Happy Veteran’s Day, Folks!
Today is Patch Tuesday for November, 2025.
If your Windows 10 computer can not be upgraded to Windows 11 then you should either replace your device or use the Windows 10 ESU program to get another year out of it.
Windows 11 25H2 is now available and Windows 11 23H2 and older are no longer supported. Treat Windows 11 25H2 as beta software and wait a few months before upgrading.
macOS 26 Tahoe is now available and macOS 13 Ventura and older are no longer supported. Treat macOS 26 as beta software and wait a few months before upgrading.
There were 750+ major hacks, and over 650 application updates this month. It’s a relatively small month, with about 4.0 GB of updates for most users.
This Month in Technology
5CA, Abilene Family Medical Associates, Accord Carton, Adichunchanagiri Institute Of Technology, Adobe Commerce, Adobe Experience Manager, Adore Children and Family Services, Advanced Delivery Services, Advanced Installer, Afghan Ministry of Defence, AGFA, Agri-Food and Biosciences Institute (AFBI), (at least) 2/3rds of AI companies, Air Arabia, Al Ahly Leasing & Factoring Company, Al Rimal Group, Albanese Physical Therapy, Albert Heijn, Alibaba Cloud Workspace Client, Alight Solutions, Alios Finance Group, Alissa Group, Alitech, Alpha Omega Winery, LLC, Altimedia, Amazon Smart plugs, AMD CPU VM (RMPocalypse), AMD CPUs (TEE.fail), American Airlines, American PowerNet, Ami Bearings, Anderson-Moore Construction, Android, ANIA KRUK, Ansell, Antigo Construction, Apache OpenOffice, Aphase II, ApleNet, Applied Technology Resources, Aptura Group & Central Indiana Hardware, ArcGIS, Armed Forces of the Philippines, Artistica Rubens, Asahi Group Holdings, Ashlar-Vellum Cobalt, Askul, ASP.NET Core, Assemblée Nationale, Astra Nova, AT&T Careers, Athol Hospital, ATIRG, Atrium Living Centers, Auckland City, Aunt Martha’s Health and Wellness, Aussie Fluid Power, Autodesk AutoCAD, Autodesk On-Demand Install Services, Automated Logistics Systems, Autorotor, Avast, AVG, Axelson, Williamowsky, Bender & Fishman, Badger Popcorn and Concession Supply, BAE Systems SOCET, Balancer, Bank3, BARCO Rent-A-Truck, Batta Fulkerson Law Group, Bay West, Bayu Buana Travel, Beijing Time Systems, Bell Engineering, Bellflower Unified School District, Benda Grace Stulz, Benefitelect, Benworth Capital Partners, Bergman Dacey Goldsmith, Berkeley Research Group, LLC, Bestlog Logistic Solutions, Beta Dyne, Beverly Hills Oncology Medical Group, Bicing, BIND DNS, BK Technologies, Black Hills Bentonite, Blavity Inc, blockchain smart contracts (EtherHiding), Blue Cross Blue Shield of Montana, BMP Worldwide, Boilersource, Bolt Electricity, Oil & Gas, Bovavet, Boyer, BRDSoft, Bridgehead IT, Brihta, Bristol Student Union, Buffalo Games, Edaron, Ceaco, Cabinets 2000, LLC, Canada water and energy facilities, Canadian Tire, Canon imageCLASS MF654Cdw, Cape Dara Resort Pattaya, CapitalPlus Exchange, Castilla, Cavalry Consulting, CCI Tax Pros, CDS, CentOS Web Panel, Central Jersey Medical Center, Central Plate Services Limited, CESO, CEVA Logistics, CHDFS, Chi Rho Chiropractic, Chiapas Health Secretariat, Christina Development, Cisco ASA firewalls, Cisco FTD firewalls, Cisco IOS XE, Cisco networking devices (SNMP), Cisco Snort, Cisco Unified Contact Center Express (UCCX), City of Gloversville, NY, City of Houston Fire Department, TX, City of La Vergne, TN, City of Ottawa, Canada, City of Riviera Beach, FL, City of Sugar Land, TX, Clackamas Community College, Claimlinx, Clarion Safety Systems, Claude Desktop, ClearCare Periodontal & Implant Centre, Co-op Credit Union, Cocamar Cooperativa Agroindustrial, Cohen’s Fashion Optical, Coilplus, Cole Huber, LLP, Collins Aerospace, Colombia’s CNSC, Comcast, Community Unit School District 201, Computer World WLL, Conduent Business Services, LLC, ConnectWise Automate, Consolidated Restaurant Operations, ConvExx, Cooperativa Esercenti Farmacia Scrl, Core Resources Inc, Crave Management, Crenshaw Community Hospital, Crown Automotive Sales, Cursor, CyPark, D Magazine Partners, Dairy Farmers of America, Dakota Dostavka, Darvin Furniture, DataChain, Dayal Metal Containers Factory LLC, DCS Technologies Inc, Deco Dental, Defensoría del Pueblo de Colombia, Dekalb County, GA, Dell BSAFE Crypto-C, Dell CloudLink, Delmia Apriso, Delta Electronics ASDA-Soft, Delta Electronics CNCSoft-G2, Delta Electronics DIAScreen, Delta, Dental Society of La Plata, Dentsu Merkle, Dermatology Associates, Designs for Vision, Desjardin Bank Group, Desjardins, Devolutions, Dilosa Food Companies, Dimarco Group LLC, Disseny Dental, Django, dmwapp, Docker runC, Doctor Alliance, Docurail, Dodo, Doha British School, DomeWatch, Domy, Double Oak Construction, Dublin Airport, DUC App, Dulcich, Dundee City Council, Durvet, E-First Aid Supplies, East Jefferson General Hospital, Eastern Cape Department of Human Settlements, South Africa, Easterseals Arc of Northeast Indiana, Echo Lake Foods, Econo-Pak, Eligibility Tracking Calculators, Elliott Tax Service, Elmcrest Children’s Center, Encore Repair Services, ENEA, Enem Nostrum Remedies, Enessance Holdings, Engineered Profiles, Entr’ouvert Lasso, Envoy Air, Episource, LLC, Ernst & Young, Essential Cabinetry Group, Essilor of America, Eticex Hosting, evernote-mcp-server, Evogence, Evolve Mortgage Services, over 266,000 F5 BIG-IP instances, FA Servers, Fast Freight, Fatih Turizm, Fellou browser, Fidelity Pension Managers, Nigeria, Figment POS, FinWise, Fleet Landing, Flegenheimer International, Flock, Florida Marking Products, Florida-Spectrum Environmental Services, Form Energy, Inc, Fort Wayne Medical Education Program, Fouad Alghanim & Sons Group of Companies Holding, Fountains Condominium Operations, Framework Secure Boot, Francehopital, Fujifilm Biotechnologies, Fédération Internationale de l’Automobile (FIA), G & H Distributing, G-Plans, G-Xchange, Inc, G. Hauswirth Architects, Galine, Frye, Fitting & Frangos, LLP, Gardiners Solicitors, Garvin Promotion Group, Gas Generator Solutions, Gateworks Corporation, GB Mail, GCC Productions Inc. Fade In, GeBePro, Gemini Group, General Micro Systems (GMS), George E. Weems Memorial Hospital, Gerar, Gericke AG, Gerson & Schwartz Accident & Injury Lawyers, GIMP, Gittens Healthcare, Gladinet CentreStack, Gladinet Triofox, Global Go, GlobalLogic Inc, Goglia Nutrition LLC, Goodfellow & Schuettlaw, Google Chrome, Google’s Find Hub, Grande Prairie Public Library, Greater Mental Health of New York, Gulf Warranties LLC, Gullco International, Gun Accessory Supply, Habib Bank AG Zurich, Hall Estill, Harmony Brands, Harvard University, Health and Vitality Center, Health Dimensions Group, Healthy Living Market and Café, Heart South Cardiovascular Group, Heartland Health Center, Heimbrock, Heimdall Data, HeiTech Padu Berhad, Hello Cake, Hematology Oncology Consultants, Henrietta Ezeoke Law Firm, Henry Raymond & Thompson, Heywood Hospital, Hikvision iSecure Center, Hitzinger, HMP Global, Holtz Office Support, Home Assistant Green, Hometown Credit Union, Hongji Metal, Hosteur, HSBC USA, Huber, Erickson & Bowman, Huddle01, Hyundai AutoEver America, I-Tek Medical Technologies, IBEW Local 697, iCare Software, ICET Studios, ICTBroadcast, IKAD, Il Manifesto, Imagicle, Indian Spring Country Club, ING Bank, Instituto Nacional de Oftalmologia, Peru, Integrated Silicon Solution, Inc, Intel CPUs (TEE.fail), International Social Survey Programme (ISSP), International.com, Invacare, Ioxo & Stream Computers, IPrimus, Iran’s Ravin Academy, Iraqi Electoral Commission, IREM companies, Irwin Car, Izaki Group Investments, J & S Electrical And Lighting Supply, JA Jennings, Jack’s Family Restaurants, JavaScript expr-eval, Jazeera Airways, JC Auto Accident Law Firm, Jean-Georges, Jewett-Cameron, JFS Wealth Advisors, Kansas City Police Department, KS, Karnes Electric Cooperative, Kasmawi, Kaufman & Stigger, Kaufman County, Texas (twice), Kearney Public Schools, NE, Kelowna airport, BC, Kettering Health, Khan and Associates CPA, Khatami Law, KHL Printing, Kipp & Christian, Kirby Corporation, KIS Asset Evaluation, KISS FM, Kitchen Design Concepts, KLA Instruments, Klae Construction, Kobayashi, Koch & Co, Koch & White Heating & Cooling, Koncise Company, Kottster Server, Krita, KT Corp, Kubernetes runC, Kudela & Weinheimer, Kumwell, Kwik Mix Materials, LaBonne, Land Title Guaranty, Lanscope Endpoint Manager, LaRosa’s Pizzeria, Latona Trucking, 42 Latvian municipalities, Laxmi Niwas Palace, Legacy Health, Legacy Manufacturing, Legal Aid Agency, Lexmark CX532adwe, LG U+, LGAA LLC, Lidera Network, LifeBridge Health, Limocar, Lincoln University, LMHT Associates, LNER, Logitech, Long Island Weight Loss Institute, Lorber, Greenfield & Polito, LLP, Louvre Museum, LP Insurance, LuBian, Ludwigshafen, Germany, Luis Garratón, Lumma Stealer, Luxury Escapes, Lüks Artvin Seyahat, M-TIBA, Mack Energy, Magna Hospitality Group, Mailing.com, Maine Course Hospitality Group, Mainetti UK, Maki Building Centers, Malibu Boats Australia, Manassas City Public Schools, Mango, Mango’s Tropical Cafe, Manko Window Systems, Marine Turbine Technologies, Marmotech, Matlusky, Max.ru, Mayco International, McDonald Building, McIntosh Labs, Mciver Engineering & Controls, Mecanex USA, MedImpact, Meinhardt Group, Meritage Hospitality, Metal Pros, Methodist Homes of Alabama & Northwest Florida, MetroWest Community FCU, Mexican Bank Debtor, Michael R. Schwartz, MD, FACS, Microbix Biosystems, Microsoft SharePoint, Microsoft Teams, Microsoft Windows, Middlesex Appraisal Associates, Middlesex Endodontics, Miljödata, Mission City Community Network, Inc, Modernizing Medicine (ModMed), Mold In Graphic Systems, Monsta FTP, Montage Marketing Services, Moonlight Basin, More Than Gourmet, Morris Communications Company LLC, Motex Lanscope Endpoint Manager, Mountain West, Moxa security appliances, MS Metal Solutions, MSC-Wireless, Mt. Baker Imaging, Muji, MusikComputer GmbH, MyCardiologist, MyVidster, NAHGA Claims Services, NasDem Party, National Coatings, National Informatics Centre (NIC) Kavach, National Institute of Administration, Navigator Business Solutions, Nelligan White Architects, NetcoreCloud, Netgate pfSense CE, New Toyo International Holdings Ltd, Newk, Newmark Healthcare Services, Nikkei, Nintendo, NJ Lenders Corp, Noble Compaña de Seguros, Nobu Restaurants, Noroaco, Northern Light Technologies, Northern Montana Health Care (NMHC), Northwest Radiologists, NurseSpring, NVIDIA CPUs (TEE.fail), OB-GYN Associates, OCI International Holdings, Oglethorpe, OMS, One Agency Eastlakes, oobabooga, OpenAI Assistants API, OpenAI Atlas browser, OpenEyes Technologies, Opera Neon, Oracle E-Business Suite, Oracle VirtualBox, Origin Energy, Origin, Oscars Group, Ouranos, Outcomes One, Inc, OYO Hotel & Casino Las Vegas, Palacios Marine Industrial (PMI), Palomar Health Medical Group, Pan-American, Pangea, Paris Rétina Vision, Paterson & Dowding, Patron Insurance, Patterson-Schwartz & Associates, Inc, PCB Uitvaartzorg, People’s Postcode Lottery, PeopleGuru Holdings, Inc, Peppermint Properties, Peraso, Perplexity Comet, Phia Group, Phillips Hue Bridge, Phillips Printing Company, Phoenix Village Dental, PHP CGI, PHPUnit, Pine Pharmaceuticals, Pinto Coates Kyre & Bowers, Pittsburgh Gastroenterology Associates, Pixar OpenUSD, Plastics Extrusion Machinery, Platinum Wines & Spirits, PLP SoCal, Pocatello Ready Mix, Polymarket, Ponzini SPA, Post Ranch Inn, PQCNC Hospitals, Precision Machined Products, Prime Dental, Pritchard Brown & Chillicothe Metal, Productive Tool Products, Professional’s Choice Sports, Propertyfinder / PropSpace CRM, Prosper, Prova, Provincial Department of Health Services Sri Lanka, Pruksa Holding, PT Kalimantan Prima Persada, Pulse Urgent Care Center, Punjab Forensic Science Agency, Qatar Gas and Tar Company, Iran, QNAP Qhora-322, QNAP TS-453E, Radiant Capital, Ravin Academy, React Native CLI, Real Estate Specialists, Reese Group, Regency Specialist Hospital, Resana, Revive Adserver, Rex-Hide, Ribbon Communications, Richmond Behavioral Health Authority, Riddell Law Group, Right at Home, Ringmor, Rios Espinosa, Ritz, Clark & Ben-Asher, River City Eye Care, RKA Consulting Group, Roblox, Rockhill Women’s Care, Rockstar, Rogers Mechanical, Romanian National Penitentiary Association (ANP), Ronemus & Vilensky, Royal Thai, RPI Roofing, Sai Mai Hospital, Saigon Industrial Service, Samera Health, Samsung Android, Samsung Galaxy S25, San Benito County, CA, San Bernard Electric Cooperative, San Diego Automotive Museum, Santander Bank, SAP Solution Manager, Sarulla Operation, Saturday Spotlight, Saturn Machine, Sauter Modulo, Saxun, Scales Sales & Service, Scouts Canada, Seasons Federal Credit Union, Sedgebrook, Selig Enterprises, Sellars Absorbent Materials, Sensational Teeth, Sensory, Servicios del Valle del Fuerte, Mexico, Seward County, KS, Shadrix & Parmer, Shands Elbert, Shaparak, Shelbyville Police Department, Shollenberger Januzzi & Wolfe, SHRM New Mexico, SIAD, Sierra Vista Hospital & Clinics, Signet Armorlite, Silverado Contractors, Inc, Silverlake Axis, Simon Property Group, Sincros Lab, SK Shieldus, SK-Telecom, Snipe-IT, Soapy Joe’s Car Wash, Soft Serve, Software Unlimited Corp, Sold Real Estate, SonicWall, Sonos Era 300, Sotheby’s, SourceOne Corporation, South African Revenue Service (SARS), South Alabama Regional Planning Commission, South Atlanta Medical Clinic, Speedmais, Spijkermat, Spindletop Center, Sports Medicine and Orthopaedics, Sprague & Jackson, St Stephen’s International, Stephenson’s Rental Services, Stowaway Storage, Studio Corvo Parma, Sullivan Interests, Summit Golf Brands, Summit Hotel Properties, Sunnyvale Elementary School District, Super Quik, Super Value, SuperGrosz, Superior Air Parts, Superior Court of California for the County of San Joaquin, Superior Linen Service, Svenska Kraftnät, Sydney Centre for Ear, Nose & Throat, Sylvester Roofing, SymbolTransport, Synnovis, Synology ActiveProtect Appliance DP320, Synology BeeStation Plus, Synology CC400W, Synology DiskStation DS925+, Systems Integrated, Tass Meister Patent Firm, Tavo Packaging Inc, TBM Service Group, TELACU Property Management, Inc, TENAX Law Group PC, Tenryu America, Tex-Tube, Thailand’s Department of Agricultural Extension (DOAE), The Blood and Marrow Transplant Group of Georgia, The Fence People, The Gerson, The Job Shop, The Laxmi Niwas Palace, The Phia Group, The Thayer Hotel, The Union League of Philadelphia, ThinkPHP, Thompson Dorfman Sweatman, Time Equities, TISZA Világ, TMF Logistics, Toys R Us Canada, TP-Link Festa routers, TP-Link Omada gateways, Trans7, Travere Therapeutics, Tri City Foods, Tri-Century Eye Care, Trojan Construction & Holding Group, Truffle Security Co. TruffleHog, Truro Cannabis, Tryon Distributing, Ubiquiti AI Pro, 8 UK Ministry of Defence bases, UK National Health Service (NHS), UniCursos, Unigym Gatineau, UnitedLayer, University of Cádiz, University of Pennsylvania, UrbanX, US Attorneys Office (USAO), US Congressional Budget Office (CBO), US Department of Homeland Security (DHS), US Department of Justice (DOJ/FBI), US Federal Aviation Authority (FAA), US Immigration and Customs Enforcement (ICE), US National Security Administration (NSA), USB Memory Direct, UScraft, Vanan Online Services, Vascara, Vietnam, Veeam Agent, Verdugo Hills Dental, Verisure, Vertikal Systems, Vexels, Vibra Hospital, Victorian Chemical, Victory Christian Center, Village of New Lenox, Ville de MontLaurier, Vinomofo, Vitalmex, VIZ Media, Volkswagen, Vrata Tech, VZW Avalon, Wakefield & Associates, WarmBlue, Washington Post, WatchGuard Firebox, WatchGuard Fireware, Watsonville Community Hospital, Waveny LifeCare, We R Family Foundation, Weber, Weintraub Traub Tracy & Virk Cra’s LLP, West Welch Reed Engineers, Western Sydney University, WhatsApp, Wheale Law Firm, Windows Server Update Service (WSUS), Windsurf, Winholt Equipment Group, Wisconsin Department Of Corrections, Wits University, Wood PLC, WordPress Anti-Malware Security and Brute-Force Firewall plugin, WordPress Gravity Forms plugin, WordPress GutenKit plugin, WordPress Hunk Companion plugin, WordPress JobMonster theme, WordPress King Addons for Elementor plugin, WordPress Post SMTP plugin, WordPress Slider Revolution plugin, Workers Compensation Insurance Rating Bureau of California, Wright Tool, Wright-Gardner Insurance, X.Org Server, Xortec, Xubuntu website, XWiki, Yaesu, Yas Takaful Dubai Insurance, Zacho-Lind, Zierick Manufacturing Corporation, Zoho ManageEngine, Zoom Workplace, and ZZ Dats have reported hacking or compromises this month.
Amazon Web Services (AWS US-EAST-1), Microsoft 365, Microsoft Azure (more than once), Microsoft Security Response Center, and YouTube have suffered from outages this month.
Internet access throughout Bermuda, Cameroon, Dominican Republic, Italy, Jamaica, Kenya, Pakistan, Philippines, Tanzania, and Ukraine has been blocked our down for extended periods.
Last months updates broke Cisco Duo, HP OneAgent / Microsoft Entra ID, Microsoft Internet Information Server (IIS), Microsoft Outlook, smart card authentication, sprotect.sys compatibility, USB mouse and keyboard in WinRE, wallpaper managers, Windows 11 Media Creation Tool, Windows Task Manager and Start menu, and the Windows Update Hotpatch service.
There’s a new type of worm out there. GlassWorm uses a combination of Solana, UTF-concealed code, and remote access trojans to ensure that it’s impossible to shut down or kill from the top-down while still being fully manageable by the people behind it. In addition, it uses compromised developer accounts to propagate by uploading itself to their repositories in order to grow the botnet to new audiences. This signals the first major use of these three aspects in combination and the first software of its kind to operate with no centralized command-and-control server. This evolution is going to cause a massive change in how we deal with security incidents and how we protect our devices.
Half of all the satellites in orbit are exposing your information in clear text.
Nearly 2 billion accounts from hundreds of thousands of different platforms have been disclosed in a credential stuffing database (Synthient). While this appears to mostly be the result of stealer logs (the result of hacked devices), there is a lot of duplication in the data which demonstrates a lot of password re-use and thus a high chance of other accounts being abused as a result.
The boss of a defense contractor, Trenchant, has been selling exploits to foreign governments.
The Louvre Museum security system was “hacked” in order to enable thieves to steal the crown jewels. It’s hardly hacking when the password was so stupid.
“Beware that, when fighting monsters,
you yourself do not become a monster.”
— Friedrich Nietzsche
Now for the good news:
SpaceX disabled 2,500 Starlink terminals in Asia to curb their use by scammers.
Let’s Get Busy
Now back to our regularly scheduled program.
Patch Tuesday is relatively small this month. The typical computer should see roughly 4.0 GB in updates today. Let’s get started.
Microsoft released 41 updates to address 68 vulnerabilities in Azure Monitor Agent, Customer Experience Improvement Program (CEIP), Dynamics 365 Field Service (online), GitHub Copilot and Visual Studio Code, Host Process for Windows Tasks, Microsoft Configuration Manager, Microsoft Dynamics 365 (on-premises), Microsoft Edge, Microsoft Graphics Component, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Streaming Service, Microsoft Wireless Provisioning System, Multimedia Class Scheduler Service (MMCSS), Nuance PowerScribe, OneDrive for Android, SQL Server, Storvsp.sys Driver, Visual Studio, Visual Studio Code CoPilot Chat Extension, Windows Administrator Protection, Windows Ancillary Function Driver for WinSock, Windows Bluetooth RFCOM Protocol Driver, Windows Broadcast DVR User Service, Windows Client-Side Caching (CSC) Service, Windows Common Log File System Driver, Windows DirectX, Windows Hyper-V, Windows Kerberos, Windows Kernel, Windows License Manager, Windows OLE, Windows Remote Desktop, Windows Routing and Remote Access Service (RRAS), Windows Smart Card, Windows Speech, Windows Subsystem for Linux GUI, Windows TDX.sys, Windows WLAN Service, and MSRT. This includes security updates. A reboot is required.
Oracle released 374 security updates this quarter to address 170 vulnerabilities in 29 product lines.
Apple released updates for iOS 18.7.2, iOS 26.1, iPadOS 18.7.2, iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, Safari 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1, and Xcode 26.1. This includes security updates. Use Apple Software Update to install the most current versions.
iOS 18.7.2 and 26.1 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 18.7.2 and 26.1 are security updates. Use Settings, General, Software Update to install the most current update.
watchOS 26.1 is a security update. Use the Watch app on your iPhone to install the most current version.
tvOS 26.1 is a security update. Use System, Software Update to install the most current version.
visionOS 26.1 is a security update. Use System, Software Update to install the most current version.
Google ChromeOS 141.0.7390.115 and ChromeOS LTS 138.0.7204.296 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.
Fedora 43 updates libraries, adds Hare support, changes UEFI+MBR requirements, and enables automatic updates. This is not a security update.
https://getfedora.org/en/workstation/download/
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Important Notes
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Tahoe (26.x) means that macOS Ventura (13.x) and older are no longer supported. If you can not install at least macOS Sonoma (14) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The current — and final — release of the Windows 10 (v22H2) is end of life (EOL). All non-LTS versions of Windows 10 without ESU are now out of support, with the sole alternatives being to upgrade to Windows 11 or enable Extended Service Updates (ESU). If you aren’t sure whether you are using LTS, you aren’t. Enable the ESU now.
The current release of the Windows 11 (v25H2) is very large (30% larger than any previous release) so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, drivers for hardware you’re not using (like old printers), and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
Driver Updates
If you’re using this hardware – these updates are for you.
AMD Adrenalin 25.10.2 is a security update.
https://www.amd.com/en/support
BullZip PDF Printer 2025.2.0.2990 is a security update.
https://www.bullzip.com/products/pdf/info.php#download
Epson ET-2720 2.100.00 is a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2720/s/SPT_C11CH42201?review-filter=Windows+10+64-bit
Epson ET-2988 3.60.00 is a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2988/s/SPT_C11CL41203?review-filter=Windows+11
Epson ET-15000 3.60.00 is a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-15000/s/SPT_C11CH96201?review-filter=Windows%2010%2064-bit
MTPdrive 4.5.179 resolves a stability bug. This is not a security update.
https://www.mtpdrive.com/
Plustek ePhoto Z300 6.7.0.5 resolves a couple bugs. This is not a security update.
https://plustek.com/us/products/film-photo-scanners/ephoto-z300/support.php
TP-Link Archer A6 v3 250718 improves stability and PPPoE support. This is not a security update.
https://www.tp-link.com/us/support/download/archer-a6/v3/#Firmware
TP-Link Archer AX72 v1.60 250814 is a security update.
https://www.tp-link.com/us/support/download/archer-ax72-pro/#Firmware
UniFi U6 Professional 6.7.33 adds packet capture, Roaming Assistant, 5GHz channel selection, mesh improvements, and resolves a dozen bugs. This is not a security update.
https://www.ui.com/download/software/u6-pro
Browser Updates
One or more of these are likely to be of interest to everyone.
Brave 1.84.132 is a security update.
https://brave.com/
Firefox 145.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 140.5.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Google Chrome 142.0.7444.134 is a security update.
https://www.google.com/chrome/
Microsoft Edge 142.0.3595.69 is a security update.
https://www.microsoft.com/en-us/edge/business/download
SeaMonkey 2.53.22 is a security update.
https://www.seamonkey-project.org/
Email Updates
One or more of these are likely to be of interest to everyone.
DavMail Gateway 6.5.1 resolves several bugs. This is not a security update.
https://davmail.sourceforge.net/
Spark 3.27.2.122708 ramps up the AI integration. This is not a security update.
https://sparkmailapp.com/
Spark (macOS) 3.27.2.122707 ramps up the AI integration. This is not a security update.
https://sparkmailapp.com/
Thunderbird 144.0.1 is a security update.
https://www.thunderbird.net/en-US/
Internet Updates
One or more of these are likely to be of interest to everyone.
AnyDesk 9.6.4 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads
AnyDesk (macOS) 9.5.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads
curl 8.17.0 resolves dozens of bugs. This is a security update.
https://curl.haxx.se/windows/
Discord November 4, 2025 resolves dozens of bugs. This is not a security update.
https://discord.com/download
Dropbox 236.4.5918 resolves several bugs and improves stability. This is not a security update.
https://www.dropbox.com/
Google Drive 117.0 is a security update.
https://drive.google.com/start
MeshCentral 1.1.53 resolves a couple bugs and improves UI controls. This is not a security update.
https://meshcentral.com/info/downloads.html
Mumble 1.5.857 is a security update.
https://www.mumble.info/
Nextcloud Server 32.0.1 updates libraries and resolves dozens of bugs. This is a security update.
https://nextcloud.com/
OneDrive 25.184.0921.0004 adds Copilot actions, improves offline mode, renames binaries, and adds the ability to cleanly opt out of the OneDrive Backup service. This is not a security update.
https://support.microsoft.com/en-us/onedrive
Rclone 1.71.2 updates libraries and resolves several bugs. This is a security update.
https://rclone.org/
Signal 7.78.0 resolves a couple bugs. This is not a security update.
https://signal.org/download/windows/
Signal (Android) 7.63.3 adds split-screen support, improves performance and resolves many bugs. This is not a security update.
https://signal.org/android/apk/
Syncthing 2.0.11 migrates database to SQLite, improves log structure, changes CLI syntax, and resolves several bugs. This is not a security update.
https://syncthing.net/
Technitium DNS Server 14.0.1 is a security update.
https://technitium.com/dns/
Telegram 6.2.4 makes a couple minor changes in the UI and resolves crash bugs. This is not a security update.
https://telegram.org/
WinSCP 6.5.4 is a security update.
https://winscp.net/eng/index.php
Zoom 6.6.6.19875 resolves several bugs. This is not a security update.
https://zoom.us/
Media Updates
These are unlikely to be of interest to most people.
3tene 4.0.22 resolves several bugs related to facial tracking. This is not a security update.
https://en.3tene.com/
Grayjay 342 resolves a couple bugs. This is not a security update.
https://grayjay.app/index.html
iTunes 12.13.9.1 is a security update.
https://www.apple.com/itunes/download/
Game Updates
These are unlikely to be of interest to most people.
Minecraft Server (Bedrock) 1.21.122.2 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock
Nintendo Switch 21.0.0 updates cosmetics and cloud settings, and resolves a couple bugs. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
PS5 2025.101 displays more hardware details and messaging. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
SteamOS SteamDeck Update 2025.11.06 improves UI and resolves a couple bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/
Office Updates
One or more of these are likely to be of interest to most people.
Adobe Format Plugins 1.1.2 is a security update.
https://helpx.adobe.com/security/products/formatplugins/apsb25-114.html
Adobe Illustrator 29.8.3 and 30.0 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb25-109.html
Adobe Illustrator Mobile 3.0.10 is a security update.
https://helpx.adobe.com/security/products/illustrator-mobile-ios/apsb25-111.html
Adobe InCopy 21.0 and 20.5.1 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb25-107.html
Adobe InDesign ID21.0 and ID20.5.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-106.html
Adobe Pass 3.8.0 is a security update.
https://helpx.adobe.com/security/products/pass/apsb25-112.html
Adobe Photoshop 26.9 is a security update.
https://helpx.adobe.com/security/products/photoshop/apsb25-108.html
Adobe Reader DC 25.001.20844 resolves stability bugs. This is not a security update.
https://get.adobe.com/reader
Adobe Substance 3D Stager 3.1.6 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-113.html
Calibre 8.14.0 resolves several bugs. This is a security update.
https://calibre-ebook.com/
Columns++ 1.3 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus
LibreOffice 25.2.7 resolves over 40 bugs. This is not a security update.
https://www.libreoffice.org/
Nextcloud Desktop 4.0.1 resolves several bugs. This is not a security update.
https://nextcloud.com/
Notepad++ 8.8.7 adds a publisher certificate for the installation packages and resolves several bugs. This is a security update.
https://notepad-plus-plus.org/
OpenOffice 4.1.16 is a security update.
https://www.openoffice.org/download/
Paint.net 5.1.11 resolves several bugs. This is not a security update.
https://www.getpaint.net/
PDF-XChange Editor 10.7.5.403 updates libraries and resolves several bugs. This is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor
Operating System Updates
These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.
Fedora 43 updates libraries, adds Hare support, changes UEFI+MBR requirements, and enables automatic updates. This is not a security update.
https://getfedora.org/en/workstation/download/
Google ChromeOS 141.0.7390.115 is a security update. Use Help, About to install this update.
Google ChromeOS LTS 138.0.7204.296 is a security update. Use Help, About to install this update.
iOS 18.7.2 and 26.1 are security updates.
https://support.apple.com/en-us/100100
iPadOS 18.7.2 and 26.1 are security updates.
https://support.apple.com/en-us/100100
macOS Tahoe 26.1 is a security update.
https://support.apple.com/en-us/100100
macOS Sequoia 15.7.2 is a security update.
https://support.apple.com/en-us/100100
macOS Sonoma 14.8.2 is a security update.
https://support.apple.com/en-us/100100
tvOS 26.1 is a security update.
https://support.apple.com/en-us/100100
visionOS 26.1 is a security update.
https://support.apple.com/en-us/100100
watchOS 26.1 is a security update.
https://support.apple.com/en-us/100100
Security Software Updates
One or more of these is likely to be of interest to most people.
KeePass 2.60 adds group path search, consistent shortcuts and hot keys, improved import options, and improves several other UI and integration features. This is not a security update.
https://keepass.info/
ProtonVPN 4.3.5 resolves several bugs and adds FIDO2 security key support. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest
RogueKiller 16.5.1 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/
SanDisk PrivateAccess 6.4.14.0 adds messaging signaling that the software is now end of life and should be removed as soon as possible. Migrate your data out of PrivateAccess and remove it.
https://support-en.wd.com/app/answers/detailweb/a_id/48025
Stinger 13.0.0.562 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx
uBlock Origin 1.67.0 resolves a couple bugs and improves various features. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
WebBrowserPassView 2.18 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html
YARA 4.5.5 resolves several bugs. This is not a security update.
https://github.com/VirusTotal/yara/
Capture Updates
These are unlikely to be of interest to most people.
Open Broadcaster Software 32.0.2 resolves a couple crash bugs. This is not a security update.
https://obsproject.com/
Converter Updates
These are unlikely to be of interest to most people.
DVDFab 13.0.5.1 adds support for new encodings and improves menu editing. This is not a security update.
https://www.dvdfab.cn/download.htm
StreamFab 6.2.6.2 adds multithreading, improves compatibility, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm
UniFab 3.0.3.1 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm
Education updates
One or more of these are likely to be of interest to most people.
Zotero 7.0.27 resolves several bugs. This is not a security update.
https://www.zotero.org/
Zotero (macOS) 7.0.29 resolves Safari and Word clipboard issues. This is not a security update.
https://www.zotero.org/
Utility Updates
These are unlikely to be of interest to most people.
1Password 8.11.18 resolves several bugs. This is not a security update.
https://1password.com/downloads/
Beyond Compare 5.1.6.31527 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download
Bitwarden 2025.10.0 improves observation of data ownership policies, adds direct importer for Chromium browser accounts, and resolves several bugs. This is not a security update.
https://bitwarden.com/
BulkFileChanger 1.74 resolves a field copy bug. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html
CCleaner 7.01.1042 resolves several bugs and renames several features. This is not a security update.
https://www.ccleaner.com/
Cygwin 3.6.5 resolves several bugs. This is a security update.
https://cygwin.com/
DesktopOK 12.21 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
dnGrep 4.6.39.0 resolves several bugs. This is a security update.
https://dngrep.github.io/
Everything 1.4.1.1030 is a security update.
https://www.voidtools.com/
Everything SDK 1.4.1.1030 is a security update.
https://www.voidtools.com/support/everything/sdk/
Everything Toolbar 2.1.1 resolves a couple bugs. This is a security update.
https://github.com/stnkl/EverythingToolbar/
ExplorerPatcher 26100.4946.69.6 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/
Fing 3.9.2 adds PDF reporting and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows
Git SCM 2.51.2 resolves several bugs. This is not a security update.
https://git-scm.com/
GoodSync 12.9.14 resolves several bugs. This is not a security update.
https://www.goodsync.com/
Homedale 2.22 improves filtering. This is not a security update.
https://www.the-sz.com/products/homedale/
LessMSI 2.10.4 resolves a selection bug. This is not a security update.
https://lessmsi.activescott.com/
MPAM 1.441.121.0 adds support for new detections. This is not a security update.
https://www.microsoft.com/en-us/wdsi/defenderupdates
MultiMonitorTool 2.21 resolves a stability bug. This is not a security update.
https://www.nirsoft.net/utils/multi_monitor_tool.html
NTLite 2025.11.10669 adds support for Windows 24H1 and updates component support. This is not a security update.
https://www.ntlite.com/download/
PolicyPlus October 2025 updates included policies. This is not a security update.
https://github.com/Fleex255/PolicyPlus/releases
PowerToys 0.95.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
Process Explorer 17.07 adds strings for Arm64 binaries and fixes a notification bug. This is not a security update.
https://learn.microsoft.com/sysinternals/downloads/process-explorer
PSAppDeploy 4.1.7 resolves several bugs and improves compatibility. This is not a security update.
https://psappdeploytoolkit.com/
Remotly 1.35.0 adds UPnP port forwarding. This is not a security update.
https://remotly.com/
RDCMan 3.11 enables Entra ID login. This is not a security update.
https://learn.microsoft.com/sysinternals/downloads/rdcman
ripgrep 15.1.0 resolves a bug with line buffering. This is not a security update.
https://github.com/BurntSushi/ripgrep/releases/latest
RoboForm 9.8.3 resolves a security bug. This is a security update.
https://www.roboform.com/
WinGet 1.12.350 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest
WinScan2PDF 9.44 adds support for newer hardware. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
ZoomIt 9.20 adds ability to export to MP4 and GIF. This is not a security update.
https://learn.microsoft.com/sysinternals/downloads/zoomit
Developer Updates
These are unlikely to be of interest to most people.
.NET Runtime 9.0.10 and 10.0.0 are security updates.
https://dotnet.microsoft.com/en-us/download/dotnet
Android Studio 2025.2.1.7 resolves several bugs. This is not a security update.
https://developer.android.com/studio
DB Browser for SQLite 3.13.1 resolves several bugs and improves compatibility. This is not a security update.
https://sqlitebrowser.org/
GameMaker Studio 2024.14.0.207 is a security update.
https://www.yoyogames.com/en/gamemaker
GDevelop 5.5.245 adds new templates and resolves several bugs. This is not a security update.
https://gdevelop.io/download
GitHub Desktop 3.5.4 is a security update.
https://desktop.github.com/
Go 1.25.4 resolves several bugs. This is not a security update.
https://go.dev/
Inno Setup 6.6.0 improves dark mode, custom styling support, and pascal scripting. This is a security update.
https://www.jrsoftware.org/isdl.php
Java 8u471 is a security update.
https://www.java.com/en/download/manual.jsp
Node.js 22.21.1 resolves several bugs. This is not a security update.
https://nodejs.org/en/
Node.js 24.11.0 marks the transition to LTS. This is not a security update.
https://nodejs.org/en/
Node.js 25.1.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/
SQLite 3.51.0 adds a couple new macros, improves JSON support and CLI capabilities, and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html
TortoiseGit 2.18.0 updates libraries and resolves several bugs. This is not a security update.
https://tortoisegit.org/
Visual Studio Code 1.105.1 resolves several bugs. This is not a security update.
https://code.visualstudio.com/
WinMerge 2.16.52 resolves several bugs. This is not a security update.
https://winmerge.org/
Virtual Machine Updates
These are unlikely to be of interest to most people.
VirtualBox 7.2.4 resolves several bugs and improves compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads
Web Package Updates
These are likely to be of interest only to web developers.
HumHub 1.17.4 adds a nonce for OEmbeds and resolves several bugs. This is a security update.
https://www.humhub.com/en
MailEnable 10.54 resolves several bugs and improves logging. This is a security update.
https://www.mailenable.com/
ownCloud Client 6.0.2.17506 is a security update.
https://owncloud.com/desktop-app/
Piwigo 15.7.0 is a security update.
https://piwigo.org/
Contact Form 7 6.1.3 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/
Email Log 2.62 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/email-log/
WordPress Importer 0.9.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/