Postie 1.9.56 resolves a couple bugs. This is not a security update.

Redirection 5.1.3 resolves a couple bugs. This is not a security update.

Slider Revolution 6.5.6 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Social Post Feed 2.19.3 improves compatibility. This is not a security update.

Sucuri Security 1.8.27 improves compatibility. This is not a security update.

Visual Composer 38.0 resolves several bugs. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.6 resolves several bugs. This is not a security update.

WooCommerce 5.5.2 resolves several bugs. This is not a security update.

WordPress Zero Spam 5.0.13 resolves several bugs. This is a security update.

WP Mail SMTP 3.0.3 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-10-13

Posted on October 13, 2020 by Shawn K. Hall

Welcome back, Folks!

Today is Patch Tuesday for October 2020.

This Month in Technology

For those in our local community, the biggest news is that AT&T has abandoned DSL in rural America, reducing Internet access options even further for our friends and neighbors.

The US Treasury has announced that it is now illegal to pay your federal taxes.

The Universal Health Services was hacked (all 400+ locations!) and infected with ransomware, so was Software AG, the U.S. Department of Veterans Affairs (VA) was hacked again, the Department of Homeland Security (DHS) was hacked, the Las Vegas school system was hacked – and since they didn’t pay the ransom student details were leaked, Docsketch was hacked, and the United Nations (UN) International Maritime Organization was hacked. Razer made a boo-boo, and even coffee makers are now being used for ransomware distribution. Grindr was hacked, Microsoft’s Windows XP source code was leaked, almost any current iPhone can be listened into from 20 feet away using only an AM radio, and access to your RMM (Remote Monitoring and Management) is being sold to attackers. Evidence exists that your anti-virus is helping the bad guys, and BitDefender is still weak security.

Facebook has been hacked (for years), Facebook for Android has been hacked again, Office 365 & Outlook have been down repeatedly over the last month, Fitbit malware – distributed by Fitbit – can be used to take over your internal network and exfiltrate your data to the web, Bluetooth is still the weakest wireless link, your Comcast XR11 TV remote can be used to listen in to your conversations, BitLocker encryption is vulnerable to a sleep-mode bypass (aka, yet another reason not to use sleep mode), HP Device Manager flaw is a big deal, but not as big a deal as Windows Error Reporting being used to infect your PC.

Apple’s initial iOS 14 release killed batteries on many iPhones, (so did the recent ChromeOS update), Apple’s latest security fix (10.15.7) can kill performance on your Mac, but only if you use Mac software (rolls eyes). Hint: disable and re-enable Find My Mac to fix it. And that’s nothing compared to their T2 security chip vulnerability.

“The” secure reimplementation of BIOS, UEFI, was designed to make security at boot a thing of beauty and prevent third-parties from being able to hijack the boot process. Unfortunately, it simply provided a false sense of security.

2FA via SMS is also a much lower fruit than many realize, but not nearly as bad as SSO.

Many others have joined in the case against Apple & Google’s rent-seeking, who charge significantly more for their “services” than even the federal government, but portray themselves as victims. Insane rules and hypocritical requirements force developers to charge for free services or force users out of their application in order to even be allowed into the Apple ecosystem. What can we really expect from a SF bay area “green” company that lies about their recycling program? Hopefully the courts will use Apple’s own words against them, in that Apple claims that their AppStore is a place to “reliably” download “safe” apps.

Former Facebook data scientist exposes her complicity with atrocities and abuse by governments and MNCs.

The Supreme Court heard arguments on the Oracle v Google IP fight suffered the same problem that most legal battles over technology do: poor arguments. Google’s defense failed to explain the distinctive nature of APIs as guides rather than code. Sure, they provide access to the functionality of the code, but are not, in and of themselves, code. The entire argument could be easily equated to vehicles. One does not need to know nor expose the specific design of a Ferrari 911 to know that the vehicle should stop at a stop sign nor yield at a yield sign. The vehicle itself (code – reasonably subject to IP) can operate on any road as long as the traffic signs (APIs) are in place. The signage is consistent across most of the world, even where languages differ greatly. So should the APIs be universally available.

In the current world of tech censorship and cancel culture, nobody can really argue against the necessity for Section 230 to be revised. However, most calls for revision would create an even more abhorrent system where public discourse can not be held without risk of liability to completely unrelated parties.

If you take government money, you are subject to the same rules as government, so says RFK, Jr.

In the new “get woke, go broke” era, it should come as no surprise that when you pander to racists and terrorists, you will be investigated.

Research shows that the lockdowns were not only anti-science, but caused far more harm than the virus itself. On the subject of fraud, are we still supposed to believe that the government’s “kill a fly with a nuke” response to COVID is really all the result of bats in an Asian wet market or that masks actually do anything at all?

One would think fraud would be front page news, but the MSM is much more likely to ignore than acknowledge it. To paraphrase Stalin, “A single case of fraud is a tragedy; a million cases are just a statistic.”

The moment I read that Nintendo’s lawyers said Joy-Con Drift “wasn’t a real problem” I knew they would be sued.

Now for the good news – since I’m making up for last month, I’ll give you three:

Adobe Flash will finally be dead in only 79 days.

Free, limitless power from graphene could literally change everything.

A “vaccine” of sorts has been developed to protect against some forms of ransomware.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Flash, and MSRT (~ 1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.0.1 and iPadOS 14.0.1, tvOS 14.0.2, Safari 14.0, watchOS 7.0.2, macOS Catalina 10.15.7, macOS Mojave 10.14.6, macOS High Sierra 10.13.6, iCloud for Windows 7.21, iCloud for Windows 11.4, iTunes for Windows 12.10.9, and Xcode 12.0. These are security updates.

iOS 14.0.1 is a security update. Use Settings, General, Software Update to install the most current version. This version also adds the Orwellian contact tracing feature at the system level. While “disabled” by default, you may validate that it is disabled in Settings, Privacy, Health, COVID-19 Exposure Logging, and turn off Exposure Logging.

iPadOS 14.0.1 is a security update. Use Settings, General, Software Update to install the most current version.

tvOS 14.0.2 is a security update. Use Settings, General, Updates to install the most current version.

watchOS 7.0.2 is a security update. Use your updated iPhone to install the most current version through the Watch app.

Adobe Flash Player 32.0.0.445 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google has released security updates for Android 9 and 10 which will gradually be published by individual vendors and available to you in the coming weeks. This version also adds the Orwellian contact tracing feature. Disabling Location and Bluetooth will disable the current version of contact tracing.

Google Chrome OS 85.0.4183.133 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (2004) is a huge (about 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.3.3 improves removal of DCH CP on older builds of Windows. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 8.30.310 resolves several bugs adds profiles for Zoom and MS Teams. This is not a security update.
https://www.logitech.com/en-us/product/options

Logitech Options (macOS) 8.30.293 resolves several bugs adds profiles for Zoom and MS Teams. This is not a security update.
https://www.logitech.com/en-us/product/options

nVidia 456.71 adds support for new hardware and improves support for COD beta and other games. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Crucial Storage Executive 6.06 doesn’t provide a changelog so should be treated as a a security update.
https://www.crucial.com/support/storage-executive

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.15.72 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 86.0.4240.80 is a security update. Use Menu, Help, About to install the most current version.

Microsoft Edge 86.0.622.38 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 81.0.2 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 78.3.1 is a security update. Use Menu, Help, About to install the most current version.

SeaMonkey 2.53.4 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 3.3.2022.47 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.3.2 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 107.4.443 resolves bugs and adds more. This is not a security update.
https://www.dropbox.com/

Zoom 5.3.53291.1011 changes automatic update behavior, and improves poll and link behaviors. This is not a security update.
https://zoom.us/

Prosody 0.11.7 is a security update.
https://prosody.im/download/start

FreeFileSync 11.2 resolves several bugs, improves layout and key bindings. This is not a security update.
https://www.freefilesync.org/download.php

Nmap 7.91 adds support for new profiles and fingerprints, and resolves several bugs. This is a security update.
https://nmap.org/

Npcap 1.00 resolves two minor bugs. This is not a security update.
https://nmap.org/npcap/

Technitium DNS Server 5.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.6 improves sensitivity calculations, light focal management, and resolves several bugs. This is not a security update.
https://en.3tene.com/

iTunes for Windows 12.10.9 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.10.07 resolves several bugs. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.9 adds several new features and fixes over a dozen bugs. This is not a security update.
https://notepad-plus-plus.org/

Adobe Reader DC 20.012.20048 resolves several bugs. This is not a security update.

Artweaver 7.0.7 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.52.0 updates libraries and resolves several bugs. This is not a security update.
https://atom.io/

Blender 2.90.1 resolves several bugs. This is not a security update.
https://www.blender.org/download/

Lightworks NLE 2020.1.1 resolves several bugs. This is not a security update.
https://www.lwks.com/

Microsoft Office for Mac 2016/2019 is a security update.

Krita 4.4.0 improves fill layers, multigrid, screentone, brushes, API improvements and more. This is a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.0.2 resolves over a hundred bugs. This is a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.0.2 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

OpenSSL 1.1.1h resolves several bugs and improves compatibility. This is not a security update.
https://www.openssl.org/source/

KeePass 2.46 adds several features including TLS 1.3 and mass edit capabilities, as well as resolving bugs, and other improvements. This is not a security update.
https://keepass.info/

RogueKiller 14.7.3 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.0.8 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.30.4 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.27.3 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2020.1.5 resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.0.1 is a major update with several improvements. This version improves the GUI and adds several new output profiles. This is not a security update.
https://www.dvdfab.cn/download.htm

AVStoDVD 2.8.9 resolves several bugs, improves performance and updates libraries. This should be treated as a security update.
https://sites.google.com/site/avstodvdmain/

MakeMKV 1.15.3 resolves several bugs, introduces TOR/VPN support, adds support for new stream types. This is not a security update.
https://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.6.785 resolves a bug. This is not a security update.
https://1password.com/downloads/windows/

Beyond Compare 4.3.7.25118 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 1.22.2 resolves bugs. This should be treated as a security update.
https://bitwarden.com/

CCleaner 5.72.7994 resolves several bugs and improves compatibility. This is not a security update.
https://www.ccleaner.com/

CPU-Z 1.94 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 7.95 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.72 resolves an output bug. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Etcher 1.5.109 is a security update.
https://www.balena.io/etcher/

Everything 1.4.1.992 is a security update.
https://www.voidtools.com/

GoodSync 11.3.8 resolves several bugs. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 2.51 resolves bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 1.7.0 improves messaging. This is not a security update.
https://lessmsi.activescott.com/

MS ISO Downloader 8.40 adds support for new Dell models and images, new Win10 builds and adds hash reporting to images. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 2.0.0.7656 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 8.10 improves display and startup. This is not a security update.
https://www.diskpart.com/

PSAppDeploy 3.8.3 adds several new features and resolves bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 8.9.4 resolves several bugs, including the QuickBooks compatibility issue that prevented display of registers and Chrome that caused freezes.
https://12pd.com/click?rf

Process Monitor 3.60 adds support for multiple filter item selection and decoding for new file system control operations and error status codes. While not a security updates, this improves the analytical data collection, thus increasing security awareness.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Procdump 10.0 adds support for dump cancellation and CoreCLR processes. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procdump

Sysmon 12.0 resolves several bugs and adds support for capturing clipboard operations. While not a security updates, this improves the analytical data collection, thus increasing security awareness.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

SysInternals released new builds of many of their applications, as well as ARM versions. While the changes on many of the updates are poorly documented and SysInternals apps are generally more secure than apps distributed elsewhere, you should assume that any updates have security ramifications. If they’re not security updates, they may improve the context or analytical data that is exposed, thus increasing the security awareness of the tools.
https://live.sysinternals.com/

TeamViewer 15.10.5 resolves a licensing bug. This is not a security update.
https://www.teamviewer.com/en/download/windows/

USBDeview 3.01 adds an option to copy the contents of the active cell. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

USB Oblivion 1.14.0.0 addes support for new modules. This is not a security update.
http://www.cherubicsoft.com/en/projects/usboblivion

WifiChannelMonitor 1.65 adds support for detection of new protocols. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.65 adds support for detection of new protocols. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WirelessKeyView 2.20 adds support for displaying WiFi QR Codes. This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

WinGet 0.2.2521 updates libraries and adds new verbs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 6.06 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 4.1.0.19 integrates database and emulation, improves diagnostics, and resolves several bugs. This is not a security update.
https://developer.android.com/studio

Godot 3.2.3 resolves over a hundred bugs and improves stability. This is not a security update.
https://godotengine.org/

Node.js 14.13.1 resolves several bugs. This is a security update.
https://nodejs.org/en/

Node.js 12.19.0 updates libraries, and resolves dozens of bugs. This is a security update.
https://nodejs.org/en/

Visual Studio Code 1.50 improves accessibility features, pinned tabs, adds ARM support, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

TortoiseGit 2.11.0 updates libraries and resolves several bugs. This is not a security update.
https://tortoisegit.org/

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.12.0 adds image embedding and resizing, improved scheduling capabilities, library updates and bug fixes. This is not a security update.
http://dadamailproject.com/

Drupal 9.0.7 resolves dozens of bugs. This is a security update.
https://drupal.org/download

Docker Desktop 2.4.0.0 updates libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Nextcloud Server 20.0.0 updates libraries, adds a new dashboard, Talk bridging support, and several other new features and improvements. This is not a security update.
https://nextcloud.com/

HumHub 1.6.4 is a security update.
https://www.humhub.com/en/download

Joomla 3.9.22 resolves several bugs. This is not a security update.
https://www.joomla.org/

OpenPetra 2020.09 resolves several bugs. This is not a security update.
https://www.openpetra.org/

phpMyAdmin 4.9.6 and 5.0.3 are security updates.
https://www.phpmyadmin.net/

Autoptimize 2.7.8 is a security update.

BuddyPress 6.3.0 resolves bugs. This is not a security update.

Email Log 2.4.3 adds a new filter and enhances nonce. This is not a security update.

Social Post Feed 2.17 adds support for new embed types. This is not a security update.

WooCommerce 4.5.2 resolves a couple bugs. This is not a security update.

WP Mail SMTP 2.4.0 updates libraries, improves compatibility, and resolves several bugs. This is not a security update.

W3 Total Cache 0.15.1 resolves several bugs. This is not a security update.

WordPress Zero Spam 4.10.2 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2017-05-16

Posted on May 16, 2017 by Shawn K. Hall

Hi, Folks!

It’s not Patch Tuesday, but Apple, Microsoft, Adobe, Google, and more have released updates today.

If you haven’t heard of “WannaCry” then you’re living under a rock. WannaCry is the closest current equivalent to the Code Red worm in the last 15 years. This ransomware uses a known vulnerability for which a patch had been released (three months ago!), to infect computers, encrypt their contents and the contents of network locations, and sell access back to the victim – while also infecting other vulnerable network devices. If you’ve installed your updates within the last three months you’re not vulnerable to the specific network-level vulnerability in SMB that it uses to propagate, but that doesn’t mean you can safely open phishing messages, email attachments or random downloads. The UK NHS was hit hard by this malware primarily because they take almost 6 months to patch their PC hardware that they do support. Some single-purpose devices (MRI machines, for example) are simply never maintained, but are still granted network access. Sigh. Don’t do that.

The vulnerability exploited by WannaCry was first divulged by Shadow Brokers when they released a trove of hacking tools created and used by the NSA. In fact, one of the tools WannaCry utilizes is the same ETERNALBLUE exploit directly from the NSA toolset. This is not a coincidence. These tools were written specifically to be universally effective and able to be repurposed at will for additional access. It should come as no surprise that when a government agency is hacked, the tools they created are released and the public suffers as a result.

If a positive side to this event can exist, it’s that Microsoft actually released a security update for Windows XP to address the vulnerability. Since XP has been End-of-Life for years, this is really surprising.

The lesson everyone should take from this event, but particularly businesses and government agencies, is that the turnaround time for malware authors is much lower than they think. Delaying or even ignoring security updates because “it won’t happen to us” is foolhardy at best and welcomes disaster. You should have sufficient skilled IT staff to be able to fully test and roll out any security updates within days, not months. If that’s not possible, you should at least hire a good PR firm and have the releases prepared in advance so you can spin your incompetence in the news when you are inevitably hacked later.

Okay, back to our regularly scheduled program.

The typical computer should see approximately 300mb of updates. Let’s get started.

Microsoft released updates for Windows and .NET, including Windows XP!

Apple released macOS 10.12.5, Security Update 2017-002, iTunes 12.6.1, Safari 10.1.1, and iCloud for Windows 6.2.1. Use the Apple App Store or Apple Software Update to install the most current versions.

Apple iOS 10.3.2, watchOS 3.2.2 (and 3.2.1), and tvOS 10.2.1 are security updates. Use Settings, General, Updates to install the most current version.

Google Chrome OS 58.0.3029.112 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 7.36.0.101 improves quality and resolves several bugs. This version also imposes a requirement for a newer MSVCRT, which may trigger problems on any OS prior to the Windows 10 Creators Update (1703). If you receive an MSVCRT error upon running Skype after updating, download the current version of the MSVCRT.
https://12pd.com/click?skype

BrowsingHistoryView 2.05 adds ability to load history from remote device when full admin rights exist to remote device.
http://www.nirsoft.net/utils/browsing_history_view.html

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.6.1 is a security update. Use Apple Software Update to install the most current version.

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.4 adds document peeking, bug fixes, and reliability improvements.
https://12pd.com/click?npp

Security Software Updates

One or more of these is likely to be of interest to most people.

Wireless Network Watcher 2.12 improves reliability on devices with multiple wireless network adapters. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 12.10.9 adds detections. This is not a security update.
http://www.adlice.com/softwares/roguekiller/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 10.0.3.9 adds support for newer protections, incorporates BDInfo. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

GSmartControl 0.9.0 resolves several bugs, improves reliability and stability, adds newer hardware support, and improves drive type detection. This is not a security update.
http://gsmartcontrol.sourceforge.net/home/index.php/

Everything 1.4.1.873b resolves several bugs, and adds pause/resume capability. This is not a security update.
http://www.voidtools.com/

CCleaner 5.30.6063 improves cleaning, SSD detection, and resolves several bugs. This is not a security update.
https://12pd.com/click?ccleaner

Rufus 2.15 improves compatibility with Windows 10 v1703, updates libraries, resolves several bugs. This should be treated as a security update.
http://rufus.akeo.ie/

WinScan2PDF 3.46 improves hardware support. This is not a security update.
http://www.softwareok.com/?seite=Microsoft/WinScan2PDF

ProcDump 9.0 adds multiple dump sizes, and Kernel Dump process association. This is not a security update.
http://sysinternals.com/

Autoruns 13.71 adds Microsoft HTML Application Host (mshta.exe) as hosting image so it displays the hosted image details, and now doesn’t apply filters to hosting images. This is not a security update.
http://sysinternals.com/

BgInfo 4.22 honors applocker policy for VB scripts specified as the source of field data. This is not a security update.
http://sysinternals.com/

LiveKd 5.62 is now signed with a certificate trusted by Win7. This is not a security update.
http://sysinternals.com/

Process Monitor 3.33 resolves several bugs, and is now signed with certificate trusted by Win7. This is not a security update.
http://sysinternals.com/

Process Explorer 16.21 resolves a bug with VT support, and is now signed with a certificate trusted by Win7. This should be treated as a security update.
http://sysinternals.com/

Web Package Updates

These are likely to be of interest only to web developers.

SMF 2.0.14 is a security update. This version also changes PHP requirements, so if the upgrade will not complete try upgrading PHP first then upgrade SMF.
http://download.simplemachines.org/

TinyMCE 4.6.1 resolves several bugs. This is not a security update.
http://www.tinymce.com/download/

WordPress 4.7.5 is a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2016-12-13

Posted on December 13, 2016 by Shawn K. Hall

Hi, Folks!

It’s Patch Tuesday.

The typical computer should see roughly 1.6gb in updates today. The new MS update engine will help if you’re using the peer-to-peer features on *local* networks, or it will kill your performance if it’s touching the ‘net. The new release cycle of 1gb blobs is great for mass distribution, but chews through bandwidth if you’re not peering it for other devices on your LAN. Adobe has released 10 separate security updates today – still not remotely close to Oracle Tuesday last month, but more people use Adobe products than Oracle’s. The other updates run the gamut: every browser and almost everything from Chrome OS to WordPress. Let’s get started.

Microsoft released updates to Windows, Office, .NET, Edge, IE, Flash, Exchange, AAD, TZData, Uniscribe, SSPI and MSRT (~1.25gb). This includes security updates. A reboot is required. NOTE: For some devices a second update+reboot cycle will be necessary!

Apple released updates for OS X, macOS, Safari, iTunes, iCloud for Windows, iOS, Transporter, watchOS, and tvOS. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 10.2 is a security update. Use Settings, General, Software Update to install the most current update.

Google Chrome OS 55.0.2883.87 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 24.0.0.186 is a security update. Flash is being actively replaced with HTML5 on most sites and services, however, so unless you’re 110% positive you need it for critical functions, you should remove it instead. And, within those browsers that have it embedded (Chrome, Edge, Internet Explorer 11+) disable it. It’s just not worth the risk.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Adobe AIR 24.0.0.180 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.4.0 adds support for newer hardware. This is not a security update.
http://www.wagnardsoft.com/

Intel Driver Update 2.6.2 adds support for additional hardware, improves performance and fixes several bugs. This is not a security update.
http://www.intel.com/p/en_US/support/detect

Samsung Kies3 201611 doesn’t provide a changelog, so should be treated as a security update.
http://www.samsung.com/us/support/owners/app/kies

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 55.0.2883.87 is a security update. Use Menu, Help, About to install the most current version.

Firefox 50.0.2 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 2.96 resolves a stability bug. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 45.5.1 is a security update. Use Menu, Help, About to install the most current version.
http://www.mozilla.org/en-US/thunderbird/

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 7.30.85.103 adds several new features. This is not a security update.
https://12pd.com/click?skype

iCloud for Windows v6.1 is a security update. Use Apple Software Update to get the most current version.

Mumble 1.2.18 is a security update.
http://wiki.mumble.info/wiki/Main_Page

aria2 1.29.0 fixes several bugs. This is not a security update.
https://aria2.github.io/

WinSCP 5.9.3 is a security update.
http://winscp.net/eng/index.php

uTorrent 3.4.9 Build 42973 fixes several bugs. This is not a security update.
http://www.utorrent.com/downloads

FileZilla 3.23.0.2 fixes several bugs. This is not a security update.
http://filezilla-project.org/

MaxMind GeoIP 201612 is a data refresh. This is not a security update.
http://dev.maxmind.com/geoip/

IPInfoOffline 1.44 updates the internal IP database. This is not a security update.
http://www.nirsoft.net/utils/ip_country_info_offline.html

Flickr Downloadr 2.2.2.3 adds several new features including SSL support, updates libraries, and fixes several bugs. This should be treated as a security update.
https://flickrdownloadr.com/downloads/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.5.4 adds several new compatibility features. This is not a security update. Use Apple Software Update to get the most current version.

CDBurnerXP 4.5.7.6452 improves logging, GUI fixes, and updates libraries. This should be treated as a security update.
http://cdburnerxp.se/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.3.3.1921 adds gifting and security fixes.
https://www.origin.com/en-us/download

Minecraft 1.11 adds several new features and mobs. This is not a security update.
http://www.minecraft.net/

SteamOS 2.98 is a security update and resolves wifi problems for some hardware.
http://store.steampowered.com/steamos/download/?ver=custom

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 16.0.0.112 is a security update.
https://creative.adobe.com/products/download/animate

Adobe Experience Manager Forms 6.2.0.2 is a security update.
https://helpx.adobe.com/security/products/aem-forms/apsb16-40.html

Adobe DNG Converter 9.8 is a security update.
Win: https://www.adobe.com/support/downloads/detail.jsp?ftpID=6108
Mac: https://www.adobe.com/support/downloads/detail.jsp?ftpID=6107

Adobe Experience Manager 6.2.1 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html

Adobe InDesign 12.0.0 is a security update. Patches to previous versions (<=11.4.1) will *not* be made available.
https://helpx.adobe.com/indesign/release-note/indesign-cc-2017.html

Adobe ColdFusion Builder 2016.3 is a security update.
https://helpx.adobe.com/coldfusion/kb/coldfusion-builder-2016-update-3.html

Adobe Digital Editions 4.5.3 is a security update.
https://www.adobe.com/solutions/ebook/digital-editions/download.html

Adobe RoboHelp 2015.0.4 is a security update.
https://www.adobe.com/support/robohelp/downloads.html

Paint.net 4.0.13 fixes several bugs. This is not a security update.
http://www.getpaint.net/

Krita 3.0.1.1 doesn’t provide a detailed changelog, so should be treated as a security update.
https://krita.org/download/krita-desktop/

Notepad++ 7.2.2 fixes several minor bugs. This is not a security update.
https://12pd.com/click?npp

SketchUp 17.1.174 fixes stability and reliability issues, and adds CDT. This is not a security update.
http://www.sketchup.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

EMET 5.52 should always be treated as a security update.
http://www.microsoft.com/emet

MSRT 5.43 is a security update.
http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

Wireshark 2.2.2 is a security update.
http://www.wireshark.org/

Hashcat 3.20 is a major rewrite offering significant security improvements. This is a security update.
http://hashcat.net/hashcat/#downloadlatest

DNSQuerySniffer 1.58 improves logging. This is not a security update.
http://www.nirsoft.net/utils/dns_query_sniffer.html

Wireless Network Watcher 2.03 is a cosmetic improvement. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

OpenSSL Binaries 1.1.0c is a security update.
http://slproweb.com/products/Win32OpenSSL.html

RogueKiller 12.8.5 adds detections and more. This is a security update.
http://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 2.97 improves reliability. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

XSplit Broadcaster 2.9.1611.1622 adds support for more hardware, improves reliability, and various fixes. This is not a security update.
http://www.xsplit.com/get/

XSplit Gamecaster 2.9.1611.1715 adds several new features, improves reliability, and various fixes. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 10.0.1.5 is a major update, offering a new and improved UI, cloud sync, and adds support for new encodings. This is not a security update.
http://www.dvdfab.cn/download.htm

MakeMKV 1.10.3 fixes the auto-path bug, improves reliability and BD+ engine, adds support for new encodings. This is not a security update.
http://www.makemkv.com/download/

MKVToolNix 9.6.0 fixes several bugs, improves subtitle support, and various stability and GUI improvements. Thsi is not a security update.
http://www.videohelp.com/software/MKVtoolnix

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.2.0.4550 improves reliability in TH3, and fixes several bugs. This is not a security update.
https://www.ntlite.com/download/

GoodSync2Go 10.2.4 resolves several bugs, improves reliability. This is not a security update.
https://12pd.com/click?goodsync

RoboForm 7.9.25 resolves One Time Password problem and UI issues. This is not a security update. No, v8 still isn’t ready. 🙁
https://12pd.com/click?rf

DMDE 3.2.0.690 adds several new features including RAID detection, VHD and VHDX support, custom file signature support, SMART reading and more. This is not a security update.
https://dmde.com/

dupeGuru 4.0.3 updates picture cache backend and disables automatic updates on macOS. This is not a security update.
http://www.hardcoded.net/dupeguru/

Easy2Boot 1.87 fixes several bugs. This is not a security update.
http://www.easy2boot.com/download/

Everything 1.4.1.809b fixes several bugs and adds filter functions. This is not a security update.
http://www.voidtools.com/

GPU-Z 1.16.0 fixes a parsing bug. This is not a security update.
http://www.techpowerup.com/downloads/SysInfo/GPU-Z/

LessMSI 1.5.1 fixes several bugs. This is not a security update.
http://lessmsi.activescott.com/

FileLocator Pro 8.1.2682 improves cache size, error reporting, fixes several bugs. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

DriveLetterView 1.46 now supports stdout. This is not a security update.
http://www.nirsoft.net/utils/drive_letter_view.html

FolderChangesView 2.00 adds improved notification support. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html

SearchMyFiles 2.77 improves error reporting. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

SimpleWMIView 1.21 improves logging support. This is not a security update.
http://www.nirsoft.net/utils/simple_wmi_view.html

WhosIP 1.16 improves IPv6 support. This is not a security update.
http://www.nirsoft.net/utils/whosip.html

WirelessKeyView 2.05 adds advanced options to command line support. This is not a security update.
http://www.nirsoft.net/utils/wireless_key.html

OSForensics 4.0.1002 improves task logging, case management, various bug fixes and more. This is not a security update.
http://www.osforensics.com/download.html

CCleaner 5.25.5902 improves browser support, and fixes bugs. This is not a security update.
http://www.piriform.com/ccleaner

Speccy 1.30.730 improves reliability, adds support for new hardware and GUI improvements. This is not a security update.
http://www.piriform.com/speccy

RapidEE 9.1 build 931 fixes several bugs. This is not a security update.
http://www.rapidee.com/en/download

Sysmon 5.0 introduces file create and registry modification logging. This should be treated as a security update.
http://live.sysinternals.com/

Process Explorer 16.20 adds reporting of process Control Flow Guard (CFG) status and dynamically updates to reflect changes to process Data Execution Prevention (DEP) configuration. This is a security update.
http://live.sysinternals.com/

Procdump 8.2 adds a -kill option that terminates a process after its dump completes rather than allowing an exception to pass to Windows Error Reporting (WER), and a -wer switch to copy dumps to the WER queue. This is not a security update.
http://live.sysinternals.com/

LiveKd 5.6 includes a batch-mode option designed for scripted analysis that omits the prompt to re-execute LiveKD after a debugger session terminates. This is not a security update.
http://live.sysinternals.com/

TeamViewer 12.0.71503 fixes several connection problems and crash bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WSUS Offline 10.8.1 updates libraries and superseded updates. This is a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

TortoiseSVN 1.9.5 fixes many bugs. This is not a security update.
http://tortoisesvn.net/downloads.html

MySQL 5.7.17 is a security update.
http://www.mysql.com/downloads/installer/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 12.5.2 is a security update.
http://www.vmware.com/products/player/

VirtualBox 5.1.10-112026 fixes several bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

phpList 3.2.6 fixes several bugs. This is not a security update.
http://www.phplist.com/download

Piwigo 2.8.3 is a security update.
http://piwigo.org/

Plupload 2.2.1 doesn’t provide a changelog, so should be treated as a security update.
http://www.plupload.com/

TinyMCE 4.5.1 adds several new features and many bug fixes. This should be treated as a security update.
http://www.tinymce.com/download/

Drupal 8.2.4 is a security update.
http://drupal.org/download

HumHub 1.1.2 adds several new features and events, fixes dozens of bugs. This is not a security update.
https://www.humhub.org/en/download

phpMyAdmin 4.6.5.2 is a security update.
http://www.phpmyadmin.net/home_page/news.php

WordPress 4.7 fixes several bugs and adds many new features (including keyboard shortcuts and tooltips). This is not a security update.
http://wordpress.org/

bbPress 2.5.12 fixes a role init bug. This should be treated as a security update.

BuddyPress 2.7.3 fixes several bugs. This is not a security update.

Contact Form 7 4.6 makes several improvements for reliability and maintainability. This is not a security update.

NextScripts Social Networks Auto-Poster 3.7.8 adds several new services, fixes bugs. This is not a security update.

Postie 1.8.22 fixes several bugs. This is not a security update.

Redirection 2.5 fixes several bugs. This is not a security update.

Top Commentators Widget 1.5.2 fixes a bug. This is not a security update.

WooCommerce 2.6.9 fixes several bugs. This is a security update.

WordPress Zero Spam 3.0.4 fixes several bugs. This is not a security update.

WPtouch 4.3.9 fixes several bugs. This is not a security update.

Sovrn (was Zemanta) 1.3.2 is a rebrand. This is not a security update.
That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2016-05-10

Posted on May 10, 2016 by Shawn K. Hall

Hi, Folks!

It’s Patch Tuesday.

The typical computer should see roughly 1gb in updates today. Let’s get started.

Microsoft released 16 updates to address vulnerabilities in Windows, Office, Edge, .NET, Internet Explorer, Remote Desktop, and MSRT (~700mb). This includes security updates. A reboot is required.

Apple released updates for Xcode 7.3.1 and Apple Remote Desktop. These are security updates. Use Apple Software Update to install these updates. A reboot is required.

Adobe Flash Player 21.0.0.226 for Mac is a security update.
Mac: https://12pd.com/click?flashmac
Adobe will be releasing Flash updates again on Thursday, and may release AIR updates then as well.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Driver Updates

If you’re using this hardware – these updates are for you.

Intel Driver Update 2.5 is a security update.
http://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 50.0.2661.94 is a security update. Use Menu, Help, About to install the most current version.

Opera 37 is a security update. Use Menu, Help, About to install the most current version.

Firefox 46.0.1 is a security update. Use Menu, Help, About to install the most current version.

HTTrack 3.48.22 is a security update.
http://www.httrack.com/page/2/en/index.html

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.20 adds several new features and improvements. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

OutlookAttachView 2.92 fixes several bugs. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 45.0.0 is a security update. Use Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 7.23.0.105 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?skype

Mumble 1.2.16 doesn’t provide a changelog, so should be treated as a security update.
http://wiki.mumble.info/wiki/Main_Page

aria2 1.22.0 improves threading and fixes bugs. This is not a security update.
https://aria2.github.io/

DynDNS Updater 5.3.0 adds CLI support and ability to opt-out of DynDNS recursive DNS.
https://www.dyndns.com/

Dropbox 3.20.1 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?dropbox

Evernote 6.0.6.1769 fixes several bugs. This is not a security update.
http://www.evernote.com/

FileZilla 3.17.0.1 is a security update.
http://filezilla-project.org/

FreeNAS 9.10 is a security update.
http://www.freenas.org/download-freenas-release.html

MaxMind GeoIP 201605 updates data. This is not a security update.
http://dev.maxmind.com/geoip/geolite

IPInfoOffline 1.43 updates internal database and fixes a selection bug. This is not a security update.
http://www.nirsoft.net/utils/ip_country_info_offline.html

IPNetInfo 1.72 fixes a selection bug. This is not a security update.
http://www.nirsoft.net/utils/ipnetinfo.html

Codec Updates

One or more of these are likely to be of interest to everyone.

Vista Codec Package 7.1.0 is a security update.
http://shark007.net/vistacodecpackage.html

Media Updates

These are unlikely to be of interest to most people.

Plex Media Server 0.9.16.6.1993 updates services and media flags. This is a security update.
https://plex.tv/downloads/1/archive

Game Updates

These are unlikely to be of interest to most people.

EA Origin 9.12.1.43352 is not a security update.
https://www.origin.com/en-us/download

SteamOS 2.70 is a security update.
http://store.steampowered.com/steamos/download/?ver=custom

Office Updates

One or more of these are likely to be of interest to most people.

IcoFX 2.13 fixes several bugs. This is not a security update.
http://icofx.ro/

Adobe Reader 11.0.16 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Reader DC Patch 15.016.20039 is a security update. Use Help, Check for Updates to install the most current version.

FrameMaker 2015.0.3.1 is a security update.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=6047

Security Software Updates

One or more of these is likely to be of interest to most people.

Bitmessage 0.6.0 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?bitmessage

OpenSSL 1.0.2h is a security update.

Avast! Home Edition 11.2.2262 fixes crashes, stability and excess logging. This should be treated as a security update.
http://www.avast.com/free-antivirus-download

Wireshark 2.0.3 is a security update.
http://www.wireshark.org/

Junkware Removal Tool 8.0.6 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.malwarebytes.org/junkwareremovaltool/

MalwareBytes’ Anti-Exploit 1.08.1.1196 is a security update.
https://www.malwarebytes.org/antiexploit/

MSRT 5.36 is a security update.
http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

Wireless Network Watcher 1.97 improves display options. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

OSFClone 1.1.1001 fixes bugs. This is a security update.
http://www.osforensics.com/tools/create-disk-images.html

RogueKiller 12.2.0 is a security update.
http://www.adlice.com/softwares/roguekiller/

SuperAntiSpyware 6.0.1218 is a security update.
http://www.superantispyware.com/download.html

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 2.96 fixes bugs. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

CDex 1.81 fixes several bugs. This is not a security update.
http://cdex.mu/?q=download

MakeMKV 1.9.10 adds support for newer media, fixes bugs. This is not a security update.
https://12pd.com/click?makemkv

DVDFab 9.2.3.9 adds support for newer media, fixes bugs. This is not a security update.
http://www.dvdfab.cn/download.htm

MKVToolNix 9.1.0 fixes several bugs. This is not a security update.
http://www.videohelp.com/software/MKVtoolnix

AVStoDVD 2.8.4 is a security update.
https://sites.google.com/site/avstodvdmain/

Utility Updates

These are unlikely to be of interest to most people.

Java 8u91 is a security update. If you are not 100% sure you require Java (not JavaScript!), remove it instead of updating.
http://www.java.com/en/download/manual.jsp

SpaceSniffer 1.3.0.0 is a security update.
http://www.uderzo.it/main_products/space_sniffer/

7-Zip 16.00 adds multi-volume Zip support, fixes bugs. This is not a security update.
http://www.7-zip.org/

Bitcoin 0.12.1 fixes several bugs. This is not a security update.
http://bitcoin.org/en/download

Cygwin 2.5.1 is a security update.
http://cygwin.com/

GSmartControl 0.8.7 fixes several bugs. This is not a security update.
http://gsmartcontrol.sourceforge.net/home/index.php/

Drive Snapshot 1.44 adds support for Windows 10, and cleaner restore. This is not a security update.
http://www.drivesnapshot.de/en/

ImageUSB 1.3.1001 doesn’t provide a changelog so should be treated as a security update.
http://www.osforensics.com/tools/write-usb-images.html

FileLocator Pro 8.0.2651 improves installer, fixes bugs. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

DiskSmartView 1.20 adds support for external USB drives, improved SMART data parsing, and improved refresh. This is not a security update.
http://www.nirsoft.net/utils/disk_smart_view.html

DriveLetterView 1.42 adds Cluster Size and 64-bit build. This is not a security update.
http://www.nirsoft.net/utils/drive_letter_view.html

FolderChangesView 1.87 adds change-monitoring export support. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html

NetworkTrafficView 2.02 improves display options. This is not a security update.
http://www.nirsoft.net/utils/network_traffic_view.html

SimpleWMIView 1.16 improves display options. This is not a security update.
http://www.nirsoft.net/utils/simple_wmi_view.html

WakeMeOnLan 1.76 improves Windows 8 and Windows 10 compatibility. This is not a security update.
http://www.nirsoft.net/utils/wake_on_lan.html

WhosIP 1.15 adds IPv6 support. This is not a security update.
http://www.nirsoft.net/utils/whosip.html

WifiChannelMonitor 1.42 improves display options. This is not a security update.
http://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.00 improves display options. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

CCleaner 5.17.5590 fixes several bugs, improves application support. This is not a security update.
https://12pd.com/click?ccleaner

Sysmon 4.0 improves filtering. This is not a security update.
http://sysinternals.com/

Procdump 8.0 improves support for lightweight reflection dumps, and other fixes. This is not a security update.
http://sysinternals.com/

Sigcheck 2.51 is a security update.
http://sysinternals.com/

TeamViewer 11.0.59131 adds chat support, display improvements, fixes bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WSUS Offline 10.6.2 fixes several bugs. This is a security update.
http://download.wsusoffline.net/

Seagate DiscWizard 18.0.6030 doesn’t provide a changelog, so should be treated as a security update.
http://www.seagate.com/support/downloads/item/discwizard-master-dl/

Remix OS 2.0.205 fixes several bugs and adds storage options. This is not a security update.
http://www.jide.com/en/remixos-for-pc#downloadNow

Developer Updates

These are unlikely to be of interest to most people.

TortoiseSVN 1.9.4 is a security update.
http://tortoisesvn.net/downloads.html

Redemption 5.11.0.4476 fixes CTR bugs, adds several new features. This is not a security update.
http://www.dimastr.com/redemption/

StrawberryPerl 5.22.2.1 updates Core and common modules. This is a security update.
http://strawberryperl.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 12.1.1 is a security update.
http://www.vmware.com/products/player/

VirtualBox 5.0.20-106931 fixes several bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

ColdFusion 2016.1, 11.8 and 10.19 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html

Piwigo 2.8.1 is a security update.
http://piwigo.org/

TinyMCE 4.3.12 fixes several bugs. This is not a security update.
http://www.tinymce.com/download/

Drupal 8.1.1 fixes bugs. This is not a security update.
http://drupal.org/download

MailEnable 9.12 fixes bugs, improves reliability and web admin. This is not a security update.
http://www.mailenable.com/

phpMyAdmin 4.6.1 fixes bugs. This is not a security update.
http://www.phpmyadmin.net/home_page/news.php

WordPress 4.5.2 is a security update.

bbPress 2.5.9 improves user mentions behavior.

Contact Form 7 4.4.2 improves validation, updates language support. This is not a security update.

Email Log 1.8.2 improves logging and parsing. This is not a security update.

Postie 1.7.32 improves header parsing. This is not a security update.

Really Simple CAPTCHA 1.9 is a security and stability update.

WPtouch 4.1.3 fixes several bugs. This is not a security update.

Zemanta 1.3.1 improves performance. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/