Updates 2018-12-06

Hi, Folks!

It’s not Patch Tuesday, but Adobe, Microsoft, Apple, Google and many others have released updates this week.

“Yet another” zero-day Adobe Flash exploit is being used to actively hack computers as they browse the Internet. Most browsers have Flash baked-in now, so are actively building updates to patch this new vulnerability. While you should patch your browser, you should also disable Flash across your device and within each browser as the best defense against the lowest-hanging fruit in security today: Adobe Flash.

The typical computer should see approximately 500mb of updates. Let’s get started.

Microsoft released an out-of-cycle security update to address issues in Edge, IE and Flash (~20mb). This is a security update. A reboot is required.

Oh, btw, did you see that MS is planning to replace the engine in Edge with the same engine used by Chrome? This should help you dismiss the nagging feeling that maybe Edge might be faster or more stable than Chrome or other Chromium-based browsers.

Apple released updates for macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra, iOS 12.1.1, Safari 12.0.2, Shortcuts 2.1.2, iCloud for Windows 7.9, iTunes 12.9.2 for Windows, tvOS 12.1.1, and watchOS 5.1.2. These are security updates. Use the Apple App Store or Apple Software Update to install the most current versions.

iOS 12.1.1 is a security update. Use Settings, General, Software Update to install the most current version.

watchOS 5.1.2 is a security update. Use your updated iPhone to install the most current version through the Watch app.
https://support.apple.com/en-us/HT204641

tvOS 12.1.1 is a security update. Use Settings, General, Updates to install the most current version.

Google Chrome OS 70.0.3538.110 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 32.0.0.101 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.0.4 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

nVidia 417.22 improves compatibility with new hardware. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 71.0.3578.80 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.1.1337.51 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Iridium 2018.11.70 is a security update (but still a major version behind the core chromium security patch level).
https://iridiumbrowser.de/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.5.3 resolves several bugs. This is not a security update.
https://getmailspring.com/

NK2Edit 3.38 adds select all and unselect all to the column selection window. This is not a security update.
https://www.nirsoft.net/utils/outlook_nk2_edit.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Prosody 0.11.1 resolves several bugs. This is not a security update.
https://prosody.im/download/start

WinSCP 5.13.5 is a security update.
https://winscp.net/eng/index.php

FileZilla 3.39.0 resolves an empty file timestamp bug. This is not a security update.
https://filezilla-project.org/

MaxMind GeoIP Data 201812 is a data refresh.
https://dev.maxmind.com/geoip/geolite

WGet 1.20 updates libraries. This should be treated as a security update.
https://eternallybored.org/misc/wget/

Media Updates

These are unlikely to be of interest to most people.

Flickr Downloadr 3.2.0.1 resolves several bugs and adds support for simultaneous downloads. This is not a security update.
https://flickrdownloadr.com/downloads/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.31.17411 resolves several bugs. This is not a security update.
https://www.origin.com/en-us/download

Steam 2018.11.27 resolves several bugs. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Paint.net 4.1.5 resolves several bugs and improves performance. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

Wireshark 2.6.5 is a security update.
https://www.wireshark.org/

OpenSSL 1.0.2q is a security update.

RogueKiller 13.0.15 resolves several bugs and adds signatures. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

TDSSKiller 3.1.0.24 adds detection for new malware. This should be treated as a security update.
https://support.kaspersky.com/viruses/utility#TDSSKiller

Converter Updates

These are unlikely to be of interest to most people.

MakeMKV 1.14.2 resolves several bugs and adds support for new encodings. This is not a security update.
https://www.makemkv.com/download/

DVDFab 11.0.0.7 resolves several bugs and adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.7.1.6630 resolves a duplicate entry bug. This is not a security update.
https://www.ntlite.com/download/

GoodSync 10.9.19 changes some cosmetic information related to licensing and activation. This is not a security update.
https://12pd.com/click?goodsync

ControlMyMonitor 1.10 improves command-line support. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

DesktopOK 5.79 improves performance. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DiskMaker X 8.0.3 resolves an updater bug. This is not a security update.
https://diskmakerx.com/

HWMonitor 1.38 resolves a bug with multiple graphics devices and adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

IsMyHdOK 1.61 improves performance and output style. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 1.6.3 only changes metadata. This is not a security update.
https://lessmsi.activescott.com/

FileLocator Pro 8.5.2878 adds support for portable device searching and resolves a language bug. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FolderChangesView 2.25 vastly improves utility of program by assigning command to folder changes with metainfo from watched folder. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

SearchMyFiles 2.90 adds option to include only folders. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

USBDeview 2.78 adds an option to configure the application from the command line. This is not a security update.
https://www.nirsoft.net/utils/usb_devices_view.html

WirelessKeyView 2.06 adds an option to export all items. This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

OSForensics 6.1.1005 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

Rufus 3.4 resolves several bugs and improves compatibility. This is not a security update.
https://rufus.ie/en_IE.html

WinScan2PDF 4.64 improves performance and WIA compatibility, and adds support for rotating every other page to resolve issues with older duplex scanners. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

WinMerge 2.16.0 adds x64 support, resolves several bugs, adds support for Win7+ jump list feature (really!), HiDPI support, 3-way merge, advanced search patterns, and many more. This is not a security update.
https://winmerge.org/

Node.js 11.3.0 is a security update.
https://nodejs.org/en/

SQLite 3.26.0 resolves several bugs and improves storage and sanity checks. This is not a security update.
https://www.sqlite.org/download.html

StrawberryPerl 5.28.1.1 is a security update.
https://strawberryperl.com/

Web Package Updates

These are likely to be of interest only to web developers.

Joomla 3.9.1 resolves over 40 bugs. This is not a security update.
https://www.joomla.org/

Adminer 4.7.0 improves compatibility and resolves several bugs. This is not a security update.
https://www.adminer.org/en/

TinyMCE 4.9.1 resolves several bugs. This is not a security update.
https://www.tiny.cloud/get-tiny/

Drupal 8.6.4 resolves dozens of bugs, improves i18n, improves unit testing. This is not a security update.
https://drupal.org/download

MailEnable 10.20 resolves several bugs, including SPF and SNI-compatibility improvements. This is not a security update.
https://www.mailenable.com/

Nextcloud Server 14.0.4 resolves dozens of bugs, improves sanity and security. This should be treated as a security update.
https://nextcloud.com/

ScreenConnect 6.9.21027.6898 resolves a compatibility issue on IE for guests. This is not a security update.
https://www.screenconnect.com/Download

WordPress 5.0 is a major update primarily focused on switching to Gutenberg as the default editor, adding several new design and styling features, and over 40 bug fixes. This is not a security update.
https://wordpress.org/

Autoptimize 2.4.4 resolves a cronjob editor bug. This is not a security update.

BuddyPress 4.1.0 resolves several bugs. This is not a security update.

Custom Facebook Feed 2.8 adds several new features and improves compatibility. This is not a security update.

Postie 1.9.26 resolves a category bug. This is not a security update.

WooCommerce 3.5.2 resolves several bugs, improves self-diagnostics, and improves integration. This is not a security update.

WP Mail SMTP 1.4.1 should be treated as a security update.

WPtouch 4.3.34 improves cosmetics for Gutenberg compatibility. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2013-02-08

Hi, Folks!

There must be something in the water. This week a bunch of different companies opted to release emergency security updates the week before Patch Tuesday. That is not to say they’re done for the month, but only that the issues were so severe (in many cases being actively exploited in the wild) that an emergency release was necessary. So let’s get to it.

Adobe Flash Player 11.5.502.149 is a security update, patching a vulnerability that’s being actively exploited as of last night.
https://12pd.com/click?flash
https://12pd.com/click?flashie

Adobe Flash Player for Mac OS X is also a security update.
https://12pd.com/click?flashmac

Expect an update for AIR by Patch Tuesday next week.

Java 7u13 is a security update.
https://12pd.com/click?java

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me anytime, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

iOS 6.1 is a security and stability update for iPhone, iPad, iPod and other devices using the Apple mobile OS. You can download the current version either through iTunes or at:
http://iphoneroot.com/firmwares/

Browser Updates

One or more of these are likely to be of interest to everyone.

Firefox 18.0.2 is a security update. Use Help, About to get the most current version.

Google Chrome 24.0.1312.57 is a security update. Use Menu, About to get the most current version.

Opera 12.14 is a security update. Use Help, About to get the most current version.

SeaMonkey 2.15.2 is a security update. Use Help, About to get the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 2.42 adds field contraints. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Internet Updates

One or more of these are likely to be of interest to everyone.

Trillian Astra for Windows 5.3.14 corrects a number of bugs, in history, XMPP, IRC, firewall compatibility and several enhancements. This is not a security update.
http://www.trillian.im/windows/

BrowsingHistoryView 1.21 corrects a reliability bug with IE history files.
http://www.nirsoft.net/utils/browsing_history_view.html

Evernote 4.6.2.7927 corrects several stability and sync problems. This is not a security update.
http://evernote.com/download/

Google Drive 1.7.4018.3496 does not provide a changelog, so this should be treated as a security update.
https://drive.google.com/start

Codec Updates

One or more of these are likely to be of interest to everyone.

Win7 Codec Package 4.0.0 updates included codecs. To install the update, you must uninstall and reinstall the application. This is not a security update.
http://shark007.net/win7codecs.html

Win x64 Codec Support 4.0.0 updates included codecs. This update applies only to 64-bit computers, and requires either the Win7 Codec Package or the Windows Vista Codec package. This is not a security update.
http://shark007.net/x64components.html

Media Updates

These are unlikely to be of interest to most people.

XBMC 12.0 is a major update. This version adds several codecs, HD Audio support, PVR & LiveTV support, h.264 10bit, and new hardware support. This is a fantastic program for media management and viewing. This is not a security update.
http://xbmc.org/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 9.1.12.73 provides several bug fixes. This is not a security update.
http://www.filehippo.com/download_origin/

Office Updates

One or more of these are likely to be of interest to most people.

Notepad++ 6.3 provides improvements in regex support, UDL and bug fixes. This is not a security update.
http://notepad-plus-plus.org/

Audacity 2.0.3 corrects several crash bugs, looping, resampling, accessibility issues, and other improvements. This is not a security update.
http://audacity.sourceforge.net/download/

Gimp 2.8.4 provides improvements in the GUI, docking, dialogs, save/export, layer grouping, and a number of bug fixes. This is not a security update.
http://www.gimp.org/

Scribus 1.4.2 vastly improves cross-platform portability, offers 64-bit support and includes a spellchecker. This is not a security update.
http://www.scribus.net/canvas/Scribus

Security Software Updates

One or more of these is likely to be of interest to most people.

KeePass 1.25 provides a number of bugfixes, UI improvements and other changes. This is not a security update.
http://keepass.info/

Wireshark 1.8.5 corrects a couple dozen bugs, improves support for more than 30 protocols. This is not a security update.
http://www.wireshark.org/

Capture Updates

These are unlikely to be of interest to most people.

Greenshot 1.0.6.2228 is the first official and reliable release version of Greenshot. If you need to be able to do quick and simple screenshots, especially if you’ve been dealing with another application – you’ll want to check out Greenshot.
http://getgreenshot.org/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 8.2.2.7 improves decryption. This is not a security update.
http://www.dvdfab.com/download.htm

Utility Updates

These are unlikely to be of interest to most people.

LogMeIn adds Chrome host support, updated OpenSSL libraries, and several other improvements. This is not a security update. To get the most current version open LogMeIn, click About, Check for Updates.

RoboForm 7.8.6 provides a number of improvements, including improved activation support, GUI improvemetns, fixes to the Firefox, Opera, Chrome and Win32 implementations and finally, UTF-8 everywhere.
https://12pd.com/click?rf

Goodsync 9.4.4.4 prevents file locking during sync, improves Google Drive support, FTP, SSH and other improvements. This is not a security update.
https://12pd.com/click?goodsync

CPU-Z Installer 1.63 adds support for newer hardware and adds TDP. This is not a security update.
http://www.cpuid.com/softwares/cpu-z.html

GPU-Z 0.6.7 adds support for newer hardware, improved GUI, TMU support, and other improvements. This is not a security update.
http://www.techpowerup.com/downloads/SysInfo/GPU-Z/

CCleaner 3.27.1900 adds Metro support, Chrome v24, improved support for Firefox, Chrome extensions, Unicode text and several bug fixes. This is not a security update.
http://www.piriform.com/ccleaner

Autoruns 11.42 fixes a bug in the parsing of network file paths introduced in 11.41. This is not a security update.
http://sysinternals.com/

Handle 3.51 fixes a bug in its file share drive letter formatting. This is not a security update.
http://sysinternals.com/

Movefile 1.01 now correctly handles 64-bit system paths. This is not a security update.
http://sysinternals.com/

Pendmoves 1.2 adds support for 64-bit directories. This is not a security update.
http://sysinternals.com/

Procdump 5.13 now supports triggers for when process CPU usage, memory consumption or arbitrary performance counters fall below a specified value. This is not a security update.
http://sysinternals.com/

Process Explorer 15.3 includes heat-map display for process CPU, private bytes, working set and GPU columns, sortable security groups in the process properties security page, and tooltip reporting of tasks executing in Windows 8 Taskhostex processes. It also creates dump files that match the bitness of the target process and works around a bug introduced in Windows 8 disk counter reporting. This is not a security update.
http://sysinternals.com/

Sigcheck 1.91 prints the link time for executable files instead of the file last-modified time, and fixes a bug introduced in 1.9 where the –q switch didn’t suppress the print out of the banner. This is not a security update.
http://sysinternals.com/

Zoomit 4.42 now includes an option to suppress zoom-in and zoom-out animation to better support remote RDP sessions and fixes a bug that caused static zoom to snap to the top and left side of the screen in some cases. This is not a security update.
http://sysinternals.com/

RapidEE 7.1 build 845 updates 3rd party components and corrects an AV error. This should be treated as a security update.
http://www.rapidee.com/en/download

USBDeview 2.21 adds the ability to enable/disable/remove devices. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

WakeMeOnLan 1.48 updates the internal MAC addresses database. This is not a security update.
http://www.nirsoft.net/utils/wake_on_lan.html

Wireless Network Watcher 1.57 updates the internal MAC addresses database. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

Developer Updates

These are unlikely to be of interest to most people.

Inno Setup 5.5.3 provides a number of bugfixes and several new features, including restart manager, improved 64-bit compatibility, portable app support, and Windows 8 improvements. This is not a security update.
http://www.jrsoftware.org/isdl.php

WinMerge 2.14.0 is the first update in almost 4 years and removes ANSI support, improving startup time, linefilters, color organization, 3rd party libraries and various bugfixes. This is not a security update.
http://winmerge.org/

Web Package Updates

These are likely to be of interest only to web developers.

phpMyAdmin 3.5.6 corrects several bugs. This is not a security update.
http://www.phpmyadmin.net/home_page/news.php

Adminer 3.6.3 improves display, corrects several bugs. This is a security update.
http://www.adminer.org/en/

Drupal 7.19 is a security update.
http://drupal.org/download

Movable Type 5.2.3 fixes a minor upgrade bug. This is not a security update.
http://www.movabletype.org/download.html

OpenCart 1.5.5 adds several new features, including improved filters and upgrade system. This is not a security update.
http://www.opencart.com/

SMF 2.0.4 is a security update.
http://download.simplemachines.org/

WordPress 3.5.1 is a security update. Use the WP updater to get the most current version.

bbPress 2.2.4 is a security update. Use the WP updater to get the most current version.

BuddyPress 1.6.4 is a security update. Use the WP updater to get the most current version.

Contact Form 7 3.3.3 corrects two bugs, provides additional language translations. This is not a security update. Use the WP updater to get the most current version.

Developer 1.1.2 corrects a couple bugs and adds a French translation. This is not a security update. Use the WP updater to get the most current version.

Smart YouTube 4.2.0 updates included libraries. This is not a security update. Use the WP updater to get the most current version.

WPtouch 1.9.6.1 adds BlackBerry 10 support. This is not a security update. Use the WP updater to get the most current version.

MailEnable 6.79 corrects a number of minor bugs. This is not a security update.
http://www.mailenable.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

UPdates 2009-03-13

Hey folks!

Patch Tuesday has come and gone, including three updates for Windows XP and Vista, with an additional two or three for Windows “server” operating systems. If you haven’t installed these updates already, do so now.
  http://update.microsoft.com/
However, please be aware that on some computers, after installing these updates there have been issues rebooting. To play it safe it is best to reboot the computer immediately BEFORE you install updates, then install updates – which will require another reboot.

Mozilla has released an update to Firefox, to version 3.0.7. This update DOES include security and stability fixes, including remote exploits. If you have Firefox installed, you are advised to update ASAP.
  Mozilla Firefox: Help > Check for Updates
  http://www.mozilla.com/en-US/firefox/

Adobe has released a critical security update to the current version of Adobe Reader. Access this update
through “Help, Check for updates” within Adobe Reader.
  Adobe Reader: Help > Check for updates

Are you using a different PDF reader? Others, including FoxIt reader, have also released a security patch to deal with the recently revealed security issues:
  http://www.foxitsoftware.com/downloads/

FileZilla released an update to FileZilla Server this week, bringing it up to 0.9.31. This is a server application, so if you’re not using it already, and don’t know if you need it or not, you DON’T.
  http://filezilla-project.org/download.php?type=server

WinMerge 2.12.0 was released this week. If you’re using WinMerge, you can download the latest version here:
  http://winmerge.org/downloads/

Finally, we’ve introduced a new feature for the SaferPC website, a data feed for popular and common application release cycles. In other words, it’s a frequently updated list of when software is updated. It provides an RSS feed, too, so you can subscribe to updates in your favorite feed reader. The page layout will be changing some in the coming months, and will eventually provide a means of displaying only the updates that you’re actually interested in. Check it out:
  https://saferpc.info/software-feed.asp

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/