Updates 2020-09-08

Welcome back, Folks!

Today is Patch Tuesday for September 2020.

This Month in Technology

I enjoy the soapbox I’ve taken here in my newsletters over the years, but unfortunately we were struck by a PG&E “Public Safety Power Shutoff” event so lost more than a day this week for Patch Tuesday and haven’t had the time (or Internet access!) to be able to collect this information for this newsletter. 🙁

Now for the good news:

Adobe Flash will be dead in only 113 days.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Internet Explorer, Office, Servicing Stack, and MSRT (~1.5 GB). This includes security updates. A reboot is required.

Apple released an update for Pro Video Formats 2.1.2. Use Apple Software Update to install these updates. A reboot is required.

Adobe Flash Player 32.0.0.414 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google Chrome OS 85.0.4183.84 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (2004) is a huge (about 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.2.9 improves removal process, and adds support for new hardware. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

nVidia 452.06 adds support for newer hardware and improves performances in some games. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.13.82 adds several new privacy controls and display options. This is a security update.
https://brave.com/

Google Chrome 85.0.4183.102 is a security update.

Microsoft Edge 85.0.564.44 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 80.0.1 resolves several bugs. This is not a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 68.12.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 3.3.2022.39 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.2.0 resolves several bugs and improves OpenPGP integration. This should be treated as a security update.
https://www.thunderbird.net/en-US/

OutlookAttachView 3.42 adds cell context copy option. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

curl 7.72.0 resolves one hundred bugs, adds zstd decoding, improves failure handling and adds effective method. This is a security update.
https://curl.haxx.se/windows/

Dropbox 104.4.175 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.50.0 updates Storj integration. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.freefilesync.org/download.php

Npcap 0.9997 is a security update.
https://nmap.org/npcap/

Prosody 0.11.6 resolves several bugs, and improves reliability and security.
https://prosody.im/download/start

Technitium DNS Server 5.2 resolves several bugs and adds certbot support. This is not a security update.
https://technitium.com/dns/

Zoom 5.2.45120.0906 disables webinar attendance by telephone. They plan to re-enable this feature “in the coming weeks.” This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

Picard 2.4.4 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

3tene 2.0.3 resolves several bugs and adds z-axis tracking to Pro. This is not a security update.
https://en.3tene.com/

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.09.03 resolves several bugs. This is not a security update.

PlayStation PS4 7.55 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 20.012.20043 resolves compatibility issues with some programs. This is a security update.

Adobe DNG Converter 12.4 adds support for new hardware.
Win: https://supportdownloads.adobe.com/detail.jsp?ftpID=6975
Mac: https://supportdownloads.adobe.com/detail.jsp?ftpID=6973

Adobe Experience Manager 6.5.6.0 and 6.4.8.2 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb20-56.html

Adobe Framemaker 2019.0.7 is a security update.
https://helpx.adobe.com/security/products/framemaker/apsb20-54.html

Adobe InDesign 15.1.2 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb20-52.html

Atom 1.51.0 improves performance resolves several bugs. This is not a security update.
https://atom.io/

Blender 2.90 adds many new features and controls. This is a major update.
https://www.blender.org/download/

LibreOffice 6.4.6 resolves 70 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.0.1 resolves over 70 bugs. This is a security update. Remember that this is a beta version of LibreOffice, so should be avoided by most users.
https://www.libreoffice.org/

Nextcloud Desktop 3.0.1 resolves several bugs and adds several new features. This is not a security update.
https://nextcloud.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 3.1.13 resolves several bugs and improves compatibility. This is a security update.
https://www.gpg4win.org/download.html

RogueKiller 14.7.2 adds several new features and updates libraries. This is not a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.29.2 resolves a couple bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.27 adds several new features and resolves more than a dozen bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.1.0.5 resolves a couple bugs and adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Education updates

One or more of these are likely to be of interest to most people.

e-Sword 12.2 improves search and display. This is not a security update.
https://www.e-sword.net/

Utility Updates

These are unlikely to be of interest to most people.

Agent Ransack 2019.2947 adds installer flags for language, ui, and registration, resolves a performance bug with exporting searches that don’t parse content. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

DesktopOK 7.81 adds 64-bit improvements. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.71 adds option to copy contents of the clicked cell. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

DriverView 1.50 resolves a 64-bit compatibility problem. This is not a security update.
https://www.nirsoft.net/utils/driverview.html

Etcher 1.5.107 resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 8.5.2947 adds installer flags for language, UI, and registration, resolves a performance bug with exporting searches that don’t parse content. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 2.0.1 adds support for new device detection, Wi-Fi heatmap, security details and resolves a bug in Bonjour discovery. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

GoodSync 11.3.3 resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

Homedale 1.89 improves columns in GUI, and now uses UTF8 for logs. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.42 adds support for new hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 2.32 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.0.0.7640 improves component controls and settings, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 8.9 improves GUI, and resolves several bugs. This is not a security update.
https://www.diskpart.com/

PointerStick 4.66 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.21.1 improves stability, adds several features, and resolves bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 8.9.2 resolves several bugs, including a reliability bug in manual saves. This is not a security update.
https://12pd.com/click?rf

TeamViewer 15.9.4 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en/download/windows/

TraceRouteOK 2.22 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

Ultimate Boot CD 5.3.9 updates libraries. This is not a security update.
http://www.ultimatebootcd.com/download.html

WinGet 0.1.42241 adds autocomplete. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 6.01 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.35 improves logging and export capabilities, and adds max last-modified date for newest file in the folder tree. This should be treated as a security update.
https://wiztreefree.com/

Developer Updates

These are unlikely to be of interest to most people.

Node.js 14.10.0 resolves dozens of bugs, updates libraries, and improves stability. This is not a security update.
https://nodejs.org/en/

SQLite 3.33.0 resolves several bugs, adds support for arbitrary-precision decimal arithmetic, UPDATE FROM, increases maximum database size, and improves integrity checks.
https://www.sqlite.org/download.html

StrawberryPerl 5.32.0.1 is a major update adding new features, bug fixes, libraries and compatibility. This is not a security update.
http://strawberryperl.com/

Visual Studio Code 1.48.2 resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.8 resolves several bugs, improves stability and reliability. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.14-140239 resolves several bugs and adds support for Linux kernel 5.8. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.09 resolves several bugs. This is not a security update.
https://coppermine-gallery.net/

Dada Mail 11.11.2 is a security update.
https://dadamailproject.com/

Drupal 9.0.5 resolves a cosmetic bug and changes component registry to avoid flagging for non-existent security vulnerability. This is not a security update.
https://drupal.org/download

HumHub 1.6.3 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 3.9.21 is a security update.
https://www.joomla.org/

Nextcloud Server 19.0.2 resolves dozens of bugs and updates libraries. This is not a security update.
https://nextcloud.com/

phpList 3.5.6 adds reply-to support, forwarding improvements, and resolves several bugs. This is not a security update.
https://www.phplist.org/

ScreenConnect 20.10.957.7556 resolves several bugs and adds new user controls. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.5.1 resolves dozens of bugs. This is not a security update.

Autoptimize 2.7.7 is a security update.

Contact Form 7 5.2.2 resolves several bugs. This is not a security update.

Social Post Feed 2.16.1 resolves several bugs. This is not a security update.

Interactive World Map 3.1.8 improves compatibility and resolves several bugs. This is not a security update.

myStickymenu 2.4.4 resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.18 resolves several bugs and improves compatibility. This is a security update.

W3 Total Cache 0.14.4 resolves several bugs and improves compatibility. This is not a security update.

WooCommerce 4.5.1 resolves several bugs and improves compatibility. This is not a security update.

WP Mail SMTP 2.3.1 improves compatibility and resolves several bugs. This is not a security update.

Show IDs 1.1.5 improves compatibility. This is not a security update.

WPtouch 4.3.38 resolves several bugs. This is not a security update.

WordPress Zero Spam 4.10.1 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-03-24

Hi, Folks!

It’s not Patch Tuesday, but security updates from Apple, Adobe, Google, and many others have triggered an out-of-cycle update.

This Month/Week in Technology

NPM is joining Github. Cool.

Apple was fined $1.2 billion by French antitrust authorities. And you thought the next iPhone was going to be expensive yesterday? They’ll be rolling the expense of the antitrust settlement into your next iDevice.

Security is all about trust. The thing to remember is that just because something claims to be a security application or service doesn’t mean it is. Antivirus and VPNs are no exception. By the way, if you’re still using Avast, you may as well just send your passwords out to random email addresses along with all your other personal data.

Content Delivery Networks (CDNs) are critical for scalable web distribution. Unfortunately, this makes them prime targets for malware distribution as well.

Salesforce customers will soon no longer be able to use Data Backup Recovery. Consider this a reminder that while the cloud might store everything, it’s not always easy to get it back when you’ve lost it.

The US Department of Defense is glacially slow (8+ years) at fixing security issues. Don’t say you weren’t warned. In their wisdom, the FBI says you shouldn’t save your passwords in your browser. Duh.

Even if you don’t, however, your data is stored by most other entities you interact with. For example, every 10 years the US performs the Census and collects a wide variety of information about every household in the country. When the US Census Bureau data is hacked you can find that data online, too. But that’s not even the worst of what’s wrong with the Census this year. Their website uses a script that performs a unique fingerprint of every single device that connects to their site and attempts to load various sensor features to further profile and access features of the device. Coupled with the “unique” login you use when filling out the Census your online activity can be permanently tied to your devices. And yes, this is the same organization that had a major data leak earlier in this paragraph.

The Internet of Things (IoT) is much less secure than you may have thought, no matter how bad you thought it was. 98% of their traffic is sent unencrypted, more than half of devices suffer from critical vulnerabilities that will likely never be patched, IoT devices are often used as a foothold to gain access to your internal networks, and hospitals are some of the worst offenders for employing insecure and unmaintained IoT devices.

Is it any wonder that the Russian FSB was developing an IoT botnet? Another FSB contractor was hacked and their tools were released in much the same way as the CIA Vault7 hack.

Now for the good news:

Comcast has made their public Wi-Fi hotspots available free to everyone and has removed data caps for the next 60 days as a result of the current pandemic. Just make sure you’re using a VPN. 🙂

Let’s Get Busy

Apple released updates for macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, Xcode 11.4, Safari 13.1, watchOS 6.2, watchOS 5.3.6, tvOS 13.4, iOS 13.4, iPadOS 13.4, iOS 12.4.6, and iTunes 12.10.5 for Windows. These are security updates. Use the Apple App Store or Apple Software Update to install the most current versions.

iOS 13.4 and 12.4.6 are security updates. Use Settings, General, Software Update to install the most current version.

watchOS 6.2 and 5.3.6 are security updates. Use your updated iPhone to install the most current version through the Watch app.
https://support.apple.com/en-us/HT204641

tvOS 13.4 is a security update. Use Settings, General, Updates to install the most current version.

Adobe Flash Player 32.0.0.344 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

nVidia 442.75 resolves several compatibility issues and adds app/game profiles. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.5.113 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 80.0.3987.149 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.11.1811.49 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 68.6.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.40 adds a new date/time filter. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

FileZilla Client 3.47.2.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 10.22 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Npcap 0.9989 resolves several bugs. This should be treated as a security update.
https://nmap.org/npcap/

Prosody 0.11.5 adds foreground/background flags to replace daemon functionality. This is not a security update.
https://prosody.im/download/start

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.10.5 is a security update. Use Apple Software Update to install the most current version.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 20.006.20042 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Creative Cloud Desktop?5.1 is a security update.
https://www.adobe.com/creativecloud/catalog/desktop.html

Adobe Bridge 10.0.3 is a security update.
https://www.adobe.com/products/bridge.html

Adobe ColdFusion 2016.14 and 2018.8 are security updates.
https://helpx.adobe.com/coldfusion/kb/coldfusion-2016-update-14.html
https://helpx.adobe.com/coldfusion/kb/coldfusion-2018-update-8.html

Adobe Experience Manager 6.3.3.8, 6.4.8.0, and 6.5.4.0 are security updates.
https://helpx.adobe.com/experience-manager/aem-releases-updates.html

Adobe Photoshop 20.0.9 and 21.1.1 are security updates. Use Adobe Creative Cloud Desktop to install the most current versions (after you patch it).

Adobe Acrobat 2020.006.20042, 2017.011.30166, and 2015.006.30518 are security updates. Use Adobe Creative Cloud Desktop to install the most current versions (after you patch it).

Adobe Genuine Integrity Service 6.6 is a security update. AdobeGCClient does not have a separate installer or updater, and will update as you patch other programs.

Atom 1.45.0 resolves several bugs and updates libraries. This should be treated as a security update.
https://atom.io/

LibreOffice Fresh 6.4.2 resolves over 90 bugs. This is a security update. LibreOffice Fresh is a beta version, and should be avoided for most users.
https://www.libreoffice.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 14.3.0 updates libraries, improves reliability and scanning behaviors. This is a security update.
https://www.adlice.com/download/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.22.1 resolves a couple bugs and updates translations. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.0.8.1 adds support for new encodings, improves compatibility, and resolves a couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.4.759 resolves several bugs and improves compatibility. This is not a security update.
https://1password.com/downloads/windows/

CurrPorts 2.61 resolves a state-monitoring bug. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Etcher 1.5.80 resolves several bugs and updates electron. This should be treated as a security update.
https://www.balena.io/etcher/

Everything 1.4.1.969 improves stability. This is not a security update.
https://www.voidtools.com/

Fing 9.0.0 adds several new feature shortcuts and an Account tab. This is not a security update.
https://community.fing.com/

GoodSync 10.11.2 resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

IsMyHdOK 2.11 updates language packs and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

TeamViewer 15.4.4445 resolves several bugs and adds the tvopt file format for setting portability. This is not a security update.
https://www.teamviewer.com/en/download/windows/

WSUS Offline 12.0 removes support for Windows 7, Windows Server 2008 R2, Win10 v1703, splits Win10 updates to versioned folders for future updates, and updates supercedence values. This is not a security update.
https://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

Inno Setup 6.0.4 improves compatibility, Restart Manager, and RTF, adds Dark Theme, several fixes and HTTPS on the website. This is not a security update.
https://www.jrsoftware.org/isdl.php

Node.js 13.11.0 updates libraries, improves compatibility, and resolves several bugs. This is not a security update.
https://nodejs.org/en/

StrawberryPerl 5.30.2.1 updates libraries, improves compatibility, and resolves several bugs. This is a security update. You probably shouldn’t be using StrawberryPerl though, since they still aren’t using HTTPS even though they can get it free through LetsEncrypt. Sad.
http://strawberryperl.com/

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 8.8.4 is a security update.
https://drupal.org/download

HumHub 1.4.4 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

phpMyAdmin 4.9.5 is a security update.
https://www.phpmyadmin.net/

Nextcloud Server 18.0.3 is a security update.
https://nextcloud.com/

phpList 3.5.1 updates libraries and resolves several bugs. This is a security update.
https://www.phplist.org/

Connectwise Control 20.2.27450.7387 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Akismet 4.1.4 improves compatibility and activation process. This is not a security update.

Custom Facebook Feed 2.12.4 improves compatibility and resolves several bugs. This is not a security update.

myStickymenu 2.3.8 improves compatibility, reduces announcement nag frequency, and allows custom HTML within notification bar. This is not a security update.

Postie 1.9.44 refactors code for separation of purpose and adds an action for registering shortcodes.

Redirection 4.7.1 resolves several bugs. This is not a security update.

WooCommerce 4.0.1 improves Action Scheduler and resolves several bugs. This is not a security update.

WP Mail SMTP 1.9.0 adds several troubleshooting features, improves documentation, About, and warns when settings are not saved. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2019-12-10

Merry Christmas, Folks!

Today is Patch Tuesday for December 2019.

Note: shortly after publishing, Google released Chrome 79.0.3945.79.

Windows 10, version 1909, is available. This version is minor compared to previous Windows 10 upgrades. Nevertheless, don’t do it yet. There is nothing so critically important in 1909 that the update can’t wait a month. Wait for it.
https://www.microsoft.com/en-us/software-download/windows10

Windows 7 will fall completely out of support in only 35 days. Don’t run out the clock. If you are running a licensed version of Windows 7 or 8 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Get it done before it’s too late. Don’t want to do it yourself? Call me!

There is a lot of talk right now about enabling POSready mode to gain additional time for Windows 7. This *does* work, but I recommend against it. POSready mode is designed to allow existing third-party software to continue to operate in the Windows 7 ecosystem, but Microsoft and most third-party developers will stop support when Windows 7 is end-of-life (EOL). This means that while your OS itself will continue to receive security updates, most other apps will not. If your device is used as a typical PC this means your risk will still significantly increase by relying on POSready with unmaintainable third-party applications.

Christmas is only a couple weeks away which means it’s that time of year when the best and worst of humanity is exposed. This time of year brings stress and urgency to everything, and that means people are more likely to be targeted for common phishing schemes, malicious attachments (invoices and holiday letters), end-of-year insurance scams, and advance fee fraud. You’ll be targeted by phone and email and the deluge won’t subside until mid-to-late January. Don’t be afraid to hang up and delete. It really is better to be safe than sorry.

If you’ve read more than a couple of my newsletters you’ve seen me hate on Avast regularly. Last week I was actually considering easing off and giving them another chance. Then I received diet spam FROM AVAST BUSINESS! I’ve reconsidered. If you’re using any of this software you should remove it immediately. Avast can’t be trusted. Having any of their software installed significantly increases the risk to your devices, and should be treated as a malware infection as far as I’m concerned.

Now back to our regularly scheduled program. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Internet Explorer, .NET, Servicing Stack, hardware drivers, and MSRT (~1 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Catalina 10.15.2, Mojave Security Update 2019-002, and High Sierra Security Update 2019-007, iOS 13.3, iOS 12.4.4, iPadOS 13.3, Safari 13.0.4, Xcode 11.3, watchOS 5.3.4, watchOS 6.1.1, and tvOS 13.3. These are security updates. Use Apple Software Update to install the most current versions.

watchOS 6.1.1 and watchOS 5.3.4 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 13.3 is a security update. Use System, Software Update to install the most current version.

macOS Catalina (10.15) is available. If you don’t have to, don’t install it. Mojave (10.14) will be supported for almost 2 more years.

iOS 13.3, iOS 12.4.4, and iPadOS 13.3 are security updates. Use Settings, General, Software Update to install the most current update.

Google Chrome OS 78.0.3904.106 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 32.0.0.303 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (1909) is a pretty small update so will install quickly. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

BullZip PDF Printer 11.11.0.2804 adds High-DPI support, printing page range, and copy+paste support for UTF16 characters. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Display Driver Uninstaller 18.0.2.0 improves Nvidia cleanup.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Dymo Label 8.7.3 doesn’t provide a changelog, so should be treated as a security update.
https://www.dymo.com/en-US/online-support/dymo-user-guides

MS Mouse and Keyboard Center 20191127 adds support for newer hardware. This is not a security update.
https://www.microsoft.com/accessories/en-us/downloads/mouse-keyboard-center

Nvidia 441.66 adds image sharpening for Vulkan and OpenGL, support for newer hardware, and multiple security fixes. This is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 79.0.3945.79 is a security update. Use Menu, Help, About to get the most current version.

Firefox 71.0 is a security update. Use Menu, Help, About to get the most current version.

Firefox ESR 68.3.0 is a security update. Use Menu, Help, About to get the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 68.3.0 is a security update. Use Menu, Help, About to get the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.30 adds History File and Record ID columns. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

FileZilla Client 3.46.0 resolves a crash, and updates dependencies. This is a security update.
https://filezilla-project.org/

FreeFileSync 10.18 adds parallel processing, grid sort, filter counts, improved responsiveness and bug fixes. This is not a security update.
https://www.freefilesync.org/download.php

MaxMind GeoIP2 201912 is a data refresh.
https://dev.maxmind.com/geoip/

WinSCP 5.15.9 is a security update.
https://winscp.net/eng/index.php

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.5.8.7128 improves error handling. This should be treated as a security update.
https://cdburnerxp.se/

Game Updates

These are unlikely to be of interest to most people.

Steam 2019.12.05 resolves several bugs, returns Small Mode, updates libraries, and adds GUI improvements. This should be treated as a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat DC 19.021.20058 is a security update. Use Menu, Help, Check for updates to get the most current version.

Adobe Reader DC 19.021.20058 is a security update. Use Menu, Help, Check for updates to get the most current version.

Adobe Photoshop CC 20.0.8 and 21.0.2 are security updates. Use Adobe Creative Cloud to install the most current version.

Artweaver 7.0.3 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Krita 4.2.8 improves disk write reliability, and resolves several bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

Notepad++ 7.8.2 resolves several bugs and returns the hotkeys to the save prompt. This is not a security update.
https://12pd.com/click?npp

Paint.net 4.2.8 updates libraries, improves performance, resolves several bugs, and adds self-repair with /repair. This should be treated as a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

Caine 11.0 adds several new features and apps, updates libraries, and updates core. This is a security update.
https://www.caine-live.net/

HTTP Toolkit 0.1.17 doesn’t provide a changelog so should be treated as a security update.
https://httptoolkit.tech/

RogueKiller 14.0.0.16 updates core engine, resolves several bugs, adds real time protection and documents protection. This should be treated as a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2020.0.3 resolves an Editor launch bug. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

MKVToolnix 41.0.0 adds many new features, improves meta storage, resolves several bugs. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

DVDFab 11.0.6.4 adds support for new encodings, new hardware, adds Enlarger AI and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.14.7 adds support for new encodings, resolves a file name variable expansion bug. This is not a security update.
https://12pd.com/click?makemkv

Utility Updates

These are unlikely to be of interest to most people.

Beyond Compare 4.3.3.24545 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitcoin 0.19.0.1 integrates a tool to analyze and reduce memory consumption, adds and updates many RPC functions. This is not a security update.
https://bitcoin.org/en/download

CPU-Z Installer 1.91 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Dell Command Update 3.1 adds CLI support, automatic suspension of BitLocker for BIOS updates, enhances return codes for CLI, update scheduling, and resolves several bugs. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 6.79 resolves a false AV alert. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.65 adds shortcut creation, and adds option to start remote registry service for automation. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Drive Snapshot 1.48 adds support for newer OSes, resolves encryption bugs. This is a security update.
http://www.drivesnapshot.de/en/

Etcher 1.5.69 updates libraries, resolves several bugs, and improves compatibility. This is not a security update.
https://www.balena.io/etcher/

GoodSync 10.10.15 resolves several bugs, improves and weakens security options (yes, really). This version should be avoided until they get their stuff together.
https://www.goodsync.com/

Homedale 1.86 improves the dot-chart. This is not a security update.
https://www.the-sz.com/products/homedale/

MS ISO Downloader 8.24 adds support for new media. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 1.8.0.7240 adds several options for new features, resolves bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 7.1.1002 resolves several bugs and improves reliability. This should be treated as a security update.
http://www.osforensics.com/download.html

Password Security Scanner 1.50 adds support for Windows Credentials passwords, and resolves a couple bugs. This is not a security update.
https://www.nirsoft.net/utils/password_security_scanner.html

RoboForm 8.6.5 resolves an upgrade data conversion bug, improves experience when changing Master password, improves login from RF behavior, and resolves several other bugs. This is not a security update.
https://12pd.com/click?rf

SearchMyFiles 3.07 resolves a bug. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TraceRouteOK 1.61 adds window position saving, resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

USBDeview 2.85 adds option to create shortcuts. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WinScan2PDF 5.11 improves WIA reliability, performance. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WirelessKeyView 2.11 improves output formatting and adds explore from here option. This is not a security update. Note that downloads are not password protected. This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

WSUS Offline 11.8.3 updates supercedence list, resolves several bugs. This is not a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.32.00 resolves several bugs, adds InputHook OnKeyUp callback, adds support for PixelSearch in fast mode. This is not a security update.
https://www.autohotkey.com/download/

Android Studio 3.5.3.0 improves stability and performance, resolves several bugs. This is not a security update.
https://developer.android.com/studio/index.html

Godot 3.1.2 resolves over 400 bugs. This is a security update.
https://godotengine.org/

Node.js 13.3.0 resolves several bugs, and updates libraries. This should be treated as a security update.
https://nodejs.org/en/

StrawberryPerl 5.30.1.1 updates core to 5.30.1 and updates libraries. This is not a security update.
http://strawberryperl.com/

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 8.8.0 makes several feature-level and requirements changes (recommended PHP is now 7.2+), removes several features and modules, updates libraries, and improves code consistency. This should be treated as a security update.
https://drupal.org/download

Brackets 1.14.1 is a security update.
http://brackets.io/

MailEnable 10.28 resolves several bugs, and adds recurring tasks and custom special folders. This is not a security update.
https://www.mailenable.com/

phpMyAdmin 4.9.2 resolves several bugs and improves compatibility. This is a security update.
https://www.phpmyadmin.net/

ScreenConnect 19.5.26030.7282 improves server compatibility. This is not a security update.
https://www.connectwise.com/software/control/download

ColdFusion 2018 Update 7 is a security update.
https://helpx.adobe.com/coldfusion/kb/coldfusion-2018-update-7.html

bbPress 2.6.2 resolves several bugs. This is not a security update.

BuddyPress 5.1.0 resolves several bugs. This is not a security update.

Contact Form 7 5.1.6 resolves an incompatible CSS bug. This is not a security update.

Custom Facebook Feed 2.12.2 resolves a bug. This is not a security update.

FV Top Level Categories 1.9.1 improves compatibility. This is not a security update.

Multisite Enhancements 1.5.2 resolves several bugs. This is not a security update.

Redirection 4.5.1 resolves broken canonical redirects. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.11 adds WordPress 5.3 support, resolves several bugs. This is not a security update.

Sucuri Security 1.8.22 adds several new checks. This is not a security update.

W3 Total Cache 0.11.0 resolves several bugs, improves compatibility and performance, and adds lazy loading. This is not a security update.

WooCommerce 3.8.1 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2019-06-11

Hi, Folks!

Today is Patch Tuesday for June 2019 and it’s a big one.

The typical computer should see roughly 1.1 GB in updates today. Let’s get started.

Microsoft released updates for Windows, .NET, Edge, Internet Explorer, Flash, Dynamic Update, POSReady and MSRT (~2 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 12.3.2, iCloud for Windows 7.12, iTunes for Windows 12.9.5, AirPort Base Station Firmware 7.9.1, and macOS Mojave 10.14.5 Supplemental Update. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 12.3.2 is a security update. Use Settings, General, Software Update to install the most current update.

Adobe Flash Player 32.0.0.207 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google Chrome OS 74.0.3729.159 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of Windows 10 (1903) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6 GB through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.1.5 adds support for newer hardware, improves cleanup and stability. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver & Support Assistant 19.5.22 resolves several bugs and improves security. This is a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 430.86 adds support for newer hardware and updates game profiles. This is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 75.0.3770.80 is a security update. Use Menu, Help, About to install the most current version.

Firefox 67.0.2 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 60.7.0 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.5.1525.48 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 60.7.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

iCloud for Windows 7.12 is a security update. Use Apple Software Update to get the most current version.

Skype 8.45.0.41 adds quick sign out and improves preference persistence. This is not a security update.
https://12pd.com/click?skype

IPInfoOffline 1.50 adds GeoLite2 City, Country and ASN database support. This is not a security update.
https://www.nirsoft.net/utils/ip_country_info_offline.html

MaxMind GeoIP 201906 is a data refresh.
https://dev.maxmind.com/geoip/

Technitium DNS Server 3.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/

WinSCP 5.15.2 is a security update.
https://winscp.net/eng/index.php

Media Updates

These are unlikely to be of interest to most people.

FastStone Viewer 7.1 adds HEIC and WEBP support, resolves bugs, and improves stability and security. This is a security update.
https://www.faststone.org/FSViewerDetail.htm

iTunes 12.9.5 is a security update. Use Apple Software Update to get the most current version.

VLC Media Player 3.0.7 improves Blu-ray and MP4 support, and resolves several bugs. This is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS4 6.71 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 6.0.12 improves stability and resolves a cloning bug. This is not a security update.
http://www.artweaver.de/

LibreOffice Fresh 6.2.4 resolves over a hundred bugs. This is not a security update.
https://www.libreoffice.org/

Notepad++ 7.7.0 updates Scintilla to 4.1.x and adds code signing. This should be treated as a security update. The first time it is opened after updating from a previous version will take longer. Be patient.
https://12pd.com/click?npp

Atom 1.38.0 resolves several bugs. This is not a security update.
https://atom.io/

Security Software Updates

One or more of these is likely to be of interest to most people.

Wireshark 3.0.2 is a security update.
https://www.wireshark.org/

Gpg4win 3.1.8 resolves several bugs. This is not a security update.
https://www.gpg4win.org/download.html

OpenSSL 1.0.2s is a security update.
https://openssl.org/

RogueKiller 13.2.2 resolves several bugs. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

RouterPassView 1.81 resolves a bug decompressing some binaries. This is not a security update.
https://www.nirsoft.net/utils/router_password_recovery.html

Stinger 12.1.0.3196 adds support for new detections. This is not a security update.
https://12pd.com/click?stinger

DNSQuerySniffer 1.80 adds support for GeoLite2 City and Country databases. This is not a security update.
https://www.nirsoft.net/utils/dns_query_sniffer.html

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2019.1.2 adds support for varying High-DPI displays, resolves several bugs, updates integration. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

CDex 2.18 resolves several bugs. This is not a security update.
https://cdex.mu/?q=download

DVDFab 11.0.3.4 improves compatibility, adds support for new encodings, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.14.4 adds support for new encodings and resolves several bugs. This is not a security update.
https://12pd.com/click?makemkv

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.8.0.6975 adds settings, adds support for Windows 10 v1903, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

1Password for Mac 7.3 improves mini, integration, and drag and drop support. This is not a security update.
https://1password.com/downloads/mac/

8GadgetPack 29.0 improves compatibility with Windows 10 v1903. This is not a security update.
https://8gadgetpack.net/

Beyond Compare 4.2.10.23938 adds support for case-sensitive folders, improves compatibility with OneDrive, and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Carbonite 6.3.5 resolves OneDrive compatibility issues. This is not a security update.
https://account.carbonite.com/

CPU-Z Installer 1.89 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 6.31 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

GoodSync 10.9.33 improves compatibility, updates libraries, and resolves bugs. This is not a security update.
https://12pd.com/click?goodsync

IsMyHdOK 1.71 improves compatibility and performance. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NetworkInterfacesView 1.15 adds several new fields and automatic elevation support. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

NetworkTrafficView 2.30 adds several new columns. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

OSFMount 3.0.1004 resolves a couple bugs. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

PointerStick 3.55 removes buggy code signing certificate. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

QuickSetDNS 1.30 adds support for IPv6.
https://www.nirsoft.net/utils/quick_set_dns.html

RoboForm 8.5.9 adds encryption iteration option and resolves several bugs. This is not a security update.
https://12pd.com/click?rf

SearchMyFiles 2.92 resolves large file size search and adds Explorer context feature. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TraceRouteOK 1.41 adds Polish language support. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinScan2PDF 4.81 removes buggy code signing certificate. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.29 resolves stability bugs. This is a security update.
https://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

WSUS Offline 11.7.2 resolves several bugs. This should be treated as a security update.
http://download.wsusoffline.net/

Windows 10 Media Creation Tool 1903 allows creating your own Windows 10 installation media for the latest build of Windows.
https://www.microsoft.com/en-us/software-download/windows10

Developer Updates

These are unlikely to be of interest to most people.

Node.js 12.4.0 moves several experimental features to stable, and updates several heap capabilities. This is not a security update.
https://nodejs.org/en/

StrawberryPerl 5.30.0.1 updates Perl core, gcc compiler and libraries. This is a security update.
http://strawberryperl.com/

Visual Studio Code 1.35 improves native semantic behaviors, definition context, breadcrumbs, and better merge conflict display. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.8-130520 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Drupal 8.7.3 resolves several bugs. This is a security update.
https://drupal.org/download

Joomla 3.9.7 is a security update.
https://www.joomla.org/

ConnectWise Control 19.1.24050.7079 doesn’t provide a detailed changelog (their site changes have been a pain), so this should be treated as a security update.
https://www.connectwise.com/software/control/download

MailEnable Enterprise 10.24 is a security update.
https://www.mailenable.com/

Nextcloud Server 16.0.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

phpMyAdmin 4.9.0.1 resolves dozens of bugs. This is a security update.
https://www.phpmyadmin.net/home_page/news.php

WordPress 5.2.1 resolves several bugs. This is not a security update.
https://wordpress.org/

Autoptimize 2.5.1 improves image handling, CSS deferral, and settings interface. This is not a security update.

Contact Form 7 5.1.3 resolves the Mail tab check bug. This is not a security update.

myStickymenu 2.1.6 is a security update.

Postie 1.9.35 resolves several bugs. This is not a security update.

Really Simple CAPTCHA 2.0.2 resolves a bug. This is not a security update.

Redirection 4.3.1 resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.7 improves compatibility. This is not a security update.

W3 Total Cache 0.9.7.5 updates libraries, resolves several bugs, and improves default PHP behaviors. This is not a security update.

WooCommerce 3.6.4 resolves several bugs. This is not a security update.

WordPress Zero Spam 3.1.1 resolves several bugs. This is a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2019-05-14

Hi, Folks!

Today is Patch Tuesday for May 2019.

This month was eventful.

Mozilla resolved the catastrophic end-of-extensions bug in Firefox that disabled all extensions worldwide for all Firefox users. From the rage and fear, you’d have thought the entire Internet was broken. While this event was disastrous for everyone who relies upon browser extensions for their daily lives (such as AdBlock), it was likely the single-most effective cleanup of malware in history.

Antivirus isn’t enough. According to reputable sources, a Russian hacking collective (Fxmsp) claims to have secured access to three leading antivirus companies.

According to the hacking collective, they worked tirelessly for the first quarter of 2019 to breach these companies and finally succeeded and obtained access to the companies’ internal networks.

The collective extracted sensitive source code from antivirus software, AI, and security plugins belonging to the three companies. Fxmsp also commented on the capabilities of the different companies’ software and assessed their efficiency.

Dell SupportAssist is probably the lowest-hanging fruit on your computer. An independent researcher was able to unwrap the Dell SupportAssist service and force install arbitrary software on networked devices using no more than a single DNS hijack and publicly-available “codes” that Dell uses to authenticate actions. Their design is roughly akin to taping the keys to your house on the front door. While you should, of course, remove SupportAssist, you should also treat this as a stark reminder of why you should never use untrusted networks.

Microsoft Office changed the EULA to their software, which triggered several different issues, including previously purchased software no longer working, new data sharing prompts and an unceasing series of popups for some users. Logging out of your Microsoft Account and back in resolves the issue for many, but others required registry hacks. Smooth move, MS.

Now back to our regularly scheduled program.

The typical computer should see roughly 1.3 GB in updates today. Let’s get started.

Microsoft released updates for Windows, .NET, Edge, Internet Explorer, Flash, and MSRT (~850 MB). This includes security updates. A reboot is required.

Apple released updates for macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, Safari 12.1.1, and Apple TV Software 7.3. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 12.3 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 5.2.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 12.3 is a security update. Use System, Software Update to install the most current version.

Adobe AIR 32.0.0.125 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Adobe Flash Player 32.0.0.192 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Fedora 30-1.2 is a major update improving compatibility, performance, and more. This build adds the optional Pantheon Desktop which will ease the transition of those coming from a macOS environment. Coupled with Darling it should now be much easier to leave Apple for Linux.
https://getfedora.org/en/workstation/download/

Google Chrome OS 74.0.3729.125 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of Windows 10 (1903) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6gb through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.1.3 improves reliability. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver & Support Assistant 19.4.18 improves detection of updates, adds support for Windows 10 LTSB, and adds notifications. This is a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 430.64 adds support for newer hardware, removes support for Kepler hardware, and resolves several bugs. This is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Logitech SetPoint 6.69.126 resolves several bugs. This is not a security update.
https://support.logitech.com/en_us/software/setpoint

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 74.0.3729.157 is a security update (and adds dark mode). Use Menu, Help, About to install the most current version.

Firefox 66.0.5 resolves the catastrophic end-of-extensions bug. Use Menu, Help, About to install the most current version.

Firefox ESR 60.6.3 resolves the catastrophic end-of-extensions bug. Use Menu, Help, About to install the most current version.

Iridium 2019.04.73.0 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.5.1525.41 resolves several bugs, adds new features, improves reliability and performance. This is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.16 adds a combobox to select folders to scan or skip. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.44.0.41 adds message forwarding, provides additional view options, adds optional background blur, and adds event notifications. This is not a security update.
https://12pd.com/click?skype

DynDNS Updater 5.5.0 removes backend service reporting. This should be considered a security update.
https://www.dyndns.com/

Evernote 6.18.4.8489 adds several new shortcuts, resolves several bugs. This is not a security update.
https://www.evernote.com/

FileZilla Client 3.42.1 resolves several bugs, updates libraries, improves compatibility with macOS. This is a security update.
https://filezilla-project.org/

MaxMind GeoIP 201905 is a data refresh.
https://dev.maxmind.com/geoip/

Npcap 0.995 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

WinSCP 5.15.1 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.38.25027 resolves several bugs. This is not a security update.
https://www.origin.com/en-us/download

Steam 2019.05.01 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0

SteamOS 2.190 is a security update.
https://store.steampowered.com/steamos/download/?ver=custom

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat 19.012.20034 is a security update. Use Help, Check for Updates to get the most current version.

LibreOffice Still 6.1.6 is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 6.2.3 resolves dozens of bugs. This is not a security update.
https://www.libreoffice.org/

Adobe DNG Converter 11.3 adds support for newer hardware. This is a security update.
https://helpx.adobe.com/photoshop/digital-negative.html

Atom 1.37.0 improves security and resolves several bugs. This should be treated as a security update.
https://atom.io/

Security Software Updates

One or more of these is likely to be of interest to most people.

Java 8u211 is a security update. If you are not sure you need Java (or don’t know the difference between Java and JavaScript), you’re better off removing Java than installing an update.
https://www.java.com/en/download/manual.jsp

RogueKiller 13.2.0 updates engine, resolves several bugs, adds signature automatic update to free version. This should be treated as a security update.
https://www.adlice.com/softwares/roguekiller/

Stinger 12.1.0.3168 adds support for new detections. This is a security update.
https://12pd.com/click?stinger

TDSSKiller 3.1.0.28 adds support for new detections. This is a security update.
https://support.kaspersky.com/viruses/utility#TDSSKiller

Converter Updates

These are unlikely to be of interest to most people.

CDex 2.17 resolves several bugs. This is not a security update.
http://cdex.mu/?q=download

DVDFab 11.0.2.9 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 4.1.3 resolves several bugs. This is not a security update.
https://ffmpeg.org/ffmpeg.html

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.3.684 resolves several bugs, adds cleanup, improves performance. This is not a security update.
https://1password.com/downloads/windows/

Bitcoin Core 0.18.0 resolves dozens of bugs, improves performance, reliability, and privacy, updates many features, and reduces dependency on OpenSSL. This should be treated as a security update.
https://bitcoin.org/en/download

BulkFileChanger 1.61 adds new command-line option. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

ControlMyMonitor 1.15 adds an option to prevent changing a value if it is current. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

CurrPorts 2.55 adds ability to capture for an extended duration instead of capturing only a snapshot. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Cygwin 3.0.7 adds support for a new locale and resolves a winsock bug. This is not a security update.
https://cygwin.com/

DesktopOK 6.16 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

FolderChangesView 2.27 adds option to include header in output. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

GoodSync 10.9.32 resolves several bugs, updates libraries, and adds support for RealDisk. This is not a security update.
https://12pd.com/click?goodsync

ImageUSB 1.4.1003 resolves several bugs. This is not a security update.
https://www.osforensics.com/tools/write-usb-images.html

IsMyHdOK 1.66 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NetworkTrafficView 2.25 improves reliability and adds support for UDP. This is not a security update.
https://www.nirsoft.net/utils/network_traffic_view.html

NirCmd 2.83 adds runinteractive options. This is not a security update.
https://www.nirsoft.net/utils/nircmd.html

NTLite 1.7.6.6912 adds support for Windows 10 v1903, resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSFMount 3.0.1003 improves performance, resolves several bugs. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

PointerStick 3.52 resolves a startup bug. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

RegFileExport 1.11 resolves a large-value bug. This is not a security update.
https://www.nirsoft.net/utils/registry_file_offline_export.html

SimpleWMIView 1.36 adds an option to attempt elevation. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

Synergy 1.10.2 resolves several bugs. This should be treated as a security update.
https://symless.com/blog/synergy-1-10-2-finally-released

DebugView 4.90 doesn’t provide a changelog, so should be treated as a security update.
https://live.sysinternals.com/

RAMMap 1.52 doesn’t provide a changelog, so should be treated as a security update.
https://live.sysinternals.com/

TaskSchedulerView 1.50 adds options to control tasks from the command line. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

WifiChannelMonitor 1.59 resolves a displaymode bug. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.46 adds always on top and scanning options, and updates the MAC database. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 4.78 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.7 disables autorecall, updates libraries, improves detection. This is not a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.1.1 is a security update.
https://godotengine.org/

MySQL 8.0.16 updates libraries, grant/revoke behavior, and resolves many bugs. This is a security update.
https://www.mysql.com/downloads/installer/

Node.js 12.2.0 resolves dozens of bugs, updates libraries, and adds and improves features. This is a security update.
https://nodejs.org/en/

SQLite 3.28.0 resolves several bugs, improves compatibility, and offers new language constructs. This is a security update.
https://www.sqlite.org/download.html

StrawberryPerl 5.28.2.1 updates core, modules, and libraries. This is a security update.
http://strawberryperl.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.6-130049 resolves dozens of bugs. This should be treated as a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Joomla 3.9.6 is a security update.
https://www.joomla.org/

Drupal 8.7.1 is a security update.
https://drupal.org/download

Nextcloud Server 16.0.0 adds ACL support, Talk commands, and machine learning for security and productivity. This is a security update.
https://nextcloud.com/

ScreenConnect 19.0.23665.7058 adds several new features, cosmetics, dark mode, network information, improves auditing and more. This is not a security update.
https://www.screenconnect.com/Download

phpList 3.4.2 resolves several bugs. This is not a security update.
https://www.phplist.com/download

WordPress 5.2 improves self-diagnostics, accessibility, and more. This is not a security update.
https://wordpress.org/

Akismet 4.1.2 resolves bugs and improves compatibility. This is not a security update.

Autoptimize 2.5.0 adds lazyloading, and redesigns image optimization. This is not a security update.

BuddyPress 4.3.0 is a security update.

Custom Facebook Feed 2.9.1 resolves several bugs. This is not a security update.

Email Log 2.3.1 resolves a bug. This is not a security update.

myStickymenu 2.1.4 resolves several bugs. This is not a security update.

Postie 1.9.33 now assigns an author to all media items. This is not a security update.

Raw HTML 1.6 improves handling of raw objects. This is not a security update.

Redirection 4.2.3 resolves a bug. This is not a security update.

Register IPs 1.8.1 is a security update.

NextScripts Social Networks Auto-Poster 4.3.6 resolves several bugs, adds location and twitter handle support. This is not a security update.

Sucuri Security 1.8.21 adds several new diagnostic features and resolves several bugs. This is not a security update.

Theme My Login 7.0.14 improves compatibility. This is not a security update.

W3 Total Cache 0.9.7.4 resolves several bugs. This is a security update.

WooCommerce 3.6.2 resolves many bugs. This is a security update.

WPtouch 4.3.37 adds SMS sharing option. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/