Welcome back, Folks!
Today is Patch Tuesday for November, 2021.
This month we’ve got the new macOS (Monterey) which is bricking Macs, Windows 11 (don’t do it!), and a new build of Windows 10 (v21H2) is slated for release within the next few days. If you’re running a version of Windows 10 prior to v20H2 (v2009/19042) then you’ll want to install either Windows 10 v21H1 or prepare to install v21H2 on release, as the older versions will no longer be supported in only a month.
This Month in Technology
Acer (a couple times), American Osteopathic Association, Anthem, Inc., Apple iCloud, Argentina’s National Registry of Persons, BillQuick, Blue Cross of California, Bryan Health, bZx, California Physicians’ Services (Blue Shield of California), Canadian province of Newfoundland and Labrador Health Systems, Centara Hotels & Resorts, Clinical Pathology Diagnostics, LLC, CoinMarketCap, Colleton County School District (SC), Community Medical Centers, Cyberserve, Deep 6 AI, Discord CDN (still), Discourse, Doctors Health Group, Inc., Domaining.com, Electronic Warfare (US defense contractor), EU Digital Covid certificate system “Green Pass”, Exterity IPTV, Family of Woodstock, Ferrara Candy Co, Fullerton Health, Gigabyte, GitLab servers, Graff, Hariexpress, Humana Inc, Instagram and TikTok, Kaspersky, Las Vegas Cancer Center, Lavaca Medical Center, Machon Mor, Maxim Healthcare Group, MediaMarkt, many more Microsoft Exchange servers, Missouri Delta Medical Center, MLB, National Iranian Oil Products Distribution Company, Nationwide Laboratory Services, North American Dental Management, a bunch of NPM libraries, NRA, Olympus, OpenSea NFT, Painters District Council No. 30 Health and Welfare Fund, Philips Tasy EMR, Playbook, Practice Max, Premier Patient Healthcare, Professional Dental Alliance, Putnam County Memorial Hospital, QRS, Inc., Quest Diagnostics ReproSource, Quickfox, Robinhood, Russia’s Federal Information System, Scoolio, SCUF Gaming International, Seneca Family of Agencies, Sinclair TV, Società Italiana degli Autori ed Editori, Surecare Specialty Pharmacy, Syracuse ASC, LLC, Tesco, Thingiverse, Throckmorton County Memorial Hospital, tribal casinos, Twitch, Twitter, UK Councils (dude!), UK Labour Party, UNC Hospitals, University of Colorado Boulder, UMass Memorial Health, University of Sunderland, The Urology Center of Colorado, US Immigration and Customs Enforcement’s Homeland Security Investigations, US Water and Wastewater Systems, National Health Service of Ukraine, Venmo used to syphon bank accounts, Visible, Visual Tool DVRs, Viverant PT, LLC, Washington Central Unified Union School District (VT), and, of course, more Zoho ManageEngine servers than you can shake a stick at, have been hacked this month.
Google Chromebook enrollment, Microsoft 365, KT, and Voipfone have suffered outages this month. Microsoft overlooked expired certificates again, and Microsoft is force-installing crapware again, as well.
Pwn2Own this year demonstrated over 60 hacks across dozens of devices. Default password patterns (like your phone number) are sadly and unsurprisingly insecure. Facebook will (supposedly) delete 1 billion faceprints. Yahoo pulled out of China and YouTube is pushing malware. Mozilla has finally removed two malicious add-ons that have been weakening security for half a million users. macOS Monterey is bricking Macs. Canon is being sued for disabling their printers. And McAfee is being purchased by an “investor consortium.”
Let’s Get Busy
Now back to our regularly scheduled program.
Patch Tuesday this month is very large. The typical computer should see roughly 3.0 GB in updates today. Let’s get started.
Microsoft released updates for Windows, Edge, .NET, Servicing Stack, Internet Explorer, Windows 7, Windows Server 2008 R2, Server 2012, and MSRT (~2.3 GB). This includes security updates. A reboot is required.
Apple released updates for iOS 14.8.1, iOS 15.1, iPadOS 14.8.1, iPadOS 15.1, Safari 15.1, macOS Big Sur 11.6.1, macOS Monterey 12.0.1, Security Update 2021-007 Catalina, tvOS 15.1, and watchOS 8.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.
iOS 14.8.1 and 15.1 are security updates. Use Settings, General, Software Update to install the most current update.
iPadOS 14.8.1 and 15.1 are security updates. Use Settings, General, Software Update to install the most current update.
tvOS 15.1.1 is a security update. Use System, Software Update to install the most current version.
watchOS 8.1 is security updates. Use the Watch app on your iPhone to install the most current version.
Google Chrome OS 94.0.4606.114 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.
Fedora 35-1.2 is a major update, adding several new configuration and control features, and updates libraries. This is not a security update.
https://getfedora.org/en/workstation/download/
Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.
Important Notes
Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.
The release of macOS Monterey (12.x) means that macOS Mojave (10.14) and older are no longer supported. If you can not install at least macOS Catalina (10.15) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.
The now-current release of the Windows 10 (v21H1) is very large, for the first time it’s actually smaller than the previous release, but it will take a long time to download on slower connections. Windows 10 pushes you to get the latest Windows 10 release every 6 months and only supports any consumer builds for 18 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.
Windows 11 has been released, but it has only been out a few weeks so should be considered beta software. Give it at least a couple months before you install it on your devices.
Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.
It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.
Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.
Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com
Driver Updates
If you’re using this hardware – these updates are for you.
Display Driver Uninstaller 18.0.4.6 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu
Browser Updates
One or more of these are likely to be of interest to everyone.
Brave 1.31.88 is a security update.
https://brave.com/
Google Chrome 95.0.4638.69 is a security update.
https://www.google.com/chrome/
Iridium 2021.10.95 is a security update.
https://iridiumbrowser.de/
Microsoft Edge 95.0.1020.44 is a security update.
https://www.microsoft.com/en-us/edge/business/download
Firefox 94.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/
Firefox ESR 91.3.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/
Vivaldi 4.3.2439.65 is a security update.
https://vivaldi.com/
Email Updates
One or more of these are likely to be of interest to everyone.
Thunderbird 91.3.0 is a security update.
https://www.thunderbird.net/en-US/
OutlookAttachView 3.44 resolves a profile selection bug. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html
Internet Updates
One or more of these are likely to be of interest to everyone.
AnyDesk 6.3.5 resolves a couple bugs. This is not a security update.
https://anydesk.com/en/downloads
Dropbox 134.4.4115 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.dropbox.com/
FileZilla Client 3.56.2 resolves several bugs and improves compatibility. This is not a security update.
https://filezilla-project.org/
FileZilla Server 1.1.0 is a security update.
https://filezilla-project.org/
Google Drive 52.0 improves compatibility, no longer respects custom cache location mapping, forcefully overwrites the destination of any link named “Google Drive,” and improves performance. This is not a security update.
https://drive.google.com/start
Rclone 1.57.0 resolves dozens of bugs and improves reliability, compatibility and stability for several platforms and protocols. This is not a secuirty update.
https://rclone.org/
Skype 8.77.0.97 adds background blurring, user pinning, Meet Now improvements, and resolves several bugs. This is not a security update.
https://www.skype.com/
Syncthing 1.18.4 resolves several bugs. This is not a security update.
https://syncthing.net/
Technitium DNS Server 7.1 adds certificate generation, Block Page App, Drop Requests App, Query Logs App, Advanced Blocking App, improves logging, and resolves several other bugs. This is a security update.
https://technitium.com/dns/
Telegram 3.2.3 resolves a couple bugs. This is not a security update.
https://telegram.org/
This month Telegram also added advertising support – a harsh reminder that the platform is run by a Russian company.
WinSCP 5.19.4 resolves a couple bugs. This is not a security update.
https://winscp.net/eng/index.php
Zoom 5.8.3.1581 adds administrative controls, improvements in Meeting, webinar, chat, and resolves several bugs. This is a security update.
https://zoom.us/
Media Updates
These are unlikely to be of interest to most people.
3tene 2.0.18 improves tracking and expression matching reliability. This is not a security update.
https://en.3tene.com/
iTunes 12.12.2 doesn’t provide a changelog so should be considered a security update.
https://www.apple.com/itunes/download/
Plex Home Theater 1.7.0.2676 improves update check and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app
Plex Media Server 1.24.5.5173 improves database structure, search matching, and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server
Game Updates
These are unlikely to be of interest to most people.
Nintendo Switch 13.1.0 adds support for the new expansion pack. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989
PlayStation PS5 21.02-04.03.00 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/
Steam 2021.10.14 resolves several bugs. This is not a security update.
https://www.steampowered.com/platform/update_history/index.php?skin=0&id=0
Office Updates
One or more of these are likely to be of interest to most people.
Audacity 3.1.0 improves usability, adds clip handle bars, smart clips, and reworks the looping feature. This is not a security update.
https://www.audacityteam.org/download/
LibreOffice Still 7.1.7 resolves 27 bugs. This is not a security update.
https://www.libreoffice.org/
LibreOffice Fresh 7.2.2 resolves almost 70 bugs. This is not a security update. Be aware that the “Fresh” line is beta software and should be avoided in favor of the “Still” line.
https://www.libreoffice.org/
Nextcloud Desktop 3.3.6 resolves several bugs. This is a security update.
https://nextcloud.com/
Notepad++ 8.1.9 resolves several stability bugs. This is not a security update.
https://notepad-plus-plus.org/
Paint.net 4.3.2 improves performance of Tools and plugins, and resolves a reliability bug. This is not a security update.
https://www.getpaint.net/
PDF-XChange Editor 9.2.358.0 resolves several bugs. This is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor
RoboHelp Server RHS2020.0.2 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb21-87.html
Adobe InCopy 17.0 is a security update.
https://helpx.adobe.com/security/products/incopy/apsb21-110.html
Adobe Creative Cloud 5.6 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb21-111.html
Adobe After Effects 18.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb21-79.html
Adobe Audition 14.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/audition/apsb21-92.html
Adobe Bridge 11.1.2 and 12.0 are security update.
https://helpx.adobe.com/security/products/bridge/apsb21-94.html
Adobe Character Animator 4.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/character_animator/apsb21-95.html
Adobe Prelude 22.0 is a security update.
https://helpx.adobe.com/security/products/prelude/apsb21-96.html
Adobe Lightroom Classic 10.4 and 11.0 are security updates.
https://helpx.adobe.com/security/products/lightroom/apsb21-97.html
Adobe Illustrator 25.4.2 and 26.0 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb21-98.html
Adobe Media Encoder 15.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb21-99.html
Adobe Premiere Pro 15.4.2 and 22.0 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb21-100.html
Adobe Animate 22.0 is a security update.
https://helpx.adobe.com/security/products/animate/apsb21-105.html
Adobe Premiere Elements 19.0 is a security update.
https://helpx.adobe.com/security/products/premiere_elements/apsb21-106.html
Adobe InDesign 17.0 is a security update.
https://helpx.adobe.com/security/products/indesign/apsb21-107.html
Adobe XMP Toolkit SDK 2021.08 is a security update.
https://helpx.adobe.com/security/products/xmpcore/apsb21-108.html
Adobe Photoshop 22.5.2 and 23.0 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb21-109.html
Security Software Updates
One or more of these is likely to be of interest to most people.
RogueKiller 15.1.3 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/
Tails 4.24 is a security update.
https://tails.boum.org/install/dvd-download/index.en.html
TinyWall 3.2.3 resolves several bugs. This is not a security update.
https://tinywall.pados.hu/
uBlock Origin 1.38.6 resolves compatibility with Twitch. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest
YARA 4.1.3 should be treated as a security update.
https://github.com/countercept/chainsaw
Capture Updates
These are unlikely to be of interest to most people.
ScreenToGif 2.34.1 replaces update engine and resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest
Converter Updates
These are unlikely to be of interest to most people.
MakeMKV 1.16.5 improves stability and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/
Utility Updates
These are unlikely to be of interest to most people.
1Password for Mac 7.9.1 adds support for macOS Monterey, and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/
1Password for Windows 7.9.828 resolves several bugs. This is not a security update.
https://1password.com/downloads/windows/
AccessEnum 1.33 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/accessenum
Autoruns 14.06 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns
BatteryInfoView 1.25 updates tray tooltip to display information on multiple batteries. This is not a security update.
https://www.nirsoft.net/utils/battery_information_view.html
Bitwarden 1.28.3 resolves several bugs. This is not a security update.
https://bitwarden.com/
CacheSet 1.01 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/cacheset
Contig 1.81 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/contig
ControlMyMonitor 1.30 improves error handling. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html
CPU-Z 1.98 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html
Cygwin 3.3.1 resolves a compatibility bug. This is not a security update.
https://cygwin.com/
DesktopOK 9.31 adds option to customize DPI values. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK
Desktops 2.01 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/desktops
Disk2vhd 2.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/disk2vhd
DiskMon 2.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/diskmon
dnGrep 2.9.428.0 resolves cancel bug, .gitignore filtering, theme improvements, and PDF association. This is not a security update.
https://dngrep.github.io/
EFSDump 1.03 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/efsdump
Everything Toolbar 0.7.3 adds option to enable or disable thumbnails and hotkey handling. This is not a security update.
https://github.com/stnkl/EverythingToolbar/
Git SCM 2.33.1 improves compatibility and resolves several bugs. This is not a security update.
https://git-scm.com/
GoodSync 11.9.3 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/
Homedale 2.00 adds new column for Station Count. This is not a security update.
https://www.the-sz.com/products/homedale/
HWMonitor 1.45 adds support for new hardware and disk read/write speeds. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html
Java 8u311 is a security update.
https://www.java.com/en/download/manual.jsp
LessMSI 1.10.0 adds support for MSP files, MSI Stream names and resolves a cache bug. This is not a security update.
https://lessmsi.activescott.com/
LoadOrder 1.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/loadorder
NTLite 2.3.1.8454 adds new components, settings, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/
Aomei Partition Assistant 9.5.0 adds SMART health checks and improves update behavior. This is not a security update.
https://www.diskpart.com/
PointerStick 5.55 updates languages. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick
PowerToys 0.49.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest
ProcessMonitor 3.86 updates icons. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
PsShutdown 2.53 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/psshutdown
RegJump 1.11 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/regjump
RoboForm 9.2.1 improves compatibility, import, sync performance, and resolves several bugs. This is not a security update.
https://www.roboform.com/
Rufus 3.17 resolves several bugs and updates libraries. This should be treated as a security update.
https://rufus.ie/en_US/
ShareEnum 1.61 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/shareenum
ShellRunas 1.02 updates libraries. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/shellrunas
SimpleWMIView 1.46 adds error handling and improves high-DPI support. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html
Sysmon 13.30 resolves several bugs, improves stability, and adds user fields for events. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
TCPView 4.16 updates icons. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview
WinObj 3.13 updates icons. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview
Windows 11 RCT 1.3.1 improves detection of CPU features and updates languages. This is not a security update.
https://bytejams.com/
WinScan2PDF 7.44 improves hardware compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF
WizTree 4.04 adds support for mobile devices and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/
ZoomText 2021.2111.2.400 resolves compatibility bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText
ZoomText 2022.2110.47.400 resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText
Developer Updates
These are unlikely to be of interest to most people.
Godot 3.4 improves user interface, input handling, adds large file support, frame delta smoothing, and dozens of other features. This is not a security update.
https://godotengine.org/
MySQL ConnectorNet 8.0.27 resolves several bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/
Node.js 16.13.0 updates libraries, resolves several bugs and is promoted to LTS. This is not a security update.
https://nodejs.org/en/
Node.js 17.0.1 is a new major version adding OpenSSL 3.0 support, updates libraries,
https://nodejs.org/en/
Visual Studio Code 1.62 resolves over 4000 issues and adds vscode.dev beta. This should be treated as a security update.
https://code.visualstudio.com/
WinMerge 2.16.16 resolves several bugs. This is not a security update.
https://winmerge.org/
Virtual Machine Updates
These are unlikely to be of interest to most people.
PPSSPP 1.12.3 resolves a gamepad bunding bug. This is not a security update.
https://ppsspp.org/downloads.html
VirtualBox 6.1.28 resolves almost two dozen bugs. This should be treated as a security update.
https://www.virtualbox.org/wiki/Downloads
Web Package Updates
These are likely to be of interest only to web developers.
Dada Mail 11.17.1 resolves several bugs and improves the GUI. This is not a security update.
https://dadamailproject.com/
Docker Desktop 4.2.0 adds pause/resume, windows management, updates libraries, and resolves several bugs. This is not a security update.
https://www.docker.com/products/docker-desktop
Drupal 9.2.8 resolves several bugs. This is not a security update.
https://drupal.org/download
HumHub 1.9.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en/download
MailArchiva 8.3.14 resolves several bugs. This is not a security update.
https://mailarchiva.com/
OpenPetra 2021.10 resolves several bugs and improves automation. This is not a security update.
https://www.openpetra.org/
ownCloud Client 2.9.1.5500 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/
Piwigo 12.0.0 improves sorting, performance, maintenance, and adds bulk actions and logging. This is not a security update.
https://piwigo.org/
Contact Form 7 5.5.2 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/
Social Post Feed 4.0.3 resolves several bugs and improves compatibility. This should be treated as a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/
Email Log 2.4.8 is a security update.
https://wordpress.org/extend/plugins/email-log/
Visual Composer 40.0 resolves several bugs. This is not a security update.
https://visualcomposer.com/
W3 Total Cache 2.1.9 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/
WooCommerce 5.9.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/
WordPress Zero Spam 5.1.5 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/zero-spam/
That’s all for now folks. Keep it clean out there. 😉
Regards,
Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/