Updates 2017-03-14

Hi, Folks!

It’s Patch Tuesday. This month brings the Vault 7 data dump, which exposed the machinations of a state-sponsored hacking organization with access to functional exploits for over a thousand applications and every popular operating system for both desktop and mobile. It’s a big deal. Vendors are ramping up their responses to address these exposed vulnerabilities so we can expect to see several out-of-cycle updates in the near future.

Microsoft released their delayed Windows patches, as well as more than a dozen updates to address new issues in Windows, Edge, Internet Explorer, Office, Silverlight, Windows DVD Maker, Microsoft Graphics, Windows Media Player, Microsoft XML Core Services, Microsoft Uniscribe, SMB Server, Hyper-V, Internet Information Services, Active Directory Federation Services and MSRT (~1.3gb). This includes security updates. A reboot is required.

Apple released updates for Logic Pro X 10.3.1, GarageBand 10.1.6 and Apple Remote Desktop 3.9 Client. This includes security updates. Use Apple Software Update to install the most current versions.

Google Chrome OS 56.0.2924.110 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 25.0.0.127 is a security update. Flash is being actively replaced with HTML5 on most sites and services, however, so unless you’re 110% positive you need it for critical functions, you should remove it instead. And, within those browsers that have it embedded (Chrome, Edge, Internet Explorer 11+) your best option is to disable it. It’s just not worth the risk.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Adobe AIR 25.0.0.134 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If youโ€™re using this hardware โ€“ these updates are for you.

Seagull Scientific printer drivers 7.4.3 resolves bugs, adds Package Aware support, and support for over 270 new models of printers. This is not a security update.
http://www.seagullscientific.com/drivers/

BullZip PDF Printer 11.1.0.2600 corrects several cosmetic issues. This is not a security update.
http://www.bullzip.com/products/pdf/info.php#download

Display Driver Uninstaller 17.0.6.0 improves cleanup. This is not a security update.
http://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver Update 2.7.1 resolves several bugs. This is not a security update.
http://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 57.0.2987.98 is a security update. Use Menu, Help, About to install the most current version.

Firefox 52.0 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.00 adds message delivery time. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 45.8.0 is a security update.
http://www.mozilla.org/en-US/thunderbird/

Internet Updates

One or more of these are likely to be of interest to everyone.

Adobe Shockwave 12.2.7.197 is a security update. You’re far better off removing Shockwave than updating it.
https://12pd.com/click?shockwave

Line 7.1.0 adds mention support and 360-degree photos. This is not a security update.
http://line.me/update

Trillian 6.0.0.58 is a security update.
https://www.trillian.im/

curl 7.53.1 is a security update.
http://winampplugins.co.uk/curl/

WinSCP 5.9.4 is a security update.
http://winscp.net/eng/index.php

uTorrent 3.4.9 Build 43388 adds Game Store. This is not a security update.
http://www.utorrent.com/downloads

FileZilla 3.25.0 is a security update.
http://filezilla-project.org/

MaxMind GeoIP 201703 is a data refresh. This is not a security update.
http://dev.maxmind.com/geoip

PuTTY 0.68 is a security update.
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

WGet 1.19.1 is a security update.
https://eternallybored.org/misc/wget/

Media Updates

These are unlikely to be of interest to most people.

FastStone Viewer 6.2 resolves several bugs, adds a couple new features. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

MPC HC 1.7.11 updates libraries, improves stability and subtitles, and adds other features. This is a security update.
https://mpc-hc.org/downloads/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.4.5.25153 fixes several bugs. This is not a security update.
https://www.origin.com/en-us/download

PS4 4.50 adds the ability to install or move applications from USB 3.0 storage, notification and Remote Play improvements, and more. This is not a security update.
http://us.playstation.com/support/systemupdates/ps4/pc_update/index.htm

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 6.0.1 adds support for high-DPI, brush, filter and tool improvements, and resolves bugs. This is not a security update.
http://www.artweaver.de/

Notepad++ 7.3.3 is a security update.
https://12pd.com/click?npp

SketchUp 17.2.2555 resolves several bugs and crashes. This is not a security update.
http://www.sketchup.com/

Kindle for PC 1.19.3 Build 46099 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 2.11 is a security update.
https://tails.boum.org/install/index.en.html

Bitmessage 0.6.2 is a security update.
https://12pd.com/click?bitmessage

OpenSSL 1.1.0e is a security update.
https://www.openssl.org/

Avast! Home Edition 17.2.2288 is a security update.
http://www.avast.com/free-antivirus-download

Wireshark 2.2.5 is a security update.
https://www.wireshark.org/

Hashcat 3.40 adds support for several new protocols and many bugfixes. This is not a security update.
http://hashcat.net/hashcat/#downloadlatest

MSRT 5.46 is a security update.
http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

SmartSniff 2.27 improves GUI. This is not a security update.
http://www.nirsoft.net/utils/smsniff.html

Wireless Network Watcher 2.10 adds export on timer support. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 12.10.0 is a security update.
http://www.adlice.com/softwares/roguekiller/

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 2.9.1701.1616 fixes a couple bugs. This is not a security update.
http://www.xsplit.com/get/

XSplit Gamecaster 2.9.1701.1610 adds several new export and streaming providers, and fixes a dozen bugs. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

CDex 1.83 updates libraries. This is a security update.
http://cdex.mu/?q=download

Win32 Disk Imager 1.0.0 updates libraries and resolves several bugs. This is a security update.
http://sourceforge.net/projects/win32diskimager/

DVDFab 10.0.2.8 adds support for new encodings, many bug fixes, and new features. This is not a security update.
http://www.dvdfab.cn/download.htm

MKVToolNix 9.9.0 resolves several bugs and offers GUI improvements. This is not a security update.
http://www.videohelp.com/software/MKVtoolnix

Utility Updates

These are unlikely to be of interest to most people.

GoodSync2Go 10.3.8 provides service updates, stability improvements and resolves bugs. This is not a security update.
https://12pd.com/click?goodsync

RoboForm 8.3.0 improves installer, GUI, and updates XPIs. This is a security update.
https://12pd.com/click?rf

Bitcoin 0.14.0 resolves many bugs. This is not a security update.
http://bitcoin.org/en/download

LessMSI 1.6.0 adds OLE Streams support. This is not a security update.
http://lessmsi.activescott.com/

SimpleWMIView 1.25 adds quick-filters. This is not a security update.
http://www.nirsoft.net/utils/simple_wmi_view.html

CCleaner 5.28.6005 improves cleanup. This is not a security update.
https://12pd.com/click?ccleaner

DesktopOK 4.62 adds desktop-to-foreground support and icon size support. This is not a security update.
http://www.softwareok.com/?seite=Freeware/DesktopOK

Kingston SSD Manager 1.0.1.8 does not provide a changelog so should be treated as a security update.
http://www.kingston.com/us/support/technical/ssdmanager

Agent Ransack 2016.867 improves security and resolves bugs.
http://mythicsoft.com/agentransack/download

FileLocator Pro 8.1.2714 adds a new expression editor, improved command line support, bug resolution, and improved security.
http://www.mythicsoft.com/filelocatorpro/download

NTLite 1.2.1.4916 resolves crashes, reliability, new OS build support, and a few other fixes. This is not a security update.
https://www.ntlite.com/download/

CurrPorts 2.31 adds support for closing a specific process via the command line.
http://www.nirsoft.net/utils/cports.html

FolderChangesView 2.10 improves automatic export feature by serializing export files. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html

SearchMyFiles 2.81 resolves global search bugs. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

WifiInfoView 2.20 adds indicator for connected status. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

Sysmon 6.0 adds event schema, event monitoring for configuration changes, native registry paths, and additional named pipe events. This is a security update.
http://sysinternals.com/

Autoruns 13.7 adds several new locations to tracking details and improved high-DPI support. This is a security update.
http://sysinternals.com/

AccessChk 6.1 adds process trust access control entries and token security attributes. This is a security update.
http://sysinternals.com/

Process Monitor 3.32 improves high-DPI support, and re-signs libraries. This is a security update.
http://sysinternals.com/

Process Explorer 16.2 fixes a Wow64 bug, improves high-DPI support, and re-signs libraries. This is a security update.
http://sysinternals.com/

LiveKd 5.61 re-signs libraries. This is a security update.
http://sysinternals.com/

BgInfo 4.21 fixes 64-bit support. This is not a security update.
http://sysinternals.com/

SystemRescueCD 4.9.3 is a security update.
http://www.sysresccd.org/

WinScan2PDF 3.39 improves reliability with certain hardware. This is not a security update.
http://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 5.1.16-113841 resolves a couple dozen bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

VMware Player 12.5.3 resolves several bugs. This is not a security update.
http://www.vmware.com/products/player/

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.5.46 is a security update.
http://coppermine-gallery.net/

ownCloud Client 2.3.0 upgrades libraries, resolves dozens of bugs, improves security. This is a security update.
https://owncloud.org/install/

TinyMCE 4.5.5 resolves several bugs. This is not a security update.
http://www.tinymce.com/download/

MailEnable 9.62 resolves several bugs. This is not a security update.
http://www.mailenable.com/

WordPress 4.7.3 is a security update.
http://wordpress.org/

Akismet 3.3 resolves several bugs. This is not a security update.

Anti-Splog 2.2.1 updates Recaptcha support. This is not a security update.

BuddyPress 2.8.2 is a security update.

Contact Form 7 4.7 adds new hooks and events. This is not a security update.

Multisite Enhancements 1.3.8 resolves a couple bugs. This is not a security update.

NextScripts Social Networks Auto-Poster 3.7.16 resolves several bugs. This is not a security update.

Postie 1.8.33 is a security update.

Theme My Login 6.4.9 resolves stability bug. This is not a security update.

WP Add Custom CSS 1.0.1 resolves an SSL bug. This is not a security update.

WPtouch 4.3.13.1 resolves several bugs. This is not a security update.
That’s all for now folks. Keep it clean out there. ๐Ÿ˜‰

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2016-06-14

Hi, Folks!

It’s Patch Tuesday. Quite often you’ll read my posts about what needs to be updated and when, but this month I’d like to take the opportunity to remind you to remove stuff. If you’re not using it, remove it. If you don’t need it, remove it. If you aren’t sure whether you need something, chances are good you don’t, so remove it. You can almost always reinstall whatever you remove, so if you’re not sure, ask your IT guy (or me) and *then* you can remove it.

One of the primary principles of security is to “reduce the attack surface.” What this means is to make yourself a smaller target for attackers in order to avoid at least some of the attacks that might otherwise get through. Installing regular updates is the most important thing you can do, but removing unsupported software is a very close second. Beyond these two principles are several other behavioral changes (user education) which can make the difference between victim and victor.

Here’s a couple examples of recent software where the vendor will no longer support it, and the risk of leaving it on is too great:

IBM/Lenovo has discovered a security vulnerability in their Lenovo Accelerator Application, and instead of releasing an update to it they advise all users remove it immediately.
https://support.lenovo.com/us/en/product_security/len_6718

This is a good time to remind you that Apple QuickTime for Windows is also unsupported and has known security vulnerabilities. If you have it installed, remove it, now!
https://saferpc.info/2016/04/on_the_death_of_quicktime/

Now back to Patch Tuesday…

The typical computer should see roughly 1.5gb in updates today. Let’s get started.

Microsoft released updates to Windows, Office, Edge, Internet Explorer, .NET, DNS, Group Policy, SMB Server, Netlogon, WPAD, Kernel drivers, Exchange, Windows PDF, Active Directory, Windows Diagnostic Hub, and Windows Search (~1.2gb). This includes security updates. A reboot is required.
http://update.microsoft.com/

Apple released updates for OS X El Capitan 10.11.5, Safari 9.1.1, tvOS 9.2.1, watchOS 2.2.1, iOS 9.3.2, iTunes 12.4.1, AirPort Base Station 7.7.7 and Brother Printer drivers. These are security updates. Use Apple Software Update to install these updates. A reboot is required.

Be aware that while iOS 9.3.2 is released, there are known problems with it bricking certain hardware. Caveat Emptor!
http://www.forbes.com/sites/gordonkelly/2016/05/16/apple-ios-9-3-2-ipad-pro-problems/#6646f5f05db7

Adobe AIR 21.0.0.215 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Adobe Flash Player 21.0.0.242 is a security update. Another Flash security update will be released this week.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If youโ€™re using this hardware โ€“ these updates are for you.

Display Driver Uninstaller 16.0.0.2 fixes a couple bugs. This is not a security update.
http://www.wagnardmobile.com/DDU/

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 51.0.2704.84 is a security update. Use Menu, Help, About to get the most current version.

Firefox 47.0 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.21 is a cosmetic update. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

OutlookAttachView 2.93 is a cosmetic update. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 45.1.0 is a security update. Use Menu, Help, About to get the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 7.24.0.104 is not a security update.
https://12pd.com/click?skype

WGet 1.18 is a security update.
https://eternallybored.org/misc/wget/

aria2 1.23.0 fixes several bugs. This is not a security update.
https://aria2.github.io/

curl 7.49.1 is a security update.
http://winampplugins.co.uk/curl/

DynDNS Updater 5.3.1 fixes a couple bugs. This is not a security update.
https://www.dyndns.com/

Dropbox 4.4.29 is the first stable update in the new major release. Dropbox doesn’t provide a detailed changelog, so this should be treated as a security update.
https://12pd.com/click?dropbox

Evernote 6.1.2.2292 fixes several bugs and adds Quick Search, improved switching and zoom. This is not a security update.
http://www.evernote.com/

FileZilla 3.18.0 fixes several bugs. This is not a security update.
http://filezilla-project.org/

MaxMind GeoIP Data 201606 updates geolocation data. This is not a security update.
http://dev.maxmind.com/geoip/

DNSDataView 1.46 adds select-all support. This is not a security update.
http://www.nirsoft.net/utils/dns_records_viewer.html

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.5.7.6139 updates libraries, new default behaviors. This is not a security update.
http://cdburnerxp.se/

FastStone Viewer 5.7 fixes several bugs. This is not a security update.
http://www.faststone.org/FSViewerDetail.htm

iTunes 12.4.1 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Battle.net Client 20160520 removes Windows XP support (!) so be aware that your games will no longer run on your older hardware.
http://us.battle.net/en/app/

Minecraft 1.10 adds polar bear, Husk, Stray, auto-jump, structure blocks, underground fossils, Magma block, Nether Wart and Red Nether bricks, and much more. This is not a security update.
http://www.minecraft.net/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe has released security updates to Creative Cloud Desktop Application, DNG Software Development Kit (SDK), Brackets, and Cold Fusion.
https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html
https://helpx.adobe.com/security/products/dng-sdk/apsb16-19.html
https://helpx.adobe.com/security/products/brackets/apsb16-20.html

LibreOffice 5.1.3 fixes several bugs. This is not a security update.
http://www.libreoffice.org/

Notepad++ 6.9.2 adds log monitoring. This is not a security update.
https://12pd.com/click?npp

Adobe Reader DC 15.016.20045 is a security update.
http://get.adobe.com/reader

Kindle for PC 1.16.0 Build 44025 doesn’t provide a changelog, so should be treated as a security update.
http://www.amazon.com/kindleforpc

Security Software Updates

One or more of these is likely to be of interest to most people.

Wireshark 2.0.4 fixes several bugs. This is a security update.
http://www.wireshark.org/

RogueKiller 12.3.3 adds themes, detections, and stability problems. This is a security update.
http://www.adlice.com/softwares/roguekiller/

Symantec Anti-Virus 20151.1.1.4 is a security update.

SuperAntiSpyware 6.0.1220 updates detection. This is not a security update.
http://www.superantispyware.com/download.html

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 13.0.0 adds several new features. This is not a security update.
http://download.techsmith.com/snagit/enu/snagit.exe

XSplit Broadcaster 2.7.1602.2244 is a security update.
http://www.xsplit.com/get/

XSplit Gamecaster 2.7.1602.1938 is a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 9.3.0.4 is a security update.
http://www.dvdfab.cn/download.htm

MKVToolNix 9.2.0 doesn’t provide a detailed changelog, so should be treated as a security update.
http://www.videohelp.com/software/MKVtoolnix

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.1.0.3960 updates drivers and fixes bugs. This is not a security update.
https://www.ntlite.com/download/

SpaceSniffer 1.3.0.1 improves performance and fixes bugs. This is not a security update.
http://www.uderzo.it/main_products/space_sniffer/

7-Zip 16.02 add multi-volume zip support and fixes bugs. This is not a security update.
http://www.7-zip.org/

RoboForm 7.9.19 fixes several bugs and improves performance. This is not a security update.
https://12pd.com/click?rf

CintaNotes 3.1.4 fixes several bugs. This is not a security update.
http://cintanotes.com/download

iExplorer 3.9.6.0 fixes several bugs. This is not a security update.
https://www.macroplant.com/iexplorer/

FileLocator Pro 8.0.2657 fixes several bugs. This is not a security update.
http://www.mythicsoft.com/filelocatorpro/download

FolderChangesView 1.90 adds auditory feedback and autocomplete support. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html

NirCmd 2.81 fixes bugs. This is not a security update.
http://www.nirsoft.net/utils/nircmd.html

SearchMyFiles 2.71 fixes several bugs and adds several new features. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

SimpleWMIView 1.17 adds several new features. This is not a security update.
http://www.nirsoft.net/utils/simple_wmi_view.html

WifiInfoView 2.05 adds a cosmetic change. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

CCleaner 5.18.5607 fixes several bugs. This is not a security update.
https://12pd.com/click?ccleaner

Recuva 1.53.1087 improves partition support and fixes bugs. This is not a security update.
https://12pd.com/click?recuva

Rufus 2.9 adds support for new partition structures, fixes several bugs. This is not a security update.
http://rufus.akeo.ie/

SystemRescueCD 4.7.3 is a security update.
http://www.sysresccd.org/

TaskSchedulerView 1.21 adds export encoding support. This is not a security update.
http://www.nirsoft.net/utils/task_scheduler_view.html

TeamViewer 11.0.59518 fixes several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WizTree 2.01 fixes a restart loop bug. This is not a security update.
http://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

8GadgetPack 19.0 fixes several bugs. This is not a security update.
http://8gadgetpack.net/

HWMonitor 1.29 adds support for newer hardware. This is not a security update.
http://www.cpuid.com/softwares/hwmonitor.html

Connectify Hotspot 2016.4 is a stability fix. This is not a security update.
http://www.connectify.me/

Developer Updates

These are unlikely to be of interest to most people.

MySQL 5.7.13 is a security update.
http://www.mysql.com/downloads/installer/

StrawberryPerl 5.24.0.1 updates to core Perl and bug fixes. This is not a security update.
http://strawberryperl.com/

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.2.5 is a security update.
http://www.adminer.org/en/

Coppermine Gallery 1.5.42 is a security update.
http://coppermine-gallery.net/

ownCloud Client 2.2.1 fixes several bugs. This is not a security update.
https://owncloud.org/install/

ColdFusion 2016.2, 11.9 and 10.20 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb16-22.html

phpList 3.2.5 is a security update.
http://www.phplist.com/download

Plupload 2.1.9 is a security update.
http://www.plupload.com/

TinyMCE 4.3.13 fixes several bugs. This is not a security update.
http://www.tinymce.com/download/

WP Update Server 20160611 fixes several bugs. This is not a security update.
https://github.com/YahnisElsts/wp-update-server

Drupal 8.1.2 does not provide a detailed changelog, so should be treated as a security update.
http://drupal.org/download

jQuery 3.0 is a new major release adding several new features and the end-of-life of previous versions 1.12.4 and 2.2.4, which will now only receive critical updates.
http://blog.jquery.com/

MailEnable Enterprise 9.13 fixes several bugs. This is not a security update.
http://www.mailenable.com/

phpMyAdmin 4.6.2 is a security update.
http://www.phpmyadmin.net/home_page/news.php

ScreenConnect 5.6.10870.6001 adds dozens of new features and bug fixes. This is not a security update.
http://www.screenconnect.com/Download

BuddyPress 2.5.3 fixes several bugs. This is not a security update.

Multisite Enhancements 1.3.5 improves site detection. This is not a security update.

Theme My Login 6.4.5 fixes several bugs and updates requirements. This is not a security update.

WP Edit 3.8.1 fixes several bugs. This is not a security update.

WPtouch 4.1.4 fixes several bugs and updates libraries. This is not a security update.

WooCommerce 2.6.0 fixes many bugs, adds new features and improvements. This is not a security update.

That’s all for now folks. Keep it clean out there. ๐Ÿ˜‰

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2016-01-12

Hi, Folks!

It’s Patch Tuesday! The typical computer should see roughly 250mb in updates today. Let’s get started.

If you’re still running Windows 8 (not 8.1), you will no longer receive Windows updates. You MUST install 8.1 to continue to receive security updates for Windows.

Today is the last day for updates to “older” versions of Internet Explorer. Historically, this means that a critical security issue will be discovered and exploited as early as tomorrow. Upgrade Internet Explorer to the latest version supported by your operating system NOW. Yes, this means you’ll lose DQSD. ๐Ÿ™ Even if you’re not using Internet Explorer as your primary browser, many applications including Office, Windows Explorer and third party components will still utilize Internet Explorer “under the hood”. Thus, whether you want it or not, you MUST install the current version to ensure you continue to receive security updates that *do* impact you.

Windows 10 will be switched from an “optional” update to an “important” update for Windows 7 and Windows 8.1 today, which means that it will attempt to automatically install whenever you install updates (and sometimes just for fun at 3am) and will also download (3gb+!) whether or not you plan to install it.

The privacy controls for some features are buried in places most people won’t look, and the defaults for some options are very insecure. The delay and potential issues you may experience from neglecting to either update or block the update can have serious repercussions.

My recommendation is to make some time to install Windows 10 as soon as possible. Typically the installation will take between 2 and 6 hours, with no ability to do other things on your computer while it’s installing. During installation you will be prompted with several option pages to enable/disable options and features. Disable them all. Yes, every single one. Uncheck every box and slide every slider “off”. Immediately after installation disable Cortana’s web-integration functionality, then go to All Settings and review every single option. If you have problems with Windows 10, you can revert to your existing OS.

If you are running software that’s not compatible with Windows 10, or need to prevent the installation for some other reason (such as my wife’s patented “I don’t wanna”) then your best option is to use GWX Control Panel to block the icon and disable OS upgrades (the first two options).

Now back to our regular patch notes.

Microsoft released 18 updates to address vulnerabilities in Windows, Edge, Internet Explorer, MS Office, MSRT, Silverlight, Visual Basic, and Windows Live Essentials (~125mb). This includes security updates. A reboot is required.
http://update.microsoft.com/

Apple released updates for OS X, QuickTime and iTunes to address security vulnerabilities. Use Apple Software Update to install these updates. A reboot is required.

Adobe AIR 20.0.0.233 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Adobe Flash Player 20.0.0.270 are security updates.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If youโ€™re using this hardware โ€“ these updates are for you.

Display Driver Uninstaller 15.7.3.0 fixes several bugs. This is not a security update.
http://www.wagnardmobile.com/DDU/downloads.html

Ext2IFS 1.12 adds hibernate support and improves stability. This is not a security update.
http://www.fs-driver.org/

Intel Driver Update 20151221 improves hardware support. This is not a security update.
http://www.intel.com/p/en_US/support/detect

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 47.0.2526.110 is a security update. Use Menu, About to install the most current version.

Firefox 43.0.4 is a security update. Use Help, About to install the most current version. If you have an older version you may need to repeat this process until you get to the current release.

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 2.87 adds the ability to append to log files. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 38.5.0 is a security update. Use Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Adobe Shockwave 12.2.3.183 is a security update. Instead of updating, please consider removing Shockwave!

Silverlight 5.1.41105 is a security update.
http://www.microsoft.com/getsilverlight/

QuickTime 7.7.9 is a security update. Use Apple Software Update to install the most current version.

Skype 7.18.0.103 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?skype

Trillian Mac 3.3.0.24 fixes an echo bug. This is not a security update.
https://www.trillian.im/

Dropbox 3.12.6 fixes a couple bugs. This is not a security update.
https://12pd.com/click?dropbox

Nmap 7.01 fixes over a dozen bugs. This is not a security update.
http://nmap.org/

uTorrent 3.4.5 Build 41628 fixes several bugs and adds ad-free premium support. This is not a security update.
http://www.utorrent.com/downloads

IPInfoOffline 1.42 updates the included IP country database. This is not a security update.
http://www.nirsoft.net/utils/ip_country_info_offline.html

WGet 1.17.1 is a security update.
https://eternallybored.org/misc/wget/

Media Updates

These are unlikely to be of interest to most people.

Plex Media Server 0.9.14.6.1620 fixes several bugs and improves Sync and iOS/Apple TV support. This is not a security update.
https://plex.tv/downloads/1/archive

iTunes 12.3.2 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

EA Origin 9.11.2.10120 fixes several bugs. This is not a security update.
https://www.origin.com/en-us/download

PlayStation PS3 4.76 improves stability. This is not a security update.
http://us.playstation.com/support/systemupdates/ps3/pc_update/index.htm

PlayStation PS4 3.11 improves stability. This is not a security update.
http://us.playstation.com/support/systemupdates/ps4/pc_update/index.htm

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 6.8.8 fixes a couple bugs. This is not a security update.
https://12pd.com/click?npp

Paint.net 4.0.9 fixes quite a few crash bugs and improves quality and performance. This should be treated as a security update.
http://www.getpaint.net/

Krita 2.9.10.0 doesn’t provide a changelog, so should be treated as a security update.
https://krita.org/download/krita-desktop/

LibreOffice 5.0.4 fixes many bugs and improves stability. This is not a security update.
http://www.libreoffice.org/

Scribus 1.4.6 doesn’t yet have a changelog, so should be treated as a security update.
http://www.scribus.net/

Adobe Acrobat XI 11.0.14 is a security update. Use Help, Check for Updates to get the most current version.

Adobe Acrobat DC 15.009.20077 is a security update. Use Help, Check for Updates to get the most current version.

Adobe Reader 11.0.14 is a security update. Use Help, Check for Updates to get the most current version.

Adobe Reader DC Patch 15.010.20056 is a security update. Use Help, Check for Updates to get the most current version.

Kindle for PC 1.14.0 Build 43019 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

BelArc Advisor 8.5c doesn’t provide a changelog, so should be treated as a security update.
http://www.belarc.com/free_download.html

TDSSKiller 3.1.0.9 improves detection and removal. This is a security update.
https://12pd.com/click?tdss

DrWeb CureIt! 10.0.10 doesn’t provide a changelog, so should be treated as a security update.
https://www.freedrweb.com/download+cureit+free/?lng=en

KeePass 1.30 fixes a couple dozen bugs and improves search handling. This is not a security update.
http://keepass.sourceforge.net/

Wireshark 2.0.1 fixes dozens of bugs. This should be treated as a security update.
http://www.wireshark.org/

Junkware Removal Tool 8.0.2 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.malwarebytes.org/junkwareremovaltool/

MalwareBytes’ Anti-Malware Chameleon 3.1.28 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.malwarebytes.org/chameleon/

MalwareBytes’ Anti-Malware Mac 1.1 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.malwarebytes.org/antimalware/mac/

MalwareBytes’ Anti-Rootkit 1.09.3.1001 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.malwarebytes.org/antirootkit/

MalwareBytes’ Anti-Exploit 1.08.1.1045 improves a number of detection methods. This is a security update.
https://www.malwarebytes.org/antiexploit/

MalwareBytes’ FileAssassin 1.06 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.malwarebytes.org/fileassassin/

MalwareBytes’ RegAssassin 1.03 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.malwarebytes.org/regassassin/

MalwareBytes’ StartUpLite 1.07 doesn’t provide a detailed changelog, so should be treated as a security update.
https://www.malwarebytes.org/startuplite/

DNSQuerySniffer 1.51 improves compatibility with Netmon3. This is not a security update.
http://www.nirsoft.net/utils/dns_query_sniffer.html

Wireless Network Watcher 1.91 updates the internal MAC address database. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 11.0.7 adds new detections and ADS black/whitelisting. This is a security update.
http://www.adlice.com/softwares/roguekiller/

TinyWall 2.1.7 improves stability, display on hi-res devices and application database. This should be treated as a security update.
http://tinywall.pados.hu/

Capture Updates

These are unlikely to be of interest to most people.

VideoCacheView 2.95 improves Yandex Browser compatibility. This is not a security update.
http://www.nirsoft.net/utils/video_cache_view.html

XSplit Broadcaster 2.7.1512.2124 adds support for new hardware, fixes several bugs and improves social integration. This is a security update.
http://www.xsplit.com/get/

XSplit Gamecaster 2.7.1512.1833 adds support for new hardware, Record live stream on Dailymotion, and social logins. This is not a security update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.9.8 improved compatibility, fixes several bugs, updates libraries. This should be treated as a security update.
https://12pd.com/click?makemkv

DVDFab 9.2.2.4 fixes a crash bug. This is not a security update.
http://www.dvdfab.cn/download.htm

IsoBuster 3.7 adds breadcrumbs, improved navigation, improved performance and stability, and updated libraries. This should be treated as a security update.
http://www.isobuster.com/isobusterdownload.php

MKVToolNix 8.8.0 fixes several bugs. This should be treated as a security update.
http://www.videohelp.com/software/MKVtoolnix

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 7.9.17 fixes several bugs including stability, hi-res display issues, and more. This should be treated as a security update.
https://12pd.com/click?rf

7-Zip 15.14 fixes several bugs. This is not a security update.
http://www.7-zip.org/

TeamViewer 11.0.53254 fixes several reliability and performance bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

GWX Control Panel 1.7.0.2 fixes several bugs. This is not a security update.
http://ultimateoutsider.com/downloads/

iExplorer 3.8.8.0 adds iOS 9.2 compatibility. This is not a security update.
https://www.macroplant.com/iexplorer/

FolderChangesView 1.81 adds support for the Windows Explorer context menu. This is not a security update.
http://www.nirsoft.net/utils/folder_changes_view.html

SearchMyFiles 2.66 adds wasted space column, and now defaults to opening the properties window on double-click. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

SimpleWMIView 1.10 adds option to automatically update on class/query change. This is not a security update.
http://www.nirsoft.net/utils/simple_wmi_view.html

USBDeview 2.51 adds option to open INF file. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

WakeMeOnLan 1.72 adds scanning to selected IP addresses option. This is not a security update.
http://www.nirsoft.net/utils/wake_on_lan.html

WifiChannelMonitor 1.41 updates the internal MAC address database. This is not a security update.
http://www.nirsoft.net/utils/wifi_channel_monitor.html

CCleaner 5.13.5460 adds Opera and Chrome Media Cache cleaning, improves application support. This is not a security update.
https://12pd.com/click?ccleaner

Rufus 2.6 simplifies zeroing a device, fixes mode support, crash bugs and stability. This is not a security update.
http://rufus.akeo.ie/

Sigcheck 2.4 improves certificate trust list validation. This is a security update.
http://live.sysinternals.com/

Sysmon 3.2 adds support for logging raw disk access. This is a security update.
http://live.sysinternals.com/

Process Explorer 16.1 fixes several bugs. This is not a security update.
http://live.sysinternals.com/

Autoruns 13.51 fixes a WMI parsing bug, selective verification of signing status of individual entries and BOM flag in export file. This should be treated as a security update.
http://live.sysinternals.com/

AccessChk 6.01 fixes registry parsing bug and a kernel access bug. This is a security update.
http://live.sysinternals.com/

SystemRescueCD 4.7.0 updates kernels. This is a security update.
http://www.sysresccd.org/

TaskSchedulerView 1.15 improves refresh. This is not a security update.
http://www.nirsoft.net/utils/task_scheduler_view.html

WSUS Offline 10.3.1 fixes a bug in .NET installation. This is a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

TortoiseSVN 1.9.3 many bugs. This is not a security update.
http://tortoisesvn.net/downloads.html

ActivePerl 5.22.1.2201 is a security update.
http://www.activestate.com/activeperl/downloads

StrawberryPerl 5.22.1.2 is a security update.
http://strawberryperl.com/

Inno Setup 5.5.7 improves defaults, adds support for new CLI options, indexing behavior, and bug fixes. This is not a security update.
http://www.jrsoftware.org/isdl.php

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 12.1.0 fixes several bugs. This is not a security update.
http://www.vmware.com/products/player/

VirtualBox 5.0.12-104815 fixes several bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Dada Mail 9.0.2 is a security update.
http://dadamailproject.com/

BIND 9.9.8 and 9.10.3 are security updates.
https://www.isc.org/downloads/bind/

Drupal 8.0.2 is a security update.
http://drupal.org/download

Joomla 3.4.8 is a security update.

jQuery 1.12.0 and 2.2.0 fix several bugs and introduce new features. This is not a security update.
http://jquery.com/download/

phpMyAdmin 4.5.3.1 is a security update.
http://www.phpmyadmin.net/home_page/news.php

WordPress 4.4.1 is a security update.
http://wordpress.org/

Autoptimize 2.0.0 is a major improvement, adding several new controls and features, cache controls, optimizations and bug fixes. This is not a security update.

BuddyPress 2.4.3 fixes several bugs. This is not a security update.

Email Log 1.8.1 fixes a bug. This is not a security update.

Multisite Enhancements 1.3.2 fixes a cosmetic bug. This is not a security update.

Postie 1.7.27 fixes several bugs. This is not a security update.

Theme My Login 6.4.3 fixes several bugs. This is not a security update.

Top Commentators Widget 1.5.1 fixes several bugs. This is not a security update.

WooCommerce 2.4.13 fixes several bugs. This is not a security update.

WP Edit 3.7 fixes several bugs. This is not a security update.

WPtouch 4.0.2 fixes several bugs. This is not a security update.
That’s all for now folks. Keep it clean out there. ๐Ÿ˜‰

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/