Updates 2021-04-13

Welcome back, Folks!

Today is Patch Tuesday for April, 2021. There have been over 50 major hacking incidents, many hardware devices with critical security issues (often these are responsible for the major hacking incidents), and over a hundred updates this month. Almost every browser has released weekly security updates for the last two months. I don’t know about you, but I’m getting kind of sick of it. Finally, there’s an OpenSSL security update this week, so expect many more updates throughout the next month from every vendor that rolls their own encryption.

This Month in Technology

Acer, Apperta FoundationAzureBIG-IP, the Blender websiteBoggi Milano MenswearBooking.comBroward County (FL) Public SchoolsBrown UniversityBuffalo SchoolsCalifornia State Controller’s OfficeClubhouseCNA FinancialCrash 4 (within a day of release!), Facebook (which had the audacity to blame it’s users), Gigaset Android Update Server (preinstalled, too), Harvard Business SchoolHaverhill Public SchoolsIdaho Central Credit Union, the Indian governmentiOS, iPhones, iPads and Apple WatchesKentucky unemployment insurance systemMaricopa (AZ) Community Colleges, Michigan-based Flagstar BankMillersville UniversityMobiKwikMultiCareNetgear switches, the Netmask libraryParkMobilePeakTPA/Carolina SeniorCarePHPRollSAPSchneider Electric Smart MetersShellShopifySierra WirelessStanford MedicineSwarmShopUbiquiti (even if they won’t admit it), Union Bank of NigeriaUniversity Of CaliforniaUniversity Of ColoradoUniversity of MiamiUniversity of WisconsinUPMCVerkada, various VPN devices, Wake Forest Baptist-Lexington Medical CenterWeLeakInfo (ironic), Yeshiva University, and Zoom (more than once) have each been hacked.

There’s still fallout from the Exchange vulnerabilities for which Microsoft released patches in March, but with today’s release there are newly discovered vulnerabilities and patches, too. Even so, about 8% of Exchange servers still aren’t patched with the March fixes.

Newly discovered vulnerabilities allow bypass of Spectre mitigations on Linux, and on other platforms via JavaScriptAMD Zen 3 CPUs, Cisco SOHO Routers, and QNAP NAS devices are just a small sampling of hardware devices with serious security problems this month. 80% of global enterprises report firmware cyberattacks, while the other 20% probably just don’t have sufficient training or equipment to be able to detect them.

Major Google Android WebView problems have been notable this month and banking malware have been found in ten apps on the Google Play store. And Apple’s macOS Mail App can be hacked simply by receiving an email (again).

Azure AD/Microsoft 365, Azure DNS, Facebook, and Google have suffered recent outages.

T-Mobile is the latest to convert their customers into products. TikTok and Facebook tracking is worse than you imagine.

From the “I’m glad it didn’t happen to me” file we have an example of an aggressive space saving measure gone horribly wrong. There’s a growing trend of targeting the customers of ransomware victims to convince them to pay and another new cross-platform cryptomining worm.

Mobile privacy is a myth as both Google and Apple collect telemetry even when telemetry is disabled, but at least they’ve finally closed one of the more significant SIM-jacking holes.

Big Tech gets to make their own rules. They’re so aggressive about it that their own security staff sometimes can’t tell if they’ve been hacked. Google is being sued in France for violation of privacy. Apple has banned an accessibility keyboard from their AppStore in an effort to force them to into a buyout. Hopefully Epic will be able to use this and Apple’s hypocritical statements in Australia in their antitrust suit.

As with all disasters and government programs (but I repeat myself), the “American Rescue Act” is being trolled by malware authors to infect unsuspecting users. LinkedIn users are also being targeted thanks to the LinkedIn hack.

Not all of those Norton Antivirus renewal messages are scams (just most of them), and the UK is now suing Norton for failing to comply with their investigation into their “Dark Pattern” subscription model.

If Big Tech, Big Government, and the MSM didn’t censor Presidents (even Venezuela’s),
representatives, doctors, Christians, students, and even knitters, push false narratives, and tolerate terror, child abuse, racism, and sexism, while providing security only to one side of the aisle and targeting the other, I suspect there would be much more peace. Virginia Tech is being sued for banning the amorphously definedhate speech“, while once more college racism turns out to be a hoax. It shouldn’t be any surprise to anyone that victimhood itself is a disease.

A single death is a tragedy but killing small businesses was always part of the plan. The lockdowns were never about a virus. They were about pushing compliance with masks and experimental (lethal and anything butsafe and effective“) mRNA treatments onto an unwilling public, to “hack the software of life” preventing the ability to survive and dismantling every freedom unless you accept the jab. A surge is happening, not just at the border, but in post-jab death rates. All of this to ensure that their slush funds would be financed and elections could never be honest again.

There have been tens of thousands of fraudulent ballots in Michigan Georgia, and New Hampshire. In Georgia, one county ordered voter registration applications for 25 times the population. At least we can all agree on some common sense election reform. Or can we? The same businesses that require an ID to use their services are attacking new laws that require the same scrutiny for elections.

Now for the good news:

After more than a decade the US Supreme Court has finally ruled in favor of Google.
It’s about time. While I have no love for Google, the idea that you can’t develop code that uses the same parameters or names as Oracle code is sickening. How many of you have have written functions to format a date or number? It’s not like granular coding styles leave much to the imagination. This would be like an author suing another author because the chapters of their book were named “Chapter 1”, “Chapter 2” and so on. Good decision.

As long as I have my soapbox: Save Crypto!

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Exchange, Edge, .NET, Servicing Stack, and MSRT (~ 1.5 GB). This includes security updates. A reboot is required.

Apple released updates for GarageBand 10.4.3, iOS 14.4.2, iOS 12.5.2,, iPadOS 14.4.2, and watchOS 7.3.3. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 14.4.2 and 12.5.2 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 14.4.2 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 7.3.3 is a security update. Use the Watch app on your iPhone to install the most current version.

Google Chrome OS 89.0.4389.95 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Big Sur (11.0) means that macOS High Sierra (10.13) and older are no longer supported. If you can not install at least macOS Mojave (10.14) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (v2009) is huge (about 18% larger than v2004, which was 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Drivers by Seagull 2021.1 adds hardware support, improves response time, and adds features to certain models. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

Crucial Storage Executive 7.01 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.3.8 improves AMD removal and resolves several bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options (macOS) 8.50.210 resolves several bugs. This is not a security update.
https://www.logitech.com/en-us/product/options

NVidia 465.89 adds new profiles, improves compatibility with various games and newer hardware. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.22.71 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 89.0.4389.128 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 89.0.774.76 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 87.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 78.9.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

SeaMonkey 2.53.7 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 3.7.2218.52 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.9.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

BrowsingHistoryView 2.47 adds high-DPI support and an option to copy URL QR Code to the clipboard. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 7.76.0 is a security update.
https://curl.haxx.se/windows/

Dropbox 119.4.1772 doesn’t provide a changelog so should be treated as a security update.
https://www.dropbox.com/

FileZilla Client 3.53.1 resolves a couple bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 11.9 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

IPInfoOffline 1.60 adds CIDR and Duplicate Count columns, and updates internal IP database.
https://www.nirsoft.net/utils/ip_country_info_offline.html

Npcap 1.30 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Technitium DNS Server 6.2 is a major update. The 6.0 branch adds DNS Application support, more options, and improved compatibility. This is not a security update. Be aware that the current version chokes during updates because it stalls on removal of the previous version.
https://technitium.com/dns/

Telegram 2.7.1 resolves several bugs. This is not a security update.
https://telegram.org/

WGet 1.21.1 is a security update.
https://eternallybored.org/misc/wget/

Zoom 5.6.1.617 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.14 resolves several bugs and adds new positions and motions. This is not a security update.
https://en.3tene.com/

FastStone Viewer 7.5 adds dark theme, support for audio formats, and resolves several bugs. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

Picard 2.6 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Photoshop 21.2.7 and 22.3.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-28.html

Adobe Digital Editions 4.5.11.187606 is a security update.
https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html

Adobe Bridge 10.1.2 and 11.0.2 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb21-23.html

Atom 1.56.0 updates libraries and resolves several bugs. This is not a security update.
https://atom.io/

RoboHelp RH2020.0.4 is a security update.
https://helpx.adobe.com/security/products/robohelp/apsb21-20.html

Krita 4.4.3 doesn’t provide a detailed changelog so should be treated as a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.1.2 resolves over 60 bugs. This is not a security update, but the “Fresh” line is beta, so should be avoided by most users.
https://www.libreoffice.org/

LibreOffice Still 7.0.5 resolves over 100 bugs. This is not a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.2.0 resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 7.9.5 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 4.17 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html

ClamWin Portable 0.99.4.103 doesn’t provide a changelog so should be treated as a security update.
https://portableapps.com/apps/security/clamwin_portable

OpenSSL 1.1.1k is a security update.
https://www.openssl.org/source/

RogueKiller 14.8.6 is a security update.
https://www.adlice.com/download/roguekiller/

uBlock Origin 1.34.0 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 0.9.2 doesn’t provide a detailed changelog so should be treated as a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2021.3.0 resolves several bugs and improves toolset. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.16.3 resolves several bugs. This is not a security update.
https://12pd.com/click?makemkv

Education updates

One or more of these are likely to be of interest to most people.

e-Sword 13.0 adds Audio Bible support. This is not a security update.
https://www.e-sword.net/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.6.797 resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/

Bitwarden 1.25.1 resolves installation issues, adds support for Safari 13 and updates electron. This is not a security update.
https://bitwarden.com/

CCleaner 5.78.8558 improves cleaning options and behavior. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.2.0 is a major update, improving threading and symlink support, and resolves more than a dozen bugs. This is a security update.
https://cygwin.com/

DesktopOK 8.77 improves translations and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dupeGuru 4.1.1 resolves several bugs. This is not a security update.
https://dupeguru.voltaicideas.net/

Etcher 1.5.117 resolves several bugs and updates libraries. This is not a security update.
https://www.balena.io/etcher/

Everything Toolbar 0.6.3 resolves a user-mode compatibility problem, requiring uninstallation of previous versions before upgrade. All future builds will be machine-level only. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

GoodSync 11.6.2 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

Homedale 1.95 adds translation. This is not a security update.
https://www.the-sz.com/products/homedale/

IsMyHdOK 3.13 improves SSD/SSHD detection and benchmark testing. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

NTLite 2.1.0.7845 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 4.7.0 adds several new tables, concat* functions, and resolves dozens of bugs. This is not a security update.
https://osquery.io/downloads

ProduKey 1.96 improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/product_cd_key_viewer.html

PsExec 2.33 is a security update.
https://sysinternals.com/

RoboForm 9.1.2 adds website problem reporting and resolves several bugs. This is not a security update.
https://www.roboform.com/

Samsung Magician 6.3.0 doesn’t provide a changelog so should be treated as a security update.
https://www.samsung.com/semiconductor/minisite/ssd/download/tools/

SimpleWMIView 1.43 improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

System Monitor 13.02 resolves several bugs. This is not a security update.
https://sysinternals.com/

TaskSchedulerView 1.67 improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

TcpLogView 1.35 adds Process User column and improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

TCPView 4.0 adds flexible filtering, search, and display of the Windows service that owns an endpoint. This is not a security update.
https://sysinternals.com/

WifiInfoView 2.68 improves high-DPI compatibility. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinObj 3.02 resolves a crash bug. This is not a security update.
https://sysinternals.com/

WinScan2PDF 7.01 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WirelessKeyView 2.22 adds an option to copy QR Code of the selected item. This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.33.06 resolves a hotkey bug. This is not a security update.
https://www.autohotkey.com/download/

Android Studio 4.1.3.0 resolves a stable/beta channel bug. This is not a security update.
https://developer.android.com/studio

Node.js 12.22.0 is a security update.
https://nodejs.org/en/

Node.js 14.16.1 is a security update.
https://nodejs.org/en/

Node.js 15.14.0 is a security update.
https://nodejs.org/en/

Redemption 5.27.0.5916 resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

SQLite 3.35.4 is a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.12.0 updates libraries, resolves more than a dozen bugs, and improves consistency. This is not a security update.
https://tortoisegit.org/

Unreal Engine 4.26 adds many new features. This is not a security update.
https://unrealengine.com/en-US/

Visual Studio Code 1.55.2 is a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.11 adds a method to enable 2FA. This is not a security update.
https://coppermine-gallery.net/

Docker Desktop 3.3.0 resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Drupal 9.1.6 resolves over 50 bugs. This is not a security update.
https://drupal.org/download

HumHub 1.8.1 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 3.9.26 is a security update.
https://www.joomla.org/

MailEnable 10.34 resolves several bugs. This is not a security update.
https://www.mailenable.com/

Nextcloud Server 21.0.1 resolves over 70 bugs, updates libraries, and improves reliability and compatibility. This is not a security update.
https://nextcloud.com/

phpList 3.6.2 improves compatibility and resolves several bugs. This is not a security update.
https://www.phplist.org/

Piwigo 11.4.0 is a security update.
https://piwigo.org/

ScreenConnect 21.4.2767.7752 makes several cosmetic changes and resolves bugs. This is not a security update.
https://www.connectwise.com/software/control/download

SpamAssassin 3.4.6 is a security update.
https://spamassassin.apache.org/downloads.cgi

Antispam Bee 2.9.4 adds support for ajax calls. This is not a security update.

Autoptimize 2.8.3 resolves a bug. This is not a security update.

BuddyPress 7.2.1 is a security update.

Social Post Feed 2.19.1 improves compatibility and reliability, and resolves several bugs. This is not a security update.

Email Log 2.4.5 resolves several bugs. This is not a security update.

Redirection 5.1.1 resolves several bugs. This is not a security update.

Sucuri Security 1.8.26 is an SJW release. This is not a security update.

Theme My Login 7.1.3 resolves several bugs. This is not a security update.

W3 Total Cache 2.1.2 resolves several bugs and adds AWS regions, new MIME types and pagination links. This is not a security update.

WooCommerce 5.2.0 resolves dozens of bugs. This is not a security update.

WP Mail SMTP 2.7.0 changes PHP requirements (5.5+) and resolves several bugs. This is not a security update.

WordPress Zero Spam 5.0.12 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-10-13

Welcome back, Folks!

Today is Patch Tuesday for October 2020.

This Month in Technology

For those in our local community, the biggest news is that AT&T has abandoned DSL in rural America, reducing Internet access options even further for our friends and neighbors.

The US Treasury has announced that it is now illegal to pay your federal taxes.

The Universal Health Services was hacked (all 400+ locations!) and infected with ransomware, so was Software AG, the U.S. Department of Veterans Affairs (VA) was hacked again, the Department of Homeland Security (DHS) was hacked, the Las Vegas school system was hacked – and since they didn’t pay the ransom student details were leaked, Docsketch was hacked, and the United Nations (UN) International Maritime Organization was hacked. Razer made a boo-boo, and even coffee makers are now being used for ransomware distribution. Grindr was hacked, Microsoft’s Windows XP source code was leaked, almost any current iPhone can be listened into from 20 feet away using only an AM radio, and access to your RMM (Remote Monitoring and Management) is being sold to attackers. Evidence exists that your anti-virus is helping the bad guys, and BitDefender is still weak security.

Facebook has been hacked (for years), Facebook for Android has been hacked again, Office 365 & Outlook have been down repeatedly over the last month, Fitbit malware – distributed by Fitbit – can be used to take over your internal network and exfiltrate your data to the web, Bluetooth is still the weakest wireless link, your Comcast XR11 TV remote can be used to listen in to your conversations, BitLocker encryption is vulnerable to a sleep-mode bypass (aka, yet another reason not to use sleep mode), HP Device Manager flaw is a big deal, but not as big a deal as Windows Error Reporting being used to infect your PC.

Apple’s initial iOS 14 release killed batteries on many iPhones, (so did the recent ChromeOS update), Apple’s latest security fix (10.15.7) can kill performance on your Mac, but only if you use Mac software (rolls eyes). Hint: disable and re-enable Find My Mac to fix it. And that’s nothing compared to their T2 security chip vulnerability.

“The” secure reimplementation of BIOS, UEFI, was designed to make security at boot a thing of beauty and prevent third-parties from being able to hijack the boot process. Unfortunately, it simply provided a false sense of security.

2FA via SMS is also a much lower fruit than many realize, but not nearly as bad as SSO.

Many others have joined in the case against Apple & Google’s rent-seeking, who charge significantly more for their “services” than even the federal government, but portray themselves as victims. Insane rules and hypocritical requirements force developers to charge for free services or force users out of their application in order to even be allowed into the Apple ecosystem. What can we really expect from a SF bay area “green” company that lies about their recycling program? Hopefully the courts will use Apple’s own words against them, in that Apple claims that their AppStore is a place to “reliably” download “safeapps.

Former Facebook data scientist exposes her complicity with atrocities and abuse by governments and MNCs.

The Supreme Court heard arguments on the Oracle v Google IP fight suffered the same problem that most legal battles over technology do: poor arguments. Google’s defense failed to explain the distinctive nature of APIs as guides rather than code. Sure, they provide access to the functionality of the code, but are not, in and of themselves, code. The entire argument could be easily equated to vehicles. One does not need to know nor expose the specific design of a Ferrari 911 to know that the vehicle should stop at a stop sign nor yield at a yield sign. The vehicle itself (code – reasonably subject to IP) can operate on any road as long as the traffic signs (APIs) are in place. The signage is consistent across most of the world, even where languages differ greatly. So should the APIs be universally available.

In the current world of tech censorship and cancel culture, nobody can really argue against the necessity for Section 230 to be revised. However, most calls for revision would create an even more abhorrent system where public discourse can not be held without risk of liability to completely unrelated parties.

If you take government money, you are subject to the same rules as government, so says RFK, Jr.

In the new “get woke, go broke” era, it should come as no surprise that when you pander to racists and terrorists, you will be investigated.

Research shows that the lockdowns were not only anti-science, but caused far more harm than the virus itself. On the subject of fraud, are we still supposed to believe that the government’skill a fly with a nukeresponse to COVID is really all the result of bats in an Asian wet market or that masks actually do anything at all?

One would think fraud would be front page news, but the MSM is much more likely to ignore than acknowledge it. To paraphrase Stalin, “A single case of fraud is a tragedy; a million cases are just a statistic.”

The moment I read that Nintendo’s lawyers said Joy-Con Drift “wasn’t a real problem” I knew they would be sued.

Now for the good news – since I’m making up for last month, I’ll give you three:

Adobe Flash will finally be dead in only 79 days.

Free, limitless power from graphene could literally change everything.

A “vaccine” of sorts has been developed to protect against some forms of ransomware.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday this month is huge. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Flash, and MSRT (~ 1.5 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 14.0.1 and iPadOS 14.0.1, tvOS 14.0.2, Safari 14.0, watchOS 7.0.2, macOS Catalina 10.15.7, macOS Mojave 10.14.6, macOS High Sierra 10.13.6, iCloud for Windows 7.21, iCloud for Windows 11.4, iTunes for Windows 12.10.9, and Xcode 12.0. These are security updates.

iOS 14.0.1 is a security update. Use Settings, General, Software Update to install the most current version. This version also adds the Orwellian contact tracing feature at the system level. While “disabled” by default, you may validate that it is disabled in Settings, Privacy, Health, COVID-19 Exposure Logging, and turn off Exposure Logging.

iPadOS 14.0.1 is a security update. Use Settings, General, Software Update to install the most current version.

tvOS 14.0.2 is a security update. Use Settings, General, Updates to install the most current version.

watchOS 7.0.2 is a security update. Use your updated iPhone to install the most current version through the Watch app.

Adobe Flash Player 32.0.0.445 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google has released security updates for Android 9 and 10 which will gradually be published by individual vendors and available to you in the coming weeks. This version also adds the Orwellian contact tracing feature. Disabling Location and Bluetooth will disable the current version of contact tracing.

Google Chrome OS 85.0.4183.133 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (2004) is a huge (about 25% larger than any prior build) so will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.3.3 improves removal of DCH CP on older builds of Windows. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 8.30.310 resolves several bugs adds profiles for Zoom and MS Teams. This is not a security update.
https://www.logitech.com/en-us/product/options

Logitech Options (macOS) 8.30.293 resolves several bugs adds profiles for Zoom and MS Teams. This is not a security update.
https://www.logitech.com/en-us/product/options

nVidia 456.71 adds support for new hardware and improves support for COD beta and other games. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Crucial Storage Executive 6.06 doesn’t provide a changelog so should be treated as a a security update.
https://www.crucial.com/support/storage-executive

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.15.72 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Google Chrome 86.0.4240.80 is a security update. Use Menu, Help, About to install the most current version.

Microsoft Edge 86.0.622.38 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

Firefox 81.0.2 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 78.3.1 is a security update. Use Menu, Help, About to install the most current version.

SeaMonkey 2.53.4 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 3.3.2022.47 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 78.3.2 is a security update. Use Menu, Help, About to install the most current version.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 107.4.443 resolves bugs and adds more. This is not a security update.
https://www.dropbox.com/

Zoom 5.3.53291.1011 changes automatic update behavior, and improves poll and link behaviors. This is not a security update.
https://zoom.us/

Prosody 0.11.7 is a security update.
https://prosody.im/download/start

FreeFileSync 11.2 resolves several bugs, improves layout and key bindings. This is not a security update.
https://www.freefilesync.org/download.php

Nmap 7.91 adds support for new profiles and fingerprints, and resolves several bugs. This is a security update.
https://nmap.org/

Npcap 1.00 resolves two minor bugs. This is not a security update.
https://nmap.org/npcap/

Technitium DNS Server 5.3 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Media Updates

These are unlikely to be of interest to most people.

3tene 2.0.6 improves sensitivity calculations, light focal management, and resolves several bugs. This is not a security update.
https://en.3tene.com/

iTunes for Windows 12.10.9 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.10.07 resolves several bugs. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.9 adds several new features and fixes over a dozen bugs. This is not a security update.
https://notepad-plus-plus.org/

Adobe Reader DC 20.012.20048 resolves several bugs. This is not a security update.

Artweaver 7.0.7 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Atom 1.52.0 updates libraries and resolves several bugs. This is not a security update.
https://atom.io/

Blender 2.90.1 resolves several bugs. This is not a security update.
https://www.blender.org/download/

Lightworks NLE 2020.1.1 resolves several bugs. This is not a security update.
https://www.lwks.com/

Microsoft Office for Mac 2016/2019 is a security update.

Krita 4.4.0 improves fill layers, multigrid, screentone, brushes, API improvements and more. This is a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 7.0.2 resolves over a hundred bugs. This is a security update.
https://www.libreoffice.org/

Nextcloud Desktop 3.0.2 resolves a dozen bugs. This is not a security update.
https://nextcloud.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

OpenSSL 1.1.1h resolves several bugs and improves compatibility. This is not a security update.
https://www.openssl.org/source/

KeePass 2.46 adds several features including TLS 1.3 and mass edit capabilities, as well as resolving bugs, and other improvements. This is not a security update.
https://keepass.info/

RogueKiller 14.7.3 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.0.8 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

uBlock Origin 1.30.4 resolves several bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.27.3 resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2020.1.5 resolves several bugs. This is not a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 12.0.0.1 is a major update with several improvements. This version improves the GUI and adds several new output profiles. This is not a security update.
https://www.dvdfab.cn/download.htm

AVStoDVD 2.8.9 resolves several bugs, improves performance and updates libraries. This should be treated as a security update.
https://sites.google.com/site/avstodvdmain/

MakeMKV 1.15.3 resolves several bugs, introduces TOR/VPN support, adds support for new stream types. This is not a security update.
https://www.makemkv.com/download/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.6.785 resolves a bug. This is not a security update.
https://1password.com/downloads/windows/

Beyond Compare 4.3.7.25118 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 1.22.2 resolves bugs. This should be treated as a security update.
https://bitwarden.com/

CCleaner 5.72.7994 resolves several bugs and improves compatibility. This is not a security update.
https://www.ccleaner.com/

CPU-Z 1.94 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

DesktopOK 7.95 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.72 resolves an output bug. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Etcher 1.5.109 is a security update.
https://www.balena.io/etcher/

Everything 1.4.1.992 is a security update.
https://www.voidtools.com/

GoodSync 11.3.8 resolves several bugs. This is not a security update.
https://www.goodsync.com/

IsMyHdOK 2.51 resolves bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 1.7.0 improves messaging. This is not a security update.
https://lessmsi.activescott.com/

MS ISO Downloader 8.40 adds support for new Dell models and images, new Win10 builds and adds hash reporting to images. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 2.0.0.7656 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

Aomei Partition Assistant 8.10 improves display and startup. This is not a security update.
https://www.diskpart.com/

PSAppDeploy 3.8.3 adds several new features and resolves bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 8.9.4 resolves several bugs, including the QuickBooks compatibility issue that prevented display of registers and Chrome that caused freezes.
https://12pd.com/click?rf

Process Monitor 3.60 adds support for multiple filter item selection and decoding for new file system control operations and error status codes. While not a security updates, this improves the analytical data collection, thus increasing security awareness.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon

Procdump 10.0 adds support for dump cancellation and CoreCLR processes. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procdump

Sysmon 12.0 resolves several bugs and adds support for capturing clipboard operations. While not a security updates, this improves the analytical data collection, thus increasing security awareness.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

SysInternals released new builds of many of their applications, as well as ARM versions. While the changes on many of the updates are poorly documented and SysInternals apps are generally more secure than apps distributed elsewhere, you should assume that any updates have security ramifications. If they’re not security updates, they may improve the context or analytical data that is exposed, thus increasing the security awareness of the tools.
https://live.sysinternals.com/

TeamViewer 15.10.5 resolves a licensing bug. This is not a security update.
https://www.teamviewer.com/en/download/windows/

USBDeview 3.01 adds an option to copy the contents of the active cell. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

USB Oblivion 1.14.0.0 addes support for new modules. This is not a security update.
http://www.cherubicsoft.com/en/projects/usboblivion

WifiChannelMonitor 1.65 adds support for detection of new protocols. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WifiInfoView 2.65 adds support for detection of new protocols. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WirelessKeyView 2.20 adds support for displaying WiFi QR Codes. This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

WinGet 0.2.2521 updates libraries and adds new verbs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 6.06 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 4.1.0.19 integrates database and emulation, improves diagnostics, and resolves several bugs. This is not a security update.
https://developer.android.com/studio

Godot 3.2.3 resolves over a hundred bugs and improves stability. This is not a security update.
https://godotengine.org/

Node.js 14.13.1 resolves several bugs. This is a security update.
https://nodejs.org/en/

Node.js 12.19.0 updates libraries, and resolves dozens of bugs. This is a security update.
https://nodejs.org/en/

Visual Studio Code 1.50 improves accessibility features, pinned tabs, adds ARM support, and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

TortoiseGit 2.11.0 updates libraries and resolves several bugs. This is not a security update.
https://tortoisegit.org/

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 11.12.0 adds image embedding and resizing, improved scheduling capabilities, library updates and bug fixes. This is not a security update.
http://dadamailproject.com/

Drupal 9.0.7 resolves dozens of bugs. This is a security update.
https://drupal.org/download

Docker Desktop 2.4.0.0 updates libraries and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop

Nextcloud Server 20.0.0 updates libraries, adds a new dashboard, Talk bridging support, and several other new features and improvements. This is not a security update.
https://nextcloud.com/

HumHub 1.6.4 is a security update.
https://www.humhub.com/en/download

Joomla 3.9.22 resolves several bugs. This is not a security update.
https://www.joomla.org/

OpenPetra 2020.09 resolves several bugs. This is not a security update.
https://www.openpetra.org/

phpMyAdmin 4.9.6 and 5.0.3 are security updates.
https://www.phpmyadmin.net/

Autoptimize 2.7.8 is a security update.

BuddyPress 6.3.0 resolves bugs. This is not a security update.

Email Log 2.4.3 adds a new filter and enhances nonce. This is not a security update.

Social Post Feed 2.17 adds support for new embed types. This is not a security update.

WooCommerce 4.5.2 resolves a couple bugs. This is not a security update.

WP Mail SMTP 2.4.0 updates libraries, improves compatibility, and resolves several bugs. This is not a security update.

W3 Total Cache 0.15.1 resolves several bugs. This is not a security update.

WordPress Zero Spam 4.10.2 improves compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2020-03-10

Welcome back, Folks!

Today is Patch Tuesday for March 2020.

The next build of Windows 10 is just around the corner. If you don’t want to be the guinea pig I strongly suggest you update to v1909 within the next month. This will grant you a reprieve from the new version for a couple months. Let everyone else beta test and you can upgrade when they’ve worked out the bugs.

Windows 7 is still end-of-life (EOL). If you’re still running it, shame on you, and if you are running a licensed version of Windows 7 or 8 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Don’t want to do it yourself? Call me!
https://saferpc.info/contact/

This Month Week in Technology

In 2019, Android reportedly had the most vulnerabilities of any OS, but in its defense, there are literally dozens of manufacturers that build on Android and many of the issues stem from these third-parties. Also, if you’re running Android, you really should also be using SnoopSnitch which can identify whether security updates have been applied to your device or if it’s been abandoned by the vendor.

Movies like Eagle Eye demonstrated how easy it was for a malicious actor to observe your mobile remotely, but if you have a smart assistant enabled (such as Alexa, Siri, Google Assistant, Cortana) then it is possible to remotely control it using audio signals that are beyond the range of human hearing.

There’s more evidence than ever that selling your Intellectual Property to a third party puts your users at risk. It’s very common in browser extensions and website plugins. It doesn’t matter how secure the core engine is if the user installs a malicious or defective extension/plugin. There’s always a line, though, right? Facebook is actually suing an SDK maker for harvesting the data that…Facebook collected.

Netgear has issued security patches for almost 50 router models. If you use Wi-Fi then, by it’s very nature, you’re susceptible to being tracked. The protocol itself is your enemy since it requires that it transmit all your “known” networks on a regular basis during a heartbeat connection status report. Even if you disable Wi-Fi everywhere except trusted locations, those trusted locations can be still be compromised due to weak security in the on-device encryption key. Intel and AMD CPUs for nearly a decade have had significant flaws that allow data exfiltration by unprivileged users.

More than a million enterprise Microsoft accounts have been compromised, primarily through password reuse. Guys, NEVER reuse passwords! Defense contractors getting hacked isn’t really anything new, but you’d think they had better backups so they wouldn’t have to pay half-million dollar ransoms.

Malware authors evade detection in many ways. One of the most common diagnostic tests for malicious software is to run it within a virtual machine. As expected, developers can detect and disable their malware within these environments. The Malware Evasion Encyclopedia provides advice to educate researchers to keep one step ahead of the malware.

.NET Core 3.0 is dead. Long live .NET Core! Oh, and switching to 3.1 is easy.

I’ll end my soapbox on a happy note:

A new Wi-Fi chip design for IoT devices consumes only 1/5000th of the energy of current models. Wow!

Let’s Get Busy

Now back to our regularly scheduled program. Thanks to the monster of updates pushed during “weekly update February”, Patch Tuesday this month is pretty light. The typical computer should see roughly 1.1 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Internet Explorer, Servicing Stack, and MSRT (~600 MB). This includes security updates. A reboot is required.

Google Chrome OS 80.0.3987.137 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (1909) is a pretty small update so will install quickly. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

BullZip PDF Printer 11.13.0.2823 resolves an SFTP bug. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Intel Driver and Support Assistant 20.2.9 resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 442.59 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Logitech Options 8.10.154 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.logitech.com/en-us/product/options

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 80.0.3987.132 is a security update. Use Menu, Help, About to install the most current version.

Firefox 74.0 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 68.6.0 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.11.1811.47 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

WinSCP 5.17.2 resolves several bugs and disables TLS 1.3 by default. This is not a security update.
https://winscp.net/eng/index.php

Npcap 0.9988 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.8.5 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Nextcloud Desktop 2.6.4 resolves several bugs. This is not a security update.
https://nextcloud.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

NSudo 8.0 resolves several bugs, improves reliability, and reduces file size. This is not a security update.
https://github.com/M2Team/NSudo/releases/latest

TinyWall 2.1.15 now offers the upgrade to 3.0.0 on 64-bit systems. 3.0.0 is in beta and provides user interface, performance, stability and reliability improvements. It is, however, beta software, so should be avoided until it is stable.
https://tinywall.pados.hu/

uBlock Origin 1.25.2 resolves several bugs and improves GUI. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.22 resolves several bugs and improves automatic update. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 2020.1.1 adds SharePoint sharing, and resolves several bugs. This is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.15.0 updates the user interface, adds new preferences for LibMMBD integration, and improves reliability. This is not a security update.
https://www.makemkv.com/download/

MKVToolnix 44.0.0 adds attachment drag and drop, improves reliability, and resolves several bugs. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

DVDFab 11.0.7.7 adds support for new encodings, new profiles, and adds BluPath feature. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.4.750 adds several new features, including Windows Hello support, rewritten interface engine, improved display support, and over 80 fixes and improvements. This is not a security update.
https://1password.com/downloads/windows/

Beyond Compare 4.3.4.24657 updates libraries, resolves several bugs, and improves compatibility. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitcoin 0.19.1 resolves several bugs. This is not a security update.
https://bitcoin.org/en/download

DesktopOK 6.88 updates the language file. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DMDE 3.6.1.773 adds support for 64-bit macOS. This is not a security update.
https://dmde.com/

Everything 1.4.1.965 resolves several bugs. This is not a security update.
https://www.voidtools.com/

Fing 8.9.0 resolves several bugs and integrates a database of supported devices (Fingpedia), this is not a security update.
https://community.fing.com/

GoodSync 10.10.26 improves compatibility and status reporting. This is not a security update.
https://12pd.com/click?goodsync

Rufus 3.9 resolves several bugs and improves compatibility. This is not a security update.
https://rufus.ie/en_IE.html

TeamViewer 15.3.8497 resolves compatibility bug with hash authentication, but disables hash auth for settings. This is not a security update.
https://www.teamviewer.com/en/download/windows/

WSUS Offline 11.9 is the last version to support Windows 7, updates supersedence URLs, and resolves several bugs. This is not a security update.
https://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 3.6.1.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio/index.html

Godot 3.2.1 resolves several bugs. This is not a security update.
https://godotengine.org/

Node.js 13.10.1 resolves several bugs. This is not a security update.
https://nodejs.org/en/

TortoiseGit 2.10.0 updates libraries and resolves several bugs. This is not a security update.
https://tortoisegit.org/

Visual Studio Code 1.43 adds a search editor, shangle controls, minimap improvements, column selection, and more. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Joomla 3.9.16 is a security update.
https://www.joomla.org/

Drupal 8.8.3 resolves over 50 bugs and updates libraries. This is not a security update.
https://drupal.org/download

HumHub 1.4.3 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download

ScreenConnect 20.1.27036.7360 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

Contact Form 7 5.1.7 adds LTR support and adds a cosmetic change to warning. This is not a security update.

Email Log 2.3.2 improves compatibility, user interface, and resolves a couple bugs. This is not a security update.

Simple Lightbox 2.8.1 improves compatibility. This is not a security update.

NextScripts Social Networks Auto-Poster 4.3.13 resolves several bugs and improves compatibility. This is not a security update.

WooCommerce 4.0.0 is a major update adding over 70 changes and fixes, updated libraries, and feature improvements. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2019-11-12

Hi, Folks!

Today is Patch Tuesday for November 2019 and this month is huge.

The next build of Windows 10, version 1909, is being released this week. This version is minor compared to other Windows 10 upgrades and should be nearly indistinguishable from 1903. If you’re running 1903 now installing 1909 should have no negative impact. If you’re running an older version I recommend upgrading to 1903 before switching to 1909. In either case, don’t do it yet. There is nothing so critically important in 1909 that the update can’t wait a month. Wait for it.

Windows 7 will fall completely out of support in only 60 days. Don’t run out the clock. If you are running a licensed version of Windows 7 or 8 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Get it done before it’s too late. Don’t want to do it yourself? Call me!

Catalina has been out for a month now and the backlash is huge. Installation lockups, forced password resets, permission resets, iCloud sync problems, dropped support for 32-bit apps, and incompatibility issues requiring reinstallation or upgrade of many others are just a few of the issues experienced by the unlucky lemmings that Thought Things Would Be Different™. Apple is gradually resolving problems, but I recommend you hold off until at least 10.15.3 before upgrading (and then only if you don’t need any 32-bit apps). x.3 seems to be the sweet spot for macOS stability. That should be out sometime next month. With that said, don’t postpone installing the patches for your current build of macOS. These are always security updates.

In the news this month Google is buying Fitbit (so find another tracker), we’re reminded to always disable NFC, compromising fingerprint readers is still extremely easy, light is as effective as voice, punctuation is still important, iOS 13+’s aggressive memory cleanup is more “abusive” than “aggressive,” and still brokenanything you share with any business or entity will no doubt inevitably be exposed, especially if it’s Adobe, or even your antivirus company, that “user interface design” and “security” are far removed, and that IoT is putting us all further at risk every single day.

The co-founder and CEO of Mine, an online privacy advocacy organization, observes that cybersecurity is becoming less accessible to smaller companies, but that’s why I’m here. Check out our subscription to learn more. Our goal is to provide enterprise-level support to everyone at a cost that is reasonable even for home users.

Now back to our regularly scheduled program. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Internet Explorer, Servicing Stack, and MSRT (~800 MB). This includes security updates. A reboot is required.

Apple released updates for iOS 13.2.2, iPadOS 13.2.2, macOS Catalina 10.15.1, Security Update 2019-001 Mojave, Security Update 2019-006 High Sierra, tvOS 13.2, watchOS 6.1, Safari 13.0.3, and Xcode 11.2. These are security updates. Use Apple Software Update to install the most current versions.

macOS Catalina (10.15) is available. This is a large download and will take between 2 and 4 hours to install on most hardware. The release of macOS Catalina (10.15) means that macOS Sierra (10.12) is now no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

iOS 13.2.2 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 5.3.3 and 6.1 are security updates. Use the Watch app on your iPhone to install the most current version.

tvOS 13.2 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 78.0.3904.92 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 31-1.9 is a major update. This version is now released only as a 64-bit release. Though 32-bit apps are still supported the CPU architecture now requires 64-bits. New features include the Fedora Toolbox (an improved launcher), updated packages, improved stability and bug tracking, removal of YUM, improved security, and Cgroups v2 support.

Adobe Flash Player 32.0.0.270 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (1903) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6 GB through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Intel Driver and Support Assistant 19.10.42 improves the installer and resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Crucial Storage Executive 5.05 doesn’t provide a changelog so should be treated as a security update.
https://www.crucial.com/usa/en/support-storage-executive

nVidia 441.20 resolves several bugs, improves compatibility, and adds support for newer hardware. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 78.0.3904.97 is a security update. Use Menu, Help, About to install the most current version.

Firefox 70.0.1 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 68.2.0 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.9.1705.41 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.7.2 resolves several bugs. This is not a security update.
https://getmailspring.com/

Thunderbird 68.2.0 is a security update. Use Menu, Help, About to install the most current version.

OutlookAttachView 3.30 adds option to scan only unread messages and set the read flag on mesages on extraction. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

WinSCP 5.15.5 is a security update.
https://winscp.net/eng/index.php

FreeFileSync 10.17 adds private key support for SFTP and resolves several bugs. This should be treated as a security update.
https://www.freefilesync.org/download.php

Java 8u231 is a security update. You should remove Java instead of upgrading if you are not 110% sure you require it.
https://www.java.com/en/download/manual.jsp

MaxMind GeoIP2 201911 is a data refresh.
http://dev.maxmind.com/geoip/

Npcap 0.9984 is a security update.
https://nmap.org/npcap/

BrowsingHistoryView 2.26 adds the ability to configure what happens on double-clicking an item in the results.
https://www.nirsoft.net/utils/browsing_history_view.html

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.10.2 is a security update.
https://www.apple.com/itunes/download/

Picard 2.2.3 resolves several bugs. This is not a security update.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

Steam 2019.11.06 replaces the Library with a new interface, resolves several bugs, improves stability. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Atom 1.41.0 updates libraries and resolves several bugs. This should be treated as a security update.
https://atom.io/

LibreOffice Still 6.2.8 resolves several bugs. This is not a security update. This is the stable version of LibreOffice, so if you’re upgrading you should install Still.
https://www.libreoffice.org/

LibreOffice Fresh 6.3.3 resolves many bugs. This is not a security update. This is the beta version of LibreOffice, so if you’re upgrading you should install Still.
https://www.libreoffice.org/

Notepad++ 7.8.1 (Free Uyghur Edition) resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Adobe Reader DC 19.021.20049 resolves several bugs. This should be treated as a security update. Use Help, Check for Updates to get the most current version.

Security Software Updates

One or more of these is likely to be of interest to most people.

RogueKiller 13.5.6 resolves several bugs. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 2020.0.1 is a security update.
https://download.techsmith.com/snagit/enu/snagit.exe

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 11.0.5.8 adds support for new encodings, adds cloud backup for configuration. This is not a security update.
https://www.dvdfab.cn/download.htm

MKVToolnix 40.0.0 resolves several bugs and improves automation. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 7.4.1 resolves several bugs. This is a security update.
https://1password.com/downloads/mac/

RoboForm 8.6.2 resolves several bugs. This is not a security update.
https://12pd.com/click?rf

8GadgetPack 31.0 improves compatibility. This is not a security update.
https://8gadgetpack.net/

Beyond Compare 4.3.2.24472 resolves several bugs and improves compatibility. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

BulkFileChanger 1.70 adds support for Office format date/time values. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

DesktopOK 6.71 adds new explore path feature. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.60 adds option to Open Device Properties Window and option to create a shortcut to Device Properties window on your desktop. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

DriveLetterView 1.50 adds Open Device Properties Window option. This is not a security update.
https://www.nirsoft.net/utils/drive_letter_view.html

Etcher 1.5.63 updates libraries. This should be treated as a security update.
https://www.balena.io/etcher/

FolderChangesView 2.31 resolves a stability bug and changes keyboard accelerators for find and open in explorer. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

GoodSync 10.10.12 resolves several stability issues and annoyances. This should be treated as a security update.
https://12pd.com/click?goodsync

IsMyHdOK 1.91 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

Ketarin 1.8.11 adds several new features including global “on update failed” command, variable sorting, and improved FileHippo integration. This is not a security update.
https://ketarin.org/

MS ISO Downloader 8.23 updates names and adds ISOs. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

NTLite 1.8.0.7217 adds support for 20H1, resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 7.0.1005 adds several new features, resolves bugs, and improves reliability. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 3.71 resolves a bug and improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

SearchMyFiles 3.06 resolves the time range bug. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TaskSchedulerView 1.53 adds an option to display only running tasks. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

USBDeview 2.81 adds an option to open Device Properties window. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WifiInfoView 2.55 adds ability to connect to an access point from within WifiInfoView and from the CLI. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 5.09 improves compatibility with certain hardware and WIA. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.30 adds enterprise licensing, improved treemap, in-app context menu improvements, and search improvements. This is not a security update.
https://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

WSUS Offline 11.8.2 updates libraries, improves compatibility, and supercedence rules. This is not a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.31.01 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Android Studio 3.5.2 resolves several bugs. This is not a security update.
https://developer.android.com/studio/index.html

Inno Setup 6.0.3 and Inno Setup QuickStart 6.0.3 adds several new features including dark theme, new messages, and directives. This is not a security update.
http://www.jrsoftware.org/isdl.php

Node.js 13.1.0 resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.30.1 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.9.0 updates libraries and resolves many bugs. This is a security update.
https://tortoisegit.org/

TortoiseSVN 1.13.1 updates library and adds digital signature. This should be treated as a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.40 resolves over 4600 issues. This is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.14-133895 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.7.4 is a security update.
https://www.adminer.org/en/

phpList 3.4.8 doesn’t provide a changelog, so should be treated as a security update.
http://www.phplist.com/download

Nextcloud Server 17.0.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

Drupal 8.7.9 resolves several bugs. This is not a security update.
https://drupal.org/download

Joomla 3.9.13 is a security update.
https://www.joomla.org/

MailEnable 10.27 is a security update.
https://www.mailenable.com/

ScreenConnect 19.4.25759.7247 resolves several bugs. This is not a security update.
https://www.connectwise.com/software/control/download

WordPress 5.3 is a security update. This version adds the Twenty Twenty theme, improved block editor, accessibility and keyboard improvements, automatic image rotation, and more.
https://wordpress.org/

Akismet 4.1.3 improves compatibility and resolves several bugs. This is a security update.

bbPress 2.6.0 improves moderation, engagements, and several other features, adds compatibility with PHP 7.1+, and resolves over 400 bugs. This is not a security update.

Contact Form 7 5.1.5 improves the configuration validator. This is not a security update.

Custom Facebook Feed 2.12 resolves several bugs. This is not a security update.

myStickymenu 2.2.6 is a security update.

WooCommerce 3.8.0 doesn’t have a changelog so should be treated as a security update.

WP Mail SMTP 1.7.1 improves compatibility and resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2014-12-09

Hi, Folks!

It’s Patch Tuesday! This is a relatively light Patch Tuesday, with only about 250mb in updates for most computers, but a lot have security implications. Let’s get started.

Microsoft released 8 updates to address 24 vulnerabilities in Windows, Internet Explorer, Office, Silverlight and Exchange (~120mb). This includes security updates. A reboot is required.
http://update.microsoft.com/

Apple released updates for OS X Yosemite, Safari, iCloud and AppleTV. This includes security updates. Be aware that many have reported problems with the Safari “update” accidentally removing Safari. You would be well advised to switch to Chrome in order to have a more stable browsing environment. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 8.1.2 is a security update and also addresses the many Wifi and wireless problems introduced in 8.0. If you can not install the update through Wifi (since it’s broken), use iTunes to install the update.

Adobe Flash Player 16.0.0.235 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 13.5.3.0 improves Intel cleanup. This is not a security update.
http://www.wagnardmobile.com/DDU/

Samsung SideSync 3.1.4.801 does not provide a changelog, so should be treated as a security update.
http://www.samsung.com/us/sidesync

PS3 4.66 improves stability. This is not a security update.

PS4 2.03 improves stability and reliability. This is not a security update.

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 39.0.2171.95 is a security update. Use Menu, About to get the most current version.

Safari 8.0.1 is a security update. And it was pulled from availability after it was discovered to have been force-uninstalling Safari instead of updating it. It will probably be available again soon.
https://discussions.apple.com/thread/6706616

Opera 26 is a security update. Use Menu, About to get the most current version.

Firefox 34.0.5 is a security update. Use Help, About to get the most current version.

SeaMonkey 2.31 is a security update. Use Help, About to get the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 31.3.0 is a security update. Use Help, About to get the most current version.

NK2Edit 3.07 adds the ability to limit the maximum number of autocomplete records allowed by Outlook. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

OutlookAttachView 2.73 now also scans the root folder of the PST file. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 7.0.0.100 does not provide a changelog, so should be treated as a security update.
https://12pd.com/click?skype

Dropbox 3.0.3 fixes an “infinite sync” bug, as well as various other improvements. This is not a security update.
https://12pd.com/click?dropbox

Media Updates

These are unlikely to be of interest to most people.

Plex Media Server 0.9.11.4.739 provides a dozen fixes in stability, reliability and interop, as well as improved hardware and networking. This is not a security update.
https://plex.tv/downloads/

Game Updates

These are unlikely to be of interest to most people.

Minecraft 1.8.1 adds performance and other optimizations and bug fixes. This is not a security update.
http://www.minecraft.net/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader 10.1.13 and 11.0.10 are security updates. Use Help, About to install the most current version.

Artweaver 5.0.1 adds a changelog! This version fixes several bugs with blending, big brushes and corrupt BMP files. This is not a security update.
http://www.artweaver.de/

Paint.net 4.0.5 corrects several bugs. This is not a security update.
http://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

AVG Anti-Virus Free 2015.5577 updates anti-spam and integrates PC TuneUp. This is not a security update.
http://www.avg.com/us-en/download

MalwareBytes’ Anti-Malware 2.0.4 fixes a bug in the Malware Protection service. This is a security update.
http://www.malwarebytes.org/products/malwarebytes_free

DNSQuerySniffer 1.35 adds TTL display mode. This is not a security update.
http://www.nirsoft.net/utils/dns_query_sniffer.html

RogueKiller 10.0.9 improves shellcode protection and updates signatures. This is a security update.
http://www.adlice.com/softwares/roguekiller/

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.9.0 adds support for newer encodings, improved handling of mastering errors, bug fixes and adds the ability to split content by chapters. This is not a security update.
https://12pd.com/click?makemkv

CDex 1.74 improves tagging, updates libraries, various bug fixes and performance improvements. This should be treated as a security update.
http://cdexos.sourceforge.net/

DVDFab 9.1.7.6 adds support for newer encodings, fixes crash and stability bugs. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

7-Zip 9.35 fixes several bugs. This is not a security update.
http://www.7-zip.org/

GoodSync 9.9.11.5 improves syncing of locked files, updates libraries, and improves reliability. This is a security update.
https://12pd.com/click?goodsync

RoboForm 7.9.11.5 updates libraries, fixes several bugs, adds import from LastPass and DashLane. This is a security update.
https://12pd.com/click?rf

BFGMiner 5.0.0 adds dozens of bug fixes and improvements. This is a security update.
https://github.com/luke-jr/bfgminer/

CintaNotes 2.8.3 corrects several bugs. This is not a security update.
http://cintanotes.com/download

TeamViewer 10.0.36244 is a major update, improving the interface, providing central setting controls, master whitelist, improved chat, one-click video calls, profile pictures, LAN detection, and more. This is not a security update.
http://www.teamviewer.com/en/download/windows.aspx

Agent Ransack 2014.828 fixes a minor bug. This is not a security update.
http://mythicsoft.com/agentransack/download

FileLocator Pro 7.5.2077 corrects several bugs. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

CurrPorts 2.12 adds the ability to enable and disable filters from the toolbar. This is not a security update.
http://www.nirsoft.net/utils/cports.html

NetworkTrafficView 1.87 corrects a window positioning bug. This is not a security update.
http://www.nirsoft.net/utils/network_traffic_view.html

ProduKey 1.70 adds support for BIOS OEM Key. This is not a security update.
http://www.nirsoft.net/utils/product_cd_key_viewer.html

SearchMyFiles 2.52 corrects a window positioning bug. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

USBDeview 2.40 adds an option to re-sort on every update. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

WhosIP 1.10 adds support for authentication-less SOCKS4 and SOCKS5 proxies. This is not a security update.
http://www.nirsoft.net/utils/whosip.html

WifiChannelMonitor 1.16 updates the internal MAC addresses file. This is not a security update.
http://www.nirsoft.net/utils/wifi_channel_monitor.html

CCleaner 5.00.5050 improves the GUI, adds newer software support, and various bug fixes. This is not a security update.
https://12pd.com/click?ccleaner

CPU-Z Installer 1.71.1 adds support for newer hardware. This is not a security update.
http://www.cpuid.com/softwares/cpu-z.html

Cygwin 1.7.33 corrects several bugs, improves header and compatibility. This is a security update.
http://cygwin.com/

LicenseCrawler 1.44.785 improves filters and scan performance, corrects several bugs. This is not a security update.
http://www.klinzmann.name/licensecrawler_download.htm

Developer Updates

These are unlikely to be of interest to most people.

MySQL 5.6.22 is a security update.
http://www.mysql.com/downloads/installer/

ActivePerl 5.20.1.2000 is a major update to bring ActivePerl into compliance with Perl 5.20.1. This is a security update.
http://www.activestate.com/activeperl/downloads

Redemption 5.8.0.4036 fixes several bugs and adds dozens of new objects and functions. This is not a security update.
http://www.dimastr.com/redemption/

TortoiseGit 1.8.12.0 improves performance and fixes several bugs. This is a security update.
http://code.google.com/p/tortoisegit/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 4.3.20-96997 fixes a couple dozen bugs, improves reliability and hardware compatibility. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 4.0.10.7, 4.1.14.8, 4.2.13.1, and 4.3.1 are security updates.
http://www.phpmyadmin.net/

MailEnable Enterprise 8.56 fixes a number of bugs. This is not a security update.
http://www.mailenable.com/

WordPress 4.0.1 is a security update.
http://wordpress.org/

Drupal 7.34 is a security update.
http://drupal.org/download

ColdFusion 11.3 and 10.15 are security updates.
http://helpx.adobe.com/security/products/coldfusion/apsb14-29.html

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/