Updates 2022-07-12

Welcome back, Folks!

Today is Patch Tuesday for July, 2022. You know how you say something like “biggest update series in well over a year” and the next month just blows that out of the water? We’re there now.

This Month in Technology

Advocates, Inc., Aerojet Rocketdyne, Alabama Eye & Cataract, P.C., Alameda Health System, Aloha Laser Vision, Amagasaki, Japan, Amazon Photos, AMD, Anker Eufy, Aon, Aruba Networks Switches, ATC Healthcare, Bangladeshi government, Bank of the West, Baptist Medical Center and Resolute Health Hospital, Bayhealth Medical Center, Inc., BeanVPN, Benefit Plan Administrators, Inc., Bookchor, Bourse des Vols, Capital Economics, Carnival Corporation, Carolina Behavioral Health Alliance, Carolina Eyecare Physicians, LLC, Catholic Health System, Center for Sight, Inc., Central Florida Inpatient Medicine, Charlotte Radiology, Cherry Creek Eye Physicians and Surgeons, P.C., CHRISTUS Spohn Health System Corporation, Cisco Secure Email, Cisco VPN routers, Citrix Application Delivery Management, CoDeSys Automation Software, Community of Hope D.C., Crema Finance, Customer.io, Disneyland’s Facebook and Instagram accounts, DivX SubTitles, Django, DTEK Group, ExpressLRS, Fast Shop, Flagstar Bank, Florida Birth-Related Neurological Injury Compensation Association, Foxhall Ob Gyn Associates, Geographic Solutions, Gol Tours LTD, Grab, Harmony, Hillrom Medical, Honda cars, Hudson Regional Hospital, IBM, Ignitis Group, Indian Flood Monitors, Indian government, thousands of industrial devices, Israeli Defense, Kaiser Foundation Health Plan of Washington, Kaiser Permanente, Kernersville Eye Surgeons, P.C., Khouzestan Steel Company, almost a million Kubernetes clusters, La Poste Mobile, Latvian government, Lithuanian government, Long Vision Center, Macmillan Publishing, Mangatoon, Marriott International, Massachusetts Child and Family Services, Inc., Mattax Neu Prater Eye Center, Inc., MCG Health and Eye Care Leaders, Medical University of Innsbruck, MEGA, Michigan Avenue Immediate Care, Microsoft Azure FabricScape, Microsoft Exchange, Microsoft Windows Domain Servers, Mitel VoIP, New Jersey Health Information Management, Nichirin-Flex U.S.A., North American Spine Society, Norway govt sites, OpenSea, OrthoNebraska, Phelps Care Regional Medical Center, Preferred Hospital Leasing Coleman Inc., Professional Finance Company, Renton School District, Resolute Health Hospital, Rodeo Pharmacy Inc, Shanghai National Police, Sharper Vision P.A., SHI International, Shoprite, Sight Partners Physicians, P.C., Sophos Firewall, Southwest Health Center, St Joseph Heritage Health, Stanford University, Stokes Regional Eye Centers, TB Kawashima, The People Concern, The Vicksburg Clinic, LLC, Tosoh America, Inc., UK Army’s Twitter & YouTube, UNC Lenoir Health Care, University of Pisa, University Pediatric Dentistry, US Bank, Walmart, WellDyneRx, LLC, Wiltshire Farm Foods, Yodel, Yuma Regional Medical Center, and Zimbra reportedly been hacked or compromised this month.

Some vendors, like CafePress, simply don’t care about security – and do their best to conceal when they’re hacked. I contacted them to report when they were hacked back in 2014 and they ignored me. Sigh.

Microsoft 365, Cloudflare, Microsoft Teams, Rogers (it was a big one), and Microsoft Office / OneDrive had widespread outages.

Facebook is collecting the patient data of millions, and is also blocking the link to the Facebook settlement class action website. You think they would have learned.

Attackers are using Google Chrome Extension fingerprinting to uniquely identify you. This method works in any Chromium browser.

Spam is still the #1 method of exploiting users. Whether it is a fake renewal notice, fake copyright complaints, or fake invoice, most spams will include a fake login form or a fake support number. In both cases they depend on the user to actually enter the login details or call the scammer to fall prey to their attacks. Online development environments are even being used for these attacks.

Counterfeit hardware can be far more dangerous than the real thing. Even though some vendors only support their hardware a few years before you have to replace it,  counterfeits are never supported and often have malicious implants.

Microsoft has rolled back (temporarily) their decision to block macros by default.

MITRE staff didn’t understand that publishing vulnerable sites, not just vulnerability information was bad, while a HackerOne employee was selling exploits before they were published, and an Amazon employee installed cryptominers on Capital One servers. Adobe is using malware traits to block antivirus software from scanning PDF files. How quickly these organizations can shatter their trust.

Here’s a great example of how a single vulnerability will be used to get far deeper into your network and hardware.

Storing your password directly in the browser is dangerous. Use a password manager.

Now for the good news:

 

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates to address 74 vulnerabilities in Azure Site Recovery, Azure Storage Library, DNS Server, Microsoft Defender for Endpoint, Microsoft Edge, Microsoft Graphics Component, Microsoft Lync, Microsoft Office, Open Source Software, Skype for Business, Windows Active Directory, Windows Advanced Local Procedure Call, Windows BitLocker, Windows Boot Manager, Windows Client/Server Runtime Subsystem, Windows Connected Devices Platform Service, Windows Credential Guard, Windows Fast FAT Driver, Windows Fax and Scan Service, Windows Fax Service, Windows Group Policy, Windows Hyper-V, Windows IIS, Windows Kernel, Windows Media, Windows Network File System, Windows Performance Counters, Windows Point-to-Point Tunneling Protocol, Windows Portable Device Enumerator Service, Windows Print Spooler Components, Windows Remote Procedure Call Runtime, Windows Security Account Manager, Windows Server Service, Windows Shell, Windows Storage, XBox, and MSRT (~3 GB). This includes security updates. A reboot is required.

Google Chrome OS 103.0.5060.114 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 12 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 22.6.1 adds support for newer hardware. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 7.12 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.5.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver and Support Assistant 22.4.26 improves user interface. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Samsung DeX 2.4.0.29 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.41.96 is a security update.
https://brave.com/

SeaMonkey 2.53.13 is a security update.
https://www.seamonkey-project.org/

Google Chrome 103.0.5060.114 is a security update.
https://www.google.com/chrome/

Microsoft Edge 103.0.1264.51 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 102.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 5.3.2679.68 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.45 adds a command-line option to control columns in exports. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 102.0.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

curl 7.84.0 resolves over a hundred bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 152.4.4880 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 153.0.0.19.110 is a security update.
https://www.messenger.com/download

FreeFileSync 11.22 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 60.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Nextcloud Server 24.0.2 updates libraries, and resolves over 50 bugs. This is a security update.
https://nextcloud.com/

Npcap 1.70 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Rclone 1.59.0 adds support for new backends, metadata framework, resolves several bugs, and updates libraries. This is not a security update.
https://rclone.org/

Signal 5.49.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://signal.org/download/windows/

Skype 8.85.0.409 improves their propaganda tools and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.20.3 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 8.1.4 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 4.0.2 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 5.21.2 is a security update.
https://winscp.net/eng/index.php

Zoom 5.11.1.6602 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.2 updates libraries and resolves several bugs. This is not a security update.
https://en.3tene.com/

darktable 4.0.0 is a major update. This version improves color space, exposure, contrast controls and hundreds of other features, as well as resolving over 100 issues. This should be treated as a security update.
https://www.darktable.org/

Picard 2.8.2 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.48.2.3124 adds option to disable some Discover features, resolves several bugs with Search and Watchlist. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.20.2.3110 resolves a stability bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.27.2.5929 improves logging, adds support for Musicbrainz tags, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 14.1.2 resolves several bugs. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.6.0.23 adds Feather support, room editor filters, additional extension features, and resolves dozens of bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Lego Studio 2.22.6.1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

PlayStation PS5 22.01-05.50.00 resolves several bugs and improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

PlayStation PS4 9.60 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps4/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe RoboHelp RH2020.0.8 is a security update.
https://www.adobe.com/support/robohelp/downloads.html

Adobe Acrobat and Reader 22.001.20169, 20.005.30362, and 17.012.30249 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb22-32.html

Adobe Character Animator 22.5 is a security update.
https://www.adobe.com/creativecloud/catalog/desktop.html

Adobe Photoshop 22.5.8 and 23.4.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-35.html

Artweaver 7.0.13 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 6.0 is a major update. This version adds full text search, new hardware support and performance improvements, a new URL scheme, and read-aloud support. It also removed 32-bit support. This is not a security update.
https://calibre-ebook.com/

Gimp 2.10.32 adds HiDPI, high bit-depth and multi-threading support, dark theme, improved color control, masking, and warp. This is not a security update.
https://www.gimp.org/

Kindle for PC 1.37.65274 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Nextcloud Desktop 3.5.2 resolves over a dozen bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.4.3 adds option to limit search results to one line per file, adds EOL customization, adds new document shortcuts, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Intel CSMEVDT 7.0.2.0 resolves a documentation error. This is not a security update.
https://www.intel.com/content/www/us/en/download/19392/28632/intel-converged-security-and-management-engine-version-detection-tool-intel-csmevdt.html

FSS 2022.6.14 doesn’t provide a changelog so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

Gpg4win 4.0.3 is a security update.
https://www.gpg4win.org/download.html

HTTP Toolkit 1.9.0 improves issue tracking and feedback. This is not a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.5.10.200 is a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL (SLP) 3.0.5 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

OpenSSL 1.1.1q is a security update.
https://www.openssl.org/source/

ProtonVPN 2.0.3 resolves several bugs. This is not a security update.
https://protonvpn.com/download

ProtonVPN (macOS) 3.0.1 resolves several bugs. This is not a security update.
https://protonvpn.com/download

SanDisk PrivateAccess 6.3.10 does not provide a changelog so should be considered a security update.
https://kb.sandisk.com/app/answersweb/detailweb/a_id/21996

Tails 5.2 is a security update.
https://tails.boum.org/install/dvd/index.en.html

YARA 4.2.2 is a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 22.1.0 adds several new features, improves performance, and resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/releases/snagit.msi

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.7.8 adds support for new encodings and resolves several stability bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

iMazing HEIC Converter 2.0.0 doesn’t provide a changelog so should be considered a security update.
https://imazing.com/heic

IsoBuster 5.0 is a major update that adds a 64-bit version, high-DPI scaling, themes, improved media support and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.17.0 improves reliability, adds support for new encodings, and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.9 adds PDF rotation and resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 8.7.3 is a major update adding several new cosmetic and integration improvements, and search and filter options. This is a security update.
https://1password.com/downloads/windows/

1Password for Mac 8.7.3 is a major update adding several new cosmetic and integration improvements, and search and filter options. This is a security update.
https://1password.com/downloads/mac/

7-Zip 22.00 adds support for APFS, pax, adds zone.id, and resolves several bugs. This is not a security update.
https://www.7-zip.org/

8GadgetPack 35.0 improves compatibility, adds keyboard shortcuts, and resolves several bugs. This is not a security update.
https://8gadgetpack.net/

Agent Ransack 2022.3335 adds new columns, improves view state restoration, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

CCleaner 6.01.9825 adds support for new apps and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Dell OS Recovery Tool 2.3.7012.0 doesn’t provide a changelog so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 9.97 expands toolset. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.0.84.0 adds personalization, search statistics, Excel row numbers, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

dupeGuru 4.3.1 resolves a false duplication detection bug. This should be treated as a security update if you use dupeGuru to remove duplicate files.
https://dupeguru.voltaicideas.net/

FileLocator Pro 2022.3335 adds new columns, improves view state restoration, and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.37.0 resolves several bugs and improves CLI support. This is a security update.
https://git-scm.com/

GoodSync 11.11.5 resolves dozens of bugs. This is a security update.
https://www.goodsync.com/

Intel CPU Diagnostic 4.1.7.39 adds tests for newer hardware, resolves several bugs, and updates components. This is not a security update.
https://www.intel.com/content/www/us/en/download/15951/intel-processor-diagnostic-tool.html

IsMyHdOK 3.66 improves compatibility and SSD/SSHD detection. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.3.6.8804 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PointerStick 5.88 improves support for virtual desktops and multiple screens. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.60.0 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.3.3 adds (and resolves bugs within) OTP feature, improves search, and resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 3.19 adds an option for setup customization, updates drivers, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

SearchMyFiles 3.20 adds filename length filter. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Synergy 1.14.5 resolves several bugs. This is not a security update.
https://symless.com/synergy/

TeamViewer 15.31.5 improves video experience and adds remote terminal to the Computers & Contacts list. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

Unity 2022.1.8 updates libraries and resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WhyNotWin11 2.5.0.1 resovles several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WifiInfoView 2.77 improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

ZoomText 2022.2206.7.400 adds languages and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

GitHub Desktop 3.0.3 resolves several bugs. This is not a security update.
https://desktop.github.com/

Node.js 18.5.0 is a security update.
https://nodejs.org/en/

Node.js 16.16.0 is a security update.
https://nodejs.org/en/

Node.js 14.20.0 is a security update.
https://nodejs.org/en/

Rustup 1.25.0 adds support for arm64, improved integration and resolves several bugs. This is not a security update.
https://www.rust-lang.org/

Redemption 6.2.0.6122 resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

SQLite 3.39.0 adds support for right and full outer join, distinct from, and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.69.1 adds 3-way merge, improved command center UI for search, DND mode, and resolves several bugs. This is a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.3.18 is a security update.
https://drupal.org/download

Drupal 9.4.0 is a security update.
https://drupal.org/download

HumHub 1.11.4 is a security update.
https://www.humhub.com/en/download

Joomla 4.1.5 resolves several bugs. This is the last of the 4.1 series. This is not a security update.
https://www.joomla.org/

jQuery 3.6.0
https://code.jquery.com/

MailEnable 10.40 updates libraries and resolves over a dozen bugs. This is a security update.
https://www.mailenable.com/

Piwigo 12.3.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.0.1 resolves over two dozen bugs. This is not a security update.
https://wordpress.org/

Akismet 4.2.5 resolves a bug. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Antispam Bee 2.11.1 cleans up code. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

Contact Form 7 5.6 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.4.7 improves compatibility. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Interactive World Map 3.2.0 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/interactive-world-map/

Postie 1.9.61 resolves a MIME warning. This is not a security update.
https://wordpress.org/extend/plugins/postie/

NextScripts Social Networks Auto-Poster 4.3.26 is a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

Slider Revolution 6.5.25 resolves a dozen bugs. This is not a security update.
https://revolution.themepunch.com/

Sucuri Security 1.8.32 is a critical security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.2.3 is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 6.6.1 resolves dozens of bugs. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2022-02-08

Welcome back, Folks!

Today is Patch Tuesday for February, 2022.

It’s only the beginning. February tends to be “patch it once, whoops, patch it again” month most years, so expect another cycle later in the month.

This Month in Technology

Abington Memorial Hospital (dba Jefferson Abington Hospital), dozens of WordPress  Themes and Plugins by AccessPressAditya Birla Fashion and RetailAdvocates, Inc., Albany Family DentistryAlbuquerque Public SchoolsAllegheny Health Network Home Infusion, LLCArgo CDArnprior Regional HealthAWS GlueBoxBTC-AlphaCaring CommunitiesChico StateCisco StarOSColorado Department of Human ServicesCounty of Kings (CA)Crypto.comDelta ElectronicsDigital Insurance, LLC doing business as OneDigital, Evos in the NetherlandsFiondella, Milone & LaSaracina, LLPGlobal Affairs CanadaGolden State DermatologyGoodwillGreensward AcademyGriggsville-Perry School DistrictHensoldtIDEMIA biometric ID hardwareIndependence Blue Cross, International Committee of the Red CrossiRise Florida Spine and Joint Institute, LLCKP SnacksLympoMcAfee Enterprise (Trellix)various medical devicesMedical Healthcare Solutions, Inc., Medical Review Institute of AmericaMemorial Health SystemMeterMidland UniversityMillennium Eye Care LLCMonclerMotorolaMultichainNews Corp, publisher of The Wall Street JournalNobel FoundationOiltanking in GermanyOlympic Games AppOpenSubtitles, Oscar Buckeye State Insurance CorporationOscar Health Plan of CaliforniaOscar Insurance Company of FloridaOscar Insurance Corporation of OhioPace Center for GirlsPanasonicPellissippi State Community College in TennesseePennsbury School DistrictPhiladelphia FIGHT Community Health CentersPolkitPractolytics LLCPumaR.R. DonnellyRaveco MedicalRedDoorzSEA-Invest in BelgiumSecuritasSegwaySeneca Family of AgenciesSouth City HospitalSpencer Gifts LLC Health and Welfare Benefit PlanSt. Lucie County’s Drug Screening LabSwiss Federal RailwaysSwissportTaylor Regional HospitalThai University Central Admission SystemThomas Jefferson University Hospital, Inc., Ubiquiti’s UniFi NetworkUniversity of Arkansas for Medical SciencesUpstoxVantage Holding Company, LLCVolunteers of America Southwest CaliforniaWalgreen Co., Washington Department of LicensingWormhole, and Zimbra have been hacked.

GitHubDiscord, and Telegram have suffered major outages.

Phishing is proving to be even more effective against multi-factor authentication (MFA), as I’ve warned for decades. UPnP is still the worst network design feature. Buy an expensive GPU, gift your identity. Firefox’s “private” email relay service has been added to disposable email blacklists. As expected. Target, the premier member of the “hacked every month club“, is releasing the source code for some of their security software. Google Drive is flagging files containing the number “1” as violating copyrights. VPN companies Nord and Surfshark will merge. 11th and 12th generation Intel CPUs will not be able to play Blu-ray UHD disks.

The IRS is now mandating the use of a private third-party in order to access your own IRS information online. But wait, there’s more! The company, id.me, conceals their own identity and hides their WHOIS data. Tax-filers are already being phished with a threat of refunds being cancelled. The worst news: Nvidia has called off its efforts to acquire Arm.

Now for the good news:

The US Department of Justice has indicted 6 India Call Centers for Scams Targeting Seniors. Maybe the amount of scam calls we get will decrease? I doubt it though, considering the vast increase I’ve received in the last month. 🙁

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is almost back to normal. Well, for now. The typical computer should see roughly 1.8 GB in updates today. Let’s get started.

Microsoft released updates for .NET, Windows, Azure Data Explorer, Kestrel Web Server, Microsoft DNS Server, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft OneDrive, Microsoft Teams, Microsoft Windows Codecs Library, Power BI, Roaming Security Rights Management Services, SQL Server, Visual Studio Code, Windows Common Log File System Driver, Windows DWM Core Library, Windows Hyper-V, Windows Kernel, Windows Kernel-Mode Drivers, Windows Named Pipe File System, Windows Print Spooler Components, Windows Remote Access Connection Manager, Windows Remote Procedure Call Runtime, Windows User Account Profile, Windows Win32K, and MSRT (~1.4 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.3 and 15.2.1, iPadOS 15.3 and 15.2.1, tvOS 15.3, watchOS 8.4.1, Safari 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3, and Security Update 2022-001 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.3 and 15.2.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.3 and 15.2.1 are security updates. Use Settings, General, Software Update to install the most current update.

tvOS 15.3 is a security update. Use System, Software Update to install the most current version.

watchOS 8.4.1 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 98.0.4758.91 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H2) is very large so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v21H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 6 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is still very young so I encourage you to wait a few more months before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.8 is a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Daemon Tools Lite 11.0.0 adds new image support, DD write, and resolves several other bugs. This is a security update.
https://www.daemon-tools.cc/products/dtLite

Logi Bolt App 1.2.6024 adds support for the Logitech Unifying Adapter and resolves several bugs. This is not a security update.
https://support.logi.com/hc/en-us/articles/4418089333655

Logitech Options 9.50.269 is a security update.
https://support.logi.com/hc/en-us/articles/360025297893

Nvidia 473.04 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.35.100 is a security update.
https://brave.com/

Google Chrome 98.0.4758.80 is a security update.
https://www.google.com/chrome/

Microsoft Edge 98.0.1108.43 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 97 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 91.6 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 5.0.2497.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 91.5.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Mumble 1.4.230 is a major update resolving dozens of bugs, adding many new features and introducing true plugin support. This is not a security update.
https://www.mumble.info/downloads/

Prosody 0.11.13 is a security update.
https://prosody.im/download/start

Telegram 3.5.2 resolves several bugs and improves reactions. This is not a security update.
https://telegram.org/

Trillian Mac 6.4.0.4 improves compatibility and resolves several bugs. This is not a security update.
https://www.trillian.im/

BrowsingHistoryView 2.51 adds Visit Duration and improves Visited From. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Dropbox 141.4.3299 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FreeFileSync 11.17 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 55.0 adds integrated desktop search, resolves several bugs and improves performance. This is not a security update.
https://drive.google.com/start

Omada Software Controller 5.0.30 adds newer hardware support, 2FA for Cloud Access, DHCP reservations in Services, and resolves dozens of bugs. This is a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Syncthing 1.19.0 resolves a bug and improves ignore patterns. This is not a security update.
https://syncthing.net/

Zoom 5.9.3.3169 resolves several bugs, adds new features (and requirements) and controls. This is a security update.
https://zoom.us/

Java 8u321 is a security update.
https://www.java.com/en/download/manual.jsp

Media Updates

These are unlikely to be of interest to most people.

Flickr Downloadr 3.4.5.1 only updates the packager. This is not a security update.
https://flickrdownloadr.com/downloads/

Picard 2.7.3 resolves the launcher bug. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.40.1.2823 resolves a packaging error in the installer. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.10.0.2819 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.25.5.5492 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 13.1.7 resolves a couple bugs and prepares for feature changes. This is not a security update.
https://www.epicgames.com/

GameMaker Studio 2022.1.1.610 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

Nintendo Switch 13.2.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

Steam 2022.01.20 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Adobe After Effects 22.2 and 18.4.4 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb22-09.html

Adobe Creative Cloud Desktop 2.7.0.15 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb22-11.html

Adobe Illustrator 26.0.3 and 25.4.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb22-07.html

Adobe Photoshop 22.5.5 and 23.1.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb22-08.html

Adobe Premiere Rush 2.3 is a security update.
https://helpx.adobe.com/security/products/premiere_rush/apsb22-06.html

Artweaver 7.0.11 is a security update.
https://www.artweaver.de/

Atom 1.59.0 resolves several bugs. This is not a security update.
https://atom.io/

Blender 3.0.1 doesn’t provide a changelog so should be treated as a security update.
https://www.blender.org/download/

Inkscape 1.1.2 resolves over 40 bugs, improves stability and reliability. This is not a security update.
https://inkscape.org/release/

LibreOffice Fresh 7.3.0 resolves hundreds of bugs. This is not a security update. The “Fresh” line is beta software and should be avoided in favor of the “Still” line whenever possible.
https://www.libreoffice.org/

LibreOffice Still 7.2.5 resolves almost a hundred bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.4.2 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.3 improves support for large files and resolves several bugs. Be aware there may be plugin stability issues for the near future. This is not a security update.
https://notepad-plus-plus.org/

Scribus 1.5.8 improves dark mode, import, PDF export, and resolves several bugs. This is not a security update.
https://www.scribus.net/

Calibre 5.36.0 improves metadata parsing and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Kindle for PC 1.34.63103 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes Anti-Malware 4.5.2 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

MalwareBytes Anti-Malware Mac 4.14 improves up-sell ability. This is not a security update.
https://www.malwarebytes.com/mac/

OnionShare 2.5 is a security update.
https://onionshare.org/

RogueKiller 15.2.0 adds several new features and cosmetics. This is not a security update.
https://www.adlice.com/download/roguekiller/

Tails 4.27 updates components and libraries. This is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

uBlock Origin 1.41.0 adds dark mode and resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

QubesOS 4.1.0 is a major update, with updated components, improved granular controls, new features and resolves many bugs. This is a security update.
https://www.qubes-os.org/downloads/

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 3.09 improves compatibility with new Chromium-based browsers. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.6.0 resolves several crash bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

Agent Ransack 2022.3294 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Autoruns 14.08 resolves several bugs. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

ControlMyMonitor 1.35 adds display filter options. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Cygwin 3.3.4 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 9.61 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 3.0.0 improves the build process and now generates signed packages, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

Everything CLI 1.1.0.23 adds support for long file names. This is not a security update.
https://www.voidtools.com/

Everything Toolbar 0.7.4 resolves a first-boot filter bug. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.28 adds support for Windows 11 21H2 v1. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3294 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.35.1 resolves dozens of bugs. This is not a security update.
https://git-scm.com/

GoodSync 11.10.3 resolves several compatibility bugs. This is not a security update.
https://www.goodsync.com/

Kingston SSD Manager 1.5.1.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2.3.3.8585 adds new settings, upgrades components, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.55.1 resolves several bugs and improves reliability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.88 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Macrium Reflect 8.0.6525 improves media creation, compatibility, and resolves several bugs. This is not a security update.
https://www.macrium.com/reflectfree

RoboForm 9.2.4 improves Basic Auth support and resolves several bugs. This is not a security update.
https://www.roboform.com/

Samsung Magician 7.0.1 doesn’t provide a changelog, so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

SmartMonTools 7.2 significantly improves field detection and reporting, offers YAML output, drive database extensions, and other fixes. This is not a security update.
https://smartmontools.org/

Sysmon 13.32 improves compatibility. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TCPView 4.17 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

VMMap 3.32 improves stability. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/vmmap

Windows 11 RCT 1.4.0 adds support for newer hardware. This is not a security update.
https://bytejams.com/

WinRAR 6.10 adds support for new formats, improved compatibility, resolves several bugs, and optimizes user interface. This is not a security update.
https://www.rarlab.com/

ZoomIt 5.0 adds support for Windows 11 and resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

ADB 32.0.0 adds native M1 support. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Docker Desktop 4.4.4 is a security update.
https://www.docker.com/products/docker-desktop

MySQL ConnectorNet 8.0.28 is a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 12.22.10 upgrades libraries and time zone information. This is not a security update.
https://nodejs.org/en/

Node.js 14.19.0 updates time zone information, adds Corepack and updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 17.4.0 resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

TortoiseGit 2.13.0.1 updates requirements, libraries, and resolves dozens of bugs. This is not a security update.
https://tortoisegit.org/

Visual Studio Code 1.64 improves cosmetics, automation, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.32 is a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 9.2.12 is a security update.
https://drupal.org/download

MailArchiva 8.7.1 improves role functionality and resolves several bugs. This is not a security update.
https://mailarchiva.com/

ownCloud Client 2.10.0.6519 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

ownCloud Server 10.9.1 improves stability and reliability. This is not a security update.
https://owncloud.org/install/

phpMyAdmin 5.1.2 and 4.9.9 are security updates.
https://www.phpmyadmin.net/

ScreenConnect 21.15.6739.8073 improves automation, triggers, auditing, 2FA timeouts, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.9 resolves dozens of bugs and implements front-end editing. This is not a security update.
https://wordpress.org/

Akismet 4.2.2 improves compatibility and resolves several bugs. This is not a security update.

Autoptimize 2.9.5.1 resolves a stability bug. This is not a security update.

BuddyPress 10.0.0 is a major update offering several new features and resolving dozens of bugs. This is not a security update.

Contact Form 7 5.5.4 adds double opt-in support, new action and filter hooks and resolves a bug with the default contact form. This is not a security update.

Duplicator 1.4.4 resolves several bugs. This is not a security update.

Redirection 5.2.3 resolves several bugs. This is not a security update.

Slider Revolution 6.5.15 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

WooCommerce 6.1.1 resolves dozens of bugs. This is not a security update.

WordPress Zero Spam 5.2.10 is a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2021-10-12

Welcome back, Folks!

Today is Patch Tuesday for October, 2021.

This month we’ve got the new Microsoft Office, Windows 11, iOS 15, iPhone 13, and Windows Server 2022…so far. A new build of Windows 10 is still on the horizon, and a security update for Java is slated for next week. That said, Patch Tuesday this month is very large. The typical computer should see roughly 2.3 GB in updates today.

This Month in Technology

Amnesty InternationalAjarnApple AirTag, Apple Game CenterAzure DevOpsBanco PichinchaBank of AmericaBitcoin.orgBrewDog, the Canadian Vaccine Passport systemCanopy Parental ControlCoinbaseCompoundCox Media GroupCrystal ValleyDahua cams, various DVR devicesElastic StackFantasy Football HubGiant GroupForward AirHorizon HouseHuawei Cloud, various IT companiesJVCKenwoodMarketronMedtronic insulin pump controllers, Microsoft Windows Platform Binary TableMoneyLionNeiman MarcusNEW CooperativeOlympus USPacific City BankPlaybookPort of HoustonSandhills GlobalSimon Eye Management90% of the supply chainSyniverseThe TelegraphTwitch (there’s a lot of information out there about this Amazon property hack), United Health Centers, the US Navy, various aerospace and telco firms, various Apache Airflow servers, various Apache services, various Confluence servers, various hotels, various healthcare facilities, various real estate organizations, various University Wi-Fi networks, various VMware ESXi serversVertafore, and Weir Group.

The assets and financial information of 35 world leaders have been exposed in the Pandora Papers.

A Microsoft Azure customerBandwidth.com, and VoIP.ms have been struck by major denial of service attacks.

How serious are the privacy risks of RFID? The US military is using RFID to track their guns. This results in the ability to track (and target) those carrying the weapons.

How serious is ransomware? Another child has died as a result of equipment that was disabled during an attack.

The Google idle detection API can be used to abuse you only when it knows you’re not looking. For a company whose slogan was “don’t be evil,” and that has the highest paid programmers in the world, between idle detection and FLoC, they’re really proving to either not be able to anticipate the potential risks or they simply don’t care.

Firefox is now injecting ads into the address bar. Apple Pay allows hackers to take your money from your locked iPhonePhishing messages posing as Verizon are using mathematical symbols to evade detection. Intuit is warning users of phishing attacks targeting QuickBooks users. Popular projects on public repositories remain high profile targets. If you can’t trust the hacker you bought your exploit kit from, who can you trust? Sigh.

The biggest outage this month was the Facebook, Messenger, Instagram, Oculus, and WhatsApp that has lead to millions of users abandoning FacebookTrello has had a couple outages, too.

Microsoft is planning to randomly disable access to their customers to see if they’re using their services. Personally, I would just check the logs.

Microsoft 365 broke MFA again, locking users out of their accounts. And a bug in their Exchange Autodiscover implementation has leaked over a 100,000 credentials. A newly discovered UEFI bootkit has been backdooring Windows devices for almost a decade.

Google, the same company that warned of the risks of compromise through 2FA (as have many others), will be forcing 150 million accounts to use 2FA.
This is the same company that accidentally sent thousands of past due messages to their users last month. Their Android operating system is very privacy-averse, too.

A new ransomware strain doesn’t even both encrypting your files anymore, simply collecting a copy of your data and using the threat of release to extort their users.

If you’re still using a landline phone it’s probably because you don’t like change. Get ready, change is coming anyway. In order to more easily assist those having a mental health crisis, the FCC is going to require you to use full 1+10-digit dialing
when making any calls on a landline and 10-digit dialing from most mobile phones starting in late October. The intent is to make dialing a 3-digit number possible for the suicide hotline (988).

PG&E has been charged with causing yet another wildfire.

Now for the good news:

For what it’s worth, robocalls are now illegal.

Even the majority of IT professionals think patching is too hard. Don’t do it yourself, let me.

Let’s Get Busy

Now back to our regularly scheduled program.

Windows 11 is out. Even if your hardware supports it, don’t install it yet. Consider it in the “open beta” phase. The new build of macOS (12.0 / Monterey) should be released sometime soon, too. The same goes for that: consider it a beta for at least the first couple months.

Patch Tuesday this month is very large. The typical computer should see roughly 2.9 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~2.3 GB). This includes updates for Windows Server 2008. This includes security updates. A reboot is required.

Apple released updates for watchOS 8.0.1, iOS 12.5.5, iOS 15.0.2, iPadOS 15.0.2, and Security Update 2021-006 Catalina. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.0.2 and 12.5.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.0.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 8.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 93.0.4577.95 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.4.4 adds support for Windows 11 and improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

HP LaserJet Stub 13.4.8 doesn’t provide a detailed changelog so should be considered a security update.
https://123.hp.com/us/en/devices/LASERJET

MS Mouse and Keyboard Center 14 adds support for newer hardware, Spotlight and improves Smart Switch. This is not a security update.
https://www.microsoft.com/accessories/en-us/downloads/mouse-keyboard-center

Xerox Smart Start 1.6.26.0 doesn’t provide a detailed changelog so should be considered a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.30.89 is a security update.
https://brave.com/

Google Chrome 94.0.4606.81 is a security update.
https://www.google.com/chrome/

Microsoft Edge 94.0.992.47 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 93.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.15.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.9.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 4.3.2439.44 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.43 adds hi-DPI support and improves sorting behavior. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 91.2.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Telegram 3.1.8 resolves several bugs. This is not a security update.
https://telegram.org/

curl 7.79.1 resolves several bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 132.4.3800 does not provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.56.0 is a security update.
https://filezilla-project.org/

Omada Software Controller 4.4.6 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.56.2 resolves several bugs. This is not a security update.
https://rclone.org/

Syncthing 1.18.3 improves reliability and resolves a cosmetic bug. This should be treated as a security update.
https://syncthing.net/

Technitium DNS Server 7.0 is a major update to the API and Apps feature, each of the Apps, adds several more Apps, and resolves several bugs. This is not a security update.
https://technitium.com/dns/

WGet 1.21.2 is a security update.
https://eternallybored.org/misc/wget/

WinSCP 5.19.3 is a security update.
https://winscp.net/eng/index.php

Zoom 5.8.1.1435 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.12.1.1 doesn’t provide a changelog so should be treated as a security update.
https://www.apple.com/itunes/download/

Picard 2.6.4 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.35.1.2632 corrects a couple minor bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS5 21.02-04.02.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2021.10.07 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.10 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Audacity 3.0.5 resolves bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.5 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.blender.org/download/

LibreOffice Fresh 7.2.1 resolves over 80 bugs. This is not a security update. The “Fresh” line is beta software and should be avoided in favor of the “Still” line.
https://www.libreoffice.org/

LibreOffice Still 7.1.6 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.5 improves security. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.5 adds date insertion and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.11 is a security update.
https://www.openoffice.org/download/

Adobe Reader DC 21.007.20099 is a security update.
https://get.adobe.com/reader

Adobe Acrobat DC 21.007.20099 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb21-104.html

Adobe Connect 11.2.3 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-91.html

Adobe Reader Mobile 21.9.0 is a security update.
https://helpx.adobe.com/security/products/reader-mobile/apsb21-89.html

Adobe ops-cli 2.0.5 is a security update.
https://helpx.adobe.com/security/products/ops_cli/apsb21-88.html

Adobe Commerce 2.4.3-p1 and 2.3.7-p2 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-86.html

Adobe Campaign 21.3.1 is a security update.
https://helpx.adobe.com/security/products/campaign/apsb21-52.html

Security Software Updates

One or more of these is likely to be of interest to most people.

PureOS 10.0 is a security update.
https://pureos.net/download/

Tails 4.23 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

OnionShare 2.4 is a security update.
https://onionshare.org/

RogueKiller 15.1.1 is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.1.1 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.38.4 resolves Twitch filtering and important filters. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.34 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.2 resolves several bugs. This is not a security update.
https://handbrake.fr/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.9 adds the ability to “securely” share a link with others. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.9.822 adds the ability to “securely” share a link with others. This is not a security update.
https://1password.com/downloads/windows/

Autoruns 14.03 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Bitwarden 1.28.3 resolves several bugs. This is not a security update.
https://bitwarden.com/

ControlMyMonitor 1.29 adds the ability to set font options. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

dnGrep 2.9.400.0 improves bookmarks and adds option to hide missing files in Everything search. This is not a security update.
https://dngrep.github.io/

Etcher 1.6.0 adds basic auth support and updates libraries. This is not a security update.
https://www.balena.io/etcher/

Everything CLI 1.1.0.20 doesn’t provide a changelog so should be treated as a security update.
https://www.voidtools.com/

Fido 1.26 adds Windows 11 downloads. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 2.7.0 adds user-presence tracking, improves the security tab, and updates libraries. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 11.8.6 resolves several bugs, updates certificates and libraries. This is not a security update.
https://www.goodsync.com/

Homedale 1.99 resolves a privacy bug. This is not a security update.
https://www.the-sz.com/products/homedale/

NTLite 2.3.0.8394 updates libraries and assignment options. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.4.1 adds Windows 11 compatibility. This is not a security update.
https://www.diskpart.com/

PowerToys 0.47.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 3.85 doesn’t provide a changelog so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Samsung Magician 7.0.0 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

TCPView 4.15 doesn’t provide a changelog so should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TeamViewer 15.22.3 improves chat notification and resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WhyNotWin11 2.4.2.1 improves compatibility and accuracy. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

Windows 11 RCT 1.2.1 updates libraries and improves compatibility. This is not a security update.
https://bytejams.com/

WinGet 1.1.12653 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WizTree 4.03 improves reliability, and improves details when loading exports. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.3.4 resolves over a dozen bugs. This is not a security update.
https://godotengine.org/

Node.js 12.22.7 is a security update.
https://nodejs.org/en/

Node.js 14.18.1 is a security update.
https://nodejs.org/en/

Node.js 16.11.1 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.61 adds split views, improved locking, new decorations, improved pair guides and more. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.12.2 adds support for Android 12, scoped storage, and resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.15 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Dada Mail 11.16.3 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 4.1.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.7 resolves over a dozen bugs. This is not a security update.
https://drupal.org/download

MailArchiva 8.3.2 resolves several bugs. This is a security update.
https://mailarchiva.com/

Nextcloud Server 22.2.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

phpList 3.6.5 resolves several bugs. This is not a security update.
https://www.phplist.org/

ScreenConnect 21.13.5058.7951 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Slider Revolution 6.5.9 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Akismet 4.2.1 resolves an AMP validation bug. This is not a security update.

Contact Form 7 5.5.1 resolves a couple bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.23 is a security update.

Sucuri Security 1.8.30 is now a non-GoDaddy project. This is not a security update.

Visual Composer 39.1 resolves a cosmetic bug. This is not a security update.
https://visualcomposer.com/

WooCommerce 5.7.1 reverts a path change bug. This is not a security update.

WP Mail SMTP 3.1.0 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2021-08-10

Welcome back, Folks!

Today is Patch Tuesday for August, 2021. It’s a big one. There have been a series of Apple, Microsoft, and various hardware vulnerabilities, as well as the quarterly Oracle updates that kept the industry hopping. Couple that with Black Hat 2021 last week, which kept reminding us how poorly those who design our technology have done and continue to do.

This Month in Technology

Apple devices via Pegasus, IOMobileFrameBuffer, and Wi-Fi namesAtlassianCharming Kitten (hacking group), Cloudstar, cdnjs, FortiNet FortiManager and FortiAnalyzer, HP (and Samsung and Xerox) printer driver, Illinois State Police, Linux via SequoiaPulse Connect Secure, SonicWall Secure VPN, Swisslog Healthcare’s Translogic PTSVMware ESXiWindows via a SAM security bug, Hello, PrintNightmare (x3+), and PetitPotam, and a new exploit method for wiretapping DNS.

Apple announced a new feature where they scan your content “only” for images of child exploitation provided by an unaccountable third-party, while they assure their customers’ “screeching voices” that they won’t allow governments to directly access the data or feed the database or algorithms (uh-huh), just remember that this is the same company that vowed to silence online dissent and already works with governments to expose their users’ activity. Oh, and they’re launching their own VPN service which they claim even they won’t know what you’re using it for. Wink, wink.

While I’m on the subject of VPNs, Windscribe (a “secure” VPN service) servers were seized and were discovered to not use encryption. Talk about a false promise of privacy!

Now let’s do security. If you still thought Avast (the “get hacked every year” anti-virus company) was worth anything, knowing that Norton (the “we’ll just run our own crypto mining software on your hardware and you can pay us for it” people) was in talks to buy them for about $8B should make your skin crawl. Zoom lost an $85 million class-action cybersecurity lawsuit, and Colonial Pipeline is being targeted now.

The US Federal Government received a C- grade for their IT security. Half of the agencies tested received D grades. These are the same agencies that recently made a claim about the most secure election in history. Pay no attention to the missing 95% of ballots or remote access to voting machines. Or else!

Edward Snowden has a great writeup of physical vs theoretical security concerns,
and another on how the “security” industry is failing everyone. Regular maintenance (of everything!) is critical to technology security. Stale hardware & software are responsible for nearly every security incident. This is what we do and why this newsletter is even being published.

There was a major outage at Akamai that took down a large portion of the Internet.

Google broke ChromeOS twice this month for many users, once by preventing users from being able to login due to a single character coding error. I’m reminded of a Mark Twain quote: “Be careful about reading health books. You may die of a misprint.”

The thing about someone willing to buy your ransomware: when they feel wronged they’re likely to betray your ransomware gang.

Amazon is losing employees while CNN is firing them. Property owners are being ripped off by the state, and their tenants. There are child predators at Disney World.

There’s now a lawsuit over CDC under-counting vaccine deaths, meanwhile they’re over-counting infectionsignoring the risks, downplaying the ineffectiveness of the vaccine-induced herd immunity, and mandating cancer in children. Multiple pharmaceutical giants neglected to keep records of which “vaccines” were placebos and the European Parliament is being held liable for vaccine injuries and deaths. At least there has been victory in Alberta. It’s hard to take them seriously when they’re demonizing free will, treating dictates as law, government agencies are concealing their own violations of international lawmandating doctors violate their medical licenses in order to keep them, while flip-flopping like fish, and imposing prison time for unlawful parading. Would you trust someone with your life who thinks you should be in prison for disagreeing with them? It’s not enough for government to take 13%+ of what you pay at the pump (most gas stations profit is 1% or less) and force you into electric vehicles that they can pull the plug on anytime, they want to charge you for every mile you travel, too, personal or business.

Now for the good news:

Andy’s Mountain Grill & Deli is coming back! Starlink is growing fast and improving reliability and environmental tolerances.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.7.1 and iPadOS 14.7.1, macOS Big Sur 11.5.1, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, watchOS 7.6.1, tvOS 14.7, Safari 14.1.2, and iTunes 12.11.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.7.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 14.7.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.6.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 14.7 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 92.0.4515.130 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Nvidia 471.68 resolves several bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Xerox Smart Start 1.6.25.0 doesn’t provide a changelog so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.27.111 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 92.0.4515.131 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 92.0.902.67 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 91.0 is a security update. Use Help, Check for updates to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.13.0 is a security update. Use Help, Check for updates to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.8.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 4.1.2369.16 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk for macOS 6.3.0 improves scam handling, adds PKG release, and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 7.78.0 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 128.4.2870 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.55.1 resolves a couple bugs. This is not a security update.
https://filezilla-project.org/

Google Earth 7.3.4 is a security update.
https://earth.google.com/

Java 8u301 is a security update.
https://www.java.com/en/download/manual.jsp

Nmap 7.92 resolves dozens of bugs. This is not a security update.
https://nmap.org/

Prosody 0.11.10 is a security update.
https://prosody.im/download/start

PuTTY 0.76 resolves several bugs. This is not a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Rclone 1.56.0 adds many new features, improves compatibility, and resolves several bugs. This is not a security update.
https://rclone.org/

Skype 8.73.0.124 resolves several bugs. This is not a security update.
https://www.skype.com/

Telegram 2.9.0 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 5.19.2 updates libraries and resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.7.4.804 improves notifications and resolves several bugs. This is not a security update.
https://zoom.us/

Email updates

These are unlikely to be of interest to most people.

Thunderbird 78.13.0 is a security update. Use Help, Check for updates to get the most current version.
https://www.thunderbird.net/en-US/

Media Updates

These are unlikely to be of interest to most people.

Flickr Downloadr 3.4.1.1 updates libraries. This is not a security update.
https://flickrdownloadr.com/downloads/

iTunes 12.11.4 is a security update.
https://apple.com/itunes

Plex Media Server 1.23.6.4881 resolves several bugs and improves scanner. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 12.2.12 resolves several bugs. This is not a security update.
https://www.epicgames.com/

Nintendo Switch 12.1.0 improves stability. This is not a security update.

Steam 2021.07.21 resolves a path bug. This is not a security update.
https://www.steampowered.com/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Connect 11.2.3 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-66.html

Adobe Magento Commerce 2.4.3, 2.4.2-p2, and 2.3.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-64.html

Adobe Reader DC 21.005.20060 improves reliability. This is not a security update.
https://get.adobe.com/reader

Atom 1.58.0 improves cosmetics and resolves several bugs. This is not a security update.
https://atom.io/

Audacity 3.0.3 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.2 resolves dozens of bugs. This is not a security update.
https://www.blender.org/download/

Krita 4.4.7 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.1.5 resolves over 50 bugs. This is not a security update. The “Fresh” line is beta software and should be avoided for the stable release.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.0 resolves over 50 bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.2 improves dark mode. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

DNSQuerySniffer 1.85 adds sort menu options and improves high DPI support. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

elementary OS 6 is a major update that integrates several new features and controls and a simplified installer. This is not a security update.
https://elementary.io/

RogueKiller 15.0.9 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.37.2 resolves several books. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Tails 4.21 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD 3.70.51 adds PS5 and Xbox Series X/S to input and resolves several bugs. This is not a security update.
https://www.elgato.com/en/game-capture-software

ScreenToGif 2.33.1 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.4.3 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.0 adds several new filters, improves hardware encoding, resolves several bugs, and updates libraries. This is not a security update.
https://handbrake.fr/

Utility Updates

These are unlikely to be of interest to most people.

Dell Command Update 4.3 is a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 9.15 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

GoodSync 11.8.0 resolves several bugs and improves compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 1.98 improves CLI support. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 3.33 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.2.0.8152 adds several new features, improves performance, updates libraries and resolves bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.4 adds Disk Defrag and resolves a bug. This is not a security update.
https://www.diskpart.com/

ProcDump 10.1 adds an option to specify a dumpfile comment and supports triage dumps. This is not a security update.
https://live.sysinternals.com/

PowerToys 0.43.0 improves stability and accessibility, and resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RDCMan 2.82 resolves a couple bugs. This is not a security update.
https://live.sysinternals.com/

RoboForm 9.1.9 resolves several bugs. This follows shortly after a security update.
https://www.roboform.com/

Rufus 3.15 updates libraries and resolves several bugs. This is not a security update.
https://rufus.ie/en/

Sigcheck 2.82 resolves a stability bug. This is not a security update.
https://live.sysinternals.com/

Synergy 1.14.0 is a security update.
https://symless.com/synergy/

Sysmon 13.23 resolves a stability bug. This is not a security update.
https://live.sysinternals.com/

ZoomText 2021 2021.2107.13.400 adds support for new hardware and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Node.js 16.6.1 resolves several bugs. This build closely follow 16.6.0, which was a security update.
https://nodejs.org/en/

Node.js 14.17.4 is a security update.
https://nodejs.org/en/

Node.js 12.22.4 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.59 improves extensions, finalizes the Testing API, adds Remote Containers, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.14 resolves dozens of bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.26-145957 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.14.2 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 3.5.2 resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.3 is a security update.
https://drupal.org/download

HumHub 1.9.0 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

MailArchiva 8.1.0 resolves several bugs. This is not a security update.
https://mailarchiva.com/

Nextcloud Server 22.1.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

ownCloud Server 10.8 resolves dozens of bugs. This is not a security update.
https://owncloud.org/install/

phpList 3.6.4 improves compatibility. This is not a security update.
https://www.phplist.org/

ScreenConnect 21.10.4238.7885 resolves a couple bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.8 integrates Blocks into Widget logic, adds new patterns, and styles. This is not a security update.
https://wordpress.org/

Antispam Bee 2.10.0 resolves several bugs. This is not a security update.

Autoptimize 2.9.0 improves customization and controls. This is not a security update.

BuddyPress 9.0.0 improves compatibility, block support, and resolves several bugs. This is not a security update.

Contact Form 7 5.4.2 resolves several bugs. This is not a security update.

Interactive World Map 3.1.9.1 improves compatibility. This is not a security update.

myStickymenu 2.5.6 resolves several bugs. This is not a security update.

Postie 1.9.56 resolves a couple bugs. This is not a security update.

Redirection 5.1.3 resolves a couple bugs. This is not a security update.

Slider Revolution 6.5.6 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Social Post Feed 2.19.3 improves compatibility. This is not a security update.

Sucuri Security 1.8.27 improves compatibility. This is not a security update.

Visual Composer 38.0 resolves several bugs. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.6 resolves several bugs. This is not a security update.

WooCommerce 5.5.2 resolves several bugs. This is not a security update.

WordPress Zero Spam 5.0.13 resolves several bugs. This is a security update.

WP Mail SMTP 3.0.3 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-06-08

Welcome back, Folks!

Today is Patch Tuesday for June, 2021. There have been another couple dozen major security incidents, as well as some significant revelations impacting health, security and privacy. The latest Windows 10 release, v21H1, is out and it doesn’t change that much. Google has finally stopped their weekly security update cadence, though other vendors (including Microsoft Edge and Brave) have continued.

This Month in Technology

ABC affiliatesApple AirTagsAXA, Biden’s Venmo accountBrenntagCNA FinancialColonial Pipeline (again), DigitalOcean, European biomolecular research instituteFirst Horizon Bank, U.S. Agency for Global MediaGuard.meHerff Jones, Ireland’s Department of Health (HSE), JBSMonday.com, Microsoft PatchGuardNY MTAOGUsersOne Treasure IslandRapid7Scripps Health and Whistler have been hacked.

A Qualcomm hardware vulnerability affects almost 40% of all mobile phones. Additionally, a dozen security vulnerabilities (called FragAttacks) have been discovered that apply to all Wi-Fi devices. (I’ll bet you miss that cable now, don’t you?)

Google released a “trial” feature to many Chrome users that effectively broke Chrome on their devices. Disabling the trial allowed Chrome to operate again. This is a perfect example of why you should never be forced into being in a beta program. iOS 14.6 is chewing through batteries. Microsoft released an update that broke compatibility with their own Office 365 services – Teams, Outlook and OneDrive. Google’s Nest thermostats are giving people the cold shoulder. Spectre is back again.

The antivirus that can’t protect you from crypto mining malware will now mine crypto on your device so they can use you to generate even more revenue for them. Better hope Norton 360 doesn’t get your home raided.

Amazon, the UK government, BBC, Bloomberg, CNN, The Guardian, NYT, and and many other major sites were taken offline today in a huge outage.

When your paranoid friend says the security app you’re using might be a government trojan, believe them.

Google & Apple are still making it impossible for users to keep their location privateTor is being used to spy on “secure” user traffic. Again. A new privacy-compromising mechanism via cross-browser tracking installed apps can effectively identify your device. The TikTok App is collecting biometric data. The UK Test & Trace app does far worse.

GitHub has disabled FLoC. This is a good thing. Despite federal law, Chinese surveillance equipment is gaining US government customers. Taproot isn’t the privacy panacea it is perceived to be. On the topic of Snowden, he’s been vindicated (again).

Apple shares iCloud keys with CCP, Apple’s Find My can be used to leak secrets, has a “few” issues with notification reliability, and their techs regularly violate their users’ privacy. Due to so many arbitration cases Amazon is now allowing you to sue them…just in time, as they are now sharing your Wi-Fi with passersbyDell lied about their Alienware laptop upgradeability. There’s a reason why so many people treat Microsoft Edge as malicious.

The Epic vs Apple lawsuit testimony is over, but Apple’s AppStore is still allowing malicious and fraudulent apps, while they pat themselves on the back for not taking even more money from their users.

Dr. Fauci lied about sponsoring gain of function research for biological warfare. He dismissed what he knew to be true, the lab-leak theory, and the effectiveness of hydroxychloroquine. He perjured himself. The MSM helped.

Biden shut down the last Wuhan lab investigation. What are the chances there will be a real investigation? Intelligence agencies claim otherwise and you know they have never lied. As is typical of the political elite, instead of broadcasting this everywhere, they’re targeting those that exposed it with death threats.

Governments and the MSM are concealing any true risk/benefit analysis, the miscarriages, Freudian slips, and VAERS spikes behind missing data, bad science, vastly overcounted cases, and propaganda. They’ve been caught red-handed manipulating the data.

The truth is the COVID death numbers are still dropping while post-vaccination infectionand death – are not rare. 5-10% suffer from severe adverse reactions in the hundreds of thousands. The CDC’s new rules acknowledge what many have known all along, vindicating those who opposed masks and vaccines and the vaccines are far from safe or effective.

The worst part is that there are still unsubstantiated and illegal mandates (that are supported by the low-information crowdforever), and insane dogma that violates all reason. Such as yellow stars for the unvaxxed, forbidding the unvaccinated from  church, employmentUniversity (sometimes even the vaccinated) and even West Point. The Red Cross won’t even accept blood from the vaccinated.

The UK government knows what’s coming, and most will be called “unrelated illnesses.” When life insurance companies see this as a non-event and politicians ignore their own agencies to fine the science it’s hard to take it seriously. There have been decades of vaccine research, and we know they’re designing vaccines that spread themselves – isn’t that the premise of most zombie films? mRNA rewrites the genetic code and enhances the illness. This is what it is designed to do. By the way, did you know that during mRNA trials all the mammals kept dying? They proceeded with the emergency use authorization anyway. The only immunity provided by vaccines is to the manufacturer. A second Nuremburg Tribunal is on the horizon.

The Supreme Court says the Computer Fraud and Abuse Act (CFAA) is overbroad. Amazon is being sued over Antitrust law. The Ohio AG is trying to declare Google a public utility.

The government has repeatedly operated in concert with Big Tech to silence dissent, science, and discussion, in effect, laundering their censorship through third-parties. Governors and others are now going on the offense.

Now for the good news:

Dr. Shiva Ayyadurai is doing more to take down Big Tech than anyone else – by himself. Please help.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.6 and iPadOS 14.6, macOS Big Sur 11.4, Security Update Mojave 2021-004, Security Update Catalina 2021-003, Safari 14.1.1, watchOS 7.5, tvOS 14.6, and Boot Camp 6.1.14. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.6 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 14.6 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.5 is a security update. Use your updated iPhone to install the most current version through the Watch app.

tvOS 14.6 is a security update. Use Settings, General, Updates to install the most current version.

Google Chrome OS 91.0.4472.81 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Logitech Options for macOS 8.54.147 adds support for newer hardware. This is not a security update.
https://www.logitech.com/en-us/product/options

Nvidia 466.63 adds support for newer hardware, libraries and components, and resolves stability and performance bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Engine 3.22.0 now defaults to having Moments off, and resolves a crash bog. This is not a security update.
https://steelseries.com/engine

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.25.70 is a security update.
https://brave.com/

Google Chrome 91.0.4472.77 is a security update.
https://www.google.com/chrome/

Microsoft Edge 91.0.864.41 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 89.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.11.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 6.3.1 resolves several bugs and adds an adaptive resolution option. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk for macOS 6.2.0 resolves stability and display issues, adds tab, cursor follow, and window focus controls. This is not a security update.
https://anydesk.com/en/downloads

curl 7.77.0 is a security update.
https://curl.haxx.se/windows/

Dropbox 123.4.4832 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.54.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

Minds 4.13.0 improves performance and resolves several bugs. This is not a security update.
https://www.minds.com/mobile

Prosody 0.11.9 is a security update.
https://prosody.im/download/start

Technitium DNS Server 6.3 resolves several bugs and adds more than a half dozen new features, including failover and recursion ACLs. This is not a security update.
https://technitium.com/dns/

WGet 1.21.1-1 updates libraries. This is a security update.
https://eternallybored.org/misc/wget/

Zoom 5.6.7.1016 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.15 resolves several bugs. This is not a security update.
https://en.3tene.com/

Picard 2.6.3 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Media Server 1.23.2.4656 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Steam 2021.06.07 resolves several bugs and improves cosmetics. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PlayStation PS3 4.88 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 3.0.2 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

LibreOffice Still 7.0.6 is the final release for the 7.0 branch. This version resolves 50 reliability, stability, and compatibility bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.2.2 resolves several bugs and updates libraries. This should be treated as a security update.
https://nextcloud.com/

Adobe Connect 11.2.2 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-36.html

Adobe Acrobat and Reader 2021.005.20148, 2020.004.30005 and 2017.011.30197 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-37.html

Adobe Photoshop 21.2.9 and 22.4.2 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-38.html

Adobe Experience Manager 6.5.9.0 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb21-39.html

Adobe Creative Cloud Desktop Application 2.5 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html

Adobe RoboHelp Server 2020.0.1 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb21-44.html

Adobe Photoshop Elements 5.3 is a security update.
https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html

Adobe Premiere Elements 5.3 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb21-47.html

Adobe After Effects 18.2.1 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb21-49.html

Adobe Animate 21.0.7 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-50.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.19 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

NSudo 8.2 removes ARM32 support, updates libraries, and resolves several bugs. This is not a security update.
https://github.com/M2Team/NSudo/releases/latest

OnionShare 2.3.2 resolves several bugs and updates libraries. This is a security update.
https://onionshare.org/

VT-CLI 0.9.7 doesn’t provide a changelog so should be treated as a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.31 provides cosmetic improvements, improves the updater and imgur compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.4.1 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8.5 adds archive support, sharing indicators, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.7.807 resolves several bugs, adds Windows Hello support, and adds archive support. This is not a security update.
https://1password.com/downloads/windows/

Bitcoin 0.21.1 improves performance and resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 1.26.5 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 5.81.8895 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Dell Command Update 4.2 improves download and logging. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 8.88 improves compatibility and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Everything 1.4.1.1009 improves NTFS detection. This is not a security update.
https://www.voidtools.com/

Fido 1.19 adds support for Windows 10 21H1 and eliminate requirement for Internet Explorer. This is not a security update.
https://github.com/pbatard/Fido/releases

GoodSync 11.7.3 resolves several bugs and improves stability. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 3.21 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NetworkTrafficView 2.40 adds several protocol controls and filters. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

NTLite 2.1.1.7917 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.2.1 improves selection interface, resolves several bugs with third-party apps and integrated elevation when required. This is not a security update.
https://www.diskpart.com/

PointerStick 5.15 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Process Monitor 3.82 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Process Explorer 16.42 switches default search behavior from find to filter and reports CET, and resolves several bugs. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

PsExec 2.34 changes stderr output behavior. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec

RoboForm 9.1.4 resolves several bugs. This is not a security update.
https://www.roboform.com/

Samsung Data Migration 4.0 does not provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

Sigcheck 2.81 resolves a signature validation bug. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sigcheck

SimpleWMIView 1.45 improves sorting controls. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Sysmon 13.21 adds new filter conditions and resolves a crash bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TaskSchedulerView 1.68 resolves a pagination bug and improves sorting controls. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TCPView 4.12 adds new filter conditions and resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TraceRouteOK 2.52 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WifiInfoView 2.70 improves sorting options. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinGet 1.0.11451 is the first release version of WinGet. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinObj 3.10 extends search to include symbolic link targets.
https://docs.microsoft.com/en-us/sysinternals/downloads/winobj

WinScan2PDF 7.11 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 4.2.1.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio

DB Browser for SQLite 3.12.2 updates the certificate for DBHub.io. This is not a security update.
https://sqlitebrowser.org/

Godot 3.3.2 resolves dozens of bugs. This is not a security update.
https://godotengine.org/

Inno Setup 6.2.0 updates graphics and cosmetics, adds dark mode, improves logging, and adds several new scripting options and flags. This is not a security update.
https://www.jrsoftware.org/isdl.php

Node.js 16.3.0 upgrades libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.35.5 resolves several bugs and improves reliability and performance. This is a security update.
https://www.sqlite.org/download.html

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.8.1 resolves several bugs. This is a security update.
https://www.adminer.org/en/

Dada Mail 11.14.0 resolves several bugs. This is not a security update.
http://dadamailproject.com/

Drupal 9.1.10 resolves over a dozen bugs. This is not a security update.
https://drupal.org/download

Joomla 3.9.27 is a security update.
https://www.joomla.org/

Nextcloud Server 21.0.2 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

phpList 3.6.3 is a security update.
https://www.phplist.org/

Piwigo 11.5.0 is a security update.
https://piwigo.org/

ScreenConnect 21.8.3558.7823 adds deep-linking support, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.7.2 is a security update.
https://wordpress.org/

BuddyPress 8.0.0 improves the registration experience, xProfile fields, simplifies administration, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Duplicator 1.4.1 resolves several bugs. This is a security update.
https://wordpress.org/plugins/duplicator/#developers

Visual Composer 36.0 resolves dozens of bugs and improves consistency. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.3 is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 5.4.0 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

Show IDs 1.1.7 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/