Updates 2021-08-10

Welcome back, Folks!

Today is Patch Tuesday for August, 2021. It’s a big one. There have been a series of Apple, Microsoft, and various hardware vulnerabilities, as well as the quarterly Oracle updates that kept the industry hopping. Couple that with Black Hat 2021 last week, which kept reminding us how poorly those who design our technology have done and continue to do.

This Month in Technology

Apple devices via Pegasus, IOMobileFrameBuffer, and Wi-Fi namesAtlassianCharming Kitten (hacking group), Cloudstar, cdnjs, FortiNet FortiManager and FortiAnalyzer, HP (and Samsung and Xerox) printer driver, Illinois State Police, Linux via SequoiaPulse Connect Secure, SonicWall Secure VPN, Swisslog Healthcare’s Translogic PTSVMware ESXiWindows via a SAM security bug, Hello, PrintNightmare (x3+), and PetitPotam, and a new exploit method for wiretapping DNS.

Apple announced a new feature where they scan your content “only” for images of child exploitation provided by an unaccountable third-party, while they assure their customers’ “screeching voices” that they won’t allow governments to directly access the data or feed the database or algorithms (uh-huh), just remember that this is the same company that vowed to silence online dissent and already works with governments to expose their users’ activity. Oh, and they’re launching their own VPN service which they claim even they won’t know what you’re using it for. Wink, wink.

While I’m on the subject of VPNs, Windscribe (a “secure” VPN service) servers were seized and were discovered to not use encryption. Talk about a false promise of privacy!

Now let’s do security. If you still thought Avast (the “get hacked every year” anti-virus company) was worth anything, knowing that Norton (the “we’ll just run our own crypto mining software on your hardware and you can pay us for it” people) was in talks to buy them for about $8B should make your skin crawl. Zoom lost an $85 million class-action cybersecurity lawsuit, and Colonial Pipeline is being targeted now.

The US Federal Government received a C- grade for their IT security. Half of the agencies tested received D grades. These are the same agencies that recently made a claim about the most secure election in history. Pay no attention to the missing 95% of ballots or remote access to voting machines. Or else!

Edward Snowden has a great writeup of physical vs theoretical security concerns,
and another on how the “security” industry is failing everyone. Regular maintenance (of everything!) is critical to technology security. Stale hardware & software are responsible for nearly every security incident. This is what we do and why this newsletter is even being published.

There was a major outage at Akamai that took down a large portion of the Internet.

Google broke ChromeOS twice this month for many users, once by preventing users from being able to login due to a single character coding error. I’m reminded of a Mark Twain quote: “Be careful about reading health books. You may die of a misprint.”

The thing about someone willing to buy your ransomware: when they feel wronged they’re likely to betray your ransomware gang.

Amazon is losing employees while CNN is firing them. Property owners are being ripped off by the state, and their tenants. There are child predators at Disney World.

There’s now a lawsuit over CDC under-counting vaccine deaths, meanwhile they’re over-counting infectionsignoring the risks, downplaying the ineffectiveness of the vaccine-induced herd immunity, and mandating cancer in children. Multiple pharmaceutical giants neglected to keep records of which “vaccines” were placebos and the European Parliament is being held liable for vaccine injuries and deaths. At least there has been victory in Alberta. It’s hard to take them seriously when they’re demonizing free will, treating dictates as law, government agencies are concealing their own violations of international lawmandating doctors violate their medical licenses in order to keep them, while flip-flopping like fish, and imposing prison time for unlawful parading. Would you trust someone with your life who thinks you should be in prison for disagreeing with them? It’s not enough for government to take 13%+ of what you pay at the pump (most gas stations profit is 1% or less) and force you into electric vehicles that they can pull the plug on anytime, they want to charge you for every mile you travel, too, personal or business.

Now for the good news:

Andy’s Mountain Grill & Deli is coming back! Starlink is growing fast and improving reliability and environmental tolerances.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.7.1 and iPadOS 14.7.1, macOS Big Sur 11.5.1, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, watchOS 7.6.1, tvOS 14.7, Safari 14.1.2, and iTunes 12.11.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.7.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 14.7.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.6.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 14.7 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 92.0.4515.130 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Nvidia 471.68 resolves several bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Xerox Smart Start 1.6.25.0 doesn’t provide a changelog so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.27.111 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 92.0.4515.131 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 92.0.902.67 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 91.0 is a security update. Use Help, Check for updates to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.13.0 is a security update. Use Help, Check for updates to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.8.1 is a security update.
https://www.seamonkey-project.org/

Vivaldi 4.1.2369.16 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk for macOS 6.3.0 improves scam handling, adds PKG release, and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 7.78.0 resolves dozens of bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 128.4.2870 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.55.1 resolves a couple bugs. This is not a security update.
https://filezilla-project.org/

Google Earth 7.3.4 is a security update.
https://earth.google.com/

Java 8u301 is a security update.
https://www.java.com/en/download/manual.jsp

Nmap 7.92 resolves dozens of bugs. This is not a security update.
https://nmap.org/

Prosody 0.11.10 is a security update.
https://prosody.im/download/start

PuTTY 0.76 resolves several bugs. This is not a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Rclone 1.56.0 adds many new features, improves compatibility, and resolves several bugs. This is not a security update.
https://rclone.org/

Skype 8.73.0.124 resolves several bugs. This is not a security update.
https://www.skype.com/

Telegram 2.9.0 resolves several bugs. This is not a security update.
https://telegram.org/

WinSCP 5.19.2 updates libraries and resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 5.7.4.804 improves notifications and resolves several bugs. This is not a security update.
https://zoom.us/

Email updates

These are unlikely to be of interest to most people.

Thunderbird 78.13.0 is a security update. Use Help, Check for updates to get the most current version.
https://www.thunderbird.net/en-US/

Media Updates

These are unlikely to be of interest to most people.

Flickr Downloadr 3.4.1.1 updates libraries. This is not a security update.
https://flickrdownloadr.com/downloads/

iTunes 12.11.4 is a security update.
https://apple.com/itunes

Plex Media Server 1.23.6.4881 resolves several bugs and improves scanner. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Epic Games 12.2.12 resolves several bugs. This is not a security update.
https://www.epicgames.com/

Nintendo Switch 12.1.0 improves stability. This is not a security update.

Steam 2021.07.21 resolves a path bug. This is not a security update.
https://www.steampowered.com/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Connect 11.2.3 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-66.html

Adobe Magento Commerce 2.4.3, 2.4.2-p2, and 2.3.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb21-64.html

Adobe Reader DC 21.005.20060 improves reliability. This is not a security update.
https://get.adobe.com/reader

Atom 1.58.0 improves cosmetics and resolves several bugs. This is not a security update.
https://atom.io/

Audacity 3.0.3 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 2.93.2 resolves dozens of bugs. This is not a security update.
https://www.blender.org/download/

Krita 4.4.7 resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.1.5 resolves over 50 bugs. This is not a security update. The “Fresh” line is beta software and should be avoided for the stable release.
https://www.libreoffice.org/

Nextcloud Desktop 3.3.0 resolves over 50 bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.1.2 improves dark mode. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

DNSQuerySniffer 1.85 adds sort menu options and improves high DPI support. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

elementary OS 6 is a major update that integrates several new features and controls and a simplified installer. This is not a security update.
https://elementary.io/

RogueKiller 15.0.9 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.37.2 resolves several books. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Tails 4.21 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

Capture Updates

These are unlikely to be of interest to most people.

Elgato Game Capture HD 3.70.51 adds PS5 and Xbox Series X/S to input and resolves several bugs. This is not a security update.
https://www.elgato.com/en/game-capture-software

ScreenToGif 2.33.1 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.4.3 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

HandBrake 1.4.0 adds several new filters, improves hardware encoding, resolves several bugs, and updates libraries. This is not a security update.
https://handbrake.fr/

Utility Updates

These are unlikely to be of interest to most people.

Dell Command Update 4.3 is a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 9.15 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

GoodSync 11.8.0 resolves several bugs and improves compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 1.98 improves CLI support. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 3.33 improves compatibility with Windows 11 and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.2.0.8152 adds several new features, improves performance, updates libraries and resolves bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.4 adds Disk Defrag and resolves a bug. This is not a security update.
https://www.diskpart.com/

ProcDump 10.1 adds an option to specify a dumpfile comment and supports triage dumps. This is not a security update.
https://live.sysinternals.com/

PowerToys 0.43.0 improves stability and accessibility, and resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RDCMan 2.82 resolves a couple bugs. This is not a security update.
https://live.sysinternals.com/

RoboForm 9.1.9 resolves several bugs. This follows shortly after a security update.
https://www.roboform.com/

Rufus 3.15 updates libraries and resolves several bugs. This is not a security update.
https://rufus.ie/en/

Sigcheck 2.82 resolves a stability bug. This is not a security update.
https://live.sysinternals.com/

Synergy 1.14.0 is a security update.
https://symless.com/synergy/

Sysmon 13.23 resolves a stability bug. This is not a security update.
https://live.sysinternals.com/

ZoomText 2021 2021.2107.13.400 adds support for new hardware and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Node.js 16.6.1 resolves several bugs. This build closely follow 16.6.0, which was a security update.
https://nodejs.org/en/

Node.js 14.17.4 is a security update.
https://nodejs.org/en/

Node.js 12.22.4 is a security update.
https://nodejs.org/en/

Visual Studio Code 1.59 improves extensions, finalizes the Testing API, adds Remote Containers, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.14 resolves dozens of bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.26-145957 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.14.2 resolves several bugs. This is not a security update.
https://dadamailproject.com/

Docker Desktop 3.5.2 resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.2.3 is a security update.
https://drupal.org/download

HumHub 1.9.0 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

MailArchiva 8.1.0 resolves several bugs. This is not a security update.
https://mailarchiva.com/

Nextcloud Server 22.1.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

ownCloud Server 10.8 resolves dozens of bugs. This is not a security update.
https://owncloud.org/install/

phpList 3.6.4 improves compatibility. This is not a security update.
https://www.phplist.org/

ScreenConnect 21.10.4238.7885 resolves a couple bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.8 integrates Blocks into Widget logic, adds new patterns, and styles. This is not a security update.
https://wordpress.org/

Antispam Bee 2.10.0 resolves several bugs. This is not a security update.

Autoptimize 2.9.0 improves customization and controls. This is not a security update.

BuddyPress 9.0.0 improves compatibility, block support, and resolves several bugs. This is not a security update.

Contact Form 7 5.4.2 resolves several bugs. This is not a security update.

Interactive World Map 3.1.9.1 improves compatibility. This is not a security update.

myStickymenu 2.5.6 resolves several bugs. This is not a security update.

Postie 1.9.56 resolves a couple bugs. This is not a security update.

Redirection 5.1.3 resolves a couple bugs. This is not a security update.

Slider Revolution 6.5.6 resolves several bugs. This is not a security update.
https://revolution.themepunch.com/

Social Post Feed 2.19.3 improves compatibility. This is not a security update.

Sucuri Security 1.8.27 improves compatibility. This is not a security update.

Visual Composer 38.0 resolves several bugs. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.6 resolves several bugs. This is not a security update.

WooCommerce 5.5.2 resolves several bugs. This is not a security update.

WordPress Zero Spam 5.0.13 resolves several bugs. This is a security update.

WP Mail SMTP 3.0.3 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2021-06-08

Welcome back, Folks!

Today is Patch Tuesday for June, 2021. There have been another couple dozen major security incidents, as well as some significant revelations impacting health, security and privacy. The latest Windows 10 release, v21H1, is out and it doesn’t change that much. Google has finally stopped their weekly security update cadence, though other vendors (including Microsoft Edge and Brave) have continued.

This Month in Technology

ABC affiliatesApple AirTagsAXA, Biden’s Venmo accountBrenntagCNA FinancialColonial Pipeline (again), DigitalOcean, European biomolecular research instituteFirst Horizon Bank, U.S. Agency for Global MediaGuard.meHerff Jones, Ireland’s Department of Health (HSE), JBSMonday.com, Microsoft PatchGuardNY MTAOGUsersOne Treasure IslandRapid7Scripps Health and Whistler have been hacked.

A Qualcomm hardware vulnerability affects almost 40% of all mobile phones. Additionally, a dozen security vulnerabilities (called FragAttacks) have been discovered that apply to all Wi-Fi devices. (I’ll bet you miss that cable now, don’t you?)

Google released a “trial” feature to many Chrome users that effectively broke Chrome on their devices. Disabling the trial allowed Chrome to operate again. This is a perfect example of why you should never be forced into being in a beta program. iOS 14.6 is chewing through batteries. Microsoft released an update that broke compatibility with their own Office 365 services – Teams, Outlook and OneDrive. Google’s Nest thermostats are giving people the cold shoulder. Spectre is back again.

The antivirus that can’t protect you from crypto mining malware will now mine crypto on your device so they can use you to generate even more revenue for them. Better hope Norton 360 doesn’t get your home raided.

Amazon, the UK government, BBC, Bloomberg, CNN, The Guardian, NYT, and and many other major sites were taken offline today in a huge outage.

When your paranoid friend says the security app you’re using might be a government trojan, believe them.

Google & Apple are still making it impossible for users to keep their location privateTor is being used to spy on “secure” user traffic. Again. A new privacy-compromising mechanism via cross-browser tracking installed apps can effectively identify your device. The TikTok App is collecting biometric data. The UK Test & Trace app does far worse.

GitHub has disabled FLoC. This is a good thing. Despite federal law, Chinese surveillance equipment is gaining US government customers. Taproot isn’t the privacy panacea it is perceived to be. On the topic of Snowden, he’s been vindicated (again).

Apple shares iCloud keys with CCP, Apple’s Find My can be used to leak secrets, has a “few” issues with notification reliability, and their techs regularly violate their users’ privacy. Due to so many arbitration cases Amazon is now allowing you to sue them…just in time, as they are now sharing your Wi-Fi with passersbyDell lied about their Alienware laptop upgradeability. There’s a reason why so many people treat Microsoft Edge as malicious.

The Epic vs Apple lawsuit testimony is over, but Apple’s AppStore is still allowing malicious and fraudulent apps, while they pat themselves on the back for not taking even more money from their users.

Dr. Fauci lied about sponsoring gain of function research for biological warfare. He dismissed what he knew to be true, the lab-leak theory, and the effectiveness of hydroxychloroquine. He perjured himself. The MSM helped.

Biden shut down the last Wuhan lab investigation. What are the chances there will be a real investigation? Intelligence agencies claim otherwise and you know they have never lied. As is typical of the political elite, instead of broadcasting this everywhere, they’re targeting those that exposed it with death threats.

Governments and the MSM are concealing any true risk/benefit analysis, the miscarriages, Freudian slips, and VAERS spikes behind missing data, bad science, vastly overcounted cases, and propaganda. They’ve been caught red-handed manipulating the data.

The truth is the COVID death numbers are still dropping while post-vaccination infectionand death – are not rare. 5-10% suffer from severe adverse reactions in the hundreds of thousands. The CDC’s new rules acknowledge what many have known all along, vindicating those who opposed masks and vaccines and the vaccines are far from safe or effective.

The worst part is that there are still unsubstantiated and illegal mandates (that are supported by the low-information crowdforever), and insane dogma that violates all reason. Such as yellow stars for the unvaxxed, forbidding the unvaccinated from  church, employmentUniversity (sometimes even the vaccinated) and even West Point. The Red Cross won’t even accept blood from the vaccinated.

The UK government knows what’s coming, and most will be called “unrelated illnesses.” When life insurance companies see this as a non-event and politicians ignore their own agencies to fine the science it’s hard to take it seriously. There have been decades of vaccine research, and we know they’re designing vaccines that spread themselves – isn’t that the premise of most zombie films? mRNA rewrites the genetic code and enhances the illness. This is what it is designed to do. By the way, did you know that during mRNA trials all the mammals kept dying? They proceeded with the emergency use authorization anyway. The only immunity provided by vaccines is to the manufacturer. A second Nuremburg Tribunal is on the horizon.

The Supreme Court says the Computer Fraud and Abuse Act (CFAA) is overbroad. Amazon is being sued over Antitrust law. The Ohio AG is trying to declare Google a public utility.

The government has repeatedly operated in concert with Big Tech to silence dissent, science, and discussion, in effect, laundering their censorship through third-parties. Governors and others are now going on the offense.

Now for the good news:

Dr. Shiva Ayyadurai is doing more to take down Big Tech than anyone else – by himself. Please help.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.6 and iPadOS 14.6, macOS Big Sur 11.4, Security Update Mojave 2021-004, Security Update Catalina 2021-003, Safari 14.1.1, watchOS 7.5, tvOS 14.6, and Boot Camp 6.1.14. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.6 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 14.6 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.5 is a security update. Use your updated iPhone to install the most current version through the Watch app.

tvOS 14.6 is a security update. Use Settings, General, Updates to install the most current version.

Google Chrome OS 91.0.4472.81 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.x) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Logitech Options for macOS 8.54.147 adds support for newer hardware. This is not a security update.
https://www.logitech.com/en-us/product/options

Nvidia 466.63 adds support for newer hardware, libraries and components, and resolves stability and performance bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Engine 3.22.0 now defaults to having Moments off, and resolves a crash bog. This is not a security update.
https://steelseries.com/engine

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.25.70 is a security update.
https://brave.com/

Google Chrome 91.0.4472.77 is a security update.
https://www.google.com/chrome/

Microsoft Edge 91.0.864.41 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 89.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.11.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 6.3.1 resolves several bugs and adds an adaptive resolution option. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk for macOS 6.2.0 resolves stability and display issues, adds tab, cursor follow, and window focus controls. This is not a security update.
https://anydesk.com/en/downloads

curl 7.77.0 is a security update.
https://curl.haxx.se/windows/

Dropbox 123.4.4832 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.54.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

Minds 4.13.0 improves performance and resolves several bugs. This is not a security update.
https://www.minds.com/mobile

Prosody 0.11.9 is a security update.
https://prosody.im/download/start

Technitium DNS Server 6.3 resolves several bugs and adds more than a half dozen new features, including failover and recursion ACLs. This is not a security update.
https://technitium.com/dns/

WGet 1.21.1-1 updates libraries. This is a security update.
https://eternallybored.org/misc/wget/

Zoom 5.6.7.1016 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.15 resolves several bugs. This is not a security update.
https://en.3tene.com/

Picard 2.6.3 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Plex Media Server 1.23.2.4656 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Steam 2021.06.07 resolves several bugs and improves cosmetics. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

PlayStation PS3 4.88 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Audacity 3.0.2 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

LibreOffice Still 7.0.6 is the final release for the 7.0 branch. This version resolves 50 reliability, stability, and compatibility bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.2.2 resolves several bugs and updates libraries. This should be treated as a security update.
https://nextcloud.com/

Adobe Connect 11.2.2 is a security update.
https://helpx.adobe.com/security/products/connect/apsb21-36.html

Adobe Acrobat and Reader 2021.005.20148, 2020.004.30005 and 2017.011.30197 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb21-37.html

Adobe Photoshop 21.2.9 and 22.4.2 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-38.html

Adobe Experience Manager 6.5.9.0 is a security update.
https://helpx.adobe.com/security/products/experience-manager/apsb21-39.html

Adobe Creative Cloud Desktop Application 2.5 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-41.html

Adobe RoboHelp Server 2020.0.1 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb21-44.html

Adobe Photoshop Elements 5.3 is a security update.
https://helpx.adobe.com/security/products/photoshop_elements/apsb21-46.html

Adobe Premiere Elements 5.3 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb21-47.html

Adobe After Effects 18.2.1 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb21-49.html

Adobe Animate 21.0.7 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-50.html

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.19 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

NSudo 8.2 removes ARM32 support, updates libraries, and resolves several bugs. This is not a security update.
https://github.com/M2Team/NSudo/releases/latest

OnionShare 2.3.2 resolves several bugs and updates libraries. This is a security update.
https://onionshare.org/

VT-CLI 0.9.7 doesn’t provide a changelog so should be treated as a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.31 provides cosmetic improvements, improves the updater and imgur compatibility. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2021.4.1 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.8.5 adds archive support, sharing indicators, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.7.807 resolves several bugs, adds Windows Hello support, and adds archive support. This is not a security update.
https://1password.com/downloads/windows/

Bitcoin 0.21.1 improves performance and resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 1.26.5 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 5.81.8895 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Dell Command Update 4.2 improves download and logging. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 8.88 improves compatibility and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Everything 1.4.1.1009 improves NTFS detection. This is not a security update.
https://www.voidtools.com/

Fido 1.19 adds support for Windows 10 21H1 and eliminate requirement for Internet Explorer. This is not a security update.
https://github.com/pbatard/Fido/releases

GoodSync 11.7.3 resolves several bugs and improves stability. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 3.21 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NetworkTrafficView 2.40 adds several protocol controls and filters. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

NTLite 2.1.1.7917 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 9.2.1 improves selection interface, resolves several bugs with third-party apps and integrated elevation when required. This is not a security update.
https://www.diskpart.com/

PointerStick 5.15 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

Process Monitor 3.82 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Process Explorer 16.42 switches default search behavior from find to filter and reports CET, and resolves several bugs. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

PsExec 2.34 changes stderr output behavior. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psexec

RoboForm 9.1.4 resolves several bugs. This is not a security update.
https://www.roboform.com/

Samsung Data Migration 4.0 does not provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

Sigcheck 2.81 resolves a signature validation bug. This should be treated as a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sigcheck

SimpleWMIView 1.45 improves sorting controls. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Sysmon 13.21 adds new filter conditions and resolves a crash bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TaskSchedulerView 1.68 resolves a pagination bug and improves sorting controls. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TCPView 4.12 adds new filter conditions and resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

TraceRouteOK 2.52 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WifiInfoView 2.70 improves sorting options. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinGet 1.0.11451 is the first release version of WinGet. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinObj 3.10 extends search to include symbolic link targets.
https://docs.microsoft.com/en-us/sysinternals/downloads/winobj

WinScan2PDF 7.11 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 4.2.1.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio

DB Browser for SQLite 3.12.2 updates the certificate for DBHub.io. This is not a security update.
https://sqlitebrowser.org/

Godot 3.3.2 resolves dozens of bugs. This is not a security update.
https://godotengine.org/

Inno Setup 6.2.0 updates graphics and cosmetics, adds dark mode, improves logging, and adds several new scripting options and flags. This is not a security update.
https://www.jrsoftware.org/isdl.php

Node.js 16.3.0 upgrades libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.35.5 resolves several bugs and improves reliability and performance. This is a security update.
https://www.sqlite.org/download.html

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.8.1 resolves several bugs. This is a security update.
https://www.adminer.org/en/

Dada Mail 11.14.0 resolves several bugs. This is not a security update.
http://dadamailproject.com/

Drupal 9.1.10 resolves over a dozen bugs. This is not a security update.
https://drupal.org/download

Joomla 3.9.27 is a security update.
https://www.joomla.org/

Nextcloud Server 21.0.2 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

phpList 3.6.3 is a security update.
https://www.phplist.org/

Piwigo 11.5.0 is a security update.
https://piwigo.org/

ScreenConnect 21.8.3558.7823 adds deep-linking support, and resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.7.2 is a security update.
https://wordpress.org/

BuddyPress 8.0.0 improves the registration experience, xProfile fields, simplifies administration, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Duplicator 1.4.1 resolves several bugs. This is a security update.
https://wordpress.org/plugins/duplicator/#developers

Visual Composer 36.0 resolves dozens of bugs and improves consistency. This is not a security update.
https://visualcomposer.com/

W3 Total Cache 2.1.3 is a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 5.4.0 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

Show IDs 1.1.7 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-07-14

Welcome back, Folks!

Today is Patch Tuesday for July 2020.

This Month in Technology

Apple has formally announced that they’ll be switching to ARM processors on their new hardware. While Apple asserts that “most apps will just work,” the truth is that if it’s not a 64-bit app or it hasn’t been updated in more than a year, chances are not only won’t work on ARM but will never work on ARM. If you were here when they switched from PowerPC to Intel you remember the issues were long and wide. You’ll likely need a VM to make many of your apps work.

Piracy doesn’t pay, except for those creating the pirated apps.

Macs are still getting infected through fake “Flash update” malware, even on Catalina. From the comments, “Which is worse, a real Flash installer or a fake one? It’s a toss-up.”

Microsoft was caught breaching user trust, again, by hijacking your data from other browsers and importing into their forced update to their new Edge browser without your permission.

Mozilla switched to a 4-week cadence for major updates in March. This has resulted in even less time for beta testing and the expected release+1 security updates.

Google Chrome is planning to hide everything in a URL other than the domain name. Google, the most popular purveyor of information and also the self-appointed gatekeeper to what is true and false, believes that having the complete URL is bad for you.

Google resolved a major email spoofing vulnerability through customer services, shortly before allowing a core domain name for their Blogger service to expire.

Slack vulnerability allowed hackers to distribute malware to victims devices.

What is it going to take before you stop copying passwords on your phone?

Everyone knows Facebook is always listening. Now the courts have finally considered their web widgets “Wiretaps.” Others are, too. They’re also designing systems to be able to trigger recording of all background noise from external queues. In states like California, Facebook is already violating the all-party consent requirements by recording audio 24/7. Maybe they’ll eventually acknowledge that it’s bad and stop? Ouch. Sorry, I hurt myself laughing there. Oh, and the Facebook Messenger app allowed you to be infected with persistent malware. If you have a website with Facebook integration, you need to take action now to comply with the CCPA.

Airlines are perfectly happy to violate the Americans with Disabilities Act – and treat you like a terrorist – if you have medical conditions.

Bitdefender Antivirus allowed any website you visited to run code on your device. Apache’s Guacamole remote support client allows attackers to take over the entire enterprise. Backdoors in operating systems, why not backdoors in encryption software?

Surprise: phishing still works. Even by text. …and launching a service that relays content to third-parties will ensure it is abused. Honeypots (systems designed to be opened for abuse to see how attacks take place) demonstrate four previously unknown zero-day vulnerabilities.

Nintendo, Plex, Honda, Samsung, Oxford University, University Of Pittsburgh Medical Center, UCSF, anyone banking with various Chinese banks, Night Lion Security, 79 different Netgear router models, hundreds of online retailers, and it won’t be long before IoT vulnerabilities can be used to provide big game hunting for rare species.

June Patch Tuesday updates from Microsoft broke Outlook and other apps for some users.

Selective enforcement means you’re a publisher, says AG Barr of Section 230 of the CDA. There’s no better way to prevent the abuse of Section 230 to censor voices you disagree with.

Now for the good news:

Starlink is coming. LEO internet access could provide up to 1 Gbps Internet access from space. Testing will begin in the next weeks and will gradually move south as satellites take place.

For now, you can cut your internet bill by taking advantage of the free Xfinity Wi-Fi hotspots through the end of the year.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 1.5 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Internet Explorer, DNS Server, Office, Servicing Stack, and MSRT (~900 MB). This includes security updates. A reboot is required.

Adobe Flash Player 32.0.0.403 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google Chrome OS 83.0.4103.119 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (2004) is a huge (about 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Crucial Storage Executive 6.04 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Daemon Tools Lite 10.13.0 improves activation and creation and use of bootable disk images. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Intel Driver and Support Assistant 20.7.26 adds support for new hardware and improves application detection. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 451.67 resolves several bugs and improves compatibility. This is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.10.97 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 84.0.4147.89 is a security update. Use Menu, Help, About to install the most current version.

Microsoft Edge 83.0.478.64 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 78.0.2 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 68.10.0 is a security update. Use Menu, Help, About to install the most current version.

SeaMonkey 2.53.3 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 3.1.1929.45 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.41 adds an option to copy the preview content and resolves a bug in the cfg switch. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 68.10.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Trillian 6.3.0.6 resolves dozens of bugs, including 2FA and stability issues. This is a security update.
https://www.trillian.im/

Trillian Mac 6.3.0.6 resolves several stability bugs. This is not a security update.
https://www.trillian.im/

curl 7.71.1 resolves several sanitation issues. This should be treated as a security update.
https://curl.haxx.se/windows/

Dropbox 101.4.434 doesn’t provide a useful changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.49.0 resolves a several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 10.25 adds support for Google Drive Shared Drives and Shortcuts, resolves several bugs, and improves user interface. This is not a security update.
https://www.freefilesync.org/download.php

Npcap 0.9995 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

PuTTY 0.74 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

Technitium DNS Server 5.0.1 is a major update that refactors how blocklists are stored and resolves several bugs. This is not a security update.
https://technitium.com/dns/

Zoom 5.1.28656.0709 is a security update.
https://zoom.us/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.07.09 resolves several bugs and improves compatibility. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Camera Raw and DNG Converter 12.3 adds support for new hardware. This is not a security update.
Mac: https://supportdownloads.adobe.com/detail.jsp?ftpID=6955
Win: https://supportdownloads.adobe.com/detail.jsp?ftpID=6957

Adobe Download Manager 2.0.0.529 is a security update.
https://helpx.adobe.com/security/products/adm/apsb20-49.html

Adobe ColdFusion 2016.16 and 2018.10 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb20-43.html

Adobe FrameMaker 2019.0.6 doesn’t provide a changelog so should be treated as a security update.
Win32: https://supportdownloads.adobe.com/detail.jsp?ftpID=6963
Win64: https://supportdownloads.adobe.com/detail.jsp?ftpID=6965

Adobe Genuine Service 7.1 is a security update. (Point this one out the next time someone says pirating Adobe software can reduce the security of your computer.)
https://helpx.adobe.com/security/products/integrity_service/apsb20-42.html

Adobe Media Encoder 14.3 is a security update.
https://helpx.adobe.com/security/products/media-encoder/apsb20-36.html

Adobe Creative Cloud Desktop Application 5.2 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html

Magento SUPEE-11346 (for Magento v1) is a security update.
https://www.magentocommerce.com/products/downloads/magento/

Adobe Audition 13.0.7 is a security update.
https://helpx.adobe.com/security/products/audition/apsb20-40.html

Adobe Premiere Rush 1.5.16 is a security update.
https://helpx.adobe.com/security/products/premiere_rush/apsb20-39.html

Adobe Premiere Pro 14.3 is a security update.
https://helpx.adobe.com/security/products/premiere_pro/apsb20-38.html

Adobe Illustrator 2020 24.2 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb20-37.html

Adobe After Effects 17.1.1 is a security update.
https://helpx.adobe.com/security/products/after_effects/apsb20-35.html

Adobe Campaign Classic 20.2 is a security update.
https://helpx.adobe.com/security/products/campaign/apsb20-34.html

Artweaver 7.0.6 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.49.0 resolves several bugs. This is not a security update.
https://atom.io/

Blender 2.83.2 resolves over 1250 bugs, adds improves performance and stability across several features and adds viewport denoiser. This is not a security update.
https://www.blender.org/download/

Krita 4.3.0 adds several new watercolor effects with brush presets and gradient map and palettizer filters. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 6.4.5 resolves over 100 bugs. This is beta software so should be avoided in favor of the “Still” version (LibreOffice stable). This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 2.6.5 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 7.8.8 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Adobe Reader DC 20.009.20074 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Security Software Updates

One or more of these is likely to be of interest to most people.

Bitmessage 0.6.3.2 is a security update.
https://github.com/Bitmessage/PyBitmessage/releases/latest

DrWeb CureIt! 14.07.2020 should be treated as a security update.
https://www.freedrweb.com/download+cureit+free/?lng=en

Hashcat 6.0.0 adds 51 new algorithms, CUDA support, GPU emulation, improved auto-tuning and more. This should be treated as a security update.
http://hashcat.net/hashcat/#downloadlatest

RogueKiller 14.6.1 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.0.7 adds support for WSL, whitelisting from network shares, improves detection of short-lived processes, and resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.28.2 improves syntax highlighting in My Filters and asset viewer, resolves several bugs, and replaces the default filterlists with a new composite list.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.8.0 doesn’t provide a changelog so should be treated as a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Wireless Network Watcher 2.22 updates the internal MAC database and improves the CFG switch. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.26.1 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2020.1.3 adds support for direct publication through TechSmith Knowmia, adds transparency support for color replacement, and resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.0.9.7 adds support for new encodings, adds several new conversion tools, presets, and bug fixes. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 4.3.1 updates libraries. This should be treated as a security update.
https://ffmpeg.org/ffmpeg.html

HandBrake 1.3.3 resolves several bugs. This is not a security update.
https://handbrake.fr/

IsoBuster 4.6 adds a bunch of new features and format supports. This is not a security update.
https://www.isobuster.com/download.php

PDF Creator 4.1 resolves several bugs and improves watermark support. This is not a security update.
https://www.pdfforge.org/pdfcreator

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.6 is a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.6.778 resolves dozens of bugs and improves reliability, adds notifications of website compromise, and improves accessibility. This is a security update.
https://1password.com/downloads/windows/

8GadgetPack 33.0 resolves several bugs, improves high-DPI support, removes defunct widgets. This is not a security update.
https://8gadgetpack.net/

AS SSD Benchmark 2.0.7316.34247 resolves a device access bug. This is not a security update.
https://www.alex-is.de/PHP/fusion/downloads.php?cat_id=4

Autoruns 13.98 now shows the Windows Defender binary as a signed binary. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

Beyond Compare 4.3.5.24893 improves integration and compatibility, and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 1.19.0 improves password concealment, adds soft delete and vault timeouts. This is not a security update.
https://bitwarden.com/

Cygwin 3.1.6 adds support for new socket options, resolves several bugs. This is a security update.
https://cygwin.com/

DesktopOK 7.48 adds SSL to automatic update capability. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.5.101 resolves several bugs, improves UI, and updates libraries. This should be treated as a security update.
https://www.balena.io/etcher/

GoodSync 11.2.5 resolves several bugs and changes licensing…again. This is not a security update.
https://www.goodsync.com/

MS ISO Downloader 8.38 adds support for new images. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 1.9.0.7539 adds controls for Target release, Store pinning, Fast Startup, Fast User Switching, Hardware-accelerated GPU scheduling, Shutdown menu, Variable refresh rate, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.19.1 resolves dozens of bugs and stability issues. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Rufus 3.11 improves compatibility and adds several keyboard shortcuts to toggle behaviors. This should be treated as a security update.
https://rufus.ie/en_IE.html

Sysmon 11.10 now captures ADS content into logs, introduces an is-any filter condition, and fixes several bugs. This is not a security update.
https://live.sysinternals.com/

Sigcheck 2.80 adds an option for specifying a trust GUID for signature verification and now shows certificate signing chains. This is not a security update.
https://live.sysinternals.com/

SimpleWMIView 1.41 adds cell-copying and case-sensitivity filtering. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

TeamViewer 15.7.7 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en/download/windows/

WifiInfoView 2.61 updates the internal MAC addresses list. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 5.81 resolves several bugs and improves rotation support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

ADB 30.0.3 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 4.0.1.0 resolves over a dozen bugs. This is not a security update.
https://developer.android.com/studio

AutoHotkey 1.1.33.01 resolves several bugs and adds encoding, warnings, and version requirement options. This is not a security update.
https://www.autohotkey.com/download/

Godot 3.2.2 makes over 800 changes, adding C# support for iOS, 2D batching for GLES2, re-architecture of the Android plugin system, DRLS support and ENet integration, and better handling of Variants. This is not a security update.
https://godotengine.org/

Java 8u261 is a security update.
https://www.java.com/en/download/manual.jsp

Node.js 14.5.0 resolves dozens of bugs and updates libraries. This is not a security update.
https://nodejs.org/en/

Node.js v12 12.18.2 resolves several bugs and updates libraries. This is not a security update.
https://nodejs.org/en/

SQLite 3.32.3 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

DB Browser for SQLite 3.12.0 improves table editing, conditional formatting, and multi-threading, as well as dozens of other improvements and bug fixes. This is not a security update.
https://sqlitebrowser.org/

Visual Studio Code 1.47.1 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.12-139181 resolves over a dozen bugs and improves hardware compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

PPSSPP 1.10.3 resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

Apache Tomcat 10.0.0-M7, 9.0.37, and 8.5.57 are security updates.
https://tomcat.apache.org/

Coppermine Gallery 1.6.08 improves installation and compatibility. This is not a security update.
https://coppermine-gallery.net/

Dada Mail 11.10.3 improves AWS signature v4 support. This is not a security update.
https://dadamailproject.com/

Drupal 8.8.8 and 8.9.2 are security updates.
https://drupal.org/download

Drupal 9.0.2 resolves dozens of bugs. This is not a security update.
https://drupal.org/download

Joomla 3.9.20 is a security update.
https://www.joomla.org/

phpList 3.5.5 is a security update.
https://www.phplist.org/

ScreenConnect 20.7.29305.7496 resolves several bugs and improves compatibility. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.4.2 is a security update.
https://wordpress.org/

Autoptimize 2.7.3 resolves several bugs. This is not a security update.

BuddyPress 6.1.0 resolves several bugs. This is not a security update.

Contact Form 7 5.2 improves compatibility and resolves several bugs. This is not a security update.

Email Log 2.4.2 resolves several bugs. This is not a security update.

myStickymenu 2.4.3 resolves several bugs. This is not a security update.

Raw HTML 1.6.3 resolves a warning. This is not a security update.

Theme My Login 7.1.1 resolves several bugs. This is not a security update.

W3 Total Cache 0.14.2 resolves several bugs. This is not a security update.

WooCommerce 4.3.0 adds template caching, PHP warnings, improves accessibility, and resolves dozens of bugs. This is not a security update.

WP Mail SMTP 2.2.1 resolves several bugs and improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2018-12-11

Hi, Folks!

It’s Patch Tuesday and since last week was a huge out-of-cycle update (thanks, Adobe!) it’s a pretty small one. We have the regular updates from Microsoft but only a handful of other applications have been patched this week.

The typical computer should see roughly 2gb in updates today. Let’s get started.

Microsoft released updates for Windows, Internet Explorer, .NET, and MSRT (~2gb). This includes security updates. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of Windows 10 (1809) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Intel Driver Update 3.7 adds support for SSD tools, Intel RST, Optane, and resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Firefox 64.0 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 60.4.0 is a security update. Use Menu, Help, About to install the most current version.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 19.010.20064 is a security update. Use Help, Check for Updates to install the most current version.

Nextcloud Desktop 2.5.1 adds compatibility for Nextcloud Server 15 and resolves several bugs. This is not a security update.
https://nextcloud.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 13.0.16 adds signatures. This is not a security update.
https://www.adlice.com/download/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2019.1.0 adds integration to Windows Snipping Tool and Snip & Sketch, and resolves several bugs. This is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Utility Updates

These are unlikely to be of interest to most people.

ControlMyMonitor 1.11 adds an option to export monitor list from the command line. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

GoodSync 9.9.19 adds support for the new GoodSync account. This is not a security update.
https://12pd.com/click?goodsync

FileLocator Pro 8.5.2880 resolves several bugs. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

FolderChangesView 2.26 redesigns the Choose Folder window to improve visibility on low-resolution devices. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

SearchMyFiles 2.90 adds ability to limit results to only folder names. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

SetDefaultBrowser 1.3 improves browser compatibility. This is not a security update.
https://kolbi.cz/blog/2017/11/10/setdefaultbrowser-set-the-default-browser-per-user-on-windows-10-and-server-2016-build-1607/

SetUserFTA 1.7.1 resolves a false AV detection. This is not a security update.
https://kolbi.cz/blog/2017/10/25/setuserfta-userchoice-hash-defeated-set-file-type-associations-per-user/

Autoruns 13.93 adds support for HKCU scanning from CLI and fixes a bug that prevented UserInitMprLogonScript from being scanned. This should be treated as a security update.
https://live.sysinternals.com/

Handle 4.21 fixes a race condition that could cause a bluescreen. This should be treated as a security update.
https://live.sysinternals.com/

ProcessExplorer 16.22 fixes a race condition that could cause a bluescreen. This should be treated as a security update.
https://live.sysinternals.com/

SDelete 2.02 adds a progress filter. This is not a security update.
https://live.sysinternals.com/

Sigcheck 2.71 resolves several bugs. This is not a security update.
https://live.sysinternals.com/

Sysmon 8.2 resolves several bugs. This should be treated as a security update.
https://live.sysinternals.com/

VMMap 3.25 fixes a profiling bug. This is not a security update.
https://live.sysinternals.com/

Developer Updates

These are unlikely to be of interest to most people.

Node.js 11.4.0 is a security update.
https://nodejs.org/en/

Web Package Updates

These are likely to be of interest only to web developers.

Nextcloud Server 15.0.0 is a major update. This version adds social networking, 2FA, security hardening, PDF conversion, collaboration improvements, mobile improvements, performance improvements, full-text search, and more. This adds new security controls, so should be treated as a security update.
https://nextcloud.com/

phpMyAdmin 4.8.4 is a security update.
https://www.phpmyadmin.net/home_page/news.php

Contact Form 7 5.1 adds support for reCAPTCHA v3, Constant Contact integration, and Dark Mode. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2018-10-23

Hi, Folks!

It’s not Patch Tuesday, but updates for Adobe Reader, Java, Chrome, Firefox, Brave, Vivaldi, N++, and others have been released.

The typical computer should see approximately 500mb of updates. Let’s get started.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Crucial Storage Executive 3.6 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/usa/en/support-storage-executive

Intel Driver Update 3.6 resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Logitech Gaming Software 9.02.65 adds support for newer hardware and resolves several bugs. This is not a security update.
https://support.logitech.com/en_us/software/lgs

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 0.25.2 is a security update. Use Help, Check for updates to install the latest version.
https://brave.com/

Google Chrome 70.0.3538.67 is a security update. Use Help, About to install the latest version.
https://www.google.com/chrome/

Firefox 63.0 improves accessibility, adds several features, and resolves a minor bug. This is not a security update.
https://www.mozilla.org/en-US/firefox/

Vivaldi 2.0.1309.42 resolves a crash bug. This is not a security update.
https://vivaldi.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.32.0.53 adds task integration, extends video sharing duration limit, adds drag and drop to share files. This is not a security update.
https://12pd.com/click?skype

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.28.13288 resolves several bugs. This is not a security update.
https://www.origin.com/en-us/download

Steam 2018.10.11 is a security update. Use Steam to update Steam.

PlayStation PS3 4.83 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps3/

PlayStation PS4 6.02 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC Patch 19.008.20080 is a security update. Use Help, Check for updates to get the most current version.

Paint.net 4.1.2 is a security update.
https://www.getpaint.net/

Krita 4.1.5 improves animation, timeline, color picking, adjustment filters and more. This is not a security update.
https://krita.org/en/download/krita-desktop/

Notepad++ 7.5.9 improves Notepad replacement integration and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Wireshark 2.6.4 is a security update.
https://www.wireshark.org/

Gpg4win 3.1.4 adds several new features and resolves bugs. This is a security update.
https://www.gpg4win.org/download.html

RogueKiller 12.13.6 adds detections. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2019.0.0 adds the ability to combine images, simply content, stamp search and several other features. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

CDex 2.10 resolves several bugs. This is not a security update.
https://cdex.mu/?q=download

DVDFab 10.2.1.7 adds support for new encodings and resolves a couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

Java 8u191 is a security update. If you MUST have Java, download here:
https://www.java.com/en/download/manual.jsp

NTLite 1.7.1.6572 adds ComputerName prompt option, controls for new features, improved compatibility with 1809. This is not a security update.
https://www.ntlite.com/download/

GoodSync 10.9.12 improves compatibility, resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

Sigcheck 2.70 validates MSI files for appended content. This is not a security update.
https://live.sysinternals.com/

BgInfo 4.26 now honors AppLocker scripting policy. This is not a security update.
https://live.sysinternals.com/

VMMap 3.22 resolves several bugs. This is not a security update.
https://live.sysinternals.com/

DesktopOK 5.71.1 resolves a startup bug. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

HWMonitor 1.37 adds support for newer hardware, improves performance, and resolves a reliability bug. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

WifiInfoView 2.41 adds support for sending output to StdOut. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

OSForensics 6.1.1002 resolves several bugs, improves compatibility and stability. This is not a security update.
https://www.osforensics.com/download.html

WinScan2PDF 4.44 adds send via email option and improves multifunction scanner detection. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

MySQL 8.0.13 resolves dozens of bugs, improves stability, adds several new syntax and operational features. This should be treated as a security update.
https://www.mysql.com/downloads/installer/

Node.js 10.12.0 incorporates over 200 bug fixes and feature improvements. This is a security update.
https://nodejs.org/en/

Maraura 3.9.6 is a security update.
http://arianne.sourceforge.net/engine/marauroa.html

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 5.2.20-125813 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

phpList 3.3.5 resolves several bugs, improves usability, and adds new statistics options. This is not a security update.
https://www.phplist.org/download-phplist/

Drupal 8.6.2 is a security update.
https://drupal.org/download

Nextcloud Server 14.0.3 resolves several bugs. This is not a security update.
https://nextcloud.com/

Autoptimize 2.4.1 resolves several bugs. This is not a security update.

WooCommerce 3.4.7 resolves a couple bugs. This is not a security update.

WP Edit 4.0.4 improves PHP compatibility. This is not a security update.

WPtouch 4.3.29 is a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/