Updates 2024-11-12

Happy Thanksgiving, Folks!

Today is Patch Tuesday for November, 2024.

Hold the line: do not upgrade to 24H2 yet. There have been quite a few issues. Let everyone else be the guinea pigs.

Windows 10 now has only 11 months of support left. If your computer can not be upgraded to Windows 11 either start planning for a switch to Linux or replacing your computer.

There are critical security updates for all supported Apple products and (as is now the norm) new critical security updates for every browser every single week.

QuickBooks Desktop 2025 will be released later this month, and on November 1st all previous versions of QuickBooks Desktop will be end-of-life (EOL).

Windows Server 2025 has been released. And it’s “accidentally” being force-installed on recent Windows Server builds.

Entrust certificates are being disavowed as soon as today. There have been months to prepare, but this will still kill off about 0.1% of active SSL certificates.

There were 645+ major hacks and over 525 application updates this month.
It’s a huge month, with about 5 GB of updates for most users.

This Month in Technology

1st Credentialing, 1StopBedrooms, 1stUnited Credit Union, 20 Canadian government networks, 5.11, Abbott Laboratories Employees Credit Union, Absolute Machine Tools, Acadian Ambulance Service, Inc, Accounting Resource Group, Acko.ru, Action Heating & Cooling, Adguard Home, ADT, Advanced Accounting & Business Advisory, Advanced Recovery Equipment & Supplies, AeoTec Smart Home Hub, AEP, Air Specialists Heating & Air Conditioning, Al Ahly SC, Al Fajer School, Alliance Laundry Systems, AlpineReplay, Altenen, Amazon, Ambica Steels, American Mechanical, Inc, American Medical Billing, American River College, American Water, Amourgis & Associates, Android, ANU Enterprise, Apache Mills, Inc, Apache Solr, Apex, Apple iPhone, Apple macOS, Arango Billboard, Arctrade, Arkansas Blue Cross and Blue Shield, Asheville Arthritis Centre, Aspen Healthcare, Astac, Atlantic Coast Consulting Inc, Atlantic Medical Management, ATSG Inc, AudoCAD, Australian Nursing Home Foundation, Aviva Spain, Axis Health System, Ayurvedic Herbs Online, Azure AI, Bahrain government, Banco Sucredito Regional, Barnes Cohen and Sullivan, Bel-Air Bay Club Ltd, Belle Tire, Berling.gr, Berridge Manufacturing Co, Bethalto School District, Birth Choice of San Marcos, Blackburn College, Bliss Worldwide, BNBuilders, Boart Longyear, Boston Children’s Health Physicians, Brandenburger Plumbing, Brazil’s SAIC, BrightStar Care, BSN Sports, Bucharest’s District 5 City Hall, Buenos Aires, Burgess Kilpatrick, Bury Council, UK, BWD Technology, By Design LLC, Byerly Aviation, C & C Industries, Caleb & Brown, Calgary Public Library, California Department of Social Services, Call of Duty, Campus.gov.il, Canon imageCLASS MF656Cdw, Cape Cod Regional Technical High School, Cardiology of Virginia, Carolina Arthritis, CAS Software, Casio, Cathexis Holdings LP, Center for Urban Community Services, Central Pennsylvania Food Bank, Central Tickets, Centreon, CGR Technologies, Cheasapeake Regional Information System for our Patients, Inc, Chicago Cardiology Institute, Children’s Health Ireland, Chimienti & Associates, CIIT Wah, Cisco DevHub, City of Sheboygan, CLAS Information Services, Clay Platte Family Medicine, Clayton Properties Group, Clear Connection, ClickFix, Club Vélez Sarsfield, College of Business – Tanzania, Columbus, OH, Comcast, Community Day School, Community Dental in Portland, Compex Legal Services Inc, Compound, Continental Casualty Company, CoPilot, Cordogan Clark and Associates, Cornerstone Healthcare Group Management Services LLC, Corporate Job Bank, Costa Del Sol Hotels, Cottonwood Union School District, Country Club El Bosque, Country Inn & Suites by Radisson, CreaGen Inc, CreditRiskMonitor, Crypto Vеnturе Cаpitаl, CSU Contracting, Cucamonga Valley Water District, CUSO Financial Services, LP, CyberPanel, D-Link routers, Dana Safety Supply, De Rose Lawyers, Delfin Design & Manufacturing, Delta Electronics CNCSoft-G2, Delta Electronics DIAScreen, Delta Electronics InfraSuite, Dennis Kirk, Department of Occupational Safety and Health (Malaysia), Detroit Wayne Integrated Health Network, Devtron, DieTech North America, Dietzgen Corporation, digiDirect, Diligent Delivery Systems, Directorate for Combating Organised Crime, Disney World, DMEScripts, Doctors Regional Cancer Center, DoctorsToYou, DocuSign, Dohman, Akerlund & Eddy, Dome Construction, Doscast, DR Butler and Associates, Dr.Web, Drug and Alcohol Treatment Service, Dstat.cc, Dudley Council, UK, Eagle Industries, Eagle Recovery Associates, Earth 2, Easterseals, EasyPay, Ecovacs, EIGEN Holdings, Elections Nova Scotia, Embody Performance & Recovery, Empower Management Group, English Construction Company, Epicor Software Corporation, Equalize, Equator Worldwide, Ericsson codechecker, ESET, European External Action Service, Evergreen Public Schools, Exeter City Council, Eye Clinic Surgicenter, Fair Vote Canada, Fairfield Memorial Hospital, Falo, Family Medical Center in Mount Airy, Federal Board of Revenue (Pakistan), Fidelity Investments, Firefox, First Nations Health Authority, Fiskars, Fitzgerald, DePietro & Wojnas, FloridaCentral, Floyd County Public Schools, Followmont TransportPty, Food Sciences Corporation, Form I-9 Compliance, Fortinet FortiManager, Fortis, Fractal ID, France’s Ministry of Labour and Employment, Free (ISP), Freedom Home Care, Fromm, Funadmin, Funlab, Fylde Coast Academy Trust, Game Freak, Gandara Mental Health Center, General Physician, PC, German Chamber of Commerce, GitLab, Globe Life, Gluckstein Personal Injury Lawyers, Google Scholar, Goshen Central School District, Grafana, Granite School District, Gryphon Healthcare, GSR Andrade Architects, Guardian Healthcare, H&R Block Canada, Hafetz and Associates, Harris Personal Injury, Hawaii State Judiciary, Health & Palliative Services of the Treasure Coast, Healthcare Management Systems, Healthfund Solutions, Hemel Hempstead Council, UK, Henry County Schools, Henry Schein, Hewlett Packard Enterprise Aruba OS, Holistix Treatment Center, Hope Valley Recovery, Hot Topic, Housing Authority of the City of Los Angeles, Houston Housing Authority, Howell Electric Inc, HP Color LaserJet Pro MFP 3301fdw, Hyundai, IBM Security Verify, Icedrive, IdeaLab, iFocus Consulting, Illumin8 Global, IM Cannabis, Immuno Laboratories, IMPAXX, InCare Technologies, Indian government email, India’s COVID-19 tracking platform, Indonesia’s E-Visa System, Infosys McCamish Systems LLC, Inner City Education Foundation, Insurance Regulatory and Development Authority of India (IRDAI), Interbank, Interbel, International University of Sarajevo, Internet Archive (three times!), Intesa Sanpaolo Bank of Italy, IrfanView, Iron World Manufacturing, Israeli Ministry of National Security, Israeli Ministry of Welfare, Ivanhoe Club, Ivanti Cloud Services Appliance (CSA), Jacksonville Children’s Multispecialty Clinics, Jardine Aviation Services, Jillamy, Johnson & Johnson, Jomar Electrical Contractors, Jordan Ministry of Education, Jordan Public Schools, JS McCarthy Printers, Justice.fr, K&S Tool & Mfg Co, Kaiser Foundation Hospitals, Kaiser Permanente, Kansas City Hospice, Karman Inc, KEE Process, Kenana Sugar Company, KMC Controls, Knox Law Center, Konecta Group, Kubernetes Image Builder, Kuhn and Associates, Kulicke and Soffa Industries, L & B Transport, LLC, La Tazza D’oro, Lampard Community School, Landmark Admin, Laravel Reverb, Law Office of Omar O Vargas, Legacy Treatment Services, Lein Law Offices, Levales Solicitors LLP, LevelOne WBR-6012, Lexco, Lexmark CX331adwe, LG Electronics, LifeMine, Lincoln University, Linux Kernel, Long Island Plastic Surgical Group, Lorex cameras, Loring, Wolcott & Coolidge, LottieFiles Lotti-Player, Luxwood Software Tools, Magento Open Source, Mainelli Mechanical Contractors, Marisa SA, Maval Industries, Maxxis International, Mazda Connect Connectivity Master Unit (CMU), McElroy, Quirk & Burch, APC, McMillan Electric Company, MCNA Dental, MedElite Group, Memorial Hospital and Manor, GA, Mercury Theatre, Meshworks, Metawin, MiCare Health Center, Michael J Gurfinkel, Microlise, Microsoft Bookings, Microsoft SharePoint, Mid State Electric, Middlesborough Council, UK, Minuteman Senior Services (MSS), MiPC Mexico, MIT Technology Review, Mixfame, Mizuno USA, MMI Services, Inc, MMP Union, Model Die & Mold, Moldova’s parliamentary email servers, MoneyGram, Moodle, Mozilla Firefox, Mr. Winter Wheels, Muah.AI, Muskogee City County Enhanced 911 Trust Authority, MVES, MWI Veterinary Supply, Inc, MySQL Connector/Python, Mystic Valley Elder Services, Nagoya Stock Exchange, NARSTCO, National Financial Services, National Institute of Administration, Native Village of Eyak Ilanka Community Health Center, Navarra & Marzano, Neighbors Credit Union, New Law, New York Plastic Surgery, Newpark Resources, Nidec Precision, Niko Resources Ltd, Nikon NEF, NoBroker, Noida Metro, Nokia, Nor-Well, Northeast Professional Caregivers, Northeast Spine and Sports Medicine, NVIDIA Container Toolkit, NVIDIA GeForce, NVIDIA Onyx, NW Health Porter, Okta, Ollama AI, OMA, Omni, OnePoint Patient Care, Open Range Field Services, Opera Browser, Oracle VirtualBox, ORBCOMM, Orbit Software, Inc, Oregon Department of Corrections, ORM Fertility, Orthopedics Rhode Island, OrthopedicsNY, Osmedeus Web Server, Ottawa Valley Handrailing Company, Over a thousand online shops, OwlTing, OxyHealth, OzarksGo, Pacific Pulmonary Medical Group, PAJ GPS, Palm Hills Developments, Palmisano & Goodman, PA, Palo Alto Networks PAN-OS, Panda Security Dome, Paragon Plastics, Parkland Health, Parnell Defense, Paul White Company, PayDo, Paystack, pCloud, Peoria Lawyers, Petropolis Pet Resort, Pheim Unit Trusts Berhad, Philadelphia Macaroni, Philips Smart Lighting, Phoenix Contact EV chargers, Physical Medicine & Rehabilitation Center, Planned Parenthood of Montana, PlayBoy, Portsmouth City Council, UK, Positive Business Solutions, Postcard Mania, PostHog, Potomac Medical Aesthetics, PRC-Saltillo, Precision Steel Services, Preferred Travel Group, Presbyterian Healthcare Services, PrestaShop, PriceBlink, Professional Probation Services, Promise Technology, Inc, Protective Industrial Products, PT Haleyora Power, PTZOptics cameras, Pureflow Airdog, qBittorrent, QEMU, QNAP QHora-322, QNAP TS-464, QNQB, Qualcomm chips, Quest Diagnostics Inc, Racing Forensics Inc, Radiant Capital, Radisson’s Country Inn and Suites, Raeyco Lab Equipment, Raimondo Pettit Group, Rancher, RANEPA University, RDC Control Ltd, Redwood Coast Regional Center, Regional Government of Ica, ReliaQuest, RENIEC, Rhode Island Orthopedic Practice, Ridgewood Public School District, Rim Country Health and Rehabilitation, Riverview Health, Rockstar Games, Rockwool, Rocky Mountain Gastroenterology, Rosen Legal, Roundcube Webmail, Royal Thai Police, RRCA Accounts Management, Inc, Rumpke Consolidated Companies, Russell Law Firm, LLC, Russian Foreign Ministry, Russian State TV VGTRK, S & W Kitchens, Sage Automotive Interior, Saint Xavier University, SalesGig, Salford Council, UK, Samsung, Samsung Galaxy S24, San Joaquin County Superior Court, Sanglier Limited, Sango Family Dentistry, Sarah Bush Lincoln Fayette County Hospital, Saratoga Liquor, Save Mart Supermarkets, LLC, Schneider Electric, Schneider Electric EcoStruxure, Schneider Electric Zelio Soft 2, Schreck Financial Group, Schweiger Transport, Scullion LAW, Seafile, Sector 5, Bucharest, SelectBlinds, SEP, Set Forth, Inc, Seven Counties Services, Shareholders in Hong Kong, Sit & Sleep, Smart Media Group Bulgaria, SmartSource, Smeg, Smile Design Management, Smiles in the Pines, Smitty’s Supply, Smoker’s Choice, Solairus Aviation, LLC, SolarWinds Web Help Desk, Soliant Health, SonicWall firewalls, Sonoma County Superior Court, Sonos Era 300, Sophos Firewall, South China Athletic Association, South West Family Medicine Associates, South-East Technological University Waterford, Spine by Villamil MD, Spirit Lake Community School District, SRS-Stahl GmbH, St Albans Council, UK, St. Anthony Regional Hospital, Stalker Online, Standard Bank, Star Health Insurance, Stark County Criminal Justice Information Systems, Starkweather and Shepley Insurance Brokerage, Steel Art Signs, Strava, StreamCraft, Strike Bowling, Structural and Steel Products, Sumitomo, Summit Pathology and Summit Pathology Laboratories, Inc, Sunrise Express, Suntrust Properties, Superior Quality Insurance Agency, Supply Technologies, Surfnet Communications, Survival Flight, Inc, SVP Worldwide, Swalekha.in, Switch, Symetra Life Insurance Company, Symfony, Sync, Synology BeeStation, Synology DiskStation, Synology TC500, Systems Application & Technologies Inc, T-Space, Tameside Council, UK, TargetMaps, TaxPros of Clermont, TDM Technical Services, TEAM Software, Texas Department of Public Safety, Texas Spine Consultants, Texas Tech University Health Sciences Center, The Club Penguin Experience, The Getz Group, The Knesset, The Law Offices of Jed Silverman, The Nolan Financial Group, The Physical Medicine & Rehabilitation Center, PA, The Povman Law Firm, The Strainrite Companies, Therabel Lucien Pharma SAS, TheraCom, ThinkPHP, Thompson Coburn, Tiketek, TNAFlix, Toro Enterprises, Inc, Totally Promotional, Tower Clock Eye Center, TrackMan, Trafford Council, UK, Transak, Trend Micro Cloud Edge, Trend Micro Deep Security, Tresorit, Tri-City Healthcare District, Tri-City Medical Center, Tricon Energy, Trimarc Financial, Trimble SketchUp, True World Group, TrueNAS Mini X, TrueNAS X, Truist Bank, TU Parks, Tungsten Automation Power PDF, TV Guide Magazine, Ubiquiti AI Bullet, UK Ambulance Services, UK Biobank, Ultra Tune, United Sleep Diagnostics, Universal Companies, Universal Health Corporation, Universal Music Group, University Medical Center, University of California, Unlimited Lawn Care, US Customs and Border Protection, Uttarakhand State Data Center, Valleygate Dental Surgery Centers, Value City NJ, Van Wagner Group, LLC, Varsity Brands, VasTopUp, Venezuelan Government, VeriSource Services, Inc, Verizon Wireless, Vermilion Parish Schools, VimeWorld, Visionworks of America, Inc, VMware HCX, VMware vCenter Server, Volkswagen, Volta River Authority, Wacom Center, Washington courts, Wayne County, Webb Institute, Weber Packaging, Weiser Memorial Hospital, Well Chip Group, Wellfleet Group, Wells Fargo, Western Sydney University, Westwood Country Club, Wetherby Town Council, Wexford County, WhatsUp Gold, Whitaker Construction Group, Wichita County, Wilson & Lafleur, Wilson Tarquin, WimCoCorp, Windows Driver Signature, Windows Themes, Winestyle, Winnebago Public School Foundation, WordPress Jetpack, WordPress LiteSpeed Cache, X.Org Server, Youngs Timber Builders Merchants, Z-lib, Zalo.vn, Zamalek Club, Zendesk, ZicroDATA, Zierick Manufacturing Corporation, and Zimbra GraphQL have reported hacking or compromises this month.

Calgary Public Library, DHL, Microsoft, Serco, and The Internet Archive have suffered from outages this month.

Last months updates broke Microsoft 365 Outlook, Microsoft Azure Virtual Desktop, Microsoft OneDrive, Microsoft’s “New” Outlook, OpenSSH on Windows Server, Windows 10, and Windows Remote Desktop.

Never again use a third-party charging cord. Treat your USB ports with more concern.

Half of US county websites can be spoofed.

iPhones will now force restart after idle in order to reencrypt data.

Now for the good news:

The Mozilla Foundation has finally dropped their advocacy division. Unfortunately, they’ll be rolling it into their other programs. It still could mean that tech companies might actually start prioritizing their tech instead of politics or other agendas.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released 98 updates to address 88 vulnerabilities in .NET and Visual Studio, airlift.microsoft.com, Azure CycleCloud, Azure Database for PostgreSQL, LightGBM, Microsoft Defender for Endpoint, Microsoft Edge, Microsoft Office SharePoint, Microsoft PC Manager, Microsoft SharePoint Server, Microsoft SQL Server, Microsoft Virtual Hard Disk (VHDX), Microsoft Virtual Hard Drive, Microsoft Windows DNS, Microsoft Windows VMSwitch, TorchGeo, Visual Studio, Visual Studio Code, Win32k Elevation of Privilege Vulnerability, Windows Active Directory Certificate Services, Windows CSC Service, Windows Defender Application Control, Windows DNS, Windows DWM Core Library, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows NT OS Kernel, Windows NTLM, Windows Package Library Manager, Windows Registry, Windows Secure Kernel Mode, Windows SMB, Windows SMBv3 Client/Server, Windows Telephony Service, Windows Update Stack, Windows USB Video Driver, Windows VMSwitch, Windows Win32 Kernel Subsystem, Winlogon, and MSRT. This includes security updates. A reboot is required.

Oracle released 334 security updates this quarter to address vulnerabilities in 109 applications and service.

Apple released updates for iOS 17.7.1, iOS 18.1, iPadOS 17.7.1, iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, Safari 18.1, tvOS 18.1, visionOS 2.1, and watchOS 11.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.7.1 and 18.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7.1 and 18.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.1 is a security update. Use System, Software Update to install the most current version.

visionOS 2.1 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 130.0.6723.101 and Google Chrome OS LTS 126.0.6478.257 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 41-1.4 is a major update, adding many new features, removing unsupported and deprecated tools and applications, and hardening the operating system. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.10.1 resolves several bugs and improves stability. This is not a security update.
https://www.amd.com/en/support

Intel Driver and Support Assistant 24.5.40.11 resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Nvidia Driver 566.03 resolves several bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

UniFi AC Professional 6.6.77 resolves several bugs and improves performance, reliability and stability. This is not a security update.
https://www.ui.com/download/software/uap-ac-pro

UniFi airMAX NanoStation 5AC Loco 8.7.14 resolves several bugs. This is not a security update.
https://www.ui.com/download/software/loco5ac

UniFi Network Server 8.6.9 improves SIEM integration, dozens of improvements and bug fixes. This is a security update.
https://www.ui.com/download/releases/network-server

UniFi U6 Professional 6.6.77 resolves several bugs and improves performance, reliability and stability. This is not a security update.
https://www.ui.com/download/software/u6-pro

VIISAN OfficeCam 7.2.4.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Xerox Smart Start 2.1.22.0 doesn’t provide a detailed change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.71.123 is a security update.
https://brave.com/

Firefox 132.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.4.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 130.0.6723.116 is a security update.
https://www.google.com/chrome/

Vivaldi 7.0.3495.6 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

ProtonMail (Android) 4.2.1 resolves several bugs. This is not a security update.
https://proton.me/mail/download

Spark 3.17.11.89740 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.12.90683 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.4.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 8.1.4 improves compatibility and requires re-granting persmissions. This is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.59 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.11.0 resolves dozens of bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 211.4.6008 doesn’t provide a change log so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.68.1 resolves several bugs. This should be treated as a security update.
https://filezilla-project.org/

FileZilla Server 1.9.4 resolves several bugs, including improved Let’s Encrypt compatibility.
https://filezilla-project.org/

FreeFileSync 13.8 adds SFTP support for IPv6, improves copmatibility and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 99.0 *finally* adds differential uploads, which will save huge amounts of bandwidth for large files with minor changes. This is not a security update.
https://drive.google.com/start

MeshCentral 1.1.33 resolves dozens of bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.27855 improves BYOD and audio source detection. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.2 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.14.32.3 resolves a dozen bugs and improves the GUI. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Signal 7.32.0 improves performance, bulk downloads, and adds Call Links. This is not a security update.
https://signal.org/download/

Signal (Android) 7.23.1 adds chat folders. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.28.0 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 13.1.1 resolves several bugs and improves protocol support. This is not a security update.
https://technitium.com/dns/

Telegram 5.7.2 resolves over a dozen bugs. This is not a security update.
https://telegram.org/

Zoom 6.2.7.49583 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.11 improves compatibility. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.5 resolves several bugs. This is not a security update.
https://www.bitwig.com/download/

iTunes 12.13.4.4 is a security update.
https://www.apple.com/itunes/download/

KaraFun Player 3.2.2.56 resolves a dozen bugs. This is not a security update.
https://www.karafun.com/karaokeplayer/

Plex Desktop 1.104.0.241 now includes an advertising consent popup.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.1.9057 improves hardware-encoding for DVR, media support, and metadata. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.44.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21.3 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 19.0.1 improves compatibility. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.101 resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.11.05 adds Steam Game Recording and resolves dozens of bugs. As of this version Windows 7 and 8 are no longer supported. These end-of-life operating systems can continue to use the prior build (for now). https://help.steampowered.com/en/faqs/view/4784-4F2B-1321-800A
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.11.06 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe After Effects 24.6.3 & 25.0 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb24-85.html

Adobe Audition 24.6.3 and 25.0 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-83.html

Adobe Bridge 14.1.3 and 15.0 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-77.html

Adobe Commerce 3.2.6 is a security update.
https://helpx.adobe.com/security/products/magento/apsb24-90.html

Adobe Illustrator 28.7.2 and 29.0.0 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-87.html

Adobe InDesign 18.5.3, 18.5.4 and 20.0 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-88.html

Adobe Photoshop 24.7.4 and 25.12 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-89.html

Adobe Reader DC 24.004.20243 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Substance 3D Painter 10.1.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-86.html

Audacity 3.7.0 resolves more than a dozen bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 4.2.3 resolves dozens of bugs. This is not a security update.
https://www.blender.org/download/

Calibre 7.21.0 resolves over a dozen bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.1.3 resolves several bugs. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Inkscape 1.4 resolves several bugs. This is not a security update.
https://inkscape.org/release/

Kdenlive 24.08.3 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

LibreOffice 24.2.7 resolves over 50 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.11.11.1937 resolves several bugs and improves inventory support. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.14.3 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7.1 resolves a couple bugs. This is a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.4.3.391 resolves almost a dozen bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_41 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_49 doesn’t provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

Google Chrome OS 130.0.6723.101 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 41-1.4 is a major update, adding many new features, removing unsupported and deprecated tools and applications, and hardening the operating system. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

iOS 18.1 is a security update.
https://support.apple.com/kb/HT204204

iPadOS 18.1 is a security update.
https://support.apple.com/kb/HT204204

macOS 15.1 is a security update.
https://support.apple.com/kb/HT201541

Tails 6.9 is a security update.
https://tails.net/install/download/index.en.html

tvOS 18.1 is a security update.
https://support.apple.com/kb/HT202716

watchOS 11.1 is a security update.
https://support.apple.com/kb/HT204641

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.10.1 resolves several bugs. This is not a security update.
https://github.com/countercept/chainsaw

FRST 2024.11.12 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

FSS 2024.10.30 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

HTTP Toolkit 1.19.1 doesn’t provide a change log so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 5.2.1.144 resolves several bugs and hardens security controls. This should be treated as a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.4.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.5.0 improves WireGuard connectivity and improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.19.2 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.215 adds support for new detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

uBlock Origin 1.61.0 resolves over a dozen bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.0 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

PDF Creator 5.3.2 resolves several bugs and updates libraries. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.2.0.4 adds support for new sources and resolves several bugs.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.7 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.9 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.52 resolves a dozen bugs. This is not a security update.
https://1password.com/downloads/windows/

AppResourcesUsageView 1.06 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/app_resources_usage_view.html

balenaEtcher 1.19.25 updates SDK. This is not a security update.
https://etcher.balena.io/

Beyond Compare 5.0.3.30258 improves shell menu, updates libraries and resolves dozens of bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2024.10.4 resolves several bugs and improves auth methods and recovery. This is not a security update.
https://bitwarden.com/

CCleaner 6.29.11342 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.12 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Dell OS Recovery Tool 2.4.1.2181 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 11.45 improves configuration and language files. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.95.0 resolves several bugs and updates libraries. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-11-11 improves compatibility and adds a couple new features. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

ESEDatabaseView 1.75 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html

Etcher 1.19.25 updates SDK. This is not a security update.
https://www.balena.io/etcher/

ExplorerPatcher 22621.4317.67.1 improves compatibility. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fing 3.7.2 improves network insights and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.9.2 adds support for iOS 18 and iPhone 16. This is not a security update.
https://www.fonetool.com/download.html

Free Virtual Serial Ports 6.20.00.1466 adds support for virtual script ports and resolves a compatibility bug. This is not a security update.
https://freevirtualserialports.com/

GoodSync & GoodSync2Go 12.7.7 resolves several bugs and improves compatibility. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.6 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

GSmartControl 2.0.0 is a major update, reduces dependencies, improves input/output and scaling support. This is not a security update.
https://gsmartcontrol.shaduri.dev/

Homedale 2.14 is a cosmetic change. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.14 adds support for newer hardware, improves output details, and logging. This is not a security update.
https://www.hwinfo.com/download/

Memtest86+ 7.20 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.memtest.org/

MultiMonitorTool 2.15 improves compatibility and adds monitor position support. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NTLite 2024.11.10163 adds support for new components and resolves a couple bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1015 updates libraries, resolves a crash bug and improves clarity for sparse records. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.14.1 resolves several bugs. This is not a security update.
https://osquery.io/downloads

PowerToys 0.86.0 resolves several bugs and improves Advanced Paste, Workspaces, Mouse Jump and more. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.6.3 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 4.6 improves compatibility and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 24.3.7.9067 resolves several bugs. This is not a security update.
https://screenconnect.connectwise.com/download

Starwind V2V Converter 9.554 adds support for new disk image formats. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

TeamViewer 15.59.3 adds AI log generation, improved address book, reporting and a dozen bug fixes. This is not a security update.
https://www.teamviewer.com/en-us/download/

WhyNotWin11 2.6.1.1 adds TSV, improved logging, and resolves a couple bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WifiInfoView 2.95 improves error reporting. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinGet 1.9.25180 resolves more than 100 bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 9.11 improves compatibility and resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.22 adds MTP/PTP device support, improves compatibility, scaling support and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.2.1.11 resolves several bugs. This is not a security update.
https://developer.android.com/studio

DB Browser for SQLite 3.13.1 resolves several bugs. This is not a security update.
https://sqlitebrowser.org/

GDevelop 5.4.217 resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.9 resolves several bugs and updates libraries. This is not a security update.
https://desktop.github.com/

Go 1.23.3 resolves several bugs. This is not a security update.
https://go.dev/

Java 8u431 is a security update.
https://www.java.com/en/download/manual.jsp

Microsoft Visual C++ 2017 Redistributable 14.16.27052.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Microsoft Visual C++ 2019 Redistributable 14.29.30156.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Microsoft Visual C++ 2022 Redistributable 14.40.33816.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

MySQL ConnectorNet 9.1.0 resolves several bugs, including crash bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

Node.js 22.11.0 is a security update.
https://nodejs.org/en/

Node.js 23.2.0 is a security update.
https://nodejs.org/en/

Redemption 6.6.0.6338 resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

SQLite 3.47.0 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.17.0.2 improves compatibility. This is not a security update.
https://tortoisegit.org/

TortoiseSVN 1.14.8 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.95.2 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.44 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.4 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.19 is a security update.
https://invisioncommunity.com/

Joomla 5.2.1 is a security update.
https://www.joomla.org/

Piwigo 15.1.0 is a security update.
https://piwigo.org/

Antispam Bee 2.11.7 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

BuddyPress 14.2.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 6.0 provides more than a dozen code and feature changes. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.11.2 resolves a charset bug. This should be treated as a security update.
https://wordpress.org/plugins/duplicator/

Interactive World Map 3.4.8 is a security update.
https://wordpress.org/extend/plugins/interactive-world-map/

Sucuri Security 1.9.6 improves reporting and log behavior. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WordPress Importer 0.8.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

WP Plugin Update Checker 5.5 resolves a couple bugs and improves debug and ZIP support. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

WPBakery 8.0 adds new features, improves controls, and resolves several bugs. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-10-08

Welcome back, Folks!

Today is Patch Tuesday for October, 2024.

Windows 11 24H2 is out. So is macOS 15/Sequoia. iOS 18, iPadOS 18, tvOS 18, watchOS 11, and visionOS 11 are out now.  The first set of security updates for each of these are released now, too.

All versions of Windows 11 prior to 23H2 are no longer be supported. Upgrade to 23H2 now, then do not upgrade to 24H2, yet. Let everyone else be the guinea pigs. It’s already showing quite a few issues.

All versions of macOS prior to 13/Ventura are no longer supported. If you can’t upgrade your Mac to Ventura you need to permanently take it offline and/or replace it.

Windows 10 now has only 12 months of support left. If your computer can not be upgraded to Windows 11 either start planning now for a switch to Linux or replacing your computer.

There were 505+ major hacks, and over 395 application updates this month. It’s an enormous month, with about 4 GB of updates for most users.

This Month in Technology

4B Components, 5.11 Tactical, A1 Mobile Locksmith, Access Ambulatory Surgery Center, LLC, Access Sports, Accurate Railroad Construction Ltd, Acuity Advisor, Adobe Acrobat Reader DC, Adobe After Effects, Adobe Audition, Adobe Commerce & Magento stores (5% of all their commerce sites!!!),  Adobe Media Encoder, Adobe Photoshop, Adobe Premiere Pro, ADT, Advanced Sterilization Products, Inc, Affirm Agency, AFP, air-gapped government systems, Akromold, Al Rajhi Bank, Albany College of Pharmacy, Alliance, Ally Bank, Alshaya Group, Altman Plants, Alvan Blanch, American Water Works, Amgen Inc, Amplitude Laser, Andamen, Andantex USA, Anniversary Holding, Apache Avro, Apache HugeGraph-Server, Apex Softcell, Aramark myPay, Arc browser, Arelance Group, Around the Clock Companies, Asheville Arthritis and Osteoporosis Center, PA, AT&T, ATG Communications Group, Atrium Health, Autel Maxicharger, Auto Recyclers, AutoCanada, Autodesk Navisworks Freedom DWF, automatic storage tank gauge (ATG) systems (6 models), Avi Resort & Casino, Avis, Balboa Bay Club Ventures LLC, Banana Gun, Bangladeshi government, Barbados Revenue Authority, Barnes & Cohen, Batcom, Battle Lumber Co, Bay Ridge Automotive Management Group, Bazooka, Bel-Air Bay Club, BELL DATA, Inc, Benny Gantz, Bethalto Community Unit School District, Betterhalf, Bharat Petroleum, BingX, Bloom Hearing Specialists, Blundstone USA Inc, BNBuilders, BotSpace, Branhaven Chrysler Dodge Jeep Ram, Brechbuhler Scales Inc, BroadGrain Commodities, Broward Realty Corp, Brown Bottling Group, Brown Integrated Logistics, Brunswick Hospital Center, BSH Soft, BudTrader, C&L Ward, CaleyWray, Calibrated Healthcare, LLC, California Department of Social Services, Cameroon’s pension fund, Canstar Restorations, Capgemini, Capital Printing, Carlile Group, Cascade Columbia Distribution, Casino Fandango, Casio, Caterpillar Inc, Cellular Plus, CentralTickets, CF Medical, Charles Darwin School, Chernan Technology, ChiceDNA, Chinese government, a Chinese government botnet, Chrome, Chunghwa Telecom Data, Cincinnati Public Schools, City of Aberdeen, WA, City of Forest Park, City of Pleasanton, CA, City of Richardson, TX, CK Associates, CKS Packaging, Classic Business Products, CobelPlast, Cohesive Networks VNS3, Comcast Cable Communications, Community Clinic of Maui, Inc, Community Hospital of Anaconda, Compass Group, Concord Management Services, Condere IP, Conductive Containers, Inc, Connally Memorial Medical Center, Control Panels USA, CopySmart LLC, Corantioquia, Creative Consumer Concepts, Creative Playthings, CrediHealth, Crown Mortgage Company, CSG Consultants, D-Link routers, DATASUS, Daughterly Care, David’s Bridal, Del Valle Independent School District, Delaware Library system, Dell (twice in a week),  Deloitte, Delta Prime, Department of Foreign Affairs (DFA), Philippines, DETRAN, Detroit Public TV, Diamond Contracting, LLC, Didi Chuxing, digiDirect, Dimensional Merchandising, DINAS Corp, Divine Interprises INC, DJH Jugendherberge, Domain Industries, DotPe, DPC DATA, Dr. Web, DrayTek routers, Dreyfuss + Blackford Architecture, Duopharma Biotech, Dutch Police, EasyMPS, Edge Imaging, eFile.com, EigenLayer, Elgin Separation Solutions, Elitecare Emergency Hospital, Elitecare, Empereon Marketing, English Football League, Enterprise Outsourcing, EnviroNET Inc, Environmental Code Consultants Inc, Erasmus+, ETC Companies, Ethena Labs, Eurobulk, Evans Distribution Systems, Experience Engine, Express Services, Fabrica Industrial Machinery & Equipment, FastStone Imave Viewer, Fazenda Brazil government, FBCS, Fedbank Financial Services, Feeld, Feldstein & Stewart, Fireworks Software, First Choice, Fleet Equipment, FoccoERP, Forshey Prostok LLP, Fortinet, Fortive, Foundation, Foxit PDF Reader, Freshstart Credit Repair, Frigocenter, Fritzøe Engros, FTV Employment Services LLC, Fylde Coast Academy Trust, G/S Solutions, Galloway MacLeod, Games Box, GameVN, Garvey, GenPro Inc, GitLab, GNOME Project G, GoDaddy, Golden Age Nursing Home, Gough Construction, Graminex, Graybill Medical Group, Greene Acres Nursing Home, Guerriere & Halnon, GW Mechanical, Hair Club for Men, Hamel Cranial Chiropractic & Wellness INC, Harvard Pilgrim Health Care, Harvey Nichols, HDI, Hertz, Hezbollah, Hindle Group, Holmes & Brakel, Howard CPAs, HPE Aruba Networking, Hughes Gill Cochrane Tinetti, Hunter Dickinson Inc, HuntStand, I-MED, Ibermutuamur, ICBC London, IDEALEASE INC, Idre Fjäll, Indian Supreme Court, Indodax, Infosys McCamish Systems, Instituto Nacional de Deportes de Chile, Insurance Agency Marketing Services, Inc, InteriorWorx Commercial Flooring, iOS Password Manager, 260,000 IoT devices (Raptor Train), Iron Metals, Isola, Israel Defense Minister, Israel Foreign Affairs Minister, Israel Harel Insurance, Israel Prime Minister, an Israeli analytics company, Israeli defense companies, Israeli Industrial Batteries, Istrail, Italian Ministry, Ivanti Cloud Services Appliance, Ivanti Endpoint Manager, Ivanti Workspace Control, Jackson Paper Manufacturing, Jacobsen Construction Co, Inc Health Plan, Joe Swartz Electric, Johnson & Wales University, JTaylor & Associates LLC, Juice Generation, Kawasaki Motors Europe, Keller Williams Realty Group, Kennedy Funding, Keuka College, Keya Accounting and Tax Services LLC, Kia dealer portal, Kia vehicles (again), KintApp, Kravit, Hovel & Krawczyk SC, KukuFM, Kuwait Health Ministry, LA Financial Federal Credit Union, Labib Funk Associates, Ladov Law Firm, Lakeland Chamber, Lancaster Royal Grammar, three-quarters of law firms (which explains a lot of the hacks this month), Law Offices of Michael J Gurfinkel, Inc, Lawrie Insurance Group, Lee Hoffoss Injury Lawyers, LEGO, Lenovo Service Bridge, Liberty First Credit Union, Local 1964 ILA Health & Insurance Fund, Lumen Technologies, Luso Cuanzа, Lyomark Pharma, MacGillivray Law, macOS graphics driver, macOS video decoder, Magenta Photo Studio, Malwarebytes Antimalware, Markdom Plastic Products, Maryville Academy, Mattson Technology, Inc, Max Shop, MC2 Data, McAbee Construction, Inc, McCarty Company, MCNA Dental, MDSi INC, MediCheck, MedReview, Messe C, Miami Dolphins Forum, Michigan Masonic Home, Michigan Medicine, Microsoft Azure API Management, Microsoft C++ redistributable, Microsoft Pragmatic General Multicast Server, Microsoft SharePoint, Microsoft Windows, Microsoft Windows 10 AllJoyn Router Service, Microsoft Windows Internet Explorer, Microsoft Windows SmartScreen, Mile Hi Foods, MIPS Holding, Inc, Mobility Compare, Model Engineering, Moeller Door and Window, MoneyGram, Mozambique Election System, Mt. Carmel Behavioral Healthcare, Muskogee City County Enhanced 911 Trust Authority, mySCADA myPRO, NASA, New Electric, New River Electrical, New York Sports Club, Noble Environmental, North American Breaker, Nova Sinseg, Nusser Mineralöl GmbH, NVIDIA Container Toolkit, Octapharma Plasma, OffRoadAction, Omega Industries, One Point HR Solutions, Onyx, OpenAI, OpenPLC_v3 Runtime, Optigo Networks ONS-S8, Oracle WebLogic, Pacific Coast Building Products, Pacific Islands Forum, Fiji, Pacific Scientific Energetic Materials Company LLC, Palomar Medical Group, PaperCut NG, Partners Air, Patelco Credit Union, Patrick Sanders Company, PDF-XChange Editor, Pearl Cohen, Peerless Umbrella, Performance Food Centers, Performance Therapies, PetEdge, Pete’s Road Service, PetroChina, Physical Medicine & Rehabilitation Center, Piggly Wiggly, Plaisted Companies, Plastics Plus, Plumbers Stock, Port of Seattle/Seattle-Tacoma International Airport (SEA), Power Torque Services, PRC-Saltillo, Premier Packaging, Prentke Romich Company, Progress Software WhatsUp Gold, Pureform Radiology Center, Qualcomm DSP, Quantum Healthcare, Raaga, Rackspace, Radio Geretsried, 19 UK railway stations, Ranveer Allahbadia, Reading Train Station, Red Barrels, Repsol, Research Electronics International, Reutter, Richland County, WI, Richmond Auto Mall, Richmond Community Schools, Riley Gear Corporation, Rim Country Health and Rehabilitation, Ring Power, River Delta Unified School District, River Region Cardiology Associates, Riverside Resort Casino, Rob Levine & Associates, Robson Planning Group Inc, Rockwell Automation PLC Software, Sacred Heart Catholic School, Sage Home Loans Corporation, SaniRent, Satia Group, Savannah Candy, Schäfer, dein Bäcker GmbH & Co KG, Scranton School District, Sellafield, ServiceNow, Shenango Area School District, Sherr Puttmann Akins Lamb PC, Shezmu, Shin Bet, ShoreMaster, Signature Healthcare Services LLC, siParadigm LLC, Slim CD, Smart Buy, Smart Source, Inc, 2,700 “smart” devices in the Netherlands, SolarWinds Access Rights Manager, Solutii Sistemas, Sono Bello, Southeast Cooler, Southern Bone, SpaceX, Spectrum Industries, Sportstech, spWETH Wallet, Star Blizzard, Star Health (India), Stillwater Mining Company, Storck-Baugesellschaft mbH, Structural Concepts, Sub-Zero, Wolf, and Cove, Sunrise Farms, Synnovis, TANYA Creations, TeamViewer, TeleHealth Center (India), Temu, Tewkesbury Borough Council, Thai Honda Manufacturing, The Gill Corporation, The Maids International, The Rubber Resources, The Superior Court of California, The Tech Interactive, Theresa Gordon Tax Services, Inc, Think Simple, Thomas Lloyd, Thompson Construction Supply, TIAA, Title Financial Corporation, Total Electronics, TOTVS, Toyota, TradeZero America Inc, Transport for London, Transtec SAS, TransUnion Risk and Alternative Data Solutions, Inc, Travel Alberta, TRC Worldwide Engineering, Trend Micro Deep Discovery Inspector, True Family Enterprises, Truflation, Truist Bank, Trump campaign, Tuttle-Click Automotive Group, Twilio, Uber Eats, UCC Retreivals, United Animal Health, Universal Music Group, University Medical Center, University of Minnesota Orthodontics, US Centers for Medicare and Medicaid Services, US Congress, US Dermatology Partners, UT Southwestern Medical Center, Uttarakhand (India) government, Veertu Anka Build, Verizon, Vermilion Parish Schools, Versa Director, VGTRK, Vickers Engineering, Vidisco, Virginia Dare Extract Co, Visionary Homes, Visteon Infotainment System, VMware vCenter Server, Ward Transport, Wayne County, MI, WazirX, We Level Up Treatment Lake Worth, Weiser Memorial Hospital, Weldco-Beales Manufacturing, Wells Fargo, Western Digital MyCloud PR4100, WhatsApp, Wichita Police, Wilmington Convention Center, Wilson & Lafleur, Wisconsin Physicians Service Insurance Corp, Woodard, Hernandez, Roth & Day, WordPress Houzez Login Register plugin, WordPress Houzez theme, WordPress LiteSpeed Cache Plugin, Wright, Moore, DeHart, Dupuis & Hutchinson, LLC, Young Consulting LLC, and Zimbra email servers have reported hacking or compromises this month.

AFP, AT&T, Cloudflare, Confidant Health, Dr. Web, Google CloudImposer, Highline Public Schools, MoneyGram, PlayStation Network, Port of Seattle, Providence Public Schools, State Data Center (India), Verizon, and WP Engine have suffered from outages this month.

Last months updates broke M4 iPad Pro devices, macOS Sequoia VPN & antivirus software, Microsoft 365 apps, Microsoft Outlook mail vs nested folders, Microsoft Word (serious – Word deletes your files if they have mixed case extensions!), Windows 11 24H2 BSODs, Windows 11 24H2 gaming performance, Windows 11 24H2 license activation, Windows reboots, and Windows USB & Bluetooth.

In other news

The Internet backdoor mandated by US federal law has been hijacked by China (Salt Typhoon) and is being actively exploited again across several phone providers. It’s not good.

Almost 3 in 5 of breached UK firms admit to paying ransom on demand. An insane 92% of healthcare firms in the US were hit by cyberattacks this year.

Now that “exploding pagers” (and more) are a thing, will people start to take supply chain and physical security seriously?

Fearing exposure of weak security processes, Apple has moved to dismiss their lawsuit against NSO Group.

Now for the good news

Discord has added end-to-end encryption for audio & video calls.

NIST has finally scrapped their complexity and change frequency recommendations. The math on these recommendations simply doesn’t add up.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is enormous this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released 65 updates to address 121 vulnerabilities in .NET Framework, .NET, Azure CLI, Azure Monitor, Azure Stack, BranchCache, Code Integrity Guard, DeepSpeed, Internet Small Computer Systems Interface (iSCSI), Microsoft ActiveX, Microsoft Configuration Manager, Microsoft Defender for Endpoint, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Management Console, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office, Microsoft Simple Certificate Enrollment Protocol, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Speech, OpenSSH for Windows, Outlook for Android, Power BI, Remote Desktop Client, RPC Endpoint Mapper Service, Service Fabric, Sudo for Windows, Visual C++ Redistributable Installer, Visual Studio Code, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows BitLocker, Windows Common Log File System Driver, Windows Cryptographic Services, Windows cURL Implementation, Windows EFI Partition, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows Kernel-Mode Drivers, Windows Local Security Authority (LSA), Windows Mobile Broadband, Windows MSHTML Platform, Windows Netlogon, Windows Network Address Translation (NAT), Windows NT OS Kernel, Windows NTFS, Windows Online Certificate Status Protocol (OCSP), Windows Print Spooler Components, Windows Remote Desktop Licensing Service, Windows Remote Desktop Services, Windows Remote Desktop, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Scripting, Windows Secure Channel, Windows Secure Kernel Mode, Windows Shell, Windows Standards-Based Storage Management Service, Windows Storage Port Driver, Windows Storage, Windows Telephony Server, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for Apple TV 1.5.0.152 for Windows, iOS 17.7, iOS 18, iOS 18.0.1, iPadOS 17.7, iPadOS 18, iPadOS 18.0.1, macOS Sequoia 15.0.1, macOS Sonoma 14.7, macOS Ventura 13.7, Safari 18, Safari 18.0.1, tvOS 17.6.1, tvOS 18, visionOS 2, visionOS 2.0.1, watchOS 10.6.1, watchOS 11, watchOS 11.0.1, and Xcode 16. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7, 18, and 18.0.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.6.1, 11, and 11.0.1 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 18 is a security update. Use System, Software Update to install the most current version.

visionOS 2 and 2.0.1 are security updates. Use System, Software Update to install the most current version.

Google Chrome OS 128.0.6613.163, 129.0.6668.80, and ChromeOS LTS 126.0.6478.254 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.9.1 improves hardware compatibility, game support, resolves several bugs and expands Vulkan extensions. This is not a security update.
https://www.amd.com/en/support

TP-Link Archer AX55 v1 240628 improves mesh and configuration controls. This is not a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

goxlr-utility 1.1.4 resolves several compatibility and reliability bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

UniFi Network Server 8.4.62 resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.2.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.70.123 is a security update. Use Help, About to install the most current version.
https://brave.com/

Google Chrome 129.0.6668.100 is a security update. Use Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 129.0.2792.79 is a security update. Use Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 131.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.3.0 is a security update. Use Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 6.9.3447.51 is a security update. Use Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.14.0 is a security update.
https://getmailspring.com/

ProtonMail (Android) 4.0.22.1 resolves a major stability bug. This is not a security update.
https://proton.me/mail/download

Spark 3.17.9.86866 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.9.86865 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.3.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.1.0 resolves dozens of bugs and improves stability. This is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.1.2 is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.58 resolves an export bug. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.10.1 resolves over a dozen bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 209.4.3661 does not provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.6.0.24.211 is a security update.
https://www.messenger.com/download

FileZilla Server 1.9.2 resolves a bug in the update engine. This is not a security update.
https://filezilla-project.org/

Google Drive 98.0 is a security update.
https://drive.google.com/start

MeshCentral 1.1.32 is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.26062 improves onboarding flow and allows external presenters to join from mobile platforms. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 30.0.0 is a major update, updating libraries, minimum requirements, and resolving more than a hundred bugs. This is a security update.
https://nextcloud.com/

Npcap 1.80 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Rclone 1.68.1 improves compatibility and resolves several bugs. This is not a security update.
https://rclone.org/

Signal 7.27.0 adds several new display options for media, groups and restores ability to search stored messages from groups you’re no longer part of. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.18.2 adds ability to search for emoji. This is not a security update.
https://signal.org/android/apk/

Technitium DNS Server 13.0.2 resolves protocol bugs. v13 adds several other new DNS features and controls including ZONEMD, RP, Catalog Zones and improved logging. This is not a security update.
https://technitium.com/dns/

Telegram 5.6.1 resolves dozens of bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 11.1.3 resolves dozens of bugs. This is not a security update.
https://telegram.org/apps

Zoom 6.2.3.47507 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.10 resolves a couple bugs and improves lip sync. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.4 resolves over 20 bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 264 adds auto-play toggle, allows you to control rotation sensitivity, reverse rotation, and resolves several bugs and compatibility issues. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.3.2 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.102.0.230 resolves a couple bugs and adds an advertising consent notice. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.67.1.233 updates web engine. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.41.0.8994 adds support for external subtitles, improved ad detection, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.31.04 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 19.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.920 improves stability. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.09.17 changes the terms of use and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.10.03 improves Wi-Fi 7 compatibility. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.8 and 24.0.5 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-76.html

Adobe Commerce 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11, 1.4.2-p3, 1.3.5-p8, 1.3.4-p10, and 1.3.3-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Magento Open Source 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, and 2.4.4-p11 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-73.html

Adobe Dimension 4.0.4 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb24-74.html

Adobe FrameMaker 2020.7 and 2022.5 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-82.html

Adobe InCopy 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb24-79.html

Adobe InDesign 19.5 and 18.5.4 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-80.html

Adobe Lightroom 7.5, 13.5.1, and 12.5.2 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb24-78.html

Adobe Substance 3D Painter 10.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-52.html

Adobe Substance 3D Stager 3.0.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html

Audacity 3.6.4 doesn’t have a change log so should be treated as a security update.
https://www.audacityteam.org/download/

Blender 4.2.2 resolves dozens of bugs. This is a security update.
https://www.blender.org/download/

Calibre 7.19.0 improves performance and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.04.0 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GnuCash 5.9 resolves several bugs. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.08.1 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Krita 5.2.6 resolves over 50 bugs and improves reliability and stability. This is not a security update.
https://krita.org/en/download/

LibreOffice Fresh 24.8.2 resolves almost 200 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.10.8.1879 adds business templates, FDX support, and resolves several bugs. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.14.1 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7 updates libraries, resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

PDF Candy Desktop 3.13 doesn’t provide a change log so should be treated as a security update.
https://pdfcandy.com/

PDF-XChange Editor 10.4.1.389 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240726-R17_34 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240726-R14_39 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

JShelter 0.19.1 improves Manifest V3 compatibility and performance. This is not a security update.
https://jshelter.org/install/

KeePass 2.57.1 is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 5.5.4 doesn’t provide a change log so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

RogueKiller 15.18.3 updates libraries and resolves several bugs. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/

SecurityCheck 2024.9.22 doesn’t provide a change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/securitycheck/dl/123/

Stinger 13.0.0.197 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1268 adds support for new browsers, applications, unicode compatibility and resolves several bugs. This is a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.60.0 adds several new features and resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

QubesOS 4.2.3 is a security update.
https://www.qubes-os.org/downloads/

Tails 6.8 is a security update. 6.8 also signals the merger of Tails and the Tor Project.
https://tails.net/install/download/index.en.html

Zorin OS 17.2 improves customization, updates libraries, and resolves several bugs. This is not a security update.
https://zorin.com/os/mirrors/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.2.4 resolves stability bugs. This is not a security update. This is not a security update.
https://www.techsmith.com/screen-capture.html

VideoCacheView 3.10 improves compatibility with Google Chrome. This is not a security update.
https://www.nirsoft.net/utils/video_cache_view.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.7 adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.17.8 improves defect tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.2.0.0 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.5 adds FLAC support and resolves sseveral bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.7 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.46 adds QR code authentication, Wi-Fi QR code sharing, accessibility improvements, and resolved several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.5.0 adds Boot Repair, improves Migrate OS and resolves bugs in the optical media creation flow. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.9.2 improves PDF attachment handling and improves Secrets Manager. This is not a security update.
https://bitwarden.com/

CCleaner 6.28.11297 adds support for new applications. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.11 improves mainboard detection and adds new hardware support. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Deskflow 1.17.0 is a complete rebrand of the upstream Synergy source, pushing the public code base into a useful utility. This is the first one, though, so I’d hold off a little while. This is not a security update.
https://deskflow.org/

DesktopOK 11.44 improves copmatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.84.0 improves cache plug-in to use hash data to reduce network chatter, encoding improvements, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-09-12 adds option to use password as credentials, improves documentation and resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.5.1 improves compatibility, adds RTL support, keyboard shortcuts and resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3880.66.6 improves compatibility and adds support for Windows 11 v24H2. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.60 adds support for Windows 11 v24H2 and removes v23H2. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 3.7.1 improves Network Insights and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.9.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.46.1 resolves several bugs and improves documentation. This is not a security update.
https://git-scm.com/

GoodSync 12.7.6 improves logging and compatibility. This is not a security update.
https://www.goodsync.com/

Homedale 2.13 adds channel utilization reporting, Wi-Fi 7 (802.11be) support and filtering improvements. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.12 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.55 adds support for newer hardware and battery information. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 4.11 adds support improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 2.2.0 adds Italian language support. This is not a security update.
https://lessmsi.activescott.com/

MultiMonitorTool 2.11 resolves a mapping bug. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html

NTLite 2024.9.10073 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1014 resolves over a dozen bugs including performance and reliability issues. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 6.44 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.85.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 24.2 should be avoided. It has had rollout “paused” due to stability issues four times already. Just wait for 24.3 or 24.4 to be stable.
https://screenconnect.connectwise.com/download

TeamViewer 15.58.5 resolves several bugs and implements new cosmetics. This is a security update.
https://www.teamviewer.com/en-us/download/windows/

TestDisk 7.3 doesn’t provide a change log so should be treated as a security update.
https://www.cgsecurity.org/wiki/TestDisk_Download

XnConvert 1.101.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.10 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2024.2.1.9 resolves dozens of bugs. This is not a security update.
https://developer.android.com/studio

GDevelop 5.4.213 adds ability to change opacity within properties panel, tilemap improvements, and resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.6 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.2 resolves several bugs. This is not a security update.
https://go.dev/

Node.js 20.18.0 updates libraries, resovles several bugs and adds experimental support for network inspection. This is not a security update.
https://nodejs.org/en/

Node.js 22.9.0 updates libraries, adds support for stack trace, disables V8, and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.0 resolves over a dozen bugs. This is a security update.
https://www.python.org/downloads/windows/

Visual Studio Code 1.94 improves Explorer Find, adds filtering options to Source Control Graph, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.2 is a major update, changing style, performance, stability, hardware compatibility and adding many options. It also initially broke older guests and this release fixes that as well as a dozen other bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Duplicator 1.5.11 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Sucuri Security 1.9.5 improves analysis. This should be treated as a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-08-13

Today is Patch Tuesday for August, 2024.

There were 436+ major hacks, and over 372 application updates this month.
It’s an enormous month, with about 4 GB of updates for most users.

This Month in Technology

1Password, 1Tx.io, 40 French Museums, 5G baseband, A-Line Staffing Solutions, a16z, Acadian Ambulance, Accelon Technologies Private, Acronis, Adreno, ADT, Advance Stores Company, Inc, Advantage Orthopedic & Sports Medicine, LLP, AirAsia Group, AirsoftC3, Al-Karam Textile Mills Pvt, Alabama Cardiovascular Group, Alabama Department Of Education, Allcare Medical Management, Alternate Energy, Amazon India, Amazon Web Services (AWS), AMD (SinkClose), American Golf Corporation, an “undisclosed ISP”, Angel One, AnimeLeague, Ankitects Anki, Anniversary Holding Company, Apache HugeGraph, Apache InLong, Apache OFBiz, Argentina Citizen Data, Arisa Health, Astra Daihatsu Motor, AT&T, Augusta Orthopedic, Aveanna Healthcare, LLC, Aviben, B&G Foods, Bandolier, BangBros, Barrett Eye Care, Bassett Furniture Industries, Bausch Health, Baxter International, Bayhealth, Bazaar, Berkshire Hathaway Home Services, Betances Health Center, BIND 9, BioMatrix Specialty Pharmacy, BlackCat, Bluewater Health, BMW Hong Kong, Bosque Animal Rescue Kennels, Brazil FGTS, Brevard Alzheimer’s Foundation, Brownell Travel, Inc, Bunkhouse Group, Business Insider, Cadre Holdings, Calibrated Healthcare, Cambridgeshire schools, Care Vision UK, Cartier, CCM Health, Celcom Axiata Berhad, Cencora, Central Bedfordshire Council, Central Contra Costa Transit Authority, Central Texas 911 service, Change Healthcare Inc, Chilean Government, Chrome, Cisco Small Business SPA 300 and SPA 500, Cisco Smart Install, Cisco Smart Manager software, City of Cold Lake, Alberta, City of Columbus, OH, City of Philadelphia, PA, City of Victorville, CA, Clay County, IN, ClickBalance, Co-op Banks, CoinStats, Columbus Regional Healthcare System, Community Care Alliance, Compex Legal Services Inc, Compound Finance, Condo.com, Congoleum, Convergence, Credible Group, Crescent Point Energy, Crimson Wine Group, Croatia’s Split Airport, CSC ServiceWorks, Cyepro Solutions, Dallas County, DaVita, Deep Sea Electronics DSE855, Dell & Dean PLLC, Delta County Memorial Hospital District (Delta Health), Designed Receivable Solutions, Deye, Digitalstress, Directional Aviation, Disney’s Slack, Docker Engine, Dorset Council, Dough Finance, Dr Bronner’s, Dubai Municipality, dYdX, East Valley Institute of Technology (evit), easySim.global, Econolite, Ecovacs home robots, Edward Flynn, LMHC, EgBill India, Embily Crypto, Embotits Espina, SLU, EMS Department for the Kansas City, Kansas Fire Department, Energo, Evening Post Publishing Inc, Everest, Evolution Mining, Evolve Bank & Trust, Exco Solutions, Exim, Explore Talent, FacilityBills, Fairfax Radiological Consultants, Family Dynamics Counseling Services, Inc, FCDG Management LLC, Federacion Española de Padel, Fidelity Investments Life Insurance Company, FilterBaby, LLC, Financial Business and Consumer Solutions, Inc, Firefox, First Choice Dental, Flexible, Florence Cement Company, Inc, Football Federations of Tenerife and Las Palmas, Fractal ID, Franklin County, Kansas, Fresnillo PLC, Freudenberg Medical, Fujitsu, Gateway Extrusions, GCA Global Cargo Alliance, Gemini, Gendron & Gendron, GeoServer GeoTools, Ghayar, GitLab Community and Enterprise, Glendale Unified School District, Golden Business Machines, Good Smile Company, Google Cloud Platform, Google Quick Share, Google Workspace, Gramercy Surgery Center, Granit Design, Graphic Solutions Group Inc, Greece’s Land Registry, Green Investment Management, Inc, Greenlight Biosciences, Grupo Jal, Guaranteed Supply Company, Guardian Analytics, Guhring, Hair Club for Men, Ltd, Inc, Hajj and Pilgrimage Organization of Iran, Harry Perkins Institute of Medical Research, Hayden Power Group, HealthCare.gov, Healthed, HealthEquity, Help PDF, Hit Promotional Products, Hokushinko Co, Ltd, Horizon View Medical Center, Hospital Auxilio Mutuo, Hotjar, Hyperice, Indian Ministry of Defence, Indonesian government, Infomedika, Ingo Money, Inc, Ingresse, InHouse Physicians, Injectable Therapy Services, Inc, Insula Group, Intelight X-1, iRacing, Iseto Corp, Island Transportation Corp, Israeli Intelligence, Israeli Security Ministry, ISTA International GmbH, Janna Pharmacy LLC, Jefferson County, KY, Jersey Financial Services Commission (JFSC), JG Summit, Jim Ellis Automotive Group, Joe’s Club, Kadokawa, Kaiser Foundation Hospitals, Karvo Companies, Inc, Kerman Unified, Keytronic, KinetX, KnowBe4, Kofile Technologies, Korean National Police Agency (KNPA), KuiperCompagnons, Kusum Group of Companies, La Salle University, Lago Group Spa, Lake Washington Institute of Technology, LangChain, Laurentian University, Law Office of Omar O Vargas PC, LCS and Partners, Lebanon Ministry of Health, Leicester City Council, Leidos, LI.FI, Life360, Linux Kernel (SLUBStick), LITE-ON, LivaNova USA, Inc, Liverpool Football Club, Loretto, Los Angeles Superior Court, Loumar, LS Networks, LuLu, Lvivteploenergo, L’Oréal, Macau government, Majestic Metals, Mallox, Manila Health Department, MarineMax, Maybank2u, McDowall Affleck, McLaren Health Care (again), MediSecure, Melchers Singapore, Meridian Internal Medicine, PA, Meta Prompt Guard, Microsoft (several times),  Microsoft 365, Microsoft BITS, Microsoft Copilot, Microsoft Windows (Downgrade), Microsoft Windows Update, MIPS Technologies, Mississippi Blood Services, MNGI Digestive Health, Mobex, Mobile Guardian, Monte Nido, Moonly app, mSpy, Multiplayer.it, multiple VPN services, Mykukun/USBank, Nainital Bank, National Curry Awards, National Payments Corporation of India, National Public Data/Jerico Pictures, Neiman Marcus, Netflix, Netgear Orbi, Netgear WiFi 6 routers, NetOne, Netshoes, Neuro Rehab Associates, Inc, New Jersey City University, New Jersey Oral & Maxillofacial Surgery Associates, Nexera, Nexperia, Nidec Corporation, Nigerian Cloud Service, Nilorngruppen AB, Nokia, Norfolk and Norwich University Hospitals, North Texas Municipal Water District, Northeast Rehabilitation Hospital Network, Northern Ireland Department of Education, Northwest Arkansas Community College, NSA SkillTree, NVIDIA GPU, OakBend Medical, Odyssey Fitness Center, OfficeOps, Ohio School Boards Association, Olympus Financial, OneBlood, OpenAI, Oxfam Hong Kong, Pacific Oaks College, Palo Alto Networks Expedition Migration Tool, PAN, Patelco Credit Union, PDF Pro, Peco Foods, Peruvian Government, Peterson Holding Company, Philippine Department of Migrant Workers, Philips Vue PACS, PHL Variable Insurance Company in Rehabilitation, phpBB, Pick n Pay Group, Pinnacle Bank, Piramal Group, Playa Vista Job Opportunities and Business Services, PlayNow, Port of Tyne, Portuguese Government, Preferred IT Group, PRI, Principal Life Insurance, Proofpoint, Pueblo County School District 70, Pure Storage, Q-Cells, RADIUS, Recology Inc, Recruit Co, Red Art Games, Rencontre-Ados, REPLIGEN, Resolian, Rhode Island Wyatt Detention Facility, RISC-V CPU (GhostWrite), Rite Aid, RiverSoft, Roberts HVAC, Rockwell Automation Logix Controllers, Romanian Government, Ronglian Group, Ronin Network, Roseland Community Hospital Association, Sable International, Samsung Galaxy Secure Vault, SAP AI Core, Saudi FarmGo App, Schlatter Group, Sede Electrónica de la DGT, ServiceNow, SFR, SH Pension, Shadow, Shoe Zone, Shorenstein Realty Services, Sibanye-Stillwater, Singapore Moneylenders Credit Bureau (MLCB), Solarman, SolarWinds Access Rights Manager, Sonic Automotive, South Korean Military, South Suburban College, South Western Communications, Inc, SouthCoast Medical Group, Special Health Resources of Texas, Inc, Splunk, Spytech, Student Transportation of America, Sumter County Sheriff, Sun City Pediatrics, PA, Superior Court of Justice of Mexico City, Surgery Center of Mid Florida, Sutton Dental Arts, SUUMO, Synnovis, Taiyo Kogyo Co, Ltd, TC Capital Asia Limited, Telerik Report Server, TelPro, Texas Alcohol & Drug Testing Service, Texas Electric Cooperatives, The 21st Century Energy Group, The Coffee Bean & Tea Leaf, The Computer Merchant, The Heritage Foundation, The Lutheran Foundation, Therapeutic Health Services, Thompson Creek, Thousands of Ubiquiti cameras and routers, TopNet, Topserve Service Solutions, TPCI, Trello, Tri-Star Display, Trib Total Media, Tribunal Superior de Justicia CDMX, True Blue Environmental, Trump Campaign, TV SAT 364, U Mobile, UAB School of Nursing, uBook, UEFI SecureBoot (PKfail), UK Home Office, United of Omaha Life Insurance Company, United Seating and Mobility LLC, Universitas Indonesia, University of Michigan/Michigan Medicine, US Voter Data, Valisana, Venezuelan Military, Veren Inc, Victoria’s Royal Brighton Yacht Club, Vivamax, Walmart, WazirX, WebTPA Employer Services, LLC, Western Sydney University, Western Wyoming Beverages, WhatsApp, Williams Construction, Windows Smart App Control and SmartScreen, Wise US Inc, Woodstock Hospital, WordPress Modern Events Calendar plugin, WordPress Time Capsule plugin, ZB Financial Holdings, Zeroed-In Technologies, Zoppo, and Zotac have reported hacking or compromises this month.

CrowdStrike published a buggy definition file to Windows-based devices, causing literally tens of millions of devices from Microsoft Azure, Airlines, Hospitals, Media, Banks and much more. The damage from this “update” can not be overstated: they released an untested, defective, definition to all devices within a 87 minute window and the “fix” to restore access on modern hardware requires a complex process involving decrypting the drive and removing the defective definition file from a system folder. This is already being called the largest IT outage in history. Locally, it even hit Chicken Ranch Casino.

Delta Air LinesGoogle Ads, iCloud Private Relay, iRacing, Microsoft Azure, Microsoft 365, and Microsoft 365 Admin Center have suffered from outages this month.

Last months updates broke signed WDAC policies, Office Click-to-Run updates, tens of millions of computers (CrowdStrike), Google Password Manager, Bitlocker-encrypted devices, Remote Desktop, Microsoft Connected Cache, Microsoft Photos app, Microsoft 365 Defender, and Windows Update.

Stop using Zelle. The fraud risk is too high, and banks don’t care if you’re defrauded. Robots are not your friendsThe US Postal Service has been sharing your private information with Meta, LinkedIn and Snap. Microsoft – the organization primarily behind mandating DMARC – is sending Data Breach Notifications that fail their own DMARC rules

DigiCert is still breaking trust with the world by allowing malicious certificates to be preserved, in the name of ensuring maximum availability…for maliciously created certificates?

Hackers are much faster at exploiting vulnerabilities than vendors are in discovering and patching them. The US federal agency tasked with tracking known vulnerabilities (NIST) is seeing a growing backlog which could exceed 30,000 records in only a few short months.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is enormous this month. The typical computer should see roughly 4 GB in updates today. Let’s get started.

Microsoft released 56 updates to address 102 vulnerabilities in .NET and Visual Studio, Azure Connected Machine Agent, Azure CycleCloud, Azure Health Bot, Azure IoT SDK, Azure Stack, Line Printer Daemon Service (LPD), Microsoft Bluetooth Driver, Microsoft Copilot Studio, Microsoft Dynamics, Microsoft Edge, Microsoft Local Security Authority Server (lsasrv), Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office PowerPoint, Microsoft Office Project, Microsoft Office Visio, Microsoft Streaming Service, Microsoft Teams, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Reliable Multicast Transport Driver (RMCAST), Windows Ancillary Function Driver for WinSock, Windows App Installer, Windows Clipboard Virtual Channel Extension, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Compressed Folder, Windows Deployment Services, Windows DWM Core Library, Windows Initial Machine Configuration, Windows IP Routing Management Snapin, Windows Kerberos, Windows Kernel, Windows Kernel-Mode Drivers, Windows Layer-2 Bridge Network Driver, Windows Mark of the Web (MOTW), Windows Mobile Broadband, Windows Network Address Translation (NAT), Windows Network Virtualization, Windows NT OS Kernel, Windows NTFS, Windows Power Dependency Coordinator, Windows Print Spooler Components, Windows Resource Manager, Windows Routing and Remote Access Service (RRAS), Windows Scripting, Windows Secure Boot, Windows Secure Kernel Mode, Windows Security Center, Windows SmartScreen, Windows TCP/IP, Windows Transport Security Layer (TLS), Windows Update Stack, Windows WLAN Auto Config Service, and MSRT. This includes security updates. A reboot is required.

Apple released updates for macOS Sonoma 14.6.1, macOS Ventura 13.6.9, macOS Monterey 12.7.6, iOS 17.6.1, iOS 16.7.10, iPadOS 17.6.1, iPadOS 16.7.10, tvOS 17.6, watchOS 10.6, visionOS 1.3, and Safari 17.6. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.6.1 and 16.7.10 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.6.1 and 16.7.10 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.6 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.6 is a security update. Use System, Software Update to install the most current version.

visionOS 1.3 is a security update. Use Settings, General, Software Update to install the most current version.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.7.1 resolves several bugs and incompatibility issues, improves performance and introduces AntiLag 2. This is not a security update.
https://www.amd.com/en/support

BullZip PDF Printer 14.5.0.2974 is a security update.
https://www.bullzip.com/products/pdf/info.php#download

Nearly every Epson ET Series (EcoTank) and WF Series (WorkForce) printer has received an update to their firmware in the last week, with no details on what is included. Instead of listing them all here, assume it applies to your device, too. This should be treated as a security update. Use the Epson Software Updater to install the current firmware on your Epson ET printer.
https://epson.com/Support/Printers/

goxlr-utility 1.1.2 resolves several bugs and improves stability and reliability. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

GSLite 20240711 is a security update.
https://www.bullzip.com/products/pdf/download.php

MTPdrive 4.4.166 resolves a couple bugs. This is not a security update.
https://www.mtpdrive.com/

UniFi Network Server 8.3.32 adds support for customer NAT rules, feature and control improvements and resolves several bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.68.137 is a security update.
https://brave.com/

Google Chrome 127.0.6533.99 is a security update.
https://www.google.com/chrome/

Microsoft Edge 127.0.2651.98 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 129.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Vivaldi 6.8.3381.53 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

ProtonMail (Android) 4.0.17 resolves several bugs. This is not a security update.
https://proton.me/mail/download

Spark 3.17.0.82433 introduces Meet with and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.17.0.82432 introduces Meet with and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 128.1.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.13 fixes a crash bug and improves licensing behavior. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.1.1 resolves several bugs and adds heirarchical tag support. This is not a security update.
https://anydesk.com/en/downloads

curl 8.9.1 resolves several bugs and improves input sanitization. This should be treated as a security update.
https://curl.haxx.se/windows/

DNSDataView 1.75 adds support for loading domains from a file. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

Dropbox 205.4.5765 doesn’t provide a change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 215.3.0.13.211 is a security update.
https://www.messenger.com/desktop

FileZilla Client 3.67.1 resolves a confirmation dialog bug and updates library. This is not a security update.
https://filezilla-project.org/

Google Drive 95.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

MeshCentral 1.1.27 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.19353 implements new virtualization behavior. This should be treated as a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.4 resolves dozens of bugs and updates dependencies. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.14.26.1 resolves several bugs and implements new configuration and statistical options. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.22.5 implements several network changes for privacy and security. This is a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.93 resolves several bugs. This is not a security update.
https://pocketnet.app/

Signal (Android) 7.13.3 adds landscape support. This is not a security update.
https://signal.org/android/apk/

Signal 7.19.1 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Syncthing 1.27.10 resolves a couple bugs. This is not a security update.
https://syncthing.net/

Telegram 5.3.2 resolves a crash bug. This is not a security update.
https://telegram.org/

Trillian 6.5.0.42 resolves almost a dozen bugs and updates emoji. This is not a security update.
https://www.trillian.im/

Zoom 6.1.6.43767 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Grayjay 253 resolves several bugs. This is not a security update.
https://grayjay.app/index.html

3tene 4.0.8 resolves a couple cosmetic bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.2.1 adds new compression options, EQ improvements and improves keyboard shortcuts, in addition to dozens of resolved bugs. This is not a security update.
https://www.bitwig.com/download/

darktable 4.8.1 resolves several bugs. This is not a security update.
https://www.darktable.org/

Plex Desktop 1.99.0.210 resolves sevveral bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.65.4.206 updates libraries. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.4.8679 improves TVDB support and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Lego Studio 5.6 resolves a stability bug. This is not a security update.
https://www.lego.com/en-us/ldd

Minecraft Server (Bedrock) 1.21.20.03 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21.1 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PS5 2024.723 adds option to share links to public games and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024.07.17 resolves a couple bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024.08.09 improves update engine and resolves over 20 bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat Reader 24.002.21005 and 24.001.30159 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-57.html

Adobe Bridge 13.0.9 and 14.1.2 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-59.html

Adobe Commerce 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, and 2.4.4-p10 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-61.html

Magento Open Source 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, and 2.4.4-p10 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-61.html

Adobe Dimension 4.0.2 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb24-47.html

Adobe Illustrator 28.6 and 27.9.5 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-45.html

Adobe InCopy 19.5 and 18.5.3 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb24-64.html

Adobe InDesign ID19.5 and ID18.5.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-56.html

Adobe Photoshop 24.7.4 and 25.11 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-49.html

Adobe Substance 3D Designer 14.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-67.html

Adobe Substance 3D Sampler 4.5.1 is a security update.
https://helpx.adobe.com/security/products/substance3d-sampler/apsb24-65.html

Adobe Substance 3D Stager 3.0.3 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-60.html

Audacity 3.6.1 adds new themes, FFmpeg 7 support, new compressor, limiter, master effects, improved performance and resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.16.0 is a security update.
https://calibre-ebook.com/

Kindle for PC 2.4.70946 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 24.2.5 resolves over 80 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.8.11.1812 adds ability to send emails via HTTP and changes Freight-in behavior. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.12.7 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.6.9 improves installer and resolves over 25 bugs. This not a security update.
https://notepad-plus-plus.org/

PDF Candy Desktop 3.09 doesn’t provide a change log so should be treated as a security update.
https://pdfcandy.com/

QuickBooks Pro 2022 20240529-R16_30 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240529-R13_30 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

.NET Runtime 8.0.8 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Chainsaw 2.9.2 improves amcache hive processing. This should be treated as a security update.
https://github.com/countercept/chainsaw

FSS 2024.8.12 doesn’t provide a detailed change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

Java 8u421 is a security update.
https://www.java.com/en/download/manual.jsp

JShelter 0.19 weakens security implementation in order to comply with Manifest v3. This is not a security update.
https://jshelter.org/install/

Microsoft Edge Policy 2024.08.07 adds several new policies and obsoletes two. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

QubesOS 4.2.2 is a security update.
https://www.qubes-os.org/downloads/

RogueKiller 15.18.0 updates engine and theme platform, resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SmartSniff 2.30 adds support for the SAPICS geo data. This is not a security update.
https://www.nirsoft.net/utils/smsniff.html

Stinger 13.0.0.155 adds new detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.6 adds support for Dangerzone, updates libraries and resolves several bugs. This is a security update.
https://tails.net/install/download/index.en.html

uBlock Origin 1.59.0 resolves several bugs and improves perforamnce and reliability. This may be the last version to support Chromium-based browsers due to the Manifest v3 changes that limit much of the very capabilities that uBlock Origin requires. Time for Firefox.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.2.2 resolves several bugs. This is not a security update.
https://obsproject.com/

SnagIt 24.2.1 improves video recorder, performance, automated installation and resolves several bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.2.4 resolves several bugs and adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Exact Audio Copy 1.8 resolves a metadata parsing problem. This is not a security update.
https://www.exactaudiocopy.de/en/

HandBrake 1.8.2 updates libraries and resolves several bugs. This is not a security update.
https://handbrake.fr/

StreamFab 6.1.9.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.3.0 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

e-Sword 14.1 improves mobile integration and adds ability to convert Topic Notes to a Reference Book and export notes. This is not a security update.
https://www.e-sword.net/

Zotero 7.0 is a major update and adds several new features, performance improvements, cosmetic improvements and resolves dozens of bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.39 resolves a dozen bugs and disables the option to reset settings. This is a security update.
https://1password.com/downloads/

7-Zip 24.08 resolves several bugs. This is not a security update.
https://www.7-zip.org/

Beyond Compare 5.0.1.29877 resolves over a dozen bugs. This is not a security updte.
https://www.scootersoftware.com/download

Bitwarden 2024.7.3 improves secrets manager and provider portal controls, and adds vault item keys for each item. This is a security update.
https://bitwarden.com/

CCleaner 6.26.11169 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

Dell OS Recovery Tool 2.4.0.7813 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 11.32.1 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 4.2.0.814 adds Btrfs and large cluster NTFS support, increases file limits, and resolves several bugs. This is not a security update.
https://dmde.com/

dnGrep 4.2.46.0 resolves several bugs, improves display behavior, and updates libraries. This is a security update.
https://dngrep.github.io/

DriverView 1.51 adds support for Windows 11 24H2. This is not a security update.
https://www.nirsoft.net/utils/driverview.html

Eraser 6.2.0.2994 doesn’t provide a change log so should be treated as a security update.
https://eraser.heidi.ie/download/

Everything 1.4.1.1026 updates localization. This is not a security update.
https://www.voidtools.com/

Fing 3.7.0 resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Free Virtual Serial Ports 6.03.00.1321 resolves several bugs. This is not a security update.
https://freevirtualserialports.com/

Git SCM 2.46.0 resolves dozens of bugs. This should be treated as a security update.
https://git-scm.com/

grepWin 2.1.5 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

Homedale 2.12 improves cosmetics. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 8.06 resolves several bugs and updates hardware support. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.54 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

Inkchip WIC 1.18 doesn’t provide a change log so should be treated as a security update.
https://inkchip.net/wic/

IsMyHdOK 3.99 resolves a couple bugs and improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 2.1.1 improves extraction behavior. This is not a security update.
https://lessmsi.activescott.com/

LiveTcpUdpWatch 1.55 adds custom context menu, new columns and resolves a clipboard bug. This is not a security update.
https://www.nirsoft.net/utils/live_tcp_udp_watch.html

MobileFileSearch 1.49 adds option to export all items. This is not a security update.
https://www.nirsoft.net/utils/mobile_device_file_search.html

NetworkOpenedFiles 1.63 adds number of open files to the tray tooltip. This is not a security update.
https://www.nirsoft.net/utils/network_opened_files.html

NTLite 2024.7.10001 resolves two crash bugs. This is not a security update.
https://www.ntlite.com/download/

PointerStick 6.41 updates language support and compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.83.0 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

Process Monitor 4.01 adds process start timestamp and improves cosmetics. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/procmon

QuickSetDNS 1.36 adds an indicator in the tray tooltip for the current DNS service. This is not a security update.
https://www.nirsoft.net/utils/quick_set_dns.html

RoboForm 9.6.2 resolves several bugs. This is not a security update.
https://www.roboform.com/

ScreenConnect 24.2.8.8987 resolves several bugs, including those that broke instances and prevented interacting with older devices. This is not a security update.
https://screenconnect.connectwise.com/download

Sysmon 15.15 resolves a stability bug. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

TraceRouteOK 3.44 updates language support and compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinGet 1.8.1911 improves compatibility. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.91 updates language support and compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.20 improves performance and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

Developer Updates

These are unlikely to be of interest to most people.

ADB 35.0.2 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2024.1.1.13 improves compatibility. This is not a security update.
https://developer.android.com/studio

cx_Freeze 7.2 resolves dozens of bugs and updates libraries. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

DB Browser for SQLite 3.13.0 adds new features including tab support, updates libraries, and resolves several bugs. This is a security update.
https://sqlitebrowser.org/

GameMaker Studio 2024.06.2.162 resolves a crash bug. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.4.208 resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.3 resolves several bugs. This is not a security update.
https://desktop.github.com/

Go 1.23.0 introduces telemetry, improves env, tidy, and list commands, as well as modifying behavior for several modules and libraries. This is not a security update.
https://go.dev/

Inno Setup 6.3.3 improves support for ASLR. This should be treated as a security update.
https://www.jrsoftware.org/isdl.php

Node.js 20.16.0 updates libraries and resolves dozens of bugs. This should be treated as a security update.
https://nodejs.org/en/

Node.js 22.6.0 updates libraries and resolves dozens of bugs. This should be treated as a security update.
https://nodejs.org/en/

Python 3.12.5 resolves dozens of bugs. This is a security update.
https://www.python.org/downloads/windows/

SQLite 3.46.1 improves tokenization, query planner, error reporting and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.92.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.42.1 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.20 improves compatibility and resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.18 resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

Piwigo 14.5.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.6.1 resolves dozens of bugs and adds many new features and cosmetic controls. This is not a security update.
https://wordpress.org/

Autoptimize 3.1.12 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 14.0.0 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.8 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.10.2 improves compatibility. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

Multisite Enhancements 1.7.1 improves stability. This is not a security update.
https://wordpress.org/extend/plugins/multisite-enhancements/

Redirection 5.5.0 adds support for multiple URL and WP page type redirects. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

My Sticky Bar 2.7.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Sucuri Security 1.9.2 improves cosmetics. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WPBakery 7.8 resolves several bugs. This is a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-05-14

Welcome back, Folks!

Today is Patch Tuesday for May, 2024.

There were 580+ major hacks, and over 460 application updates this month. It’s an insanely big month, with about 5 GB of updates for most users.

This Month in Technology

First, let me apologize for this list. It’s 3x longer than it was only a couple months ago and that’s not really my fault. I really want to keep sharing the hacked lists but at the rate it’s going 3/4 of the newletter will just be the list by the end of Summer. I’m going to need to rework this next month when I have more time.

1+1 Media, 4LEAF, Inc, A123 Systems, Access Intelligence, Accor, ACFIN SA, Active PCB Solutions, Acurrate Lock & Hardware, ADCOM911, Advanced Business Networks, Advarra, Inc., Aero Tec Laboratories Inc, Aetna ACE, Affordable Payroll & Bookkeeping Services, Agate Construction, Agency for the Sustainable Development of the Saint Nazaire Region, France, AirAsia Group, Airsoft, Allianz Global Risks U.S. Insurance Company, Alltruck Bodies, Alrajhi Bank, Altipal S.A.S, Amazon, Amberstone Security, AMD Radeon DirectX 11 Driver, American Builders Outlet, American Renal Associates, American Renal Management, Andovers Federal Credit Union, APS – Automotive Parts Solutions, Arbitrum, Argentina’s national registry, Army Welfare Trust, Array Networks, Asantee Games, Asbury Automotive Group, Ascension healthcare, Ashley Home Stores, Aspire Health Alliance, Astra Daihatsu Motor (ID), AT&T, Atlantic States Marine Fisheries Commission (ASMFC), Aussizz Group, Autodesk Drive, Axip Energy Services, Ayesa, B&G Foods, Badger Tag & Label, Banco Santander, Banten Regional Development Bank Tbk, Barclays Bank, Base Network, Bay Oral Surgery & Implant Center, Bağcılar Training and Research Hospital, Bega Valley Council, Belarusian KGB, Belvedere Vodka UK, BenefitsCal, Berry, Dunn, McNeil & Parker, Best Reward Federal Credit Union, BetterHelp, Bharat Sanchar Nigam Limited (BSNL), BHF Couriers, Biggs Cardosa Associates, Inc., Bira 91, Bitfinex, Blackstone Valley Community Health Care, Blooms Today, Bluebonnet Trails, Bluegrass Care Navigators, BMW BANK, Bodyartforms LLC, Boeing, Bradford-Scott, Brandywine Realty Trust, BreachForums, Bridgeway Center, Inc., British Columbia, Canada, Brocade SANnav SAN Management Software, Brovedani Group, Bundeswehr, Byron council, Café Soluble, California library system, Calumet Civil Contractors, Inc, Camino Nuevo Charter Academy, Canatal Industries, Canberra club, Cannes hospital, Cariboo library system, Carpetright, Catholic Diocese of Cleveland, Catholic Medical Center (CMC), CCM Health, Central Bank Argentina, Central Carolina Insurance Agency Inc, Central Florida Equipment, Central Power Systems & Services, Central Virginia Federal Credit Union, Change Healthcare, Channel Logistics LLC, Chemring Group, Cherry Health, Chicony Electronics, Chirp Systems, Christie’s Auction House, Cisco Duo, Cisco Integrated Management Controller (IMC), City of Buckeye, AZ, City of Donges, France, City of El Cerrito, California, City of London, UK, City of Pensacola, Florida, City of Wichita, Kansas, Cleveland Catholic Diocese, Community First Credit Union, Confins Transport, Consensus Medical Group, Consol Energy, Continuum Health, Coppel, Coradix-Magnescan, CorporateStack, Costa Edutainment SPA, Council for Relationships, County of Coffee, Georgia, County of Hernando, FLCounty of Jackson, MOCounty of Los Angeles, CA, Department of Health Services, County of Robeson, NC, County of San Bernardino, CA, CrushFTP, Cushman Contracting Corporation, CyberPower UPS, D-Link Devices, Daoust, Dawson Creek, Deeside Timberframe, Delinea Secret Server, Dell, Dental Group of Amarillo, Dental Health Services, DES Architects and Engineers,
Designed Receivable Solutions, Deutsche Telekom, Digi Yatra Foundation, Dijk, Discord, District of Columbia’s Department of Insurance, Securities and Banking (DISB), DocGo, Dominican Republic vaccination data, Donco Air, Doyon Drilling, Drive Sally LLC, DRM Arby’s, Dropbox Sign, Duvel Moortgat, D’amico & Pettinicchi, LLC, E-ZPass, East Central University, OK, Eden Project, Edlong and Holstein Association USA, Educational Computer Systems, EduMarket, Efrat Airlines, Egypt Ministry of Supply and Internal Trade, El Salvador, El Salvador’s Chivo Wallet, Electric Mirror, Empath Health, Engineered Automation of Maine, Enstar, Epilepsy Foundation of Metro NY, EqualizeRCM and 1st Credentialing, Ernest Health, Eucatex, European Parliament, Europol, EvoBanco, F5 Central Manager, Feldstein & Stewart, Fic Expertise, Financial Business and Consumer Solutions (FBCS), Firstmac, FiXBET, Floirac, Footdistrict, Fort Worth, Texas, Foxit Reader, French Ministry of Agriculture, Frontier Communications, FrotCom, GBI Genios, Gerber Life Insurance Company, Giant Tiger, GitHub Search, GitLab, Glendale Unified School District, Glints, Global Tel Link, Google Chrome, Google, Graphic Solutions Group Inc, Grassroot DICOM, Great Firewall of China, Green Diamond Resource Company, Greylock McKinnon, Grindr, Grodno Azot, Group Health Cooperative of South-Central Wisconsin (GHC-SCW), Guadeloupe, Canada, Guardant Health, Inc., Guardian Analytics, Hapy Bear Surgery Center, Hardeman County Community Health Center, Hedgey Finance, Helapet Ltd, Helsinki Education Division, Heritage Cooperative, High Performance Services, Hillsong Church, Hirsh Industries, Hit Promotional Products, Home Depot, Hong Kong Arts Development Council, Hong Kong College of Technology, Hong Kong Fire Department, Hong Kong Union Hospital, Hooker Furniture, Hosocongty, Hospital Simone Veil, 100 hotels in Japan, Houser LLP, Hoya Optics, HP, HPE ArubaOS Devices, HSBC Bank, HTW, Hub International Limited, Human Events, IBM’s Enterprise Terminal, iCabbi, ICICI Bank, IDS Michigan, Illinois State Credit Union, Illinois Tollway, In The Know, India’s Central Board of Secondary Education (CBSE), India’s HRYLabour, India’s ICICI Bank, Ingo Money Inc, Inland Physicians Billing Services, Intel CPUs (Spectre v2), Intel Hardware Firmware, Interim Healthcare of Lubbock, International Baccalaureate Exam, Inventum Øst, Iranian Pipeline Company, Iress Ltd, Israel Electric Corporation (IEC), Israeli Real Estate Companies, ISTA International GmbH, It4 Solutions Robras Corp, Italian Red Cross Network, Ivanti Avalanche, J.P. Morgan Chase, JE Owens, Kaiser Foundation Health Plan, Inc., Kaiser Permanente, Kameymall, Kansas City Scout System, Keenan & Associates, Kintetsu World Express, Kisco Senior Living, KISTI SMART K2C, Kowloon Shangri-La, La Chapelle-des-marais, France, Ladakh Social Welfare Department, Lamont Hanley & Associates, Latvian TV Channels, LDLC, Le Slip Français, Leicester City Council, Lenovo Hardware Firmware, Lewis & Clark College, LG TVs, Lieberman LLP, Lilly Drogerie, Lincoln Project, LiteSpeed Cache, LivaNova, LiveHelpNow, LocalPlace JP, London Drugs, London Stock Exchange Group, Lopesan Hotels, Lotz Trucking, Lpdb Kumkm, LRB Info Tech, Lukfook Jewellery, Lumina Americas, Luxor, LYON TERMINAL, M2E Consulting Engineers, Macedonian Joint Stock Company, Madata, Magnet+, Malone & Co, Manchester’s Catholic Medical Center, Marpai Health, Mauritzon, McKinley Packing, Medequip Assistive Technology, Medical Home Network, MediExcel, Medios de Prevención Externos Sur SL, MedStar Health, Meduza, Mellitah Company, Mercedes, Merchants Benefit Administration, Metropolitan Life Insurance Company, Microsoft, Microsoft Azure Entra ID, Microsoft Outlook, Missouri Electric Cooperatives, Moffitt Cancer Center and Research Institute, Moldova Government, MoldTech, Molen & Associates, Monash Health, Monday.com, MongoDB, Monocon, Montoir-de-Bretagne, France, Moscow Moskollector, MovieBoxPro, MRA – The Management Association, Mt Hira College, Myers Automotive Group, National Energy Research Scientific Computing Center (NERSC), Nespresso, Nestle, New Boston Dental Care, New Hudson Facades, New Mexico Administrative Office of the District Attorneys, New Mexico Highlands University, New York’s state legislature, Nexperia, NHS Dumfries and Galloway, NK Parts Industries, NorthBay Health, Nota by M&T Bank and TTEC Databases, Nothing, Nova Scotia Health, NRS Healthcare, Numotion, NVIDIA, OakBend Medical, Octopharma Plasma, OE Federal Credit Union, Ogero, Ohio Lottery, Okta, Olson Steel, Olympus Group, OracleCMS, OraSure, Original Herkimer Cheese, OrthoConnecticut, Outabox, Pacific Guardian, Pak Suzuki, Palo Alto Networks PAN-OS, Panda Restaurant Group, Pandemonium Rocks, Panoramic Health, Parent Teacher Association (PTA), Paris Saint-Germain (PSG), Parklane Group, Patricia AI, Paychex, Inc., Paytm, Pennsylvania Convention Center, Pennsylvania Insurance Department, Peplink Smart Reader, Persyn, Philadelphia Inquirer, Philips Respironics, Phoenix Business Consulting, PHP, Pifer’s Auction & Realty, Pilot, Pinnacle Engineering, Pinnacle Orthopaedics, Pioneer Oil Company, Inc, Piping Rock, Police Service of Northern Ireland (PSNI), Porniche, France, Pratham, Precision Fluid Controls, Premier Dermatology, Prisma Finance, Pro Metals LLC, Process Solutions, Procuraduría General de la República, Profile Products, Progress Flowmon, Promarka Peru, Pub And Club, Public service of Wallonia, PWS – The Laundry Company, Qantas, QNAP, Quebec CEGEPs, RAF El Salvador, Randolph Health, RaySharp, RB Woodcraft, Reading Electric, Rebound Orthopedics & Neurosurgery, Recology, Redwood Coast Regional Center, Rehabilitation Hospital of Southern New Mexico, Reliable Networks, Rocky Mountain Sales, Roku, Romeo Pitaro Injury and Litigation Lawyers, Rushd Bookstore, Rutgers University, Räddningstjänsten Vä stra Blekinge, Sachkhere, Sahara Bank, Saint-Nazaire, France, Sanok Rubber Company, Saudi Water Facilities, Scanda Group, Scigames, Scottish health board, Seaman’s Mechanical, SEK Studio, Seneca Nation Health System, Sentry Data Management, Servicio Móvil, Shadow, Siemens Manufacturing, Sigmund Espeland, Signature Healthcare Services LLC, SigningHub, Simmons Perrine Moyer Bergman PLC, Singapore’s Ministry of Education, Singapore’s Mobile Guardian, SinglePoint Outsourcing, Inc., SIS Automatisering, Sisense, Skanlog, Sleep Data Holdings, LLC, Sleep Management Institute, Smoke Alarm Solutions, SOA Architecture, Softura, Somerset Dental Las Vegas, Somerville, Sonadev, France, South Africa’s International Trade Administration Commission (ITAC), South Korean courts, South Korean cable & satellite, South Korean Defense Companies, South Texas Oncology and Hematology, Space X, Space-Eyes, Speedy France, Sri Lanka’s visa system, SSCL, SSS Australia, St-Jerome Company, St. Helena Public Library, Stainless Foundry & Engineering, StarWallets, States of Guernsey, Sterling Holidays, Sterling Plumbing Inc., Studio LAMBDA, Swisspro, SynLab Italia, Sysmex America, Inc, T2 Tea Australia, Tamil Nadu Police, Tappware, Targus, Tatarstan, Russia, Taxi Software, Ted Brown Music, Telecom Argentina, Telit Cinterion modems, Texas Retina Associates, The Epilepsy Institute, The Georgia Institute for Plastic Surgery, The Heritage Foundation, The Kennedy Collective, The Lagunitas Brewing Company, The Line Up, Inc, The May Institute, Inc., The Philadelphia Inquirer, PBC, The Post and Courier, The Post Millennial, The Prudential Insurance Company of America, The Roman Catholic Diocese of Phoenix, The State of Kansas Office of Judicial Administration, The Tech Interactive, Theatrixx Technologies, Therapeutic Health Services, 50,000 Tinyproxy servers, Tipton Municipal Utilities, IN, Toolmarts, Toronto Transit Commission, Transamerica Life Insurance Company, Trib Total Media, True Homes, LLC, TRUE Solicitors, Trylon Srl, Tyler Technologies, UAE Government, UK Government’s System Database, UK Ministry of Defence, UK Royal Mail, 20 Ukrainian Energy and Water Sites, Ukrainian TV, United Nations Development Programme, University of Alabama, University of Alberta, University System of Georgia (USG), US Air Force Academy (USAFA), US Atlantic Fisheries, US Coast Guard Reserve, US Consumer Database, US Health and Human Services (HHS), US Internal Revenue Service (IRS), US Medicare, US Patent and Trademark Office, US Space Forces (USSF) Military Bases, USA Health Providence Hospital, Utica Mack, Valley Mountain Regional Center, Valley Veterinary Clinic, LLC, Van Gogh Museum, Varo Bank, N.A., Veeam, Velvet Capital, Verizon, Victorian Ambulance Union, Virginia Union University, VirtualBox, Visionary Integration Professionals, VMware Cloud Foundation, VMware ESXi, VMware Fusion Pro/Fusion, VMware Workstation Pro/Player, Void Interactive, Volkswagen, VPN traffic (TunnelVision), VTRP, W.I.S. Sicherheit-Service GmbH & Co. KG, Washington State’s Swinomish Casino and Lodge, WebTPA Employer Services, LLC, WEL Partners, Wells Fargo, Welsh Government, Wescom Central Credit Union, West Idaho Orthopedics and Sports Medicine, Westboro Baptist Church, WhatsApp, Windows, Windows Apps, Windows Print Spooler, WOM, World Architects, World-Check, WP Forminator plugin, WP-Automatic Plugin, Xiaomi, Yale Mortgage, YRW Limited – Chartered Accountants, ZA Government Employees Pension Fund’s (GEPF), ZircoDATA, and Zscaler Inc have reported hacking or compromises this month.

Central Power Systems & Services, Final Fantasy, Frontier Communications, Kansas City’s official website, Ogero, Reddit, and Telegram have suffered from outages this month.

Last months updates broke Outlook, Windows (thanks ManageEngine), and VPN connections.

An update to ManageEngine has caused thousands of Windows machines to fail to boot. I guess that’s one way to make sure that they can’t be hacked through ManageEngine vulnerabilities?

Windows has officially added advertisements to the Windows 11 Start Menu.

The PuTTY Pageant key generation weakness will require millions upon millions of certificates to be rekeyed.

The Windows Boot Manager update released in January still has no automated fix from Microsoft. Third parties have created several methods of installing the update, and the closest-to-perfect automation yet requires seven (7!) restarts.

Microsoft has announced plans to implement fully locked down DNS via a pairing of DNS and the firewall, branded Zero Trust DNS – ZTDNS.

A recent technical paper described the process of using LLM (GPT-4) to automate the process of building exploits for newly discovered vulnerabilities. Reviews of the paper tend to acknowledge that it can be used in this fashion but focus instead on the use of the word “autonomously” which they treat as sentience. No guys, the paper isn’t saying that Skynet is here, just that LLMs are getting to the point where they can build functional exploit code based on brief descriptions of vulnerabilities.

I first saw the description of “Kobold Letters” a couple months ago. While a very creative use of CSS and an interesting idea, what are the chances that this kind of thing would actually be used in real life? 100%. I’ve now seen this behavior on three different client mail accounts in Microsoft Online and Gmail.

The founder of Telegram has publicly reported that the FBI pressured an employee to build a backdoor into the system. They refused.

Thunderbird has added Microsoft Exchange support. This means you won’t be forced to use the “New Outlook” crapp to access your Microsoft Exchange accounts. 🙂

Now for the good news:

We won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is insane this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released updates to address 67 vulnerabilities in .NET and Visual Studio, Azure Migrate, Microsoft Bing, Microsoft Brokering File System, Microsoft Dynamics 365 Customer Insights, Microsoft Edge (Chromium-based), Microsoft Intune, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Microsoft Windows Search Component, Power BI, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows CNG Key Isolation Service, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Deployment Services, Windows DHCP Server, Windows DWM Core Library, Windows Hyper-V, Windows Kernel, Windows Mark of the Web (MOTW), Windows Mobile Broadband, Windows MSHTML Platform, Windows NTFS, Windows Remote Access Connection Manager, Windows Routing and Remote Access Service (RRAS), Windows Task Scheduler, Windows Win32K – GRFX, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.

Oracle released 441 security updates this quarter to address vulnerabilities in 119 applications.
https://www.oracle.com/security-alerts/cpuapr2024.html

Apple released updates for iOS 16.7.8, iOS 17.5, iPadOS 16.7.8, iPadOS 17.5, iTunes 12.13.2 for Windows, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, Safari 17.5, tvOS 17.5, and watchOS 10.5. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 6.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.5 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.5 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 124.0.6367.154 and 120.0.6099.310 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 40-1.14 is a major update, replacing BerkeleyDB with alternatives, updating libraries, and including adding new features and defaults. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.4.1 adds support for new software, performance improvements, and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 12.1.0 improves tooltips, and resolves a couple bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Dymo Connect for Desktop 1.3.2.18 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dymo.com/label-makers-printers/labelwriter-label-printers/dymo-labelwriter-450-duo-thermal-label-printer/SAP_1752267.html

TP-Link Archer AX55 v1 240325 adds almost a dozen new features, improves stability and resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

TP-Link Archer AX73 v2.0 240323 resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

UniFi Network Server 8.1.127 enhances firewall rules visibility, adds tunnel IP addresses, OSPF dynamic routing support, and resolves a dozen bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.1.19.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Wacom Driver 6.4.6-1 adds support for newer hardware, resolves several bugs and improves stability.
https://www.wacom.com/en-us/support/product-support/drivers

Xerox Smart Start 2.0.34.0 doesn’t provide a change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.65.133 is a security update.
https://brave.com/

Firefox 126 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 124.0.6367.207 is a security update.
https://www.google.com/chrome/

Microsoft Edge 124.0.2478.97 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.7.3329.29 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.15.5.72973 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.15.5.72972 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.10.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.10 is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.0.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 199.4.6287 removes a cosmetic defect. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 211.0.0.18.236 is a security update.
https://www.messenger.com/download

FileZilla Client 3.67.0 is a security update.
https://filezilla-project.org/

FileZilla Server 1.8.2 is a security update.
https://filezilla-project.org/

FreeFileSync 13.6 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 90.0 resolves several bugs. This is the last version to support macOS 10.15 – if your hardware can not support macOS 11 you should have already removed it from the Internet, but if not, please take this as one more signal that it’s time to replace it.
https://drive.google.com/start

Microsoft Teams 1.7.00.10152 resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.0 is a major update, resolving dozens of bugs, updating libraries, and improving workflow and design. This should be treated as a security update.
https://nextcloud.com/

Nmap 7.95 adds over 6,500 more fingerprints, new scripts and resolves several bugs. This is a security update.
https://nmap.org/

PuTTY 0.81 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Signal 7.8.0 adds emoji call responses and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.6.2 adds emoji call responses, adds sent message editing, and resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Skype 8.116.0.213 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.27.7 resolves a potential security bug.
https://syncthing.net/

Telegram 5.0.1 resolves several bugs. This is not a security update.
https://telegram.org/

USB Drive Log 1.13 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/usb_drive_log.html

Z-Library 1.02 doesn’t provide a change log so should be treated as a security update.
https://z-library.se/z-access#desktop_app_tab

Zoom 6.0.4.38135 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.4 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.9 resolves several bugs. This is a security update.
https://www.bitwig.com/download/

Grayjay 240 adds several new features, sources, improvements, and resolves a dozen bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.2.3 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.92.1.140 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.60.1.134 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.2.8395 resolves several bugs, including an installation path issue. If you used a custom path you will need to uninstall and reinstall in order for future automatic updates to work correctly. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2024.4.0.137 changes homepage. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.201 resolves several bugs and improves interface. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.81.01 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.20.6 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 18.0.1 resolves several bugs. This is a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.430 resolves several bugs and improves hardware support. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-05-13 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
By the way, we won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

SteamOS SteamDeck Update 2024-05-03 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat and Reader 24.002.20759 and 20.005.30636 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-29.html

Adobe Aero 0.24.4 is a security update.
https://helpx.adobe.com/security/products/aero/apsb24-33.html

Adobe Animate 23.0.6 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-36.html

Adobe Dreamweaver 21.4 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb24-39.html

Adobe FrameMaker 2020.6 and 2022.4 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-37.html

Adobe Illustrator 28.5 and 27.9.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-30.html

Adobe Substance 3D Designer 13.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-35.html

Adobe Substance 3D Painter 10.0.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html

Aronium 1.43.0.2 adds dual currency and night theme, improves refund behavior, and resolves several bugs. This is not a security update.
https://aronium.com/

Audacity 3.5.1 adds a bunch of new features and resolves dozens of bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.10.0 adds export support, spell check, color inversion and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.6 improves wrapped line caompatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Formatta Filler 8.19.0.4 doesn’t provide a change log so should be treated as a security update.
https://formatta.com/formatta-products/complete-submit/

GIMP 2.10.38 doesn’t provide a detailed change log so should be treated as a security update.
https://www.gimp.org/

Java 8u411 is a security update.
https://www.java.com/en/download/manual.jsp

JShelter 0.18 improves compatibility. This is not a security update.
https://jshelter.org/install/

Kdenlive 24.02.2 improves compatibility and resolves several bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.3.70840 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.6.7 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.3 resolves over 75 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.5.13.1531 adds several new features and improves email integration and display. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.0 resolves dozens of bugs and updates libraries. This is a security update.
https://nextcloud.com/

Notepad++ 8.6.7 improves multiedit and language support, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.3.0.386 adds page extraction, label modification, improves sort and group behavior and resolves dozens of bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240509-R15_25 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240509-R12_15 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.9.0 adds native rules, timezone improvements, and adds ability to change default conditional when searching. This is not a security update.
https://github.com/countercept/chainsaw

Microsoft Edge Policy 2024.05.07 updates policies. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

OpenSSL 3.3.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.2.2 improves performance. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.16.1 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.118 adds support for more detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1266 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

Tails 6.2 is a security update.
https://tails.net/install/download/index.en.html

Velociraptor 0.72 adds EWF support and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.3 improves OCR, performances, updates libraries and resovles several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.7 resolves several couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.7.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.0 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.32 improves compatibility, adds support to import from more third-party platforms, and resolves several bugs. This is a security update.
https://1password.com/downloads/

Agent Ransack 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AOMEI Partition Assistant 10.4.0 improves the user interface. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.4.2 improves passkeys support and secrets manager, and adds a new Authenticator app. This is not a security update.
https://bitwarden.com/

BulkFileChanger 1.73 resolves a timezone-related bug. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

CCleaner 6.23.11010 resolves several bugs. This is a security update.
https://www.ccleaner.com/

DesktopOK 11.21 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.92.0 resolves a .git/.gitignore bug, updates .NET library and translations. This is a security update.
https://dngrep.github.io/

ExplorerPatcher 22621.3527.65.2 resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FileLocator Pro 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FoneTool 2.6.1 adds iOS Data Recovery and resolves a crash bug. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.45.0 adds dozens of new features and behaviors, and resolves over 50 bugs. This is not a security update.
https://git-scm.com/

Go 1.22.3 is a security update.
https://go.dev/

GoodSync 12.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.02 doesn’t provide a change log so should be treated as a security update.
https://www.hwinfo.com/download/

InstalledAppView 1.08 resolves a CLI bug. This is not a security update.
https://www.nirsoft.net/utils/installed_app_view.html

IsMyHdOK 3.96 improves performance and testing accuracy. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 2.0.1 updates dependencies and build environment, and resolves a stability bug. This is not a security update.
https://lessmsi.activescott.com/

NirCmd 2.87 adds and resolves ~$ variables. This is not a security update.
https://www.nirsoft.net/utils/nircmd.html

NTLite 2024.5.9931 resolves dozens of bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.12.1 is a security update.
https://osquery.io/downloads

PingInfoView 3.05 adds option to map source IPv4 Address. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.80.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.10.1 adds a dozen features and parameters, improves stability and reliability, and resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 9.5.8 improves GUI. This is not a security update.
https://www.roboform.com/

ScreenConnect 24.1.7.8892 resolves dozens of bugs and improves compatibility. This should be treated as a security update.
https://screenconnect.connectwise.com/download

Starwind V2V Converter 9.444 adds support for new conversions. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

WinGet 1.7.11261 fixes elevation issues, updates dependencies and libraries. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WUMT 04.22.2022 improves Windows 11 compatibility. This is not a security update.
https://www.oldergeeks.com/downloads/file.php?id=1366

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.5 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.3.1 adds device streaming for testing, integrates crashlytics, improves App Quality Insights, and adds audio redirection. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.14 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

cx_Freeze 7.0 updates dependencies and libraries and resolves hundreds of bugs. This should be treated as a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GitHub Desktop 3.3.17 removes support for older macOS versions, resolves a dozen bugs and improves user interface. This is not a security update.
https://desktop.github.com/

Godot 4.2.2 improves CLI support, resolves the audio bug, and more than 200 other issues. This is a security update.
https://godotengine.org/

MySQL ConnectorNet 8.4.0 updates libraries and resolves several bugs. This is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.37 resolves dozens of bugs. This is a security update.
https://dev.mysql.com/downloads/installer/

NASM 2.16.03 improves the build process. This is not a security update.
https://www.nasm.us/index.php

Node.js 18.20.2 is a security update.
https://nodejs.org/en/

Node.js 20.13.1 resolves several bugs and updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 21.7.3 is a security update.
https://nodejs.org/en/

Node.js 22.1.0 is a major update. This is a security update.
https://nodejs.org/en/

Redemption 6.5.0.6294 improves integration and resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

Rustup 1.27.1 resolves several bugs. This is not a security update.
https://www.rust-lang.org/

SQLite 3.45.3 adds new JSON handling behaviors and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.16.0 resolves a dozen bugs and updates libraries. This is a security update.
https://tortoisegit.org/

TortoiseSVN 1.14.7 resolves several bugs. This is a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.89.1 adds support to exclude content from Copilot and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.40 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.18 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.5 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.1.0 adds more than a dozen features and code and performance improvements. This is not a security update.
https://www.joomla.org/

MAMP 5.0.6 updates dependencies. This should be treated as a security update.
https://www.mamp.info/en/mamp/windows/

phpList 3.6.15 is a security update.
https://www.phplist.org/

Piwigo 14.4.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.5.3 is a security update.
https://wordpress.org/

BuddyPress 12.4.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.4 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.9 improves compatibility and resolves a bug. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar 2.7 resolves a cosmetic bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.69 should be treated as a security update.
https://wordpress.org/extend/plugins/postie/

Slider Revolution 6.7 resolves several bugs. This is a security update.
https://revolution.themepunch.com/

Social Post Feed 4.2.4 improves integration. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.44 improves API key controls. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.7.2 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.9.0 improves compatibility and resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.6 resolves several bugs. This is a security update.
https://wpbakery.com/

WPtouch 4.3.59 adds support for Reddit, improves compatibility, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-01-09

Happy New Year, Folks!

Today is Patch Tuesday for January, 2024.

There were over 200 major hacks, but only about 130 application updates this month. It’s a very light month, with about 1.3 GB of updates for most users.

This Month in Technology

360 Physical Therapy, LLC, 3CX, 70% of Iran’s gas stations, Academy Mortgage Corporation, AccessDx Laboratory, LLC, AccessOne Medcard, Inc., AI Engine plugin for WordPress, Air Albania, Albanian Parliament, Albanian telecom, Americold, Amerigroup Iowa, Inc, Amwins Group, Inc., Apache OFBiz, Apache RocketMQ, Apache Struts, Asper Biogene, Ateam, Austal USA, Barracuda ESG, Battelle Energy Alliance, LLC, Beirut Airport, BELLIN HEALTH, Bezeq, BlueCross BlueShield of Tennessee, Inc., Booking.com, Box.com, Brown & Streza LLP, Buckley King LPA, Bunker Hill Community College, California Northstate University, Capital Health, Cardiothoracic and Vascular Surgeons, P.A., CareTree, Inc., Cellcom, CertiK on X, Chilean Government, City of Hope, Clay County Social Services, Co-Founder of Nest Wallet, Coin Cloud, Comcast Cable Communications LLC, Comcast/Xfinity, ConsensioHealth, LLC, Cooper Aerobics Enterprises, Inc., Corewell Health, County of Los Angeles Department of Mental Health, Court Services Victoria, Australia, D.C. Board of Elections, defense contractors, Delta Dental of California, Downfall, Drug Emporium, Eagers Automotive, EasyPark, EMSI, Enstar (US) Inc, Erie Family Health Centers, ESO Solutions, ESSEMTEC, Estes Express Lines, Eye Physicians of Central Florida, PLLC, Eyefinity, Inc., Fallon Ambulance Services, Federal Tax Service of Russia, Fidelity National Financial, Fincantieri Marine Group, LLC, First American Financial Corporation, First Choice Dental, Flagstar Bank, N.A., Florida Water Products, Fred Hutchinson Cancer Center, French company, Fresno Regional Workforce Development Board, Fresno Surgical Hospital, Gallery Systems, German H-Hotels, Glendale Community College, Greater Cincinnati Behavioral Health Services, GTKWave, Healix Infusion Therapy, LLC, Health Diagnostic Management, LLC, Health Net Community Solutions, HealthEC LLP, Heart of Texas Behavioral Health Network, Housing Authority of the County of San Bernardino, HTC Global Service, Humana Inc, Hyundai on X, Idaho National Labs, Independent Vision Group, LTD, Insomniac Games, Insurance ACE/Humana Inc., Integris Health, Italian military gear shop, Ivanti Avalanche, Ivanti Endpoint Management, Jell-O, JetBrains TeamCity, Judiciary of Córdoba in Argentina, Katholische Hospitalvereinigung Ostwestfalen, Keenan & Associates, Kimco Staffing Services Inc., Knox Ricksen LLP, Kraft Heinz, Kyivstar, Ledger dApp, LegendasTV, LoanCare, loanDepotLone Peak Physical Therapy, Inc., Los Altos Food Products, LLC, Los Angeles County Department of Mental Health, ManageEngine OpManager, Mandiant, Maxco Supply, Inc., Maytronics, Mellow Massage Hollywood, Memorial University of Newfoundland, Merced City School District, Meridian Behavioral Healthcare, Inc., Merrick Bank, Mexican banks, Microsoft Xamarin, Mint Mobile, Molina Healthcare of Ohio, Inc., MongoDB, Mountain Dermatology Specialists, PC, Movistar, Mr. Cooper, Musick, Peeler & Garrett LLP, National Amusements, National Student Clearinghouse, Nationstar Mortgage LLC, Navvis & Company, LLC, Netgear on X, Network180, North Face, North Kansas City Hospital, Norton Healthcare, NYC Health + Hospitals, Ohio Lottery, Orange Spain, Orbit Chain, Orcutt Union School District, Orrick, Herrington & Sutcliffe, Oscar Mayer, Panasonic Avionics Corporation, Pandol Brothers, Inc., Perforce Helix Core Server, pfSense, Philippine credit services provider, Primary Health & Wellness Center, LLC, ProSmile Holdings, LLC, QNAP VioStor NVR, Recology Inc., Regional Family Medicine, Retina Group of Washington, PLLC, Riverside County Office Of Education, Riverside Unified School District, Rockstar Games (GTA5 + GTA6), Rush System for Health, Russian sushi restaurant, Senior Scripts, Shufersal, Sony, Southeastern Orthopaedic Specialists, PA, Supreme, Swedish fintech company, Talus Pay, TaxPlus, The Foleck Center, LTD, The Jacmar Companies, LLC, The Middlefield Banking Company, Thunder Terminal, Tigo Business, Timberland, Tipalti, Toronto Zoo, Toyota Financial Services, Transformative Healthcare, TRISTAR Insurance Group, TTM Technologies, Ubiquiti, Ubisoft, Ukrainian security cameras, University of Buenos Aires, Vans, Velveeta, VF Corp, Vi Living, Vietnamese fashion store, Viking Therapeutics, Wabtec Corporation, Wealth Network, Welltok, Inc. (and many more), WICR Waterproofing and Construction Inc., WordPress Backup Migration plugin, Xerox Business Solutions, Yakult Australia, Yorkshire Wellness Group, Corp., and ZOLL Medical Corporation have reported hacking or compromised this month.

Box.com, Kyivstar, loanDepot, and First American have suffered from outages this month.

Last months updates broke Avira Antivirus, NPS (Radius) servers, various Tesla functions, Windows Explorer & task bar, and Windows Wi-Fi.

Microsoft can’t convince Microsoft to use Microsoft services.

Central authentication services like OAuth and SSO still cause all sorts of problems. And ads are still very very bad for you.

23andMe is blaming their users for exposing the data of almost 7 million users.

LastPass now requires slightly less horrible passwords. (They’re still not good.)

You should assume that software setting-based security will always fail you. Hardware switches are the only reliable method.

Now for the good news:

The FTC has ordered X-Mode to stop selling and preserving cell phone location data, a surprising win for privacy. If this is obeyed, only government agencies, hardware vendors, and operating system vendors will be able to trade in your location information.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is pretty small this month. The typical computer should see roughly 1.3 GB in updates today. Let’s get started.

Microsoft released updates to address 62 vulnerabilities in .NET, .NET Core, .NET Framework, Azure Storage Mover, Microsoft Bluetooth Driver, Microsoft Devices, Microsoft Edge, Microsoft Identity Services, Microsoft Office SharePoint, Microsoft Office, Microsoft Virtual Hard Drive, Remote Desktop Client, Servicing Stack Updates, SQL Server, SQLite, Unified Extensible Firmware Interface (UEFI), Visual Studio, Windows Active Directory, Windows AllJoyn API, Windows Authentication Methods, Windows BitLocker, Windows Cloud Files Mini Filter Driver, Windows Collaborative Translation Framework, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Group Policy, Windows Hyper-V, Windows Kernel, Windows Kernel-Mode Drivers, Windows Libarchive, Windows Local Security Authority Subsystem Service (LSASS), Windows Message Queuing, Windows Nearby Sharing, Windows ODBC Driver, Windows Online Certificate Status Protocol (OCSP) SnapIn, Windows Scripting, Windows Server Key Distribution Service, Windows Subsystem for Linux, Windows TCP/IP, Windows Themes, Windows Win32 Kernel Subsystem, Windows Win32K, and MSRT (~1 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 16.7.4, iOS 17.2.1, iPadOS 16.7.4, Safari 17.2.1, and macOS Sonoma 14.2.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.4 and 17.2.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.4 is a security update. Use Settings, General, Software Update to install the most current update.

Google Chrome OS 119.0.6045.214 and 120.0.6099.203 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Zorin OS 17.0 is a major update, with added hardware and software compatibility, improved design and reduced hardware requirements.
https://zorin.com/os/mirrors/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

DS4Windows 3.3.3 resolves several bugs. This is the final version so you should consider removing it instead of updating.
https://github.com/Ryochan7/DS4Windows/releases/latest

Epson ET-5880 3.04.00 doesn’t provide a changelog so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-5880/s/SPT_C11CJ28201

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.61.114 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 121.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.6.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 120.0.6099.200 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 120.0.2210.121 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.5.3206.50 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.13.3 resolves a couple bugs and adds a new security filter for HTML rendering. This is a security update.
https://getmailspring.com/

OutlookAttachView 3.51 improves warnings. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.12.0.63910 adds Shared Drafts and Email Labels. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.12.0.63909 adds Shared Drafts and Email Labels. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.6.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 189.4.8427 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dropbox.com/

Facebook Messenger 202.0.0.15.225 is a security update.
https://www.messenger.com/download

FileZilla Client 3.66.4 is a security update.
https://filezilla-project.org/

FreeFileSync 13.3 resolves several compatibility issues. This is not a security update.
https://www.freefilesync.org/download.php

jq 1.7.1 is a security update.
https://jqlang.github.io/jq/

Nextcloud Server 28.0.1 is a security update.
https://nextcloud.com/

Pocketnet-GUI 0.8.76 adds support for new video servers and a Christmas theme. This is not a security update.
https://pocketnet.app/

PuTTY 0.80 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Rclone 1.65.1 is a security update.
https://rclone.org/

Signal 6.43.2 resolves several bugs. This is not a security update.
https://signal.org/download/

Signal (Android) 6.42.3 updates buttons. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.27.2 is a security update.
https://syncthing.net/

Telegram (Android) 10.5.0 doesn’t provide a change log so should be treated as a security update.
https://telegram.org/apps

Telegram 4.14.4 resolves several bugs. This is not a security update.
https://telegram.org/

Trillian 6.5.0.34 resolves several bugs. This is not a security update.
https://www.trillian.im/

Zoom 5.17.2 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.0 adds several new tracking features. This is not a security update.
https://en.3tene.com/

darktable 4.6.0 improves performance and resolves dozens of bugs. This is not a security update.
https://www.darktable.org/

Grayjay 227 improves stability and resolves dozens of bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.1.3 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.84.1.4069 doesn’t provide a change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.53.0.4063 doesn’t provide a change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

TuneIn 1.28.0 doesn’t provide a change log so should be treated as a security update.
https://tunein.com/radio/home/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.11.1.129 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.186 improves performance and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.51.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2024.104 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2023-12-11 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2024-01-03 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Experience Manager Forms 6.5.13.0+ and 6.5.19.1 are security updates.
https://helpx.adobe.com/security/products/aem-forms/apsb23-77.html

Adobe Reader DC Patch 23.008.20458 is a security update.
https://get.adobe.com/reader

Adobe Substance 3D Stager 2.1.4 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-06.html

Calibre 7.3.0 adds a tag browser, OpenType improvements, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

GnuCash 5.5 resolves over two dozen bugs. This is not a security update.
https://www.gnucash.org/

ImageMagick 7.1.1-26 resolves dozens of bugs. This is not a security update.
https://imagemagick.org/

Kindle for PC 2.3.70673 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Manager 24.1.9.1264 adds the ability to use codes and reference numbers in batch operations. This is not a security update.
https://www.manager.io/

Notepad++ 8.6.1 updates libraries, adds a couple features, and resolves over a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

OpenOffice 4.1.15 is a security update.
http://www.openoffice.org/download/

PDF-XChange Editor 10.2.0.384 improves control for compression, comments and margins, and adds support to search within comments and open email messages in the editor. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20231120-R13_53 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20231107-R9_116 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

ProtonVPN (macOS) 4.1.1 improves stability. This is not a security update.
https://protonvpn.com/download

QubesOS 4.2.0 updates libraries, updates default behaviors, and resolves several bugs. This is a security update.
https://www.qubes-os.org/downloads/

Stinger 12.2.0.709 updates detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 5.21 updates libraries and resolves several bugs. This is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.55.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.7.1 updates notebooks, improves plugins, and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.40.1 resolves a couple minor bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 24.0.4 resolves a couple crash bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.0.9 resolves several bugs and improves compatibility. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.7.2 resolves several bugs. This is not a security update.
https://handbrake.fr/

PDF Creator 5.2.0 adds Outlook Web Access support and resolves several bugs. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.5.8 resolves dozens of bugs and improves reliability. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.0.7 improves performance and stability. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.23 resolves a bug. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.2.2 resolves a couple bugs. This is not a security update.
https://www.diskpart.com/

Bitwarden 2023.12.1 improves auto-fill. This is not a security update.
https://bitwarden.com/

CCleaner 6.19.10858 resolves several stability bugs. This is not a security update.
https://www.ccleaner.com/

CurrPorts 2.77 improves IPv6 compatibility. This is not a security update.
https://www.nirsoft.net/utils/cports.html

DesktopOK 11.15 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.0.189.0 resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2023-12-19 is a security update.
https://github.com/simonrob/email-oauth2-proxy

ExplorerPatcher 22621.2861.62.2 resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.54 adds support for Windows 11 23H2v2. This is not a security update.
https://github.com/pbatard/Fido/releases

Fing 3.6.0 resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync and GoodSync2Go 12.5.3 improves compatibility, stability and security. This is not a security update.
https://www.goodsync.com/

Homedale 2.09 adds MAC grouping and improves oui.txt support. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 7.68 doesn’t provide a detailed change log so should be treated as a security update.
https://www.hwinfo.com/download/

Kingston SSD Manager 1.5.3.4 doesn’t provide a detailed change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

Memtest86+ 7.00 adds support for new hardware, improves debugging and resolves several bugs. This is not a security update.
https://www.memtest.org/

NTLite 2023.12.9552 improves controls and resolves a couple bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.77.0 resolves dozens of bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ripgrep 14.1.0 resolves several bugs. This is not a security update.
https://github.com/BurntSushi/ripgrep/releases/latest

TcpLogView 1.41 adds support for setting CaptureInterval in cfg file. This is not a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

WifiInfoView 2.92 adds an option to start as hidden. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinGet 1.6.3482 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.1 is a security update. Expect well-maintained applications that package .NET Runtime with them to release new versions in the near future.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.1.1.27 resolves a couple bugs. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.11 resovles several bugs. This is not a security update.
https://www.autohotkey.com/download/

Node.js 21.5.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

TortoiseSVN 1.14.6 resolves several bugs. This is not a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.85.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.2 resolves over a dozen bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.0.2 and 4.4.2 resolve several bugs. This is not a security update.
https://www.joomla.org/

Piwigo 14.1.0 improves compatibility and resolves several bugs. This is not a security update.
https://piwigo.org/

Contact Form 7 5.8.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

My Sticky Bar 2.6.7 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Redirection 5.4.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Social Post Feed 4.2.1 improves reliability. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.40 improves cleanup. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WooCommerce 8.4.0 resolves dozens of bugs and provides almost 100 improvements. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Cerber Security 9.6.1 fixes a 2FA bug and a crash bug. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.11.0 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/