Updates 2018-02-13

Hi, Folks!

It’s Patch Tuesday and while they’re large this month, there aren’t that many.

The typical computer should see roughly 1.8gb in updates today. Let’s get started.

Microsoft released updates to Windows, Internet Explorer, MS Office, .NET, and MSRT (~1.8gb). This includes security updates. A reboot is required.

Google Chrome OS 64.0.3282.144 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 28.0.0.161 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

I’ve had a lot of calls recently from people whose computers seem unusually slow since late October. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients at The Farmory, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Seagull Scientific print driver 2018.1 adds support for new vendors, improved RFID support, improved compatibility, and resolves several bugs. This is not a security update.
https://www.seagullscientific.com/drivers/windows-printer-drivers/

Display Driver Uninstaller 17.0.8.3 improves compatibility, cleanup, and resolves several bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 64.0.3282.167 is a security update. Use Menu, Help, About to install the most current version.

Firefox 58.0.2 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.35 adds quick filter support. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

Internet Updates

One or more of these are likely to be of interest to everyone.

DiscordApp 2.1.2018 adds Spotify integration, Oxford comma for 3+ active users, and resolves several bugs. This is not a security update.
https://discordapp.com/download

FreeFileSync 9.8 adds option to auto-close progress dialog, update sync time if no differences found, and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

MaxMind GeoIP Data 201802 is a data refresh. This is not a security update.
https://dev.maxmind.com/geoip/

IPInfoOffline 1.46 improves IP parsing to correctly parse IP when a port number is included. This is not a security update.
https://www.nirsoft.net/utils/ip_country_info_offline.html

Evernote 6.9.6.6729 resolves several bugs, adds dedicated sharing for business users, and improves performance. This is not a security update.
https://www.evernote.com/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.10 adds TTS for chat, improves game launcher, stability, in-game purchases, third-party integration, and resolves several bugs. This is not a security update.
https://www.origin.com/en-us/download

Lego Digital Designer 4.3.11 doesn’t provide a changelog, so should be treated as a security update.
http://ldd.lego.com/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader 2018.011.20035 is a security update. Use Help, Check for Updates to get the most current version.

LibreOffice 6.0.1 is the new major beta version of LibreOffice. It provides several major new features including rotation and style, “Grammar By” spell checking, additional functions in Calc, various improvements in import and export capabilities, and many resolved bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice 5.4.5 is now the official stable release of LibreOffice. This version has been tried and tested for over a year, and this build resolves several minor bugs. This is not a security update.
https://www.libreoffice.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 12.12.4 adds detections. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

Intel-SA-00086 Detection Tool 1.1.169.0 improves SA-00086 vulnerability identification.
https://downloadcenter.intel.com/download/27150

Converter Updates

These are unlikely to be of interest to most people.

CDex 1.99.1 improves stability and resolves several bugs. This is not a security update.
http://cdex.mu/?q=download

DVDFab 10.0.8.1 adds support for new encodings and resolves a crash bug. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.12.0 adds support for new encodings and resolves several bugs. This is not a security update.
https://12pd.com/click?makemkv

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.5.0.6025 adds support for the next build of Win10 and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

DesktopOK 4.99 adds several new options and fixes autosave. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Everything 1.4.1.895 resolves several bugs. This is a security update.
https://www.voidtools.com/

WifiInfoView 2.31 updates internal MAC addresses file. This is not a security udpate.
https://www.nirsoft.net/utils/wifi_information_view.html

GoodSync 10.7.7 rebrands licenses, improves compatibility, and resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

Cygwin 2.10.0 adds several features, integrates multiple APIs and security precatiouns, and resolves several bugs. This should be treated as a security update.
https://cygwin.com/

FileLocator Pro 8.2.2764 improves performance, improved CLI support, resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

ProduKey 1.92 adds build number for Windows. This is not a security update.
https://www.nirsoft.net/utils/product_cd_key_viewer.html

SystemRescueCD 5.2.0 is a security update.
https://www.sysresccd.org/

TaskSchedulerView 1.37 improves the Quick Filter feature. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

WinScan2PDF 3.99 improves compatibility, adds several new features and resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.6.1 improves render speed, resolves several bugs, adds MySQL via SSL support, improved access to help, sticky action support, and more. This is not a security update.
https://www.adminer.org/en/

MailEnable Enterprise 10.13 adds several new stability features, integrates Auto-Signup to core and greatly expands its usefulness, and resolves several bugs. This is a security update.
https://www.mailenable.com/

WordPress 4.9.4 is a security update.

Contact Form 7 5.0 adds several new features, improves API capabilities, adds many new tags, hooks, and other form-tag features. This is not a security update.

myStickymenu 2.0.3 resolves a minor bug. This is not a security update.

NextScripts Social Networks Auto-Poster 4.1.4 adds new formatting tags, improves compatibility, resolves several bugs. This is not a security update.

Redirection 3.2 adds several new redirection flags, improves responsiveness, and resolves bugs. This is not a security update.

WooCommerce 3.3.1 resolves dozens of bugs, improves integration, improves default appearance for themes that do not explicitly support WooCommerce, adds several new features including thumbnail regeneration, shortcodes, thresholds, and log search. This is not a security update.

WP Mail SMTP 1.2.5 resolves several bugs. This is not a security update.

WPtouch 4.3.26 improves escaping of JS output and core theme support. This should be treated as a security update.

That’s all for now folks. Keep it clean out there. πŸ˜‰

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2018-01-30

Hi, Folks!

It’s not Patch Tuesday, but there were a handful of updates released that you should be aware of. Security updates for most browsers, most Apple products, PS4 and others have been released.

The typical computer should see approximately 250mb of updates. Let’s get started.

Apple released updates for macOS High Sierra 10.13.3, macOS Security Update 2018-001 Sierra, macOS Security Update 2018-001 El Capitan, tvOS 11.2.5, Safari 11.0.3, iTunes 12.7.3 for Windows, and iCloud for Windows 7.3. These are security updates. Use the Apple App Store or Apple Software Update to install the most current versions.

iOS 11.2.5 is a security update. Use Settings, General, Software Update to install the most current version.

watchOS 4.2.2 is a security update. Use the Watch app from your iOS device to install the most current version.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

BullZip PDF Printer 11.5.0.2698 adds email attachment action, error suppression for non-interactive accounts, additional output sizes and updated translations. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Intel Driver Update 3.1.2 is a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 64.0.3282.119 is a security update. Use Menu, Help, About to install the most current version.

Firefox 58.0.1 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 52.6.0 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 52.6.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

DiscordApp 1.25.2018 resolves several bugs, and updates libraries. This should be treated as a security update.
https://discordapp.com/download

IPNetInfo 1.78 adds display of Abuse Contact for supported registries. This is not a security update.
https://www.nirsoft.net/utils/ipnetinfo.html

WGet 1.19.4 improves compression, HTTP request compatibility, resolves several bugs, and updates libraries. This is a security update.
https://eternallybored.org/misc/wget/

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS4 5.05 is a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

SteamOS 2.148 is a security update.
https://store.steampowered.com/steamos/download/?ver=custom

Security Software Updates

One or more of these is likely to be of interest to most people.

Wireless Network Watcher 2.16 adds per-device audio disconnect event support. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 12.12.2 adds detecions and resolves a crash bug. This should be treated as a security update.
https://www.adlice.com/softwares/roguekiller/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 10.0.7.9 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

CDex 1.99 improves Windows 10 compatibility and resolves several bugs. This is not a security update.
https://cdex.mu/?q=download

AVStoDVD 2.8.7 resolves several bugs, adds features, updates libraries. This should be treated as a security update.
https://sites.google.com/site/avstodvdmain/

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.5.0.5955 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

1Password for Windows 6.8.496 improves Edge compatibility, and resolves a form field bug. This is not a security update.
https://1password.com/downloads/

7-Zip 18.01 is the first release in a year and a half and adds support for several new formats, new default archive format (xz), improved sanity, and pipe support. This is not a security update.
http://www.7-zip.org/

GoodSync 10.7.5 resolves several bugs, improves service compatibility, adds several scripting variables, and improves reliability. This is not a security update.
https://12pd.com/click?goodsync

CPU-Z 1.83 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 4.94 resolves a measurement bug. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Ketarin 1.8.9 adds several new features, improves compatibility with FileHippo, and resolves bugs. This is not a security update.
https://ketarin.org/

FileLocator Pro 8.2.2755 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

USBDeview 2.74 corrects a CLI parsing bug. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

OSFMount 1.5.1018 resolves a couple bugs. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

BgInfo 4.25 resolves a parsing bug introduced in 4.20. This is not a security update.
https://live.sysinternals.com/

TraceRouteOK 1.21 improves language support and updates translations. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinScan2PDF 3.85 adds ability to append pages to an existing PDF file and composite PDFs from multiple sources. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

SQLite 3.22.0 improves trace and query planner, performance improvements, adds several new interfaces and extensions, and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.5.0 resolves several bugs, improves security validation, and adds support for additional engines. This is a security update.
https://www.adminer.org/en/

TinyMCE 4.7.6 resolves over a dozen bugs. This is not a security update.
https://www.tinymce.com/download/

MailEnable 10.12 resolves several bugs and improves webmail message display. This is not a security update.
https://www.mailenable.com/

BuddyPress 2.9.3 is a security update.

Postie 1.9.15 resolves a minor bug. This is not a security update.

Redirection 3.1.1 improves compatibility, adds support for IPv6, and resolves several bugs. This is not a security update.

WooCommerce 3.3.0 resolves several bugs, improves appearance, adds several new features, and many development-level changes for integration. This is not a security update.

WP Mail SMTP 1.2.4 improves escaping, resolves a couple bugs. This should be treated as a security update.

That’s all for now folks. Keep it clean out there. πŸ˜‰

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2018-01-17

Hi, Folks!

It’s not Patch Tuesday, but there were a handful of updates released that you should be aware of. Security updates for Java, MySQL, VMWare, and WordPress have been released.

The typical computer should see approximately 100mb of updates. Let’s get started.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Internet Updates

One or more of these are likely to be of interest to everyone.

Java 8u161 is a security update. If you are not using Java, remove it – don’t install it.
https://www.java.com/en/download/manual.jsp

FreeFileSync 9.7 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Npcap 0.98 is a security signing update.
https://nmap.org/npcap/

Game Updates

These are unlikely to be of interest to most people.

Technic Launcher 4/355 improves Solder integration, ratings and categorization. This is not a security update.
https://www.technicpack.net/download

Office Updates

One or more of these are likely to be of interest to most people.

Paint.net 4.0.21 resolves the paste to small canvas clipping bug. This is not a security update.
https://www.getpaint.net/

LibreOffice Fresh 5.4.4 resolves dozens of bugs. This is not a security update.
https://www.libreoffice.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Wireshark 2.4.4 is a security update.
https://www.wireshark.org/

Gpg4win 3.0.3 resolves several bugs. This should be treated as a security update.
https://www.gpg4win.org/download.html

RogueKiller 12.12.0 resolves several bugs. This should be treated as a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 3.2.1711.2927 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

CDex 1.98 improves album cover processing and resolves several bugs. This is not a security update.
http://cdex.mu/?q=download

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.5.0.5930 resolves several bugs and improves component management. This is not a security update.
https://www.ntlite.com/download/

CCleaner 5.39.6399 resolves several bugs. This is not a security update.
https://12pd.com/click?ccleaner

WinScan2PDF 3.83 adds multipage TIFF support and updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.1.1 resolves several bugs. This is not a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

MySQL 5.7.21 is a security update.
https://www.mysql.com/downloads/installer/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 14.1.1 is a security update.
https://www.vmware.com/products/player/

VirtualBox 5.2.6-120293 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

WordPress 4.9.2 is a security update.

That’s all for now folks. Keep it clean out there. πŸ˜‰

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2018-01-09

Happy New Year, Folks!

The new year brings a lot of FUD regarding the CPU security issues Meltdown and Spectre. Yes, every CPU from the last 20 years is affected. Yes, it’s a security issue that allows evil apps to access memory they shouldn’t be allowed to. Yes, the fix is going to effectively slow down devices in order to secure them. But NO, it’s not really any more severe than any other hardware or software vulnerability. It still requires the evil app to get onto your computer, which means you either have to install it or fail to patch and secure your operating system and other applications, enabling the attacker to put evil apps on there. In other words, you’re at no significantly greater risk today than you were last week. As always, patching your operating system and applications, removing unwanted and unused applications, back up your data often, and “behaving” online remain the rule of the day.

That said, the updates today address some of these CPU issues. Unfortunately, there are higher-than-normal failure rates for this patch since it was rushed out. This means you should be more wary than usual about failures following Patch Tuesday this week. If you haven’t backed up your data recently or created a system restore point: NOW is the time to run backupsbefore you install updates this week. Back to our regularly scheduled program…

It’s Patch Tuesday and it’s a pretty big one. The new year has begun, and there are lots of updates for almost everything.

The typical computer should see roughly 1.5gb in updates today. Let’s get started.

Microsoft released updates to Windows, Internet Explorer, Office, .NET and MSRT (~1gb). This includes security updates. A reboot is required.

Apple released updates for macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6, iOS 11.2.2, Safari 11.0.2 (again! v. 11604.4.7.1.6 and 12604.4.7.1.6), Pro Video Formats 2.0.6, and tvOS 11.2.1. This includes security updates. Use Apple Software Update to install the most current versions. A reboot is required.

Apple released security updates for AirPort Base Station 7.7.9 (wireless ac models) and 7.6.9 (wireless n models).

iOS 11.2.2 is a security update for all iPhone 5s, iPad Air, iPod touch 6th generation and newer hardware. Previous generations of hardware are no longer supported. Use Settings, General, Software Update to install the most current version. A reboot is required.

Google Chrome OS 63.0.3239.86 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 28.0.0.137 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

I’ve had a lot of calls recently from people whose computers seem unusually slow since late October. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients at The Farmory, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Crucial Storage Executive 3.5 doesn’t provide a changelog, so should be treated as a security update.
https://www.crucial.com/usa/en/support-storage-executive

Display Driver Uninstaller 17.0.8.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver Update 3.1.1 improves detection and reporting. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 63.0.3239.132 is a security update. Use Menu, Help, About to install the most current version.

Firefox 57.0.4 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 52.5.2 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

DiscordApp 21.12.2017 adds animated emojis, improves screensharing quality and adds PayPal support. This is not a security update.
https://discordapp.com/download

WinSCP 5.11.3 is a security update.
https://winscp.net/eng/index.php

Evernote 6.8.7.6387 resolves several bugs. This is not a security update.
https://www.evernote.com/

uTorrent 3.5.1 Build 44332 is a security update.
https://www.utorrent.com/downloads

FileZilla 3.30.0 improves logging for update failures. Since updates often include security updates, this should be treated as a security update.
https://filezilla-project.org/

MaxMind GeoIP Data 201801 is a data refresh. This is not a security update.
https://dev.maxmind.com/geoip/

BrowsingHistoryView 2.15 adds support for Pale Moon browser. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

Media Updates

These are unlikely to be of interest to most people.

VLC 2.2.8 resolves several bugs. This is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS4 5.03 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.5.4 resolves several bugs. This is not a security update.
https://12pd.com/click?npp

OpenOffice 4.1.5 resolves several bugs. This is not a security update.
https://www.openoffice.org/download/

Paint.net 4.0.20 adds a dark theme, improves high-DPI support, and resolves many bugs. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

Norton Power Eraser 20171218 is a security update.
https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN_EndUserProfile_en_us

Avast! Home Edition 17.9.2322 resolves several bugs. This is a security update.
https://www.avast.com/free-antivirus-download

KeePass 1.35 resolves several bugs and updates libraries. This is a security update.
http://keepass.sourceforge.net/

DNSQuerySniffer 1.70 adds TEXT and improves data preservation. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

RogueKiller 12.11.32 improves compatibility and adds detections. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 3.2.1711.2916 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

XSplit Gamecaster 3.1.1708.2943 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

CDex 1.97 updates libraries and resolves several bugs. This is not a security update.
http://cdex.mu/?q=download

DVDFab 10.0.7.7 adds support for additional encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 4.1 adds XML and DFXML exports, MFS, DC42, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.5.0.5855 resolves several bugs. Ths is not a security update.
https://www.ntlite.com/download/

1Password for Windows 6.8.492 is a huge update with dozens of fixes, improvements, new features, and more. This is a security update.
https://1password.com/downloads/

GoodSync 10.7.2 resolves several bugs, improves service compabitility and performance, and now provides local-device encryption (non-portable) for authentication storage.
https://12pd.com/click?goodsync

RoboForm 8.4.6 improves reliability and Edge support, and resolves several bugs. This is not a security update.
https://12pd.com/click?rf

BFGMiner 5.5.0 updates libraries and resolves a dozen bugs. This is a security update.
https://github.com/luke-jr/bfgminer/

DesktopOK 4.93 adds autosave support. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

HWMonitor 1.34 adds support for newer hardware and Windows 10 1709. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

DevManView 1.50 adds quick-filter support. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

NetworkTrafficView 2.12 improves detection of Microsoft services. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

USBDeview 2.73 adds port name detection. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WifiChannelMonitor 1.50 resolves a live detection bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

OSForensics 5.2.1004 improves reporting, resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 2.99 improves reliability. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

WinScan2PDF 3.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.1 resolves several detection issues. This is not a security update.
http://download.wsusoffline.net/

Autoruns 13.81 resolves several bugs. This should be treated as a security update.
https://sysinternals.com/

BgInfo 4.24 resolves several bugs. This is not a security update.
https://sysinternals.com/

Handle 4.11 now exports data to %TEMP% on 64-bit machines. This is not a security update.
https://sysinternals.com/

Sysmon 7.01 resolves reliability bugs. This is not a security update.
https://sysinternals.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 14.1.0 is a security update.
https://www.vmware.com/products/player/

VirtualBox 5.2.4-119785 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 8.4.4 corrects dozens of bugs. This is not a security update.
https://drupal.org/download

MailEnable Enterprise 10.11 resolves several bugs. This is not a security update.
https://www.mailenable.com/

phpMyAdmin 4.7.7 is a security update.
https://www.phpmyadmin.net/home_page/news.php

ScreenConnect 6.4.15787.6556 adds several new features. This is not a security update.
https://www.screenconnect.com/Download

Akismet 4.0.2 resolves a couple bugs. This is not a security update.

Autoptimize 2.3.2 improves resolves a couple bugs and adds cache-busting. This is not a security update.

Multisite Plugin Manager 3.1.6 adds WP CLI compatibility. This is not a security update.

Register IP – Multisite 1.8.0 adds column sortability and proxy support. This is not a security update.

Theme My Login 6.4.10 resolves a couple bugs and improves security handling. This is not a security update.

WooCommerce 3.2.6 resolves over a dozen bugs. This is not a security update.

WP Mail SMTP 1.2.2 resolves several bugs. This is not a security update.

WPtouch 4.3.23 improves custom footer logic and corrects a typo. This is not a security update.

That’s all for now folks. Keep it clean out there. πŸ˜‰

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

New Year, New Fears: Meltdown and Spectre

Happy New Year!

By now you’ve heard about Meltdown and Spectre, the two new CPU vulnerabilities that are getting 24/7 airtime on every news channel.

This is going to really hurt Intel, as it essentially means that a 2 GHz processor is going to effectively run at 1.4 GHz after it’s patched. A 4 GHz processor is going to effectively run at 2.8 GHz. That’s the kind of performance hit that hard-core gamers and industry professionals are waking up to today, and will encourage many to consider alternative CPUs in the future. Unfortunately, while the one issue (Meltdown) only applies to Intel CPUs the other one (Spectre) affects almost every CPU that has been tested.

Meltdown and Spectre are two separate design flaws in the CPUs that mismanage how access to memory handles are controlled. Older hardware and operating systems will never be patched to address these vulnerabilities, and the patches that are currently being pushed for the Intel (Meltdown) flaw have a very high failure rate (as much as 20% for some hardware) often resulting in unbootable devices. My advice is to wait a few days for other people to be the guinea pigs, then install the updates after you get the all clear.

Neither of these affects only Windows. The vulnerabilities are hardware-based, but the current workarounds for them are being pushed into the operating systems to prevent them from being abused.

Meltdown affects every Intel CPU available today, which means that while many Windows computers are affected, every supported Mac is impacted (they’re all using Intel CPUs), and phones and other devices that use Intel chips are vulnerable as well.

Spectre affects just about everything. If your vendor isn’t supporting the device anymore, it will never be patched and the device can never be secured. Every computer hosting every website is affected. Every server. Every phone, tablet, desktop and laptop in the world is affected by at least one of these vulnerabilities. It seems that the only devices immune are certain security devices (dongles) or devices with very limited capabilities. If it can run software, it’s vulnerable.

If you’re a stock market enthusiast this is a good time to invest in mobile hardware vendors – wait a week or so for people to start bailing out in fear and the price to drop. Then buy their ignorance and in a year you’ll be thanking me. There may not be an immediate return, but as chips are released in the next 8-18 months that resolve these problems, security-minded companies and governments will be buying in bulk to replace every single device they currently employ. Talk about a huge surge in purchases later this year. πŸ™‚

I don’t put a lot of stock in what anyone from the government says, so I will defer to the Intel VP who says that the “unfixable” Spectre flaw can be resolved with a firmware update on most supported devices. I assume the same is true for other vendor chips affected by Spectre. Unfortunately, this means it’s still going to be a long-tail fix, since firmware updates can take months to be released for each supported chip and years to be fully addressed, and unsupported hardware will never be fixed. The Intel SA-00086 vulnerability (initially reported in February 2017), for example, which impacts the last 4 full generations of Intel CPUs still has not received patches for most currently supported hardware. Likewise, it’s quite unlikely that Spectre will be fully addressed on existing supported hardware within the next couple years.

Replacing your device isn’t a solution, either, since hardware that isn’t vulnerable simply doesn’t exist yet. We need to hope that operating system vendors will correctly and fully address these problems on current hardware in the very near future.

Now for the good news

If you’re maintaining your devices – installing operating system, application and driver updates, and you’re removing outdated and unused software, and you’re not installing untrusted third party applications that are either unmaintainable or unsecureable, and you have not been installing “bad” programs (warez, fake, or malicious) – then your computer is really at no greater risk today than it was last week. Both of these vulnerabilities require an evil application to be run on your device to be exploited. They are not remote exploits that automatically bypass the other security precautions you may have in place (unlike SA-00086). Remove everything you don’t want or need on your device, don’t install untrusted apps, don’t ever click “yes” in a popup without reading it and understanding the implications, and you’ll probably be OK. Really.

For anyone else that’s not already using my service: If you don’t want to do this all by yourself – let me.