Updates 2017-11-01

Hi, Folks!

It’s not Patch Tuesday, but Apple, Microsoft, Google and more have released updates this week.

The typical computer should see approximately 2gb of updates. Let’s get started.

Microsoft released an out-of-cycle security update for Flash Player 27.0.0.183. Use Windows Update to install the most current versions.

Apple released updates for macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan, iOS 11.1, watchOS 4.1, tvOS 11.1, Safari 11.0.1, iCloud for Windows 7.1, iTunes 12.7.1 are security updates. Use the Apple App Store or Apple Software Update to install the most current versions.

iOS 11.1 is a security update. Use Settings, General, Software Update to install the most current version.

watchOS 4.1 is a security update. Use your updated iPhone to install the most current version through the Watch app.
https://support.apple.com/en-us/HT204641

tvOS 11.1 is a security update. Use Settings, General, Updates to install the most current version.

Google Chrome OS 62.0.3202.74 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 27.0.0.183 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Seagull Scientific Driver collection 2017.1 improves compatibility, reliability and more. This is not a security update.
https://www.seagullscientific.com/drivers/windows-printer-drivers/

Display Driver Uninstaller 17.0.7.7 improves cleanup, compatibility, and resolves several bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 62.0.3202.75 is a security update.

Firefox 56.0.2 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 52.4.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Line 7.14.0 improves camera integration. This is not a security update.
https://line.me/update

aria2 1.33.0 resolves several bugs and adds a couple new features. This is not a security update.
https://aria2.github.io/

MaxMind GeoIP Data 201711 is a data refresh.
https://dev.maxmind.com/geoip/geolite

IPInfoOffline 1.45 updates IP database and adds column autosizing. This is not a security update.
https://www.nirsoft.net/utils/ip_country_info_offline.html

Npcap 0.96 integrates several new Type selectors, improves memory handling, expands license. This is not a security update.
https://github.com/nmap/npcap/releases

WGet 1.19.2 is a security update.
https://eternallybored.org/misc/wget/

iCloud for Windows 7.1 is a security update. Use Apple Software Update to get the most current version.

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.7.1 is a security update. Use Apple Software Update to get the most current version.

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.5.5003 improves game management, storage options, and many cosmetic improvements. This is not a security update.
https://www.origin.com/en-us/download

PlayStation PS4 5.01 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

OpenOffice 4.1.4 is a security update. You are strongly advised to REMOVE OpenOffice and switch to LibreOffice!
https://www.openoffice.org/download/

Kindle for PC 1.21.0 Build 48017 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

Wireshark 2.4.2 is a security update.
https://www.wireshark.org/

RogueKiller 12.11.22 adds detections. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 3.1.1709.1535 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

XSplit Gamecaster 3.1.1708.2941 resolves several bugs. This is not a security update.
https://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

CDex 1.93 resolves compatibility issues. This is not a security update.
http://cdex.mu/?q=download

DVDFab 10.0.6.4 adds support for new encodings, resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.4.1.5675 resolves several bugs and upgrades components. This is not a security update.
https://www.ntlite.com/download/

1Password for Mac 6.8.3 resolves several bugs. This is not a security update.
https://1password.com/downloads/

GoodSync 10.6.5 resolves dozens of bugs, improves reliability and consistency, and improves compatibility. This is not a security update.
https://12pd.com/click?goodsync

RoboForm 8.4.3 improves stability and version compatibility. This is not a security update.
https://12pd.com/click?rf

CintaNotes 3.11 resolves several bugs and improves clicking. This is not a security update.
http://cintanotes.com/download

DesktopOK 4.85 resolves improves AutoHide behavior. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Easy2Boot 1.96 improves compatibility with some virtual images, and resolves several bugs. This is not a security update.
https://www.easy2boot.com/download/

HWMonitor 1.33 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

ImageUSB 1.3.1004 doesn’t provide a changelog, so should be treated as a security update.
https://www.osforensics.com/tools/write-usb-images.html

IsMyHdOK 1.29 improves detection. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

CurrPorts 2.36 adds auto-size columns support. This is not a security update.
https://www.nirsoft.net/utils/cports.html

WakeMeOnLan 1.82 removes an inactive menu item. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

OSForensics 5.2.1001 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

CCleaner 5.36.6278 improves cleanup and adds automatic updates. This is not a security update.
https://12pd.com/click?ccleaner

PointerStick 2.92 adds crosshair with arrows support. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

WinScan2PDF 3.71 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.15 adds MFT association, and resolves several bugs. This is not a security update.
http://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

WSUS Offline 11.0.3 resolves several bugs. This is not a security update.
http://download.wsusoffline.net/

.NET Framework 4.7.1 improves accessibility options, performance, reliability, and more. This is not a security update.
https://www.microsoft.com/net/

Java 8u151 is a security update. Consider removing Java instead of upgrading if you are not 100% sure you require it.
https://www.java.com/en/download/manual.jsp

Developer Updates

These are unlikely to be of interest to most people.

MySQL 5.7.20 is a security update.
https://www.mysql.com/downloads/installer/

SQLite 3.21.0 improves performance and resolves several bugs. This is a security update.
https://www.sqlite.org/download.html

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 5.2.0-118431 is a major update with several improvements to stability, reliability, and performance. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 4.7.5 resolves several bugs. This is not a security update.
https://www.phpmyadmin.net/news/

ScreenConnect 6.4.15083.6507 resolves dozens of bugs, improves compatibility, and adds several new features. This is not a security update.
https://www.screenconnect.com/Download

WordPress 4.8.3 is a security update.
https://wordpress.org/

Contact Form 7 4.9.1 resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 4.0.7 resolves a couple dozen bugs. This is not a security update.

Postie 1.9.10 resolves several bugs. This is not a security update.

Redirection 2.8.1 resolves several bugs. This is not a security update.

WooCommerce 3.2.2 resolves dozens of bugs and adds several features. This is not a security update.

WP Mail SMTP 0.11.1 improves compatibility with older versions of PHP. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

KRACK Attacks: Protocol Insecurity

The KRACK Attacks are a great example of why updates are important. Wireless networking has been around over 45 years with many encryption and security layers being adapted over that time. The variation most commonly in use today, Wi-Fi with WPA2, is about 13 years old. Thousands of people have reviewed the protocol documents. Vendors across the world have implemented the protocol as it was designed and it is in active daily use on billions of devices (yes, billions with a “b”). However, a relatively minor flaw in the design of the greeting/handshake allows an evil third party to essentially hijack any Wi-Fi network.

At least 6 months ago a series of vulnerabilities in all wireless protocols (including the most secure current wireless protocol, WPA2) were discovered that allowed for an evil third-party in range of your Wi-Fi network connection to emulate it and hijack your access to the connection to be able to siphon or change information between you and the Internet. These vulnerabilities also make it possible to intercept and alter “secure” traffic (such as HTTPS encrypted connections) by way of it’s MitM scope on some networks and devices.

Every vendor’s hardware that was tested was found to be vulnerable. The thing is, if they obeyed the protocol it would literally be impossible not to be vulnerable.

Several months ago the person that discovered the issue contacted different vendors to alert them of the problems and they are actively coordinating security updates this week to address them. FreeBSD patched it months ago. Microsoft patched it last Tuesday. Some Android devices have been patched over the last couple weeks, while others may never be. Security updates for ChromeOS should be released next Tuesday. Apple’s patch for iOS, macOS, tvOS and watchOS is planned for release “soon,” but every version of macOS and iOS are affected and not all are still supported (in other words – only some Apple devices will receive patches). Hardware vendors are gradually releasing updates for supported devices.

What should you do?

Patch or replace your hardware. All of your hardware: your routers, modems, phones, tablets, laptops, desktops that have Wi-Fi support, even your light bulbs and irrigation systems.

If a patch is not currently available for your hardware, hound the vendor until it is, or replace/avoid that hardware (and vendor).

If your hardware is no longer supported by the vendor you will not receive security updates to address this vulnerability. Most hardware still in use today is beyond it’s support period (aka “end of life/EOL”), so will never receive a security update to address this vulnerability or any other. Really. It’s probably time to replace that “perfectly good” wireless router you picked up “only 5 years ago” at a “helluva bargain” that “still works.” It’s annoying, but important to check the vendors site when purchasing hardware to ensure that it’s supported by them. Most vendors support their hardware only 5 to 10 years after a modem was initially released. Most people buy hardware at least half-way through this period, significantly reducing the applicable support period.

Always use TLS/SSL. If the sites you visit don’t support HTTPS, don’t use them or at least contact their webmasters to request HTTPS support.

Avoid wireless connections. Yes, really. Even if this had never occurred, understand that every wireless network is inherently insecure. Emulating your network the way the KRACK Attack operates is only one way to hijack it. There are many other risks in all forms of networking, from old, insecure, and unsupported network equipment that can be easily compromised to unmaintained and unsecureable hardware that joins the network. While a wired network generally contains all traffic within the cables that make up the network, a wireless network, by definition, broadcasts all network traffic for any evildoer within range to capture and record. While they may not be able to exploit that encrypted information today, it’s likely that similar vulnerabilities will be discovered that allow them to decrypt and abuse that information sometime in the future. Avoiding wireless connections reduces this risk.

I thought this only affected my router?

No. This vulnerability is a protocol-level issue, which means that every single wireless device in the world that was designed to obey the protocol is impacted. All of them. Patch or replace.

Many protocols have weaknesses that are eventually addressed with minor and sometimes major changes. SMTP – the protocol used to send email – didn’t require any form of authentication at any level for over 20 years! The geeks that think this stuff up are awesome, but we can’t anticipate everything.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2017-09-26

Hi, Folks!

It’s not Patch Tuesday, but Apple, Microsoft, Google and more have released updates this week.

The typical computer should see approximately 1gb of updates except macOS, which should have 6gb+. Let’s get started.

As expected, the first post-major upgrade to iOS 11 was released today to fix security issues. It’s time to install iOS 11.0.1 now.

Microsoft released updates for Windows and Edge. Use Windows Update to install the most current versions.

Apple released updates for iCloud 7.0, Xcode 9.0, Safari 11, and iTunes 12.7. This includes security updates. Use the Apple App Store or Apple Software Update to install the most current versions.

macOS 10.13 High Sierra is the next major update to macOS/OS X. This version adds several new features and resolves several bugs. This is not a security update.

macOS Server 5.4 is a security update. Use the Apple App Store to install the most current version.

iOS 11.0.1 is a security update. Use Settings, General, Updates to install the most current version. As expected, Apple released a security update to iOS 11 within three weeks of release.

watchOS 4.0.0 is a security update. Use your updated iPhone to install the most current version through the Watch app.

tvOS 11.0.0 is a security update. Use Settings, General, Updates to install the most current version.

Google Chrome OS 60.0.3112.114 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.7.5 improves NVIDIA cleanup, and resolves several bugs. This is not a security update.
http://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver Update 3.0 redesigns the user interface, integrates into the Intel support website, and resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 61.0.3163.100 is a security update. Use Menu, Help, About to install the most current version.

Opera 47.0.2631 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Evernote 6.7.5.5825 does not provide a changelog so should be treated as a security update.
http://www.evernote.com/

Media Updates

These are unlikely to be of interest to most people.

FastStone Viewer 6.4 improves Video Player and Scan Tool components, and resolves several bugs. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

iTunes 12.7 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

PlayStation PS4 4.74 improves performance. This is not a security update.
http://us.playstation.com/support/systemupdates/ps4/pc_update/index.htm

RetroPie 4.3 improves emulation, hardware support, and resolves several bugs. This is not a security update.
https://retropie.org.uk/

Technic Launcher 4/353 doesn’t provide a changelog, so should be treated as a security update.
http://www.technicpack.net/download

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 3.0.0 improves the GUI, adds 64-bit MSO support, improved logging and diagnostics, resolves many bugs and improves performance. This is not a security update.
https://www.gpg4win.org/download.html

RogueKiller 12.11.17 adds detections. This is not a security update.
http://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

Greenshot 1.2.10.6 resolves several bugs. This is not a security update.
https://github.com/greenshot/greenshot/releases

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 10.0.6.0 resolves several bugs and adds support for new encryption. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.4.1.5590 resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

1Password for Mac 6.8.2 resolves several bugs. This is not a security update.
https://1password.com/downloads/

GoodSync 10.6.0 adds OTP and DeviceId support, and resolves several bugs. This is not a security update.
https://www.goodsync.com/

Bitcoin 0.15.0.1 improves performance and reliability. This version uses blockchain addressing that is not compatible with older versions. This is not a security update.
http://bitcoin.org/en/download

CintaNotes 3.10 adds wildcard support, and resolves several bugs. This is not a security update.
http://cintanotes.com/download

GSmartControl 1.1.1 adds support for newer hardware. This is not a security update.
https://gsmartcontrol.sourceforge.io/home/index.php/About

FileLocator Pro 8.2.2741 resolves UNC performance and expression support and fixes a an installation bug. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

BulkFileChanger 1.51 adds option to display different time and date options based on user selected values. This is not a security update.
http://www.nirsoft.net/utils/bulk_file_changer.html

CurrPorts 2.35 improves GUI for IPv6 addresses. This is not a security update.
http://www.nirsoft.net/utils/cports.html

TcpLogView 1.30 improves GUI for IPv6 addresses. This is not a security update.
http://www.nirsoft.net/utils/tcp_log_view.html

CCleaner 5.35.6210 is a security update. You’re better off removing CCleaner and any other registry and cookie “cleaner” applications. They often do more harm than good even when they work as intended.
https://12pd.com/click?ccleaner

Recover Keys 10.0.4.196 adds several new features, new applications, and CLI improvements. This is not a security update.
http://recover-keys.com/en/download.html

WizTree 3.11 adds zoom support and several other options. This is not a security update.
http://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

Developer Updates

These are unlikely to be of interest to most people.

DB Browser for SQLite 3.10.1 resolves several bugs, including removal of a forced reboot after installation on Windows. This is not a security update.
http://sqlitebrowser.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 5.1.28-117968 resolves several bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

MailEnable 9.77 updates included libraries. This is not a security update.
https://www.mailenable.com/

TinyMCE 4.6.7 resolves several bugs. This is not a security update.
http://www.tinymce.com/download/

WordPress 4.8.2 is a security update.
https://wordpress.org/

Akismet 4.0 resolves several bugs and improves compatibility with the latest version of WordPress. This is not a security update.

Email Log 2.1.0 resolves several bugs. This is not a security update.

myStickymenu 2.0.1 resolves several bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 3.8.8 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2017-07-25

Hi, Folks!

It’s not Patch Tuesday, but Apple, Microsoft, Google and more have released updates this week.

The best technology news of the century was released today. Perhaps the millennium. In about 3 years Adobe will finally discontinue support for Flash, effectively removing the largest bulls-eye from your computer. As an end-user, are you still using Flash — or do you only think you’re still using Flash?

The typical computer should see approximately 400mb of updates. Let’s get started.

Microsoft released updates for Windows and .NET. Use Windows Update to install the most current versions.

Apple released updates for macOS 10.12.6, OS X Security Update 2017-003, Safari 10.1.2, iCloud for Windows 6.2.2, iTunes 12.6.2, and Wi-Fi Update for Boot Camp 6.1. This includes security updates. Use the Apple App Store or Apple Software Update to install the most current versions.

Apple iOS 10.3.3, tvOS 10.2.2, and watchOS 3.2.2 are security updates. Use Settings, General, Updates to install the most current versions.

Google Chrome OS 59.0.3071.134 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.7.0 resolves a launch bug. This is not a security update.
http://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver Update 2.8.2 improves detections and adds support for certain BIOS updates. This should be treated as a security update.
https://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Chrome 60.0.3112.78 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Java 8u141 is a security update. If you do not have Java installed, or are not sure if you need it, remove it instead.
http://www.java.com/en/download/manual.jsp

DiscordApp 7.21.17 improves automation, spam filtering, various GUI fixes, and more. This is not a security update.
https://discordapp.com/download

Trillian 6.0.0.61 is a security update.
https://www.trillian.im/

FileZilla 3.27.0.1 is a security update.
http://filezilla-project.org/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.6.2 is a security update. Use Apple Software Update to install the most current version.

iCloud for Windows 6.2.2 is a security update. Use Apple Software Update to install the most current version.

MPC HC 1.7.13 updates libraries and now enforces minimum SSE2 support. This should be treated as a security update.
https://mpc-hc.org/downloads/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.4.14.21968 improves throttling support, keyboard navigation, and resolves many bugs. This is not a security update.
https://www.origin.com/en-us/download

PlayStation PS4 4.72 improves performance. This is not a security update.
http://us.playstation.com/support/systemupdates/ps4/pc_update/index.htm

Office Updates

One or more of these are likely to be of interest to most people.

Paint.net 4.0.17 improves performance and resolves several bugs. This is not a security update.
http://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

Avast! Home Edition 17.5.2303 doesn’t provide a detailed changelog so should be treated as a security update.
http://www.avast.com/free-antivirus-download

Wireshark 2.4.0 adds support for new protocols, new utility integration, improved UI, bug fixes and more. This should be treated as a security update.
http://www.wireshark.org/

RogueKiller 12.11.8 resolves several bugs. This is not a security update.
http://www.adlice.com/softwares/roguekiller/

Converter Updates

These are unlikely to be of interest to most people.

CDex 1.89 improves output encoding support, ID3 handling, and resolves bugs. This is not a security update.
http://cdex.mu/?q=download

DVDFab 10.0.4.8 adds Copy Source support, improves conversion, adds support for new encodings, and resolves several bugs. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password for Mac 6.8 improves organization, clipboard assignment, improved Chrome support, and resolves several bugs. This is a security update.
https://1password.com/downloads/

RoboForm 8.3.9 resolves several bugs, improves High-DPI support, and improves autosave and submission for scripted forms. This is not a security update.
http://12pd.com/click?rf

Carbonite 6.3 replaces the restore GUI, improves usability, various restoration changes. This is not a security update.
https://account.carbonite.com/

Cygwin 2.8.2 resolves several bugs and adds new APIs: fls, flsl, flsll. This is not a security update.
http://cygwin.com/

Easy2Boot 1.94 resolves several bugs and adds utilities for managing partition assignments. This is not a security update.
http://www.easy2boot.com/download/

SimpleWMIView 1.32 adds quick filtering. This is not a security update.
http://www.nirsoft.net/utils/simple_wmi_view.html

WakeMeOnLan 1.80 improves visual feedback and resolves a network detection bug. This is not a security update.
http://www.nirsoft.net/utils/wake_on_lan.html

WSUS Offline 11.0.1 updates sepersedence and obsolescence lists, and resolves several bugs. This is a security update.
http://download.wsusoffline.net/

Sysmon 6.03 resolves a stability bug. This is not a security update.
http://sysinternals.com/

Developer Updates

These are unlikely to be of interest to most people.

MySQL 5.7.19 resolves several bugs. This is a security update.
http://www.mysql.com/downloads/installer/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 5.1.24-117012 resolves many bugs and improves reliability. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

ModSecurity 2.9.2 resolves dozens of bugs and improves stability. This is a security update.
https://github.com/SpiderLabs/ModSecurity/releases

Joomla 3.7.4 is a security update.
http://www.joomla.org/

phpMyAdmin 4.7.3 resolves several bugs. This should be treated as a security update.
http://www.phpmyadmin.net/home_page/news.php

Akismet 3.3.3 improves resource consumption, resolves several bugs. This is not a security update.

bbPress 2.5.13 improves support for post_parent__in queries. This is not a security update.

Contact Form 7 4.8.1 resolves several bugs. This is not a security update.

Multisite Enhancements 1.4.0 adds SSL identification for sites. This is not a security update.

Postie 1.9.2 resolves bugs. This is not a security update.

Redirection 2.6.5 implements React on groups page. This is not a security update.

Widgets on Pages 1.1.1 removes TurboSidebars from Search results. This plugin is still incompatible with some sites and servers.

WooCommerce 3.1.1 resolves many bugs and improves UI. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2017-05-16

Hi, Folks!

It’s not Patch Tuesday, but Apple, Microsoft, Adobe, Google, and more have released updates today.

If you haven’t heard of “WannaCry” then you’re living under a rock. WannaCry is the closest current equivalent to the Code Red worm in the last 15 years. This ransomware uses a known vulnerability for which a patch had been released (three months ago!), to infect computers, encrypt their contents and the contents of network locations, and sell access back to the victim – while also infecting other vulnerable network devices. If you’ve installed your updates within the last three months you’re not vulnerable to the specific network-level vulnerability in SMB that it uses to propagate, but that doesn’t mean you can safely open phishing messages, email attachments or random downloads. The UK NHS was hit hard by this malware primarily because they take almost 6 months to patch their PC hardware that they do support. Some single-purpose devices (MRI machines, for example) are simply never maintained, but are still granted network access. Sigh. Don’t do that.

The vulnerability exploited by WannaCry was first divulged by Shadow Brokers when they released a trove of hacking tools created and used by the NSA. In fact, one of the tools WannaCry utilizes is the same ETERNALBLUE exploit directly from the NSA toolset. This is not a coincidence. These tools were written specifically to be universally effective and able to be repurposed at will for additional access. It should come as no surprise that when a government agency is hacked, the tools they created are released and the public suffers as a result.

If a positive side to this event can exist, it’s that Microsoft actually released a security update for Windows XP to address the vulnerability. Since XP has been End-of-Life for years, this is really surprising.

The lesson everyone should take from this event, but particularly businesses and government agencies, is that the turnaround time for malware authors is much lower than they think. Delaying or even ignoring security updates because “it won’t happen to us” is foolhardy at best and welcomes disaster. You should have sufficient skilled IT staff to be able to fully test and roll out any security updates within days, not months. If that’s not possible, you should at least hire a good PR firm and have the releases prepared in advance so you can spin your incompetence in the news when you are inevitably hacked later.

Okay, back to our regularly scheduled program.

The typical computer should see approximately 300mb of updates. Let’s get started.

Microsoft released updates for Windows and .NET, including Windows XP!

Apple released macOS 10.12.5, Security Update 2017-002, iTunes 12.6.1, Safari 10.1.1, and iCloud for Windows 6.2.1. Use the Apple App Store or Apple Software Update to install the most current versions.

Apple iOS 10.3.2, watchOS 3.2.2 (and 3.2.1), and tvOS 10.2.1 are security updates. Use Settings, General, Updates to install the most current version.

Google Chrome OS 58.0.3029.112 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 7.36.0.101 improves quality and resolves several bugs. This version also imposes a requirement for a newer MSVCRT, which may trigger problems on any OS prior to the Windows 10 Creators Update (1703). If you receive an MSVCRT error upon running Skype after updating, download the current version of the MSVCRT.
https://12pd.com/click?skype

BrowsingHistoryView 2.05 adds ability to load history from remote device when full admin rights exist to remote device.
http://www.nirsoft.net/utils/browsing_history_view.html

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.6.1 is a security update. Use Apple Software Update to install the most current version.

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 7.4 adds document peeking, bug fixes, and reliability improvements.
https://12pd.com/click?npp

Security Software Updates

One or more of these is likely to be of interest to most people.

Wireless Network Watcher 2.12 improves reliability on devices with multiple wireless network adapters. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 12.10.9 adds detections. This is not a security update.
http://www.adlice.com/softwares/roguekiller/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 10.0.3.9 adds support for newer protections, incorporates BDInfo. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

GSmartControl 0.9.0 resolves several bugs, improves reliability and stability, adds newer hardware support, and improves drive type detection. This is not a security update.
http://gsmartcontrol.sourceforge.net/home/index.php/

Everything 1.4.1.873b resolves several bugs, and adds pause/resume capability. This is not a security update.
http://www.voidtools.com/

CCleaner 5.30.6063 improves cleaning, SSD detection, and resolves several bugs. This is not a security update.
https://12pd.com/click?ccleaner

Rufus 2.15 improves compatibility with Windows 10 v1703, updates libraries, resolves several bugs. This should be treated as a security update.
http://rufus.akeo.ie/

WinScan2PDF 3.46 improves hardware support. This is not a security update.
http://www.softwareok.com/?seite=Microsoft/WinScan2PDF

ProcDump 9.0 adds multiple dump sizes, and Kernel Dump process association. This is not a security update.
http://sysinternals.com/

Autoruns 13.71 adds Microsoft HTML Application Host (mshta.exe) as hosting image so it displays the hosted image details, and now doesn’t apply filters to hosting images. This is not a security update.
http://sysinternals.com/

BgInfo 4.22 honors applocker policy for VB scripts specified as the source of field data. This is not a security update.
http://sysinternals.com/

LiveKd 5.62 is now signed with a certificate trusted by Win7. This is not a security update.
http://sysinternals.com/

Process Monitor 3.33 resolves several bugs, and is now signed with certificate trusted by Win7. This is not a security update.
http://sysinternals.com/

Process Explorer 16.21 resolves a bug with VT support, and is now signed with a certificate trusted by Win7. This should be treated as a security update.
http://sysinternals.com/

Web Package Updates

These are likely to be of interest only to web developers.

SMF 2.0.14 is a security update. This version also changes PHP requirements, so if the upgrade will not complete try upgrading PHP first then upgrade SMF.
http://download.simplemachines.org/

TinyMCE 4.6.1 resolves several bugs. This is not a security update.
http://www.tinymce.com/download/

WordPress 4.7.5 is a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/