Welcome back, Folks!
Today is Patch Tuesday for November, 2022.
This month brings a new major version of macOS (13/Ventura) and a new major version of Windows 10. That’s on top of the nearly 100 major hacks, and over 130 application updates this month. Well, not really this month, since there were many more published on Oct 18th in the last newsletter. There is an OpenSSL security update, so almost every network or internet capable application has a security update right now. There should be about 4.5 GB of updates for most users.
This Month in Technology
Abode Iota All-In-One Security Kit, Advanced, Advocate Aurora Health, Amazon, Argentinian Armed Forces Joint Chiefs of Staff, Ascension St. Vincent’s Coastal Cardiology, AstraZeneca, Atacama Large Millimeter Array (ALMA) Observatory, Aurubis, Australian Clinical Labs, various auto key fobs, Aveanna, Azure Cosmos DB, Bed, Bath & Beyond, Blue Cross and Blue Shield of Kansas, Bulgarian Government, Choice Health Insurance LLC, Cisco AnyConnect, CommonSpirit Health, Consorci Sanitari Integral, Defense Health Headquarters, Deribit, DESORDEN GROUP, Doomworld, DropBox, E-Pal, EnergyAustralia, Eventus WholeHealth, PLLC, Fontainebleau Development Health and Welfare Plan, Hackney Council, Heilbronn Stimme, HH/Killeen Health System, LLC, India metro, Indianapolis Housing Agency, Iranian Atomic Energy Organization, Jeppesen, Keystone Health in Pennsylvania, Legal Aid ACT, Lolzteam, Louisiana Department of Public Safety and Corrections, Mango Markets, Maple Leaf Foods, Massengale Eye Care, Massy Stores, MBDA, Medibank, Medlab Pathology, METRO, Microsoft, Mid-Westchester Anesthesia Services PC, Moola Market, MyDeal, Nelnet Servicing, New Mexico Regulation and Licensing Department, New York Post, Osaka Acute and General Medical Center, Pendragon Group, Phoenix Programs of Florida, Inc., Poland Parliament, Premier Physical Therapy and Sports Performance, LP, Presbyterian Healthcare Services, Primary Anesthesia Services, Pynenberg & Scheske DDS, SC, RecordTV, Regions Hospital, Resource Anesthesiology Associates of CA PC, Resource Anesthesiology Associates of CT PC, Resource Anesthesiology Associates Of KY PSC, Resource Anesthesiology Associates of NM Inc, Resource Anesthesiology Associates of VA LLC, Saddlebrook Anesthesia Services PC, See Tickets, Siemens PLCs, Sigmund Software, LLC, Slovakian Parliamant, Somnia Anesthesia, Somnia Pain Mgt of Kentucky, Somnia, Inc., Spain’s National Renewable Energy Center, St Luke’s Health – Texas, State Bar of Georgia, Tata Power, The Church of Jesus Christ of Latter-day Saints, Tift Regional Health System, Twilio, UK PM Liz Truss, UK’s Department for Education, Unimed Belem, hundreds of US news websites, Vastaamo, Verizon, Vinomofo, VMware Workspace One Access, Vodafone Italia, WakeMed Health and Hospitals, and Wenco Management, LLC Health and Welfare Benefit Plan have reportedly been hacked or compromised this month.
Microsoft’s Azure platform has been causing problems for their own WinGet package manager and SysInternals services. Instagram, Zscaler, and Wynncraft suffered widespread outages.
Now for the good news:
The more time you spend evaluating electric cars, the worse you will realize they are. Whether it’s electrical waste, environmental damage, increased pullution or just randomly bursting into flames, they’re clearly not ready for production. And now you know.
Let’s Get Busy
Now back to our regularly scheduled program.
Patch Tuesday is huge this month. The typical computer should see roughly 4.5 GB in updates today. Let’s get started.
With the release of a new version of macOS (13/Ventura) all macOS 10.x versions are no longer supported. If you’re not running at least 11/Big Sur, upgrade now or take your device offline. Really.
Windows 10 22H2 (19045) is a major update for Windows 10. Well, it’s supposed to be – there’s really almost no changes other than the extension of the support window. Even though there’s not a lot new to it, don’t be a lemming: wait at least a couple months for them to work out the inevitable bugs.
Microsoft released updates to address 82 vulnerabilities in .NET Framework, AMD CPU Branch, Azure, Azure Real Time Operating System, Linux Kernel, Microsoft Dynamics, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Network Policy Server (NPS), Open Source Software, SysInternals, Visual Studio, Windows Advanced Local Procedure Call, Windows ALPC, Windows Bind Filter Driver, Windows BitLocker, Windows CNG Key Isolation Service, Windows Devices Human Interface, Windows Digital Media, Windows DWM Core Library, Windows Extensible File Allocation, Windows Group Policy Preference Client, Windows HTTP.sys, Windows Hyper-V, Windows Kerberos, Windows Mark of the Web (MOTW), Windows Netlogon, Windows Network Address Translation (NAT), Windows ODBC Driver, Windows Overlay Filter, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Resilient File System (ReFS), Windows Scripting, Windows Win32K
and MSRT (~3 GB). This includes security updates. A reboot is required.
Apple released updates for iOS 15.7.1, iPadOS 15.7.1, iOS 16.1 and iPadOS 16, macOS Big Sur 11.7.1, macOS Monterey 12.6.1, macOS Ventura 13, Safari 16.1, tvOS 16.1, watchOS 9.1, and Xcode 14.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.
iOS 16.1 and 15.7.1 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 16.1 and 15.7.1 are security updates. Use Settings, General, Software Update to install the most current update.
watchOS 9.1 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 16.1 is a security update. Use Settings, General, Software Update to install the most current update.
Google Chrome OS 107.0.5304.92 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Important Notes
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Ventura (13.x) means that all macOS X (10.x) versions are no longer supported. If you can not install at least macOS Big Sur (11) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
The now-current release of the Windows 11 (v22H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
Driver Updates
If you’re using this hardware – these updates are for you.
AMD Adrenalin 22.10.3 resolves several bugs. This is not a security update.
https://www.amd.com/en/support
BullZip PDF Printer 14.1.0.2951 improves compatibility. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download
Crucial Storage Executive 8.07 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive
Display Driver Uninstaller 18.0.5.7 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu
DS4Windows 3.1.10 resolves several bugs and improves responsiveness. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest
Daemon Tools Lite 11.1.0 adds ARM support and resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite
Garmin Express 7.15.2 doesn’t provide a detailed changelog so should be considered a security update.
https://www.garmin.com/en-US/software/express/
MSI Afterburner 2022.10.05 doesn’t provide a changelog so should be treated as a security update.
https://www.msi.com/Landing/afterburner/graphics-cards
Samsung DeX 2.4.0.29 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/us/apps/dex/
Browser Updates
One or more of these are likely to be of interest to everyone.
Brave 1.45.118 is a security update. Use Menu, Help, About to install the current version.
https://brave.com/
Google Chrome 107.0.5304.87 is a security update. Use Menu, Help, About to install the current version.
https://www.google.com/chrome/
Microsoft Edge 107.0.1418.35 is a security update. Use Menu, Help, About to install the current version.
https://www.microsoft.com/en-us/edge/business/download
Firefox 106.0.5 is a security update. Use Menu, Help, About to install the current version.
https://www.mozilla.org/en-US/firefox/new/
Vivaldi 5.5.2805.42 is a security update. Use Menu, Help, About to install the current version.
https://vivaldi.com/
Email Updates
One or more of these are likely to be of interest to everyone.
ProtonMail (Android) 3.0.9 improves stability. This is not a security update.
https://proton.me/mail/download
Spark 3.1.0.38675 does not provide a changelog so should be treated as a security update.
https://sparkmailapp.com/
Spark (macOS) 3.1.0.38673 does not provide a changelog so should be treated as a security update.
https://sparkmailapp.com/
Thunderbird 102.4.2 is a security update. Use Menu, Help, About to install the current version.
https://www.thunderbird.net/en-US/
Internet Updates
One or more of these are likely to be of interest to everyone.
AnyDesk 7.1.6 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads
curl 7.86.0 resolves almost 200 bugs. This is not a security update.
https://curl.haxx.se/windows/
Dropbox 160.4.4703 resolves several bugs. This is not a security update.
https://www.dropbox.com/
Facebook Messenger 168.0.0.24.90 is a security update.
https://www.messenger.com/download
FileZilla Client 3.62.0 updates libraries. This is a security update.
https://filezilla-project.org/
Google Drive 66.0 resolves several bugs. This is not a security update.
https://drive.google.com/start
Google Earth 7.3.6 resolves several bugs and improves several features. This is not a security update.
https://earth.google.com/
Microsoft Teams 1.5.00.28361 adds transcription, e-signature integration, rich call history and music on hold. This is not a security update.
https://teams.microsoft.com/downloads
Nextcloud Server 25.0.1 updates dependencies and resolves dozens of bugs. This is a security update.
https://nextcloud.com/
PuTTY 0.78 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
Qbox 4.0.5.32 doesn’t provide a changelog so should be treated as a security update.
https://www.coraltreetech.com/qbox
Rclone 1.60.0 adds three new backends, several new features and resolves dozens of bugs. This is a security update.
https://rclone.org/
Signal 5.63.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://signal.org/download/windows/
Syncthing 1.22.1 resolves several bugs and improves reliability. This is not a security update.
https://syncthing.net/
Telegram 4.3.1 is a security update.
https://telegram.org/
Zoom 5.12.6.10137 adds a lot of new features and resolves over a dozen bugs. This is a security update.
https://zoom.us/
Media Updates
These are unlikely to be of interest to most people.
3tene 3.0.6 resolves several bugs. This is not a security update.
https://en.3tene.com/
Bitwig Studio 4.4.2 resolves several bugs. This is not a security update.
https://www.bitwig.com/download/
iTunes 12.12.5.8 adds support for newer iOS and iPad OS version. This is not a security update.
https://www.apple.com/itunes/download/
Plex Desktop 1.56.2.3345 doesn’t provide a changelog so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Home Theater 1.28.3.3355 doesn’t provide a changelog so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Media Server 1.29.2.6364 resolves several bugs. This is a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
Game Updates
These are unlikely to be of interest to most people.
Epic Games 14.3.1 resolves several bugs. This is not a security update.
https://www.epicgames.com/
Lego Studio 2.22.10.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd
Nintendo Switch 15.0.1 resolves several bugs. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
Steam 2022.10.18 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0
SteamOS 3.3.2 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/
Office Updates
One or more of these are likely to be of interest to most people.
Adobe Illustrator 27.0 and 26.5.1 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-56.html
Adobe Reader DC 22.003.20263 improves stability. This is not a security update.
https://get.adobe.com/reader
Calibre 6.8.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/
IcoFX 3.8.1 fixes jpg editor and removes shape editor. This is not a security update.
https://icofx.ro/
Krita 5.1.3 resolves dozens of bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/
Kindle for PC 1.39.65323 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc
LibreOffice 7.3.7 resolves over two dozen bugs. This is not a security update.
https://www.libreoffice.org/
Nextcloud Desktop 3.6.1 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.4.7 resolves the “make my printer bleed” bug, as well as several other bugs. This is not a security update.
https://notepad-plus-plus.org/
Sage Timeslips 30.0.4.84 resolves several bugs. This is not a security update.
https://na.sage.com/Sage-Timeslips/Support
Security Software Updates
One or more of these is likely to be of interest to most people.
Chainsaw 2.2.0 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw
HTTP Toolkit 1.12.0 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/
IISCrypto 3.3.17 adds TLS 1.3, new cipher suites, and updates templates. This is not a security update.
https://www.nartac.com/Products/IISCrypto/Download
MalwareBytes Anti-Malware 4.5.17 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/
OpenSSL (SLP) 3.0.7 is a security update.
https://slproweb.com/products/Win32OpenSSL.html
OpenSSL 1.1.1s is a security update.
https://www.openssl.org/source/
OpenSSL 3.0.7 is a security update.
https://www.openssl.org/source/
ProtonVPN 3.0.5 (macOS) is a security update.
https://protonvpn.com/download
ReactOS 0.4.14.31 resolves dozens of bugs. This is a security update.
https://reactos.org/
Tails 5.6 is a security update.
https://tails.boum.org/install/dvd/index.en.html
uBlock Origin 1.45.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
Zorin OS 16.2 improves compatibility, updates libraries, upgrades LibreOffice, and resolves several bugs. This is a security update.
https://zorin.com/os/mirrors/
Capture Updates
These are unlikely to be of interest to most people.
Open Broadcaster Software 28.1.2 improves stability. This is not a security update.
https://obsproject.com/
SnagIt 23.0.1 resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/releases/snagit.msi
Converter Updates
These are unlikely to be of interest to most people.
PDF Creator 5.0.1 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator
StreamFab 6.0.0.1 resolves several bugs and improves stability. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm
DVDFab 12.0.9.1 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm
Education updates
One or more of these are likely to be of interest to most people.
Zotero 6.0.17 resolves several bugs. This is not a security update.
https://www.zotero.org/
Utility Updates
These are unlikely to be of interest to most people.
1Password for Mac 8.9.8 resolves several bugs and adds many new features. This is a security update.
https://1password.com/downloads/mac/
1Password for Windows 8.9.8 resolves several bugs and adds many new features. This is a security update.
https://1password.com/downloads/windows/
AOMEI Partition Assistant 9.12.0 adds support for moving BitLocker partitions, and resolves several bugs. This is not a security update.
https://www.diskpart.com/
Beyond Compare 4.4.4.27058 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4
Bitwarden 2022.10.1 resolves several bugs. This is not a security update.
https://bitwarden.com/
CCleaner 6.05.10110 improves stability and resolves several bugs. This is not a security update.
https://www.ccleaner.com/
DesktopOK 10.44 improves tools. This is a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
Etcher 1.8.15 updates libraries. This is a security update.
https://www.balena.io/etcher/
Fido 1.36 adds support for the latest build of Windows. This is not a security update.
https://github.com/pbatard/Fido/releases
Go 1.19.3 is a security update.
https://go.dev/
GoodSync 12.0.9 is a security update.
https://www.goodsync.com/
HWMonitor 1.47 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html
IsMyHdOK 3.77 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK
Kingston SSD Manager 1.5.2.5 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager
Memtest86+ 6.00 is a new major version, with support for new hardware, and resolves many bugs. This is not a security update.
https://www.memtest.org/
NetworkInterfacesView 1.25 adds enable/disable option and registry key details. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html
NetworkTrafficView 2.42 improves high-DPI mode. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html
NTLite 2.3.8.8978 improves compatibility. This is not a security update.
https://www.ntlite.com/download/
PowerToys 0.64.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
ProcessMonitor 3.92 adds an option to set the filter driver altitude from the command line. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
Process Explorer 17.01 adds dark theme, multipane support, startup improvements and resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
RoboForm 9.3.7 adds the ability to install updates without killing all the browsers and resolves several bugs. Be aware that this causes many browser extensions to fail until they’re reinstalled. This is not a security update.
https://www.roboform.com/
ScreenConnect 22.9.10231 adds several new controls and security improvements. This is a security update.
https://www.connectwise.com/software/control/download
Sysmon 14.11 resolves a stability bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
TeamViewer 15.35.7 doesn’t have a changelog so should be treated as a security update.
https://www.teamviewer.com/en-us/download/windows/
Unity 2022.1.21 resolves several bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive
Windows 10 Upgrade 22H2 is a system update. This installs the latest build of Windows 10.
https://www.microsoft.com/en-us/software-download/windows10
WinAudit 3.4.3 resolves DNS bug. This is not a security update.
http://www.parmavex.co.uk/winaudit.html
WizTree 4.11 adds a Today filter, now supports quoting in filters, and resolves a couple bugs. This is not a security update.
https://www.diskanalyzer.com/
Developer Updates
These are unlikely to be of interest to most people.
AutoHotkey 1.1.35.00 resolves several bugs and backports several features. This is not a security update.
https://www.autohotkey.com/download/
Docker Desktop 4.13.1 improves compatibility, upgrades libraries and resolves several bugs. This is a security update.
https://www.docker.com/products/docker-desktop
GitHub Desktop 3.1.2 updates embedded engine. This is not a security update.
https://desktop.github.com/
Node.js 14.21.1 is a security update.
https://nodejs.org/en/
Node.js 16.18.1 is a security update.
https://nodejs.org/en/
Node.js 18.12.1 is a security update.
https://nodejs.org/en/
Node.js 19.0.1 is a security update.
https://nodejs.org/en/
Visual Studio Code 1.73 adds include/exclude folders to search, shortcuts to Command Center, merge editor improvements and several other fixes. This is not a security update.
https://code.visualstudio.com/
Virtual Machine Updates
These are unlikely to be of interest to most people.
VirtualBox 7.0.2 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads
Web Package Updates
These are likely to be of interest only to web developers.
Joomla 4.2.5 is a security update.
https://www.joomla.org/
phpList 3.6.10 resolves several bugs. This is not a security update.
https://www.phplist.org/
Piwigo 13.1.0 resolves several bugs. This is a security update.
https://piwigo.org/
WordPress 6.1 adds a new default theme, new templates, improved design controls, menu editing, and resolves several bugs. This is not a security update.
https://wordpress.org/
Autoptimize 3.1.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/
BuddyPress 10.6.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/
Contact Form 7 5.6.4 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/
Idea Publisher 1.0.6 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/idea-publisher/
NextScripts Social Networks Auto-Poster 4.4.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/
Redirection 5.3.5 resolves a language bug. This is not a security update.
https://wordpress.org/extend/plugins/redirection/
W3 Total Cache 2.2.7 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/
WooCommerce 7.0.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/
WPBakery 6.10.0 resolves over a dozen bugs. This is not a security update.
https://wpbakery.com/
WP Plugin Update Checker 5.0 switches from classes to namespaces, adds VCS controls, and resolves several bugs. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/