Updates 2025-05-13

Welcome back, Folks!

Today is Patch Tuesday for May, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, the time was months ago. Pickin’s are thin right now. 🙁

However… if you do need to replace your laptop there’s an awesome Lenovo laptop available at Costco right now for $600 (plus tax & shipping).

There were 495+ major hacks, and over 600 application updates this month. It’s an insanely large month, with about 6 GB of updates for most users.

This Month in Technology

1st Health Inc, 30 London Job Centres, 4chan, 90 Degree Benefits, Inc – MN/WI Office, Abergavenny, Abilene, Texas, Active! Mail, Adelaide’s Women’s and Children’s Hospital, Adobe Acrobat Reader DC, Advanced Simulation Technology, Adyen, Agencia Browne y Espinoza, Ahold Delhaize, Alabama government, Alabama Ophthalmology Associates, Allegra, Allied Telesis, Inc, AllTrust, Alternate Solutions Health Network, Altior Healthcare, Alvin Independent School, Amazon ElastiCache, American Eagle Logistics, American Express Travel Related Services Co, Amethyst Group, Amtech Software, Andy Frain Services, Anfarm Hellas, Apache ActiveMQ, Apache Parquet, Apache Roller, Apache Tomcat, Apple AirPlay, Apple iPhone, Apple iPhone Messages, Apple macOS, Arizona Arthritis and Rheumatology Associates, Arkansas Primary Care, Ascension Health, Associated Wholesale Grocers, Astra Products, ASUS AiCloud, ASUS AMI, ASUS DriverHub, Avast Free Antivirus, Balance Diagnostics, Baltimore City Public Schools, Bangalore Water Supply and Sewerage Board (BWSSB), Barnstable County Sheriff’s Office, Barr Dermatopathology, Bartlesville Public Schools, BayMark Health Services, Bell Ambulance, Berkeley Research Group, Bertie, NC Schools, Bervar and Jones, Bigfork Valley Hospital, Bilbie Faraday Harrison, Bindi SpA, Bio-Clima Service, Bloom Family Eye Surgeons, Blue Shield of California (to Google!), Bluestone Bank, Bolivar Insulation, Boudreaux’s Specialty Compounding Pharmacy, Boulanger, Brainard Surgery Center LLC, British Columbia Health Authority, Broadcom Fabric OS, Brunswick Medical Center, Brydens Lawyers, Business Functions, Cabot Medical Care, California Correctional Health Care Services, Caltrol Inc, Cambridge University Press & Assessment, Canada Revenue Agency, CAPTCHA systems on 400,000+ websites (AkiraBot), Caritas Catholic charities, Carlton County Public Health and Human Services, Carrefour Mobile, Cato Networks Cato Client, Cell C, Central Texas Pediatric Orthopedics, Chang Shen Hospital, Charleston Fire Department, Chepstow, Chicano Federation of San Diego County, Cisco IOS XE, Cisco Webex, City of Bristol, TN, City of Grove, City of Long Beach, CA, Cloudera Hue Ace Editor, CMC Corporation, Co-op Group, Cobb County, GA, Colorado River Adventures, Community Dental Care, Commvault Command Center, Commvault, Complete Payroll SolutionsCompliance Consulting Group, Comport Technology Solutions, Conduent, Conrey Insurance Brokers & Risk Managers, Corporate Flight, Cortez Resources, Cosmos, Couples Learn, CPUs, Craft CMS, Culinary Services of America Inc, Curve Finance, Custom Paper, D’Granel, Dale Partners Architects, Dameron Hospital, Daniels & Taylor, PC, DaVita, six DDoS-for-hire platforms, Dedicated Web Consultants, DermCare Management, Destination Toronto, Diedrich Coffee, Dior, Discord, Disney, Dominion Lending Centres, Drug and Alcohol Treatment Services, Inc, Dutch Ministry of Climate Policy and Green Growth, Dutch Ministry of Economic Affairs, Dutch Ministry of the Interior and Kingdom Relations, DYNAMIS Insurance, East Central Missouri Behavioral Health Services, eCharge Hardy Barth, Eclipse ThreadX NetX Duo, ECOM America, Edinburgh schools, Ehlers Inc, EIZO Rugged Solutions, EMX Enterprises, Endue Software, Enflame Technology, Erlang/OTP SSH, Erlanger Health, ESP Associates, Esse Health, Everest Bank, eXch, Extreme Fire, Family Christian Health Center, Feldman & Lopez, Fleet Canada, Fogelman Management Group, Forsyth County Schools, 16,000 Fortinet devices, FortiSwitch, Fowler Elementary School District, Framlingham College, France’s Municipality of Ardon, Franklin Nursing Home, Frederick Health Medical Group, FreeType 2, Frisco Chamber, Galvatech, Gardena Honda, GeoLogics Corporation, German Association for East European Studies, Gistic Research, Gladinet CentreStack, Gladinet Triofox, Global Media Group, GlobalX, GMA Network, Google Chrome DevTools, Google Sites, Government of Peru, Great Plains Transport, GStreamer, Hacienda La Puente Unified School District, Hamilton County, TN, Hamrah Aval, Harman Becker MGU21, Harrods, Hayward Quartz Technology, HC Sheriff, HealthEquity, IncHeinz Hammer Vertragswerkstatt, Helix Tools, Hertz Corporation, Highland Rivers Behavioral Health, Hitachi Energy MicroSCADA Pro/X SYS600, Hong Kong Science and Technology Parks, HOPI, Horizon Behavioral Health, Hyalogic, Hyundai Motor Group, IBM Cloud, IBM Portal, iClicker, iHeartMedia + Entertainment, IKEA, Impact Canada, Inaba Denki Sangyo CHOCO TEI WATCHER, Independent Financial Services, Independent Title Agency, Indian Air Force (IAF) aircraft, Indian government defence websites, 1.5+ million Indian websites, Inductors Inc, Insight Partners, Insight Pipe Contracting, Interior Health, Internet Initiative Japan, Iowa County, WI, Iris ID, Isle of Man government, Ivanti Endpoint Manager, J. Banks Design, Jackpot Junction, Jacksonville Medical Care, James & Sons Fine Jewelers, Jamjoom Pharma, Janco Steel, Jani-King International, Inc, Jet Ice, Jordan Kuwait Bank, Ju Percussion Group, Julia Evans Accountants, Just Concrete & Masonry, Karachi Port Trust, Kasb Bank, Kaye Lifestyle Homes, Kelly & Associates Insurance Group, Kenworth Del Sur, Khan Academy, Kickidler, KiloEx, King Industries Inc, Kintetsu World Express, Kittrich Corporation, Korea Land and Housing Corporation, KraftKisarna, Kuala Lumpur International Airport, Kyiv Notaries, LabHost, Laboratory Services Cooperative, Lake HVAC, Lake Shore Paving, Lamberti Group, Landmark Admin, Langer & Langer, Langflow, Law Firm of Rochelle McCullough, Law Offices of Chris M. Ingram, Lee Valley Tools, Ltd, Legends International, Lemonade, Lexmark CX331adwe, Limestone District School Board, Lincoln Financial, Lithium Americas, LockBit Ransomware Group, Long Beach Convention and Entertainment Center, Loretto Hospital, Luxion KeyShot, Machu Picchu Foods, Madison School District, Magento, Malaysia Airports Holdings Berhad, Manchester Credit Union, Marc Irwin Sharfman, MD, PA, Marks & Spencer, Marsicovetere & Levine Law Group, Mashburn Construction, Masimo Corporation, Mataró Water Utility Company, MATE Desktop, McElwee Firm, MedDream PACS Server, MedDream WEB DICOM Viewer, MedEx Ambulance, Medical Express Ambulance Service, Megachem Singapore, Mercer County Joint Township Community Hospital, Merri-Makers, Microsoft 365 OAuth, Minyard Morris LLP, Mission Laguna Pathology Medical Group, Monongalia Health System, Mountain View Mushrooms, Movistar Venezuela, Mt. Baker Imaging and Northwest Radiologists, MTN Group, Munich Re, Municipality of Pisa, N8XT, Nagios Log Server, NASCAR, National Social Security Fund (CNSS) of Morocco, Nationwide Recovery Services, Nelson University, Neurological Institute of Savannah & Center for Spine, Nevada Ready Mix, New York Post, Newport Advisory, LLC, Nintendo, Nippon Life Mutual Fund, Nixon, Inc, North Kitsap School District, Northeast Georgia Health System, Northern California Children’s Therapy Center, Nova Scotia Power, Nth Degree, O’Brien & Ryan, OCH Regional Medical Center, Oettinger Brewery, Omni Healthcare Financial Holdings, OnRPG, Onsite Mammography, Oracle, Oracle VirtualBox, Orange County Medical Group Pathology, Oregon Department of Environmental Quality, Orthopaedic Specialists of Connecticut, OttoKit WordPress plugin, Output Messenger, Oversea Casing, Pacific Metallurgical, Palo Verde Hospital, Pawnee Heights Unified School District, Pearson, PESEL, Pharma Force, Pienaar Brothers, Planet Technology Industrial Switches, Planned Parenthood, Plastic Surgery Specialists of Lawrence, PlayStation, Port of Seattle, PR TIMES, Pratt Homes, Premier Meats South Africa, Prestonwood Baptist Church, Inc, Promenade Village Dental, Pryor Morrow, Pulse Urgent Care Center, Qraved, R&N Manufacturing, Radford University, Radware Cloud Web Application Firewall, Raw, Rayle Electric Membership Corporation, Red Chamber, RFID, Richmond СPA, Roblox, Rockwell Automation Industrial Data Center, Rocky View Schools, Roman Catholic Bishop of San Diego, Ruby Servers, Russell Child Development Center, Saint James Hospital Group, Sally B Gold, Salus Group, Samsung phones, Samsung Galaxy S24, Samsung Germany, Samsung MagicINFO 9 Server, San Francisco Campus for Jewish Living, San Francisco crosswalk system, Santa Cruz Properties, SAP NetWeaver, SavantCare, Scharnhorst Ast Kennard Griffin PC, Schultz Industries Inc, Scrubs & Beyond LLC, SeaCMS, Seneca Gaming, Sensata Technologies, Sentara Health, SentinelOne, Setpoint Systems, Seydel Companies, Shinko Shoji, Shopify, Shrader Law, Silgan Containers, SIMCO Electronics, Sinalisa Segurança Viária Ltda, SK Inc, SK Telecom, SogoTrade, Inc, SonicWALL Connect, SonicWall SMA, Sonos Era 300, Sonrisas Dental Health, South African Airways, South African IT, Southern Fidelity, Springer & Steinberg, St Anthony Hospital, St Clair Orthopaedics & Sports Medicine, St James Hospital, Study Hotels, Sunsweet Growers Inc, Sweet Shop USA, Synology BeeStation BST150-4T, Synology DiskStation DS1823xs+, Synology TC500, SysAid, T-Mobile, Takeda, TehetségKapu, TeleMessage, Tenda AC9, Tesla Model 3, Tesla Model S, Texas Health and Human Services Commission, The City of Long Beach, CA, The Fortune Society, The Michelson Organization, Thompson Coburn LLP, Thrive Physical Therapy Partners, TicketToCash, TikTok, TMA Group, Toppan Next, Toronto District School Board, Town of Orangeville, Traefik, Trend Micro Apex Central, Trend Micro Deep Security, Troicare College, True Dental Care for Kids and Adults, TrussWorks International, Tänzer GmbH, Ubiquity UniFi Protect Cameras, UK Department of Work and Pensions, UK Legal Aid Agency, Union Health System, Inc, UniTrak, Universal Window, Urban One, Urban Renewal Authority, US Claims Capital, Inc, US Office of the Comptroller of the Currency (OCC), Vanni and Humphrey, Vastaamo, VeriSource Services, Inc, Verrex, Versa Networks, Via Credit Union, Vicarage Court Solicitors, Victure RX1800, Virtuvian Health, Voigt-Abernathy Company, Wan Hai, Wazuh server, WDEF-TV, Webmin, Weil Construction, Weir Canyon Honda, West Lothian Council, Western New Mexico University, Western Sydney University, Whiteboard Technologies Pvt Ltd, Whitman County Public Hospital District No 3, Wilmington Personal Injury Lawyer – DPLAW, Windows Common Log File System, Windows NTLM hashes, Wisconsin Supreme Court, Wizz Air, Wolters Kluwer, WooCommerce, WordPress AIHub theme, WordPress BuddyBoss Platform Pro plugin, WordPress Flynax Bridge plugin, WordPress InstaWP Connect plugin, WordPress Smart Product Review plugin, WordPress UrbanGo Membership plugin, WorkComposer, WPM Pathology Laboratory, Chartered, XP Investimentos, XRP Ledger NPM Package (xrpl.js), Yale New Haven Health, Yankee Trails, Yodogawa Steel, Yokogawa Recorder, Young Consulting LLC, ZKsync, and Zoom remote control have reported hacking or compromises this month.

4chan, Atlassian Jira, Coinbase 2FA, Exchange Admin Center, Microsoft 365, and pretty much all of Spain (and some neighboring countries) less than a week after bragging about how they were finally able to run on 100% renewable energy, have suffered from outages this month.

By the way, did you know that 4chan was mostly run by the US government? Duh.

Last months updates broke
Broadcom Brocade Fabric OS, Classic Outlook calendar, Classic Outlook typing, Hitachi Vantara, Microsoft 365 “paste special”, Microsoft Entra ID, Microsoft Office, Microsoft Office 2016, Microsoft Outlook online, SAP NetWeaver, SharePoint Online, Windows 10 Start Menu, Windows 11 24H2 upgrades, Windows Domain Controllers, Windows Hello for Business (WHfB) Key Trust, Windows kernel, Windows Remote Desktop, Windows Server 2025, and the Win Recovery Environment (WinRE).

A Florida bill that would have required backdoors to any encryption for social media accounts has failed.

AT&T will be the first of the big telcos to drop their email-to-sms gateway – in only about a month. You’ll still be able to send emails to email addresses and text to and from cell numbers, but their gateway that allows you to send messages between email and text will be disabled in mid June. This should have a massive impact on the amount of spam received by AT&T mobile customers. It will not stop it, of course.

Broadcom is threatening to sue their own customers for installing security updates in VMware.

Your heated car seats (among other features) are exposing you to law enforcement tracking.

IPv6 makes MitM easy.

Kali Linux lost their repo signing key, requiring manual end-user intervention to install security updates.

CISA is “trimming the fat” by removing some of their communication methods (even though I’m sure they were fully automated). This is going to disrupt important intelligence resources for those in the tech industry.

Skype is dead. Microsoft will finally start killing off ActiveX in Office and Microsoft 365. All new Microsoft accounts will now be “passwordless” by default.

I’ve been warning about the Copilot AI storage access risks since they changed their Terms of Service in October. My fears were justified. Microsoft will no longer “accidentally” flag all Gmail messages as spamOr Adobe.

In the wake of a study that demonstrates how easy it was for AI to manipulate Reddit users, Reddit is considering legal action to protect their victims, I mean, users.

Android and Apple both now have auto-reboot to reduce the effectiveness of brute force attacks.

Apple is getting spanked for violating the letter and the intent of the judge’s order following the Apple v Epic Games lawsuit from a couple years ago.

BIG NEWS: US Attorney for the District of Columbia, Ed Martin, calls out Wikimedia Foundation (Wikipedia) for violating 501(c)(3) status by allowing propagandists to flood platform. He gave them until May 15th to turn over documents.

Google is finally consolidating all of it’s country TLDs to use “google.com“. Google will pay $1.4 billion to Texas to settle claims the company collected users’ data without permission. Google’s updated Local Services Ads Terms have sparked privacy fears and threaten confidentiality in medical and legal sectors. Google would never really harvest all of your medical data though, right? LOL.

Now for the good news:

T-Mobile has added satellite-based 5G support to their lineup. While currently in beta, this signals a huge improvement to coast to coast, and in fact world-wide, phone support using Starlink’s satellites to back up your 5G service when no towers are available (like when there’s a power outage or localized service issue or when you live in the middle of nowhere).

I suspect this mean Elon will soon be buying T-Mobile.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is insane this month. The typical computer should see roughly 6 GB in updates today. Let’s get started.

Microsoft released 48 updates to address 83 vulnerabilities in .NET, Active Directory Certificate Services, Azure, Azure Automation, Azure DevOps, Azure File Sync, Azure Storage Resource Provider, Build Tools for Visual Studio, Microsoft Brokering File System, Microsoft Dataverse, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Edge, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office PowerPoint, Microsoft Office SharePoint, Microsoft PC Manager, Microsoft Power Apps, Microsoft Scripting Engine, Remote Desktop Gateway Service, Universal Print Management Service, UrlMon, Visual Studio, Visual Studio Code, Web Threat Defense, Windows Ancillary Function Driver for WinSock, Windows Common Log File System Driver, Windows Deployment Services, Windows Drivers, Windows DWM, Windows File Server, Windows Fundamentals, Windows Hardware Lab Kit, Windows Hyper-V, Windows Installer, Windows Kernel, Windows LDAP, Windows Media, Windows NTFS, Windows Remote Desktop, Windows Routing and Remote Access Service, Windows Secure Kernel Mode, Windows SMB, Windows Trusted Runtime Interface Driver, Windows Virtual Machine Bus, Windows Win32K – GRFX, and MSRT. This includes security updates. A reboot is required.

Oracle released 378 security updates this quarter to address vulnerabilities in 117 products.

Apple released updates for macOS Sequoia 15.4.1, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, Safari 18.5, iOS 18.4.1, iOS 18.5, iPadOS 17.7.7, iPadOS 18.4.1, iPadOS 18.5, tvOS 18.4.1, tvOS 18.5, visionOS 2.4.1, visionOS 2.5, and watchOS 11.5. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 18.4.1 and 18.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 17.7.7, 18.4.1 and 18.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.5 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.4.1 and 18.5 are security updates. Use System, Software Update to install the most current version.

visionOS 2.4.1 and 2.5 are security updates. Use System, Software Update to install the most current version.

Google ChromeOS 134.0.6998.198, ChromeOS 135.0.7049.120, and ChromeOS LTS 132.0.6834.223 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 42.0 is a major update (leaning hard into “42”), with changes to the installer, updates to libraries, defaults and now offering COSMIC. This is not a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 25.5.1 adds support for newer hardware, improves performance and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 11.03 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Daemon Tools Lite 12.3.0 resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

GoXLR Utility 1.2.2 resolves several bugs. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

Intel Driver and Support Assistant 25.2.15.9 is a security update.
https://www.intel.com/p/en_US/support/detect

UniFi Network Server 9.1.120 is a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.2.8.1 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.78.97 is a security update.
https://brave.com/

Google Chrome 136.0.7103.92 is a security update.
https://www.google.com/chrome/

Firefox 138.0.3 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.10.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 7.3.3635.12 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

OutlookAttachView 3.54 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.22.9.106186 improves Team support and resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.22.9.106183 improves Team support and resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 138.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.5.4 resolves several bugs. This should be treated as a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 9.0.2 resolves several bugs. This should be treated as a security update.
https://anydesk.com/en/downloads

Discord May 1, 2025 resolves dozens of bugs. This is not a security update.
https://discord.com/download

Dropbox 223.4.4909 resolves several bugs. This is not a security update.
https://www.dropbox.com/

FileZilla Client 3.69.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FileZilla Server 1.10.3 resolves several bugs. This is not a security update.
https://filezilla-project.org/

Google Drive 108.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

MeshCentral 1.1.44 resolves dozens of bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.8.00.9760 improves GUI and resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 31.0.4 resolves dozens of bugs. This should be treated as a security update.
https://nextcloud.com/

Nmap 7.97 is a security update.
https://nmap.org/

Npcap 1.82 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

Pocketnet-Core 0.22.17 resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.9.119 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.69.2 is a security update.
https://rclone.org/

Signal 7.53.0 adds new device attachment transfer and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.41.3 doesn’t provide a detailed change log so should be treated as a security update.
https://signal.org/android/apk/

Syncthing 1.29.6 resolves several bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 13.6 resolves several bugs. This is not a security update.
https://technitium.com/dns/

Telegram 5.14.2 resolves a compatibility bug and adds marketplace sales. This is not a security update.
https://telegram.org/

WinSCP 6.5.1 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 6.4.6.64360 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.17 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.3.8 resolves a series of crash bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 306 adds remote sync and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

Plex Media Server 1.41.6.9685 adds DOVI filter and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.80.3 should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 20.0.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2025.429 adds audio focus and new themes. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.05.10 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2025.05.06 improves compatibility, resolves several bugs, and updates libraries. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.12 and 24.0.9 are security updates.
https://helpx.adobe.com/security/products/animate/apsb25-42.html

Adobe Bridge 14.1.7 and 15.0.4 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb25-44.html

Adobe ColdFusion 2021.20, 2023.14, and 2025.2 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html

Adobe Connect 12.9 is a security update.
https://helpx.adobe.com/security/products/connect/apsb25-36.html

Adobe Dimension 4.1.2 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb25-45.html

Adobe Dreamweaver 21.5 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb25-35.html

Adobe Illustrator 28.7.6 and 29.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb25-43.html

Adobe InDesign 19.5.3 and 20.3 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb25-37.html

Adobe Lightroom 8.3 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb25-29.html

Adobe Photoshop 25.12.3 and 26.6 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb25-40.html

Adobe Reader DC 25.001.20467 resolves several bugs. This is not a security update.
https://get.adobe.com/reader

Adobe Substance 3D Modeler 1.22.0 is a security update.
https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-51.html

Adobe Substance 3D Painter 11.0.1 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb25-38.html

Adobe Substance 3D Stager 3.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-46.html

Artweaver 8.0.4 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Calibre 8.4.0 resolves several bugs and improves compatibility. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.05.1 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

Inkscape 1.4.2 resolves dozens of bugs. This is not a security update.
https://inkscape.org/release/

LibreOffice 24.8.7 resolves over a dozen bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 25.2.3 resolves over sixty bugs. This is not a security update.
https://www.libreoffice.org/

Manager 25.5.8.2317 does not provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.16.4 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.8.1 resolves over a dozen bugs and improves colorization. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.6.0.396 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

Scribus 1.6.4 resolves several bugs. This is not a security update.
https://www.scribus.net/

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

ChromeOS 134.0.6998.198 and ChromeOS 135.0.7049.120 are security updates.

Fedora 42.0 is a major update (leaning hard into “42”), with changes to the installer, updates to libraries, defaults and now offering COSMIC. This is not a security update.
https://getfedora.org/en/workstation/download/

iOS 18.4.1 and 18.5 are security updates.
https://support.apple.com/kb/HT204204

iPadOS 17.7.7, iPadOS 18.4.1, and iPadOS 18.5 are security updates.
https://support.apple.com/kb/HT204204

macOS Sequoia 15.4.1, macOS Sequoia 15.5, macOS Sonoma 14.7.6, and macOS Ventura 13.7.6 are security updates.
https://support.apple.com/kb/HT201541

Tails 6.14.2 and Tails 6.15 are security updates.
https://tails.net/install/download/index.en.html

tvOS 18.4.1 and tvOS 18.5 are security updates.
https://support.apple.com/kb/HT202716

visionOS 2.4.1 and visionOS 2.5 are security updates.
https://support.apple.com/en-us/122721

watchOS 11.5 is a security update.
https://support.apple.com/en-us/122722

Security Software Updates

One or more of these is likely to be of interest to most people.

FRSTx64 2025.5.9 doesn’t provide a detailed change log so should be treated as a security update.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

HTTP Toolkit 1.20.1 doesn’t provide a detailed change log so should be treated as a security update.
https://httptoolkit.tech/

JShelter 0.20.2 improves privacy and resolves several bugs. This is not a security update.
https://jshelter.org/install/

MalwareBytes Desktop Security 5.3.0.186 resolves several bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.5.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

PassRec 3.65 updates included apps. This is not a security update.
https://www.nirsoft.net/password_recovery_tools.html

RogueKiller 16.1.3 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.347 adds and improves detections. This should be treated as a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

uBlock Origin 1.64.0 resolves a couple bugs and adds several new scriptlets and controls. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

WebBrowserPassView 2.15 adds support for app-bound encryption in recent Chrome releases. This is not a security update.
https://www.nirsoft.net/utils/web_browser_password.html

Capture Updates

These are unlikely to be of interest to most people.

Camtasia 25.1.1 resolves a startup crash. This is not a security update.
https://www.techsmith.com/video-editor.html

SnagIt 25.1.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.4.0 adds support for newer encodings and adds an AI upscaler. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 5.6 adds support for new media formats, a new Preview mode, and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

PDF Creator 6.0.0 is a major update, switching to newer libraries, adds document previews, SharePoint integration, and resolves a couple bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.2.3.5 improves compatibility, adds support to download from several new sources, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.1.6 adds SDR and new output formats, resolves several bugs and improves subtitle and Face Enhancer. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.76 resolves a couple bugs and improves error messages.
https://1password.com/downloads/

Agent Ransack 2022.3517 improves favorites list, cosmetics and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Beyond Compare 5.0.7.30840 improves cosmetics, updates libraries, and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download

Bitwarden 2025.4.2 resolves several bugs. This is not a security update.
https://bitwarden.com/

CalyxOS Device Flasher 1.1.1 is a security upate.
https://calyxos.org/install/

CrucialScan 20250424 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/store/systemscanner

Cygwin 3.6.1 resolves several bugs. This is not a security update.
https://cygwin.com/

DesktopOK 11.81 improves cosmetics. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.5.8.0 updates libraries. This is a security update.
https://dngrep.github.io/

Etcher 2.1.2 removes analytics. This is not a security update.
https://www.balena.io/etcher/

FileLocator Pro 2022.3517 improves favorites list, cosmetics and resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FoneTool 3.0.0 is a major update that adds a new “My Devices” interface, improves iPhone to PC interface, and resolves a couple bugs. This is not a security update.
https://www.fonetool.com/download.html

Free Virtual Serial Ports 6.22.00.1498 resolves several bugs. This is not a security update.
https://freevirtualserialports.com/

GoodSync 12.8.8 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.26 improves hardware detection and reporting. This is not a security update.
https://www.hwinfo.com/download/

HWMonitor 1.57 adds support for newer hardware and resolves a couple bugs. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

Kingston SSD Manager 1.5.5.3 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

NTLite 2025.04.10406 adds Power Plan integration support, improves registry writes, updates components and resolves a bug. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.1.1007 improves performance and resolves a couple bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.17.0 resolves over a dozen bugs and updates libraries. This is not a security update.
https://osquery.io/downloads

Password Security Scanner 1.63 adds support for app-bound passwords in recent Chrome releases. This is not a security update.
https://www.nirsoft.net/utils/password_security_scanner.html

PowerToys 0.90.1 resolves several bugs and updates libraries. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.6.8 improves update process and adds support for Google Workspace SSO. This is not a security update.
https://www.roboform.com/

Rufus 4.7 resolves several bugs and improves UEFI detection and download. This should be treated as a security update.
https://rufus.ie/en_US/

ScreenConnect 25.2.4.9229 is a security update. Updates were released for other “recent” versions as well so you’re not forced to upgrade to the Canary version that breaks several other features.
https://screenconnect.connectwise.com/download

SimpleWMIView 1.56 adds Black Background support. This is not a security update.
https://www.nirsoft.net/utils/simple_wmi_view.html

SmartMonTools 7.5 adds dozens of new diagnostic objects and reporting elements and improves reliability and performance. This is not a security update.
https://smartmontools.org/

Starwind V2V Converter 9.755 adds CLI conversion support. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

SysinternalsSuite 2025.5.5 updates RDCMan. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/

TeamViewer 15.65.6 resolves a bug. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WinGet 1.10.390 improves end-to-end support for Entra ID, configuration file controls, and resolves several bugs. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 9.33 improves hardware support and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

XnConvert 1.105.0 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2025 2025.2504.25.400 improves performance, multi-monitor support, and resolves several bugs.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 9.0.4 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

ADB 36.0.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2024.3.2.14 resolves several bugs. This is not a security update.
https://developer.android.com/studio

cx_Freeze 8.3 updates libraries. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GameMaker Studio 2024.13.1.193 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.5.230 resolves several bugs. This is not a security update.
https://gdevelop.io/download

GitHub Desktop 3.4.19 resolves over a dozen bugs. This is not a security update.
https://desktop.github.com/

Go 1.24.3 is a security update.
https://go.dev/

Inno Setup 6.4.3 improves restore operations, resolves seeral bugs, and adds a new tool for ECDSA P-256 support. This is not a security update.
https://www.jrsoftware.org/isdl.php

Java 8u451 is a security update.
https://www.java.com/en/download/manual.jsp

Node.js 20.19.1 updates libraries. This is not a security update.
https://nodejs.org/en/

Node.js 22.15.0 updates libraries and resolves several bugs. This is a security update.
https://nodejs.org/en/

Rustup 1.28.2 improves download stack and management controls. This is not a security update.
https://www.rust-lang.org/

SQLite 3.49.2 resolves several bugs. This should be treated as a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.100.1 is a security update.
https://code.visualstudio.com/

WinMerge 2.16.48.2 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.1.8 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 5.3.0 resolves over a dozen bugs and improves compatibility. This is not a security update.
https://www.adminer.org/en/

Joomla 5.3.0 improves email templates, media management, scheduled tasks, read more, accessibility and compatibility. This is not a security update.
https://www.joomla.org/

YOURLS 1.10.1 resolves several bugs. This is not a security update.
https://yourls.org/

WordPress 6.8.1 resolves over a dozen bugs. This is not a security update.
https://wordpress.org/

bbPress 2.6.13 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/bbpress/

Contact Form 7 6.0.6 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

My Sticky Bar 2.8.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Show IDs 1.1.11 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

Sucuri Security 2.1 resolves a couple bugs and adds support for several new scanners. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2025-04-08

Happy Easter, Folks!

Today is Patch Tuesday for April, 2025.

It’s as safe as it’s going to be to upgrade to Windows 11 24H2 or macOS 15/Sequoia.

If your Windows 10 (or older) computer can not be upgraded to Windows 11, or if you used a registry or installation bypass to install an older version of Windows 11 on it that is no longer supported, then it’s time for you to start looking for a replacement computer. Actually, the time was 3 months ago. Pickin’s are thin right now. 🙁

There were 320+ major hacks, and over 360 application updates this month. It’s a relatively small month, with about 2.5 GB of updates for most users.

This Month in Technology

13cabs, 9,300 WordPress websites (ClearFake), 150,000 WordPress websites (DollyWay), 70mai A510, Abracadabra, Access TeleCare, Adobe Acrobat Reader, ALN Medical Management, Amazon AWS CloudFormation, AMI MegaRAC, an Asian telecom, Android, Apache Parquet, Apache Pinot, Apache Tomcat, APIsec, Apple macOS, Apple Passwords app, Apple WebKit, Arista NG Firewall, Around the Clock Companies, Arts Council England, Ascoma Group, Association of Superannuation Funds of Australia, Astral Foods, Atlantis Operating LLC, Atlas CPAs & Advisors, Atutech, AustralianSuper, Autodesk AutoCAD, Autodesk Navisworks, Autodesk Payapps, Baidu, Bank of China, Barebox, Baylor Scott & White Texas Spine & Joint Hospital, Bdrive NetDrive, BDSM People, Beacon Health System, BEC Technologies Routers, Bigfork Valley Hospital, Blue Shield of California, Boulanger, Brave browser, Brish, Brocade Fibre Channel switches, BTS member Jungkook, Buckinghamshire Council, Bybit, California Cryobank, Canon printers, Capilano University (CapU), Cardiff City Council Department of Children’s Services, Cargills Bank, CarlinKit CPC200-CCPA, CDHA Management, Center for Digestive Health, CHC Solutions, Inc, Check Point, Check Point ZoneAlarm, Cherokee County School District, Chica, Choco Tei Camera, Chord Specialty Dental Partners, Chrome, Cisco IOS XR, Cisco Smart Licensing Utility, City of Lubbock, Ciuni & Panichi, Clinic’s Patient Management System, Cloudflare WAF, Columbia Eye Clinic, Compumedics, Concord Orthopaedics, Costa Rican President’s YouTube, Cottrill’s Pharmacy, Crossroads Trading Co, CrushFTP, CSG Consultants, D&S Insurance Agency, Dameron Hospital, DBS Signapore, Dell Unity, Dignity Health Lassen Medical Clinic, Dove Healthcare, DrayTek routers, Drugs.com, Dutch Public Prosecution Service, Edimax Cameras, El Camino Real Academy, Eprice, Erickson Companies, ESET security, ESHYFT, Europcar Mobility Group, Everest ransomware gang, Exim, Facebook FreeType 2, FacePass, Fidelity Life, First City Credit Union, Food For The Poor, Fortinet FortiWeb, French Department of Education, Gay Daddy, Georgia Urology, German Doner Kebab, Gilead Sciences, GIMP, GitLab Community Edition, GitLab Enterprise Edition, Google Quick Share, Grede Holdings, Growatt, GRUB2, Guardian Life Insurance, Hamilton County, Hand & Plastic Surgery Centre, Harcourts Prime Properties, Health NZ, HealthEquity, Hellenic Open University, HHH Acquisition, LLC, Highline Public Schools, Hillcrest Convalescent Center, Hokkaido Jalan, Houston Housing Authority, Houston Surgery Center, HTW Dresden, Hydro-Vacuum SA, ImagineX, Infosys McCamish Systems, Insignia, IOU Financial, Iraqi Council of Ministers, Iraqi Ministry of Finance, Islamic Republic of Iran Shipping Company, Ivanti Connect Secure, Jaguar Land Rover, Jira, Junos OS, Karl Malone Auto Group, Keeco Home, Klickitat Valley Health, Korea Aerospace Research Institute, Kronick Moskovitz Tiedemann & Girard, Kuala Lumpur Airport, Kubernetes Ingress Nginx Controller, LA Financial Federal Credit Union, Laborers’ International Union of North America, Local 1184, Lafayette Federal Credit Union, Lake Psychological Services, Lake Washington Vascular, Lee University, Legacy Professionals LLP, Lena Pope Home Inc, LensDeal, Lexipol, Life University, LiUNA, Lloyds Bank, Lukoil, Luxion KeyShot, Lyon Living, Lyon Management Group, M.A.D Mobile, Madison County, Mississippi, Malaysia Airports Holdings Bhd, Marina Bay Sands Singapore, Mark Thomas, Medway Community Healthcare, Meigs County Emergency Medical Services, MercadoLibre, Mercer County Joint Township Community Hospital, Merkur, Microsoft Exchange Online and M365, Microsoft SharePoint, Microsoft’s Trusted Signing platform, Microsoft’s Visual Studio Code Marketplace, Millennium Home Health Care, Mirror Mirror Beauty Boutique, Mission Bell Mfg, Mission, Texas, Monro, Inc, Morton Golf LLC, mySCADA myPRO, NAKIVO Backup & Replication, National Defense Corporation, National Iranian Tanker Company, NetApp SnapCenter, Nevro, New Era Life Insurance Companies, New South Wales Court Registry, New York University (NYU), NewAgeSys, NexOpt, Next.js, NI FlexLogger, NI Vision Builder AI, Nice Healthcare, Northern Ireland Commission, Northwest Retirement Plan Consultants, NTT, Numotion, NVIDIA Riva, OBI Seafoods, Oracle Cloud (from 2017!), Oracle Health, OrthoMinds, Pacific Residential Mortgage, Palmetto Subacute Care Center, Palo Alto Deep Packet Inspection, PAR Rehab, Parascript, Parcel Plus, PDF-XChange Editor, Pennsylvania State Education Association, pgAdmin, Pinehurst Radiology Consultants, Pineland Community Service Board, Pink, Port of Seattle, Presbyterian Health Plan, Progress Software Kemp LoadMaster, PTS News, Rakuten Securities, RansomHub, Red Lion Borough, PA, Rinehart Dentistry, Riverdale Joint Unified School District, Rodl Management, Royal Mail, SAG-AFTRA Health Plan, Sam’s Club, Samsung Germany, Sentara Health, Shopify Collabs, Shopify Pitchfork, Siegel Group, Siemens Simcenter, SimonMed, SIR.trading, SMA, Smart ERP Solutions, SoloPoint Solutions, Southeast Series of Lockton Companies, Spark DSO, SpotBugs, SpyX, St. Joseph’s College of Maine, State Bar of Texas, State of California, Department of Child Support Services, STE Group, STMicroelectronics X-CUBE, Stram Center for Integrative Medicine, StreamElements, Sungrow, Sydney Tools, Tata AIG, Tata Technologies, Tesla, TFE hotels group, Thailand Post, The Junction Casino Hotel, The Pension Specialist, Three Rivers Hospital, Toppan Next Tech, Topy America Inc, Tor Browser, Translove, Trend Micro Cleaner One, Trinity Petroleum Management, Troy Hunt’s Mailchimp List, Twilio SendGrid, Twitter (X), U-Boot, UAE Water & Electric Power, Ubuntu Linux, Ukrzaliznytsia, Ulrich Investment Consultants, Union County, United Domestic Workers of America, United Faith Ministries, United Seating and Mobility, Unitree Go1 robot dogs, University Diagnostic Medical Imaging, University of Notre Dame Fremantle, Urban Dictionary, Verizon Call Filter, VF Outdoor, Virginia Attorney General’s Office, Vista Point Mortgage, Vitenas Cosmetic Surgery, VMware Tools for Windows, Vroom, Watcher Guru, Welts, White, & Fontaine, WEMIX, Wesizwe, Western Alliance Bank, Western Wayne Family Physicians, WhatsApp, Whitman Hospital & Medical Clinics, WideOpenWest, William F Rinehart DMD PA, Windows, Windows Kernel, WinRAR, WK Kellogg Co, Woori Card, Word & Brown Insurance Administrators, WordPress Simple WP Events plugin, WordPress WooCommerce plugin, WordPress WP Ghost plugin, WordPress WP RealEstate plugin, WordPress WP Ultimate CSV Importer plugin, X.Org Server, Xen HVM, YAP Health Services, Yucatán Government, ushin America, zkLend hacker (lol), and Zoth Protocol have reported hacking or compromises this month.

ChatGPT, Cloudflare R2, DrayTek routers, Microsoft Exchange Online, Moscow Metro, and Naval Station Norfolk have suffered from outages this month.

Last months updates broke Microsoft Snipping Tool, Remote Desktop, security services including SenseShield on Windows 11 24H2, the ability to return to Outlook “Classic”, USB printers, Veeam recovery, and VMware Workstation updates.

23andMe has filed for bankruptcy, but not before they created plans to sell off all your DNA details.

Apple broke their N+2 trend and released security updates for much older devices to address critical vulnerabilities.

DoH (DNS over HTTPS) is being used to hijack mail accounts with extremely well-targeted phishing pages. How effective are phishing websites? Effective enough to get even the creator of Have I Beep Pwned to fall for it.

Microsoft has changed their mind on disabling WSUS driver sync. Microsoft is testing a new “quick machine recovery” platform to recover from buggy driver updates preventing the operating system from booting. Microsoft is removing the BypassNRO script from Windows 11 installers, but the underlying registry settings will still be available (for now).

Now for the good news:

Linux is making headway – more than 2% of devices running Steam are now actively using Linux.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is relatively small this month. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released 78 updates to address 128 vulnerabilities in Active Directory Certificate Services, Active Directory Domain Services, ASP.NET Core, Azure Local, Azure Local Cluster, Azure Portal Windows Admin Center, DirectX Graphics Kernel, HTTP.sys, Kerberos Key Distribution Proxy, Microsoft AutoUpdate (MAU), Microsoft Dynamics Business Central, Microsoft Edge, Microsoft Edge for iOS, Microsoft Excel, Microsoft Message Queuing (MSMQ), Microsoft Office, Microsoft Office Excel, Microsoft Office OneNote, Microsoft Office SharePoint, Microsoft Office Word, Microsoft OneNote, Microsoft SharePoint, Microsoft Streaming Service, Microsoft System Center, Microsoft Virtual Hard Drive, Microsoft Word, OpenSSH for Windows, Outlook for Android, Remote Desktop Client, Remote Desktop Gateway Service, RPC Endpoint Mapper Service, Servicing Stack Updates, Visual Studio, Visual Studio Code, Visual Studio Tools, Windows Active Directory Certificate Services, Windows BitLocker, Windows Bluetooth Service, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Defender Application Control (WDAC), Windows Digital Media, Windows Hello, Windows Hyper-V, Windows Installer, Windows Kerberos, Windows Kernel, Windows Kernel Memory, Windows Kernel-Mode Drivers, Windows Lightweight Directory Access Protocol (LDAP), Windows Local Security Authority (LSA), Windows Local Session Manager (LSM), Windows Mark of the Web (MOTW), Windows Media, Windows Mobile Broadband, Windows NTFS, Windows Power Dependency Coordinator, Windows Process Activation, Windows Remote Desktop Services, Windows Resilient File System (ReFS), Windows Routing and Remote Access Service (RRAS), Windows Secure Channel, Windows Security Zone Mapping, Windows Shell, Windows Standards-Based Storage Management Service, Windows Subsystem for Linux, Windows TCP/IP, Windows Telephony Service, Windows Universal Plug and Play (UPnP) Device Host, Windows Update Stack, Windows upnphost.dll, Windows USB Print Driver, Windows Virtualization-Based Security (VBS) Enclave, Windows Win32K – GRFX, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iOS 15.8.4, iOS 16.7.11, iOS 18.4, iPadOS 15.8.4, iPadOS 16.7.11, iPadOS 17.7.6, iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, Safari 18.4, tvOS 18.4, visionOS 2.4, watchOS 11.4, and Xcode 16.3. This includes security updates. Use Apple Software Update to install the most current versions.

iOS 15.8.4, 16.7.11, and 18.4 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.8.4, 16.7.11, 17.7.6, and 18.4 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 11.4 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 18.4 is a security update. Use System, Software Update to install the most current version.

visionOS 2.4 is a security update. Use System, Software Update to install the most current version.

Google ChromeOS 134.0.6998.183 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sequoia (15.x) means that macOS Monterey (12.x) and older are no longer supported. If you can not install at least macOS Ventura (13) on your Mac then you should immediately remove your device from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v24H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it. If not, switch to Linux (Mint is nice) or replace your computer.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with a SaferPC Subscription and we will install updates each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

GoXLR Utility 1.2.0 resolves several bugs and improves firmware update. This is not a security update.
https://github.com/GoXLR-on-Linux/goxlr-utility/

Logitech Options 10.24.3 improves compatibility with Microsoft Office. This is not a security update.
https://support.logi.com/hc/en-us/articles/360025297893

TP-Link Archer AX73 v2.0 250210 is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.77.95 is a security update.
https://brave.com/

Firefox 137.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 128.9.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 135.0.7049.52 is a security update.
https://www.google.com/chrome/

Vivaldi 7.3.3635.7 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.22.6.104601 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.22.6.104600 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 137.0.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 9.5.0 resolves more than a dozen bugs and improves multiple monitor support and AnyDeskOne compatibility. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 9.0.1 is a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.60 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.13.0 improves debugging and resolves nearly 300 bugs. This should be treated as a security update.
https://curl.haxx.se/windows/

Discord April 3, 2025 resolves dozens of bugs. This is not a security update.
https://discord.com/download

Dropbox 221.4.5365 resolves a cosmetic bug. This is not a security update.
https://www.dropbox.com/

FileZilla Server 1.10.1 resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 14.3 adds IDN support and resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 106.0 now officially supports ARM64 on Windows. This is not a security update.
https://drive.google.com/start

Grocy Desktop 2.14.0 improves compatibility. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.43 resolves several bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.8.00.6262 adds one-time passcode authentication, Storyline integration, chat controls and increases attendees to a max of 50,000 for Premium. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 31.0.2 updates libraries and resolves dozens of bugs. This is not a security update.
https://nextcloud.com/

Pocketnet-Core 0.22.14  resolves several bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.9.116 is a security update.
https://pocketnet.app/

Signal 7.49.0 now synchronizes recent activity to new devices. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.38.7 now synchronizes recent activity to new devices. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.29.4 resolves a couple bugs. This is not a security update.
https://syncthing.net/

Technitium DNS Server 13.5  resolves several bugs and implements new features. This is not a security update.
https://technitium.com/dns/

Telegram 5.13.1 resolves a crash bug. This is not a security update.
https://telegram.org/

WinSCP 6.5 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

Zoom 6.4.3.63669 resolves several bugs. This is not a security update. The recent 6.4 update adds dozens of new features and a new user interface – it is also a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.16 adds several new 3D environments. This is not a security update.
https://en.3tene.com/

Grayjay 291 adds search and sorting to playlists, improves filters and search, and resolves several bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.7.1 improves compatibility. This is a security update.
https://www.apple.com/itunes/download/

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Bedrock) 1.21.72.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.21.5 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

PS5 2025.314 improves compatibility and parental controls. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2025.04.01 improves compatibility and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS SteamDeck Update 2025.03.31 improves compatibility and resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe AEM Forms 6.5.22.0 is a security update.
https://helpx.adobe.com/security/products/aem-forms/apsb25-27.html

Adobe AEM Screens 6.5 FP11.4 is a security update.
https://helpx.adobe.com/security/products/aem-screens/apsb25-32.html

Adobe After Effects 24.6.5 and 25.2 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb25-23.html

Adobe Animate 23.0.11 and 24.0.8 are security updates.
https://helpx.adobe.com/security/products/animate/apsb25-31.html

Adobe Bridge 14.1.6 and 15.0.3 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb25-25.html

Adobe ColdFusion 2025.1, 2023.13 and 2021.19 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html

Adobe Commerce B2B 1.5.2, 1.4.2-p5, 1.3.5-p10, 1.3.4-p12, and 1.3.3-p13 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-26.html

Adobe Commerce 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, and 2.4.4-p13 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-26.html

Adobe FrameMaker 2020.8 and 2022.6 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb25-33.html

Adobe Magento Open Source 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, and 2.4.4-p13 are security updates.
https://helpx.adobe.com/security/products/magento/apsb25-26.html

Adobe Media Encoder 24.6.5 and 25.2 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb25-24.html

Adobe Photoshop 26.5 and 25.12.2 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb25-30.html

Adobe Premiere Pro 25.2 and 24.6.5 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb25-28.html

Adobe XMP Toolkit SDK 2025.03 is a security update.
https://helpx.adobe.com/security/products/xmpcore/apsb25-34.html

Aronium 1.45.0.1 resolves a bug in the Z report. This is not a security update.
https://aronium.com/

Artweaver 7.0.18 is a security update.
https://www.artweaver.de/

Audacity 3.7.3 resolves several bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 8.2.1 improves compatibility and resolves a couple bugs. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.05.0 adds several new syntax controls. This is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GIMP 3.0 is a major update (the first in 7 years!) which adds huge strides in many features and improves compatibility and stability. GIMP 3.0.2 resolves several bugs. This is not a security update.
https://www.gimp.org/

GnuCash 5.11 resolves almost 20 bugs and improves stability. This is not a security update.
https://www.gnucash.org/

LibreOffice 24.8.6 resolves over 30 bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 25.2.2 resolves over 80 bugs. This is a security update.
https://www.libreoffice.org/

Manager 25.4.3.2227 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.16.2 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.7.9 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.1.7 resolves a couple bugs. This should be treated as a security update.
https://www.getpaint.net/

Operating System Updates

These are for specific Linux flavors and alternative operating systems and, sadly, are unlikely to be of interest to most people.

ChromeOS 134.0.6998.183 is a security update.
https://chromereleases.googleblog.com/search/label/Stable%20updates+ChromeOS

iOS 18.4 is a security update.
https://support.apple.com/kb/HT204204

iPadOS 18.4 is a security update.
https://support.apple.com/kb/HT204204

macOS Sequoia 15.4, Sonoma 14.7.5 and Ventura 13.7.5 are security updates.
https://support.apple.com/kb/HT201541

Tails 6.14.1 is a security update.
https://tails.net/install/download/index.en.html

tvOS 18.4 is a security update.
https://support.apple.com/kb/HT202716

watchOS 11.4 is a security update.
https://support.apple.com/kb/HT204641

Zorin OS 17.3 is a huge compatibility update, adds improved alternative detections and suggestions, changes the default browser to Brave, and improves the Zorin Connect app to better function as an input device for the latest Zorin OS release. This should be treated as a security update.
https://zorin.com/os/mirrors/

Security Software Updates

One or more of these is likely to be of interest to most people.

Caine 14.0 improves UEFI support and updates kernel. This is a security update.
https://www.caine-live.net/

Chainsaw 2.12.2 is a housekeeping release. This is not a security update.
https://github.com/countercept/chainsaw

MalwareBytes Desktop Security 5.2.10.182 is a security update.
https://www.malwarebytes.org/antimalware/

ProtonVPN 4.1.10 updates the user interface, adds a list of recent connections to quick access, and adds advanced profile settings such as port forwarding and autolaunch behaviors. This is not a security update.
https://github.com/ProtonVPN/win-app/releases/latest

RogueKiller 16.1.2 expands the monitoring capabilities and improves detection logic. This should be treated as a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.342 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1274 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

uBlock Origin 1.63.2 resolves a major stability issue. This should be treated as a security update.
https://github.com/gorhill/uBlock/releases/latest

Velociraptor 0.74.1 improves the Sigma editor and adds new live event sources. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.41.2 adds AVIF support and resolves a couple bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 25.1.0 updates libraries, improves step capture, smart redact, stability and performance, and resolves several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.3.8 adds support for new encodings and improves OCR detection for subtitles. This is not a security update.
https://www.dvdfab.cn/download.htm

MakeMKV 1.18.1 adds support for new encodings and resolves a couple bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.2.2.8 improves compatibility, adds support for newer playlist and distribution formats, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 3.0.1.2 resolves several bugs and adds faster upscaling model. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 7.0.15 resolves several bugs. This is not a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.70 adds new internetional keyboard layout support. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.8.0 finally adds a built-in update mechanism, improves Windows-To-Go support, and resolves several bugs. This is not a security update.
https://www.diskpart.com/

Bitcoin 28.1 adds new features, bug fixes and performance improvements. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 2025.3.0 adds 2SL login support to the user interface and resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.34.11482 resolves several bugs. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.15 adds support for newer hardware. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.6.0-1 adds several new APIs, improves compatibility and resolves several bugs. This is not a security update.
https://cygwin.com/

Dell Command Update 5.5 adds automatic driver downloads to the Advance Driver Restore operation. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 11.71 resolves a couple bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DiskCheckup 3.6 doesn’t provide a detailed change log so should be treated as a security update.
https://www.passmark.com/products/diskcheckup/

dnGrep 4.4.9.0 resolves several bugs. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2025-03-14 resovles several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Eraser 6.2.0.2996 doesn’t provide a change log so should be treated as a security update.
https://eraser.heidi.ie/download/

ESEDatabaseView 1.78 adds an optional black background. This is not a security update.
https://www.nirsoft.net/utils/ese_database_view.html

Everything Toolbar 1.5.2 improves compatibility and resolves a couple bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

FoneTool 2.10.0 adds support to back up ringtones, improves System Repair and iTunes compatibility and resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

GoodSync 12.8.7 resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.24 adds support for newer hardware. This is not a security update.
https://www.hwinfo.com/download/

ImageUSB 1.5.1007 resolves a hardware compatibility bug. This is not a security update.
https://www.osforensics.com/tools/write-usb-images.html

Kingston SSD Manager 1.5.4.9 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

ManageWirelessNetworks 1.16 adds option to save all items. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NConvert 7.221 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NTLite 2025.03.10351 improves new Windows UEFI build behavior and updates libraries. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.1.1004 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.90.0 adds several new features and resolves a bunch of bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.6.6 changes a couple behaviors and resolves several bugs. This is not a security update.
https://www.roboform.com/

ScreenConnect 25.2.3.9216 resolves several bugs and now imposes a hardcoded email limit in the name of security – which means that monitoring events using the email action will no longer be reliable.
https://screenconnect.connectwise.com/download

SSD Life 2.5.82 adds support for newer hardware. This is not a security update.
https://ssd-life.com/eng/download-ssdlife.html

Starwind V2V Converter 9.626 improves conversions from Hyper-V to ESXi. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

TeamViewer 15.64.3 adds several new management features and resolves a couple bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WakeMeOnLan 1.93 adds a black background option. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WinRAR 7.11 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WinScan2PDF 9.31 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizFile 3.12 resolves a bug. This is not a security update.
https://antibody-software.com/wizfile/

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2024.3.1.14 resolves several bugs. This is not a security update.
https://developer.android.com/studio

cx_Freeze 8.1 updates libraries and resolves several bugs. This should be treated as a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GameMaker Studio 2024.13.0.190 resolves over 500 bugs. This should be treated as a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.5.228 resolves a couple cosmetic bugs. This is not a security update.
https://gdevelop.io/download

Go 1.24.2 is a security update.
https://go.dev/

Godot 4.4.1 is a security update.
https://godotengine.org/

Inno Setup 6.4.2 adds a new setup directive. This is not a security update.
https://www.jrsoftware.org/isdl.php

Node.js 18.20.8 is a security update.
https://nodejs.org/en/

Node.js 20.19.0 resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 23.11.0 updates libraries and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Python 3.13.3 resolves dozens of bugs. This is a security update.
https://www.python.org/downloads/windows/

Visual Studio Code 1.99.1 resolves several bugs. This is a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 5.2.0 resolves several bugs and adds cosmetic improvements. Adminer has been under very active development the last couple months so expect many more future updates over time.
https://www.adminer.org/en/

Grocy 4.5.0 implements a new barcode reader and resolves a couple bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.17.2 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.2.6 and 4.4.13 are security updates.
https://www.joomla.org/

MailEnable 9.88 and 10.52 are security updates.
https://www.mailenable.com/

OpenCart 4.1.0.3 resolves several bugs. This is not a security update.
https://www.opencart.com/

Piwigo 15.5.0 resolves several bugs. This is not a security update.
https://piwigo.org/

YOURLS 1.10.0 updates requirements, dependences and resolves several bugs. This is not a security update.
https://yourls.org/

BuddyPress 14.3.4 is a security update.
https://wordpress.org/extend/plugins/buddypress/

My Sticky Bar 2.7.8 improves user interface. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

WordPress Importer 0.8.4 resolves a couple bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-06-11

Welcome back, Folks!

Today is Patch Tuesday for June, 2024.

There were 460+ major hacks, and over 270 application updates this month.
It’s an average month, with about 2.5 GB of updates for most users.

This Month in Technology

4LEAF, Inc, A123Systems, Abbott, AbbVie Inc, ABN Amro, ABS-CBN Broadcasting, Absolute Telecom, AC Financial, AC Propulsion, Inc, Acadia Pharmaceuticals Inc, Access Sports Medicine & Orthopaedics, Accounting Professionals LLC Price Breazeale Chastang, ADCOM911, Adobe Acrobat Reader, Advance Auto Parts, Advance Press, Adventist Health Tulare, Affiliated Dermatologists, Agrani Bank, AirAsia Group, Akdenizchemson, Al-Rajhi Bank, Allied Mechanical Services Inc, Allied Telesis, ALN Medical Management, ALO diamonds, Aloft, Alpha Capital Group, Amazon, AmerisourceBergen Specialty Group, Amgen Inc, Amsterdam Schools, Anchorage Daily News, Anderson Mikos Architects, Android, Archi Hives, Architecture Lejeune Giovanelli, Ardenbrook, ARRL, Ascension Healthcare Network, Association of California School Administrators, Asst Rhodense, Astagiudiziaria, Aston Villa, Astra Daihatsu Motor, Atlas Oil, Atlassian Confluence, Audubon Nature Institute, Ausgrid, Aussizz Group, Avelina, Ayoub Associates CPA Firm, B&G Foods, Banco de Crédito del Perú, Barclays, Bausch Health Companies Inc, Bayer Corporation, BBC Pension Scheme, Berge Bulk, Billericay School, Birmingham Children’s Trust, BlockTower Capital, Bluewater Health, BNB Chain, BreachForums, BreingAir, Brett Slater Solicitors, Brick Court Chambers, Bring Me the Horizon’s website, Bristol Myers Squibb, British Columbia Government, Brockton Area Multi-Services, Brovedani Group, Bruno generators, Bulgarian Ports Infrastructure Company, Café Soluble, California Highway Patrol, California Northstate University, Call 4 Health, Inc, Catch News, CDU, Cencora (11 big pharma companies), Center Line schools, Central Contra Costa Transit Authority, CentroMed, Centurion University, Check Point VPN, Chicago Fire Football Club, Christie’s, Cinterion Modems, Cisco Webex, City of Clarksville, City of Helsinki, City of St. Cloud, Clevo, CoinGecko, College Ahuntsic, Columbus Regional Healthcare System, Comwave Networks, Continuing Healthcare Solutions, Cooler Master, Coplosa, Corr Corr, Corse GSM, Cortina Watch, Costa Edutainment SpA, Cox WiFi routers, Crandall ISD, Credit Central, Crescent Point Energy, Cressex Community School, Crooker, Crossroads Equipment Lease & Finance, LLC, Cryptonary, Cushman Contracting Corporation, Cylance, D-Link EXO AX4800 routers, Daniel E. Fitzgerald, CPA, Decathlon, Delano Adult School, Dendreon Pharmaceuticals LLC, DFINITY, DG3 North America, Inc, DGT traffic authority, Digital Pix & Composites, Discovery Insure, Disney, Dkhoon Emirates, DMM, Dohman, Akerlund & Eddy, Dollmar, Doral, Florida, Dota2, DreamWall, Drive Sally, LLC, Driver Group, DRMS, Dubai government, Dynasafe, E-T-A, Easterseals Central Illinois, Eden Project Ltd, Egyptian Universities, Eigen crypto, Electronic Arts, Elk Grove Unified School District, Elmhurst Group, Elutia, EmailGPT, Embellir, Endo Pharmaceuticals Inc, Ernest Health Facilities, ES Pack Euro, Especialistas Contacto Directo, EU Parliament, Everbridge, Ewing Marion Kauffman School, Excel Security Corp, Experis Technology Group, Facebook, Family Guardian, Faultless Brands, FEI Systems, Fic Expertise, Financial Business and Consumer Solutions (FBCS), Fincasrevuelta, First American, FIRST Heritage Co-operative Credit Union, First Nations Health Authority, First Priority Restoration, Firstmac, Fiskars, Fluent Bit, Form I-9 Compliance, Formosa Plastics, Foxit PDF Reader, FPL Food, France Solar, Frontier Communications, Frotcom International, Fulcrum, Gala Games, Gantan Beauty Industry, Gapbuster Worldwide Pty Ltd, GE HealthCare ultrasound devices, Genentech, Inc, Georgia University System, Gestion Kronos, GitLab, GlaxoSmithKline Patient Health, Google (thousands of times), Google Chrome, Google Document AI Warehouse, Granville Food Care Limited, Graphic Solutions Group Inc, Gravetye Manor, Greater Amsterdam School District, Grupo Cadarso, Guardian Analytics, Guardian Childcare Victoria, Gulp, Hamburg Airport, Hatari Electric Co, HawkEye, Hedbergs, Heineken, Helapet Ltd, Heron Therapeutics, Inc, Hit Promotional Products, HopSkipDrive, Hotel Kiosks, HSBC, Hugging Face Spaces, Iberdrola, IBM Cloud, IBM Neural Compressor AI, Illinois Secretary of State, Incyte Corporation, Indigo ENT Group, Interactive Brokers, Inventum Øst, Iranian Hajj, Iranian Pilgrims, Iress, Isaacs Odinocki, Iseto Corporation, Islamabad’s Safe City Authority, Israel-made industrial devices, Israeli Government and Military Infrastructure, ISTA International GmbH, Ivanti EPMM, IZOMAT Praha, J & N Stone, JAVS Courtroom Recording Software, Johnson & Johnson Patient Assistance Foundation, Inc, Johnson & Johnson Services, Inc, Jordano’s Inc, Jumbo Group, Kaiser Permanente, Keytronic, Klein ISD, Knowmad Mood, Kyber Post-Quantum Key Encapsulation Mechanism (KEM), Lactanet, Lane Gorman Trubitt, Lash Group, Laxmi Capital, Lee Shau Kee School of Creativity, LEMKEN, LenelS2 NetBox, Les Miroirs St Antoine Inc, Levin Porter Associates, Lintas Nusa, LivaNova, Live Nation, London Drugs, London Hospitals, Los Angeles Department of Mental Health (LACDMH), Los Angeles Unified School District (LAUSD), M2EConsulting Engineers, MagicLand, MAH Machine, Mainline Health Systems, Malaysia’s Railway Assets Corporation (RAC), Malone & Co, Malouf Companies, Manurewa Marae, NZ census, Marathon Pharmaceuticals, LLC, Marigin, Mariposa Landscapes Inc, Matusima, McLean Hospital, MediSecure, medQ, Inc, MF Group, Microsoft Exchange Server, Microsoft India, Microsoft Quick Assist, Midwest Covenant Home, Morton Williams, My Daily Choice, Inc, Myersville, Maryland, Mālama I Ke Ola Health Center, National Records of Scotland, Native American Health Center, NATO, Natsume Tax Accountant Corporation, Navvis & Company, LLC, Neovia Company, Netflix Genie, New Boston Dental Care, New Hampshire Public Radio, New York Times, Newfoundland Broadcasting Company Limited, Newman Ferrara, Nidec Motor Corporation, Nissan North America, Inc, Normie Meme Coin, North Texas Municipal Water District, Northeast Rehabilitation Hospital Network, Northern Minerals, Novartis Pharmaceuticals Corporation, Ntv, OakBend Medical, OmniVision, OneVue, OpenSea, Oracle WebLogic Server, Osaka Motorcycle Business Cooperative, OTR, Otsuka America Pharmaceutical, Inc, Oxford Global Resources, LLC, PAN-OS, Panasonic Australia, PandaBuy, Panorama Eyecare, Pantana CPA, Patriot Mobile, Patties Foods, pcTattletale, Peak Design, Pendle Token, PepsiCo, Pezesha, Pfizer Inc, Philippine National Police (PNP), Philips Respironics, PHP, Pope & Conner Consulting, Inc, Providence Hospital, PSG Banatski Dvor, Pulse Connect Secure VPN, QNAP NAS, QNAP QTS, Qualitas, QuoteWizard, R3 Education Inc, Rayner Surgical Inc, RDI-USA, Real Madrid CF, Red Bull, Red Cross, Regeneron Pharmaceuticals, Inc, Regional Obstetrical Consultants, Rex Signature Services, LLC, Richland, Washington, Rio Technology, Riyadh Airport, Robinsons Land, Robson, Rockford Public Schools, Rockwell Automation ICS, Royal Star & Garter, Räddningstjänsten Vä stra Blekinge, Samco, Sandoz Inc, Sanok Rubber Company Spólka Akcyjna, Santa Barbara Systems, Santander, Sav-Rx, Scanda, Schuette Metals, Science Po Paris, Seattle Public Library, Semicore Equipment, Service public de Wallonie, Servicio Móvil, Shirasaki, Shore Regional High School District, Sigmund Espeland AS, SLB Transit Inc, Smith and Caughey’s, Snchez-Betances Sifre & Muñoz-Noya, Snowflake, Solana Meme Coin, SonicWALL SSL-VPN, Sonne Finance, Southwark hospitals, Specialty Market Managers, Sree Hotels, SSI World, St. Landry Parish School, State Grid Corporation of China (SGCC), Sterling Transportation Services, Sumitomo Pharma America, Inc, Sumo, Superior Air-Ground Ambulance Service, Sysmex America, Takeda Pharmaceuticals USA, Inc, Talalay Global, Talley Group, Tamil Nadu, Tech in Asia, Telangana Police, Telefónica, Tesla’s Ultra-Wideband, Thayer Academy, The Egyptian-Sudanese Company, The Kelly Group, ThinkPHP, Ticketek Australia, Ticketmaster, Tietoevry, TikTok, Tinyproxy, Tobii Dynavox, Toshiba America, Town of Westlock, Toyota Philippines, TP-Link Archer C5400X, TRC Talent Solutions, Trib Total Media, TriLiteral, Trionfo Solutions, TruGreen, TSCOP App, UAE Ministry of Education, UK Armed Forces, United Urology Group, Universidad Nacional de Entre Ríos, University of Chicago Medical Center, University of Delhi, University of Hyderabad, University of Siena, US Environmental Protection Agency (EPA), Vannguard Utility Partners, Vasitam, Veeam Backup Enterprise Manager, Velocore, Victoria Eye Center, Victorian Freight Specialists, Vietnam Post, Visa Lighting, VIT Bhopal University, VWholesaleTour, Walmart pension plan, Walser Automotive Group, Walton County, Watt Carmicheal, WD Associates, Wealth Depot LLC, WebTPA, Welsh Rugby Union, Western Dovetail, Western Saw Inc, Western Sydney University, William S Hein & Co, Windows Defender, WIS Sicherheit, WordPress, WP Copymatic, WP Country State City Dropdown CF7 Plugin, WP Dessky Snippets, WP Easy Listing Directories, WP Fluent Forms Contact Form, WP Hash Form Drag & Drop Form Builder, WP LiteSpeed Cache, WP Meta SEO, WP Pie Register, WP Slider Revolution, WP Statistics, WP UserPro Plugin, WP Web Directory Free, WP WooCommerce, WPZOOM, XLink Bitcoin Bridge, Zuber Gardner CPA, and Zyxel NAS have reported hacking or compromises this month.

ARRL, TRAM Barcelona, Internet Archive, Queen Alia International Airport, LastPass, and Copilot have suffered from outages this month.

According to a recent study from Kaspersky, 59% of multi-site business experience monthly outages.

Last months updates broke Windows Taskbar, File Explorer, Windows Server 2019 updates, and Microsoft Outlook again, of course.

AI bots are ridiculously easy to convince to share sensitive information.

Apple is releasing a new password manager for macOS, iOS and iPadOS. But…to get an idea of how concerned Apple is about security, they’ve recently exposed that Wi-Fi on their devices can be used to geolocate any device around the globe.

Google is making it harder and harder to get help.

ICQ, my favorite messaging app from the 90s, has shut down after 28 years.

VBscript is on its deathbed.

FTX paid off whistleblowers.

Now for the good news:

Microsoft has reversed course on Windows Recall and is now making it “optional” even though it isn’t actually resolving most of the security issues or privacy risks.

Let’s Get Busy

Patch Tuesday is about average this month. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates to address 58 vulnerabilities in Azure Data Science Virtual Machines, Azure File Sync, Azure Monitor, Azure SDK, Azure Storage Library, Chrome, Dynamics Business Central, GitHub, Microsoft Dynamics, Microsoft Edge, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Word, Microsoft Streaming Service, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows, Microsoft Windows Speech, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows Container Manager Service, Windows Cryptographic Services, Windows DHCP Server, Windows Distributed File System (DFS), Windows Event Logging Service, Windows Kernel, Windows Kernel-Mode Drivers, Windows Link Layer Topology Discovery Protocol, Windows NT OS Kernel, Windows Perception Service, Windows Remote Access Connection Manager, Windows Routing and Remote Access Service (RRAS), Windows Server Service, Windows Standards-Based Storage Management Service, Windows Storage, Windows Themes, Windows Wi-Fi Driver, Windows Win32 Kernel Subsystem, Windows Win32K – GRFX, Winlogon, and MSRT. This includes security updates. A reboot is required.

Apple released updates for tvOS 17.5.1, iOS 17.5.1, iPadOS 17.5.1, and visionOS 1.2. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 17.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

iPadOS 17.5.1 is a security update. Use Settings, General, Software Update to install the most current update.

tvOS 17.5.1 is a security update. Use System, Software Update to install the most current version.

visionOS 1.2 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 125.0.6422.169 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.5.1 improves stability and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Nvidia Driver 475.06 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Samsung DeX 2.4.1.23 doesn’t provide a change log so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

UniFi airMAX NanoStation 5AC Loco 8.7.13 resolves several bugs. This is not a security update.
https://www.ui.com/download/software/loco5ac

UniFi Network Server 8.2.93 adds ACL rules, DNS records, MLO, BGP and Inspection support. This is not a security update.
https://www.ui.com/download/releases/network-server

Wacom Driver 6.4.6-2 adds support for newer hardware, improved reliability, and resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.66.118 is a security update.
https://brave.com/

Firefox 127.0 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.12.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 125.0.6422.141 is a security update.
https://www.google.com/chrome/

Microsoft Edge 125.0.2535.92 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.7.3329.39 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.16.2.75403 adds calendar support. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.16.2.75440 adds calendar support. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.11.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 8.1.0 improves performance and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Facebook Messenger 213.0.0.22.228 is a security update.
https://www.messenger.com/download

Microsoft Teams 1.7.00.13456 resolves several bugs and improves user controls. This is not a security update.
https://teams.microsoft.com/downloads

Mumble 1.5.634 adds over a dozen new features and resolves several bugs. This should be treated as a security update.
https://www.mumble.info/

Signal 7.11.1 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.8.1 doesn’t provide a detailed change log so should be treated as a security update.
https://signal.org/android/apk/

Telegram 5.1.5 improves stability and resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.13.1 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

Tigase Server 8.4.0 adds RBL support, portable export format, improved user management and resolves dozens of bugs. This should be treated as a security update.
https://github.com/tigase/tigase-server/releases/latest

curl 8.8.0 resolves over 200 bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 200.4.7134 resolves several bugs. This is not a security update.
https://www.dropbox.com/

MeshCentral 1.1.23 resolves dozens of bugs. This should be treated as a security update.
https://meshcentral.com/info/downloads.html

Nextcloud Server 29.0.2 resolves over a dozen bugs. This should be treated as a security update.
https://nextcloud.com/

Omada Software Controller 5.14.20.9 adds several new filters, features and controls. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Syncthing 1.27.8 resolves a couple bugs. This is not a security update.
https://syncthing.net/

Zoom 6.0.11.39959 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.5 improves cosmetics and resolves several bugs. This is not a security update.
https://en.3tene.com/

Grayjay 244 improves compatibility and resolves several bugs.
https://grayjay.app/index.html

Plex Desktop 1.94.1.155 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.62.1.152 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

VLC Media Player 3.0.21 improves hardware compatibility and resolves several bugs. This is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

Minecraft Server (Java) 1.20.6 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 18.1.0 removes X/Twitter and social media integration and improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.522 improves performance and stability and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-05-21 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat Android 24.5.0.33694 is a security update.
https://helpx.adobe.com/security/products/acrobat-android/apsb24-50.html

Adobe Audition 23.6.6 and 24.4.1 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-32.html

Adobe ColdFusion 2021.14 and 2023.8 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-41.html

Adobe Commerce 2.4.0-ext-8, 2.4.1-ext-8, 2.4.2-ext-8, 2.4.3-ext-8, 2.4.4-p9, 2.4.5-p8, 2.4.6-p6 and 2.4.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Adobe Commerce Webhooks Plugin 1.5.0 is a security update.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Adobe Creative Cloud Desktop 6.2.0.554 is a security update.
https://helpx.adobe.com/security/products/creative-cloud/apsb24-44.html

Adobe Experience Manager 2024.5 and 6.5.21 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-28.html

Adobe FrameMaker Publishing Server 2022.3 is a security update.
https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-38.html

Adobe Media Encoder 23.6.6 and 24.4.1 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb24-34.html

Adobe Photoshop 24.7.4 and 25.9 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-27.html

Adobe Substance 3D Stager 3.0.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb24-43.html

Calibre 7.12.0 improves conversion, media support and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.1.2 improves performance, stability, and reliability, and adds a Timestamps and resolves a couple bugs. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Ghostscript 10.03.1 doesn’t provide a change log so should be treated as a security update.
https://www.ghostscript.com/releases/gsdnld.html

Kdenlive 24.05.0 reimplements audio capture, adds group effects and automatic subtitle translation, performance improvements and resolves several bugs. This is not a security update.
https://kdenlive.org/

LibreOffice Fresh 24.2.4 resolves over 70 bugs. This is not a security update.
https://www.libreoffice.org/

Magento Open Source 2.3.7-p4-ext-8, 2.4.4-p9, 2.4.5-p8, 2.4.6-p6 and 2.4.7-p1 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-40.html

Manager 24.6.11.1637 resolves several bugs but does not have current release notes so should be treated as a security update.
https://www.manager.io/

Notepad++ 8.6.8 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

QuickBooks Pro 2022 20240529-R16_8 resolves several bugs. This should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240529-R13_6 doesn’t provide a detailted change log. This should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

KeePass 2.57 improves privacy and security or
https://keepass.info/

OpenSSL 3.3.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.3.0 improves stability and resolves several bugs. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.17.0 improves detection and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.127 adds new detections and improves others. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Tails 6.3 is a security update.
https://tails.net/install/download/index.en.html

uBlock Origin 1.58.0 resolves over a dozen bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

YARA 4.5.1 resolves several bugs. This is not a security update.
https://github.com/VirusTotal/yara/

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.4 improves compression, video combine, and resolves several bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.9 improves subtitle support and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.8.0 updates libraries and resolves dozens of bugs. This is a security update.
https://handbrake.fr/

IsoBuster 5.4.1 adds support for new formats and resolves several bugs. This is not a security update.
https://www.isobuster.com/download.php

MakeMKV 1.17.7 updates license date. This is not a security update.
https://www.makemkv.com/download/

PDF Creator 5.2.2 updates libraries. This is a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.8.2 improves reliability, compatibility, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.3 improves performance, quality, and AI integration. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.34 resolves over a dozen bugs. This is not a security update.
https://1password.com/downloads/

7-Zip 24.06 improves reliability and resolves several bugs. This is not a security update.
https://www.7-zip.org/

Agent Ransack 2022.3435 resolves a crash bug. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitcoin 27.0 resolves several bugs and improves performance. This is not a security update.
https://bitcoin.org/en/download

Bitwarden 2024.5.0 adds organization item cloning and begins the manifest v3 compatibility roll-out. This is not a security update.
https://bitwarden.com/

CCleaner 6.24.11060 improves cleanup and resolves several bugs. This is not a security update.
https://www.ccleaner.com/

DesktopOK 11.24 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.2.6.0 adds several new features and updates libraries. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-05-25 adds JWT and resolves a python compatibility bug. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Etcher 1.19.21 resolves dependency bugs. This is not a security update.
https://www.balena.io/etcher/

Fido 1.56 adds 24H1 ISO UEFI support. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3435 resolves a crash bug. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.6.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

FoneTool 2.7.0 resolves several bugs. This is not a security update.
https://www.fonetool.com/download.html

Free Virtual Serial Ports 6.01.00.1309 adds several more controls. This is not a security update.
https://freevirtualserialports.com/

Git SCM 2.45.2 is a security update.
https://git-scm.com/

Go 1.22.4 is a security update.
https://go.dev/

GoodSync 12.6.9 resolves several bugs. This is not a security update.
https://www.goodsync.com/

grepWin 2.1.1 resolves several bugs. This is not a security update.
https://github.com/stefankueng/grepWin/releases/latest

GUIPropView 1.30 adds two new action commands. This is not a security update.
https://www.nirsoft.net/utils/gui_prop_view.html

NTLite 2024.5.9946 resolves several bugs and improves compatibility. This is not a security update.
https://www.ntlite.com/download/

osquery 5.12.2 is a security update.
https://osquery.io/downloads

PowerToys 0.81.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcDump 3.3 for Linux improves container support. This is not a security update.
https://github.com/Sysinternals/ProcDump-for-Linux

Process Explorer 17.06 resolves several bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

RoboForm 9.6.1 resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 4.5 updates libraries, adds UEFI validation, and resolves several bugs. This is a security update.
https://rufus.ie/en_US/

ScreenConnect 24.1.9.8915 improves compatibility, reliability, and stability, and resolves several bugs. This should be treated as a security update.
https://screenconnect.connectwise.com/download

SetUserFTA 1.8.1 implements a workaround for the new UCPD “security feature”. This is not a security update.
https://kolbi.cz/blog/2017/10/25/setuserfta-userchoice-hash-defeated-set-file-type-associations-per-user/

Ventoy 1.0.99 updates EFI binaries and resolves a couple bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WinRAR 7.01 resolves several bugs. This is not a security update.
https://www.rarlab.com/

WizFile 3.10 adds include and exclude filters, adds more feature controls, and resolves several bugs. This is not a security update.
https://antibody-software.com/wizfile/

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.6 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.3.1.20 is a security update.
https://developer.android.com/studio

AutoHotkey 2.0.17 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

cx_Freeze 7.1 updates libraries and resolves dozens of bugs. This is not a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GitHub Desktop 3.4.1 resolves several bugs. This is not a security update.
https://desktop.github.com/

Inno Setup 6.3.1 improves compatibility and resolves dozens of bugs. This version also removes support for older operating systems. This is not a security update.
https://www.jrsoftware.org/isdl.php

Microsoft Visual C++ 2022 Redistributable 14.40.33810.0 doesn’t provide a change log so should be treated as a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

Node.js 18.20.3 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.14.0 updates dependencies and resolves several bugs. This is not a security update.
https://nodejs.org/en/

Node.js 22.2.0 updates dependencies and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.12.4 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.46.0 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.90 adds several new features. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.6 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Invision Community 4.7.17 resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

Joomla 5.1.1 resolves dozens of bugs. This is not a security update.
https://www.joomla.org/

ownCloud Client 5.3.0.13987 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

WordPress 6.5.4 resolves several bugs. This is not a security update.
https://wordpress.org/

BuddyPress 12.5.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.5 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Multisite Enhancements 1.7.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/multisite-enhancements/

Social Post Feed 4.2.5 resolves a couple menu bugs. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

WooCommerce 8.9.2 is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.7 resolves several bugs. This is a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2024-05-14

Welcome back, Folks!

Today is Patch Tuesday for May, 2024.

There were 580+ major hacks, and over 460 application updates this month. It’s an insanely big month, with about 5 GB of updates for most users.

This Month in Technology

First, let me apologize for this list. It’s 3x longer than it was only a couple months ago and that’s not really my fault. I really want to keep sharing the hacked lists but at the rate it’s going 3/4 of the newletter will just be the list by the end of Summer. I’m going to need to rework this next month when I have more time.

1+1 Media, 4LEAF, Inc, A123 Systems, Access Intelligence, Accor, ACFIN SA, Active PCB Solutions, Acurrate Lock & Hardware, ADCOM911, Advanced Business Networks, Advarra, Inc., Aero Tec Laboratories Inc, Aetna ACE, Affordable Payroll & Bookkeeping Services, Agate Construction, Agency for the Sustainable Development of the Saint Nazaire Region, France, AirAsia Group, Airsoft, Allianz Global Risks U.S. Insurance Company, Alltruck Bodies, Alrajhi Bank, Altipal S.A.S, Amazon, Amberstone Security, AMD Radeon DirectX 11 Driver, American Builders Outlet, American Renal Associates, American Renal Management, Andovers Federal Credit Union, APS – Automotive Parts Solutions, Arbitrum, Argentina’s national registry, Army Welfare Trust, Array Networks, Asantee Games, Asbury Automotive Group, Ascension healthcare, Ashley Home Stores, Aspire Health Alliance, Astra Daihatsu Motor (ID), AT&T, Atlantic States Marine Fisheries Commission (ASMFC), Aussizz Group, Autodesk Drive, Axip Energy Services, Ayesa, B&G Foods, Badger Tag & Label, Banco Santander, Banten Regional Development Bank Tbk, Barclays Bank, Base Network, Bay Oral Surgery & Implant Center, Bağcılar Training and Research Hospital, Bega Valley Council, Belarusian KGB, Belvedere Vodka UK, BenefitsCal, Berry, Dunn, McNeil & Parker, Best Reward Federal Credit Union, BetterHelp, Bharat Sanchar Nigam Limited (BSNL), BHF Couriers, Biggs Cardosa Associates, Inc., Bira 91, Bitfinex, Blackstone Valley Community Health Care, Blooms Today, Bluebonnet Trails, Bluegrass Care Navigators, BMW BANK, Bodyartforms LLC, Boeing, Bradford-Scott, Brandywine Realty Trust, BreachForums, Bridgeway Center, Inc., British Columbia, Canada, Brocade SANnav SAN Management Software, Brovedani Group, Bundeswehr, Byron council, Café Soluble, California library system, Calumet Civil Contractors, Inc, Camino Nuevo Charter Academy, Canatal Industries, Canberra club, Cannes hospital, Cariboo library system, Carpetright, Catholic Diocese of Cleveland, Catholic Medical Center (CMC), CCM Health, Central Bank Argentina, Central Carolina Insurance Agency Inc, Central Florida Equipment, Central Power Systems & Services, Central Virginia Federal Credit Union, Change Healthcare, Channel Logistics LLC, Chemring Group, Cherry Health, Chicony Electronics, Chirp Systems, Christie’s Auction House, Cisco Duo, Cisco Integrated Management Controller (IMC), City of Buckeye, AZ, City of Donges, France, City of El Cerrito, California, City of London, UK, City of Pensacola, Florida, City of Wichita, Kansas, Cleveland Catholic Diocese, Community First Credit Union, Confins Transport, Consensus Medical Group, Consol Energy, Continuum Health, Coppel, Coradix-Magnescan, CorporateStack, Costa Edutainment SPA, Council for Relationships, County of Coffee, Georgia, County of Hernando, FLCounty of Jackson, MOCounty of Los Angeles, CA, Department of Health Services, County of Robeson, NC, County of San Bernardino, CA, CrushFTP, Cushman Contracting Corporation, CyberPower UPS, D-Link Devices, Daoust, Dawson Creek, Deeside Timberframe, Delinea Secret Server, Dell, Dental Group of Amarillo, Dental Health Services, DES Architects and Engineers,
Designed Receivable Solutions, Deutsche Telekom, Digi Yatra Foundation, Dijk, Discord, District of Columbia’s Department of Insurance, Securities and Banking (DISB), DocGo, Dominican Republic vaccination data, Donco Air, Doyon Drilling, Drive Sally LLC, DRM Arby’s, Dropbox Sign, Duvel Moortgat, D’amico & Pettinicchi, LLC, E-ZPass, East Central University, OK, Eden Project, Edlong and Holstein Association USA, Educational Computer Systems, EduMarket, Efrat Airlines, Egypt Ministry of Supply and Internal Trade, El Salvador, El Salvador’s Chivo Wallet, Electric Mirror, Empath Health, Engineered Automation of Maine, Enstar, Epilepsy Foundation of Metro NY, EqualizeRCM and 1st Credentialing, Ernest Health, Eucatex, European Parliament, Europol, EvoBanco, F5 Central Manager, Feldstein & Stewart, Fic Expertise, Financial Business and Consumer Solutions (FBCS), Firstmac, FiXBET, Floirac, Footdistrict, Fort Worth, Texas, Foxit Reader, French Ministry of Agriculture, Frontier Communications, FrotCom, GBI Genios, Gerber Life Insurance Company, Giant Tiger, GitHub Search, GitLab, Glendale Unified School District, Glints, Global Tel Link, Google Chrome, Google, Graphic Solutions Group Inc, Grassroot DICOM, Great Firewall of China, Green Diamond Resource Company, Greylock McKinnon, Grindr, Grodno Azot, Group Health Cooperative of South-Central Wisconsin (GHC-SCW), Guadeloupe, Canada, Guardant Health, Inc., Guardian Analytics, Hapy Bear Surgery Center, Hardeman County Community Health Center, Hedgey Finance, Helapet Ltd, Helsinki Education Division, Heritage Cooperative, High Performance Services, Hillsong Church, Hirsh Industries, Hit Promotional Products, Home Depot, Hong Kong Arts Development Council, Hong Kong College of Technology, Hong Kong Fire Department, Hong Kong Union Hospital, Hooker Furniture, Hosocongty, Hospital Simone Veil, 100 hotels in Japan, Houser LLP, Hoya Optics, HP, HPE ArubaOS Devices, HSBC Bank, HTW, Hub International Limited, Human Events, IBM’s Enterprise Terminal, iCabbi, ICICI Bank, IDS Michigan, Illinois State Credit Union, Illinois Tollway, In The Know, India’s Central Board of Secondary Education (CBSE), India’s HRYLabour, India’s ICICI Bank, Ingo Money Inc, Inland Physicians Billing Services, Intel CPUs (Spectre v2), Intel Hardware Firmware, Interim Healthcare of Lubbock, International Baccalaureate Exam, Inventum Øst, Iranian Pipeline Company, Iress Ltd, Israel Electric Corporation (IEC), Israeli Real Estate Companies, ISTA International GmbH, It4 Solutions Robras Corp, Italian Red Cross Network, Ivanti Avalanche, J.P. Morgan Chase, JE Owens, Kaiser Foundation Health Plan, Inc., Kaiser Permanente, Kameymall, Kansas City Scout System, Keenan & Associates, Kintetsu World Express, Kisco Senior Living, KISTI SMART K2C, Kowloon Shangri-La, La Chapelle-des-marais, France, Ladakh Social Welfare Department, Lamont Hanley & Associates, Latvian TV Channels, LDLC, Le Slip Français, Leicester City Council, Lenovo Hardware Firmware, Lewis & Clark College, LG TVs, Lieberman LLP, Lilly Drogerie, Lincoln Project, LiteSpeed Cache, LivaNova, LiveHelpNow, LocalPlace JP, London Drugs, London Stock Exchange Group, Lopesan Hotels, Lotz Trucking, Lpdb Kumkm, LRB Info Tech, Lukfook Jewellery, Lumina Americas, Luxor, LYON TERMINAL, M2E Consulting Engineers, Macedonian Joint Stock Company, Madata, Magnet+, Malone & Co, Manchester’s Catholic Medical Center, Marpai Health, Mauritzon, McKinley Packing, Medequip Assistive Technology, Medical Home Network, MediExcel, Medios de Prevención Externos Sur SL, MedStar Health, Meduza, Mellitah Company, Mercedes, Merchants Benefit Administration, Metropolitan Life Insurance Company, Microsoft, Microsoft Azure Entra ID, Microsoft Outlook, Missouri Electric Cooperatives, Moffitt Cancer Center and Research Institute, Moldova Government, MoldTech, Molen & Associates, Monash Health, Monday.com, MongoDB, Monocon, Montoir-de-Bretagne, France, Moscow Moskollector, MovieBoxPro, MRA – The Management Association, Mt Hira College, Myers Automotive Group, National Energy Research Scientific Computing Center (NERSC), Nespresso, Nestle, New Boston Dental Care, New Hudson Facades, New Mexico Administrative Office of the District Attorneys, New Mexico Highlands University, New York’s state legislature, Nexperia, NHS Dumfries and Galloway, NK Parts Industries, NorthBay Health, Nota by M&T Bank and TTEC Databases, Nothing, Nova Scotia Health, NRS Healthcare, Numotion, NVIDIA, OakBend Medical, Octopharma Plasma, OE Federal Credit Union, Ogero, Ohio Lottery, Okta, Olson Steel, Olympus Group, OracleCMS, OraSure, Original Herkimer Cheese, OrthoConnecticut, Outabox, Pacific Guardian, Pak Suzuki, Palo Alto Networks PAN-OS, Panda Restaurant Group, Pandemonium Rocks, Panoramic Health, Parent Teacher Association (PTA), Paris Saint-Germain (PSG), Parklane Group, Patricia AI, Paychex, Inc., Paytm, Pennsylvania Convention Center, Pennsylvania Insurance Department, Peplink Smart Reader, Persyn, Philadelphia Inquirer, Philips Respironics, Phoenix Business Consulting, PHP, Pifer’s Auction & Realty, Pilot, Pinnacle Engineering, Pinnacle Orthopaedics, Pioneer Oil Company, Inc, Piping Rock, Police Service of Northern Ireland (PSNI), Porniche, France, Pratham, Precision Fluid Controls, Premier Dermatology, Prisma Finance, Pro Metals LLC, Process Solutions, Procuraduría General de la República, Profile Products, Progress Flowmon, Promarka Peru, Pub And Club, Public service of Wallonia, PWS – The Laundry Company, Qantas, QNAP, Quebec CEGEPs, RAF El Salvador, Randolph Health, RaySharp, RB Woodcraft, Reading Electric, Rebound Orthopedics & Neurosurgery, Recology, Redwood Coast Regional Center, Rehabilitation Hospital of Southern New Mexico, Reliable Networks, Rocky Mountain Sales, Roku, Romeo Pitaro Injury and Litigation Lawyers, Rushd Bookstore, Rutgers University, Räddningstjänsten Vä stra Blekinge, Sachkhere, Sahara Bank, Saint-Nazaire, France, Sanok Rubber Company, Saudi Water Facilities, Scanda Group, Scigames, Scottish health board, Seaman’s Mechanical, SEK Studio, Seneca Nation Health System, Sentry Data Management, Servicio Móvil, Shadow, Siemens Manufacturing, Sigmund Espeland, Signature Healthcare Services LLC, SigningHub, Simmons Perrine Moyer Bergman PLC, Singapore’s Ministry of Education, Singapore’s Mobile Guardian, SinglePoint Outsourcing, Inc., SIS Automatisering, Sisense, Skanlog, Sleep Data Holdings, LLC, Sleep Management Institute, Smoke Alarm Solutions, SOA Architecture, Softura, Somerset Dental Las Vegas, Somerville, Sonadev, France, South Africa’s International Trade Administration Commission (ITAC), South Korean courts, South Korean cable & satellite, South Korean Defense Companies, South Texas Oncology and Hematology, Space X, Space-Eyes, Speedy France, Sri Lanka’s visa system, SSCL, SSS Australia, St-Jerome Company, St. Helena Public Library, Stainless Foundry & Engineering, StarWallets, States of Guernsey, Sterling Holidays, Sterling Plumbing Inc., Studio LAMBDA, Swisspro, SynLab Italia, Sysmex America, Inc, T2 Tea Australia, Tamil Nadu Police, Tappware, Targus, Tatarstan, Russia, Taxi Software, Ted Brown Music, Telecom Argentina, Telit Cinterion modems, Texas Retina Associates, The Epilepsy Institute, The Georgia Institute for Plastic Surgery, The Heritage Foundation, The Kennedy Collective, The Lagunitas Brewing Company, The Line Up, Inc, The May Institute, Inc., The Philadelphia Inquirer, PBC, The Post and Courier, The Post Millennial, The Prudential Insurance Company of America, The Roman Catholic Diocese of Phoenix, The State of Kansas Office of Judicial Administration, The Tech Interactive, Theatrixx Technologies, Therapeutic Health Services, 50,000 Tinyproxy servers, Tipton Municipal Utilities, IN, Toolmarts, Toronto Transit Commission, Transamerica Life Insurance Company, Trib Total Media, True Homes, LLC, TRUE Solicitors, Trylon Srl, Tyler Technologies, UAE Government, UK Government’s System Database, UK Ministry of Defence, UK Royal Mail, 20 Ukrainian Energy and Water Sites, Ukrainian TV, United Nations Development Programme, University of Alabama, University of Alberta, University System of Georgia (USG), US Air Force Academy (USAFA), US Atlantic Fisheries, US Coast Guard Reserve, US Consumer Database, US Health and Human Services (HHS), US Internal Revenue Service (IRS), US Medicare, US Patent and Trademark Office, US Space Forces (USSF) Military Bases, USA Health Providence Hospital, Utica Mack, Valley Mountain Regional Center, Valley Veterinary Clinic, LLC, Van Gogh Museum, Varo Bank, N.A., Veeam, Velvet Capital, Verizon, Victorian Ambulance Union, Virginia Union University, VirtualBox, Visionary Integration Professionals, VMware Cloud Foundation, VMware ESXi, VMware Fusion Pro/Fusion, VMware Workstation Pro/Player, Void Interactive, Volkswagen, VPN traffic (TunnelVision), VTRP, W.I.S. Sicherheit-Service GmbH & Co. KG, Washington State’s Swinomish Casino and Lodge, WebTPA Employer Services, LLC, WEL Partners, Wells Fargo, Welsh Government, Wescom Central Credit Union, West Idaho Orthopedics and Sports Medicine, Westboro Baptist Church, WhatsApp, Windows, Windows Apps, Windows Print Spooler, WOM, World Architects, World-Check, WP Forminator plugin, WP-Automatic Plugin, Xiaomi, Yale Mortgage, YRW Limited – Chartered Accountants, ZA Government Employees Pension Fund’s (GEPF), ZircoDATA, and Zscaler Inc have reported hacking or compromises this month.

Central Power Systems & Services, Final Fantasy, Frontier Communications, Kansas City’s official website, Ogero, Reddit, and Telegram have suffered from outages this month.

Last months updates broke Outlook, Windows (thanks ManageEngine), and VPN connections.

An update to ManageEngine has caused thousands of Windows machines to fail to boot. I guess that’s one way to make sure that they can’t be hacked through ManageEngine vulnerabilities?

Windows has officially added advertisements to the Windows 11 Start Menu.

The PuTTY Pageant key generation weakness will require millions upon millions of certificates to be rekeyed.

The Windows Boot Manager update released in January still has no automated fix from Microsoft. Third parties have created several methods of installing the update, and the closest-to-perfect automation yet requires seven (7!) restarts.

Microsoft has announced plans to implement fully locked down DNS via a pairing of DNS and the firewall, branded Zero Trust DNS – ZTDNS.

A recent technical paper described the process of using LLM (GPT-4) to automate the process of building exploits for newly discovered vulnerabilities. Reviews of the paper tend to acknowledge that it can be used in this fashion but focus instead on the use of the word “autonomously” which they treat as sentience. No guys, the paper isn’t saying that Skynet is here, just that LLMs are getting to the point where they can build functional exploit code based on brief descriptions of vulnerabilities.

I first saw the description of “Kobold Letters” a couple months ago. While a very creative use of CSS and an interesting idea, what are the chances that this kind of thing would actually be used in real life? 100%. I’ve now seen this behavior on three different client mail accounts in Microsoft Online and Gmail.

The founder of Telegram has publicly reported that the FBI pressured an employee to build a backdoor into the system. They refused.

Thunderbird has added Microsoft Exchange support. This means you won’t be forced to use the “New Outlook” crapp to access your Microsoft Exchange accounts. 🙂

Now for the good news:

We won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is insane this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released updates to address 67 vulnerabilities in .NET and Visual Studio, Azure Migrate, Microsoft Bing, Microsoft Brokering File System, Microsoft Dynamics 365 Customer Insights, Microsoft Edge (Chromium-based), Microsoft Intune, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Microsoft Windows Search Component, Power BI, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows CNG Key Isolation Service, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Deployment Services, Windows DHCP Server, Windows DWM Core Library, Windows Hyper-V, Windows Kernel, Windows Mark of the Web (MOTW), Windows Mobile Broadband, Windows MSHTML Platform, Windows NTFS, Windows Remote Access Connection Manager, Windows Routing and Remote Access Service (RRAS), Windows Task Scheduler, Windows Win32K – GRFX, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.

Oracle released 441 security updates this quarter to address vulnerabilities in 119 applications.
https://www.oracle.com/security-alerts/cpuapr2024.html

Apple released updates for iOS 16.7.8, iOS 17.5, iPadOS 16.7.8, iPadOS 17.5, iTunes 12.13.2 for Windows, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, Safari 17.5, tvOS 17.5, and watchOS 10.5. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 6.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.5 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.5 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 124.0.6367.154 and 120.0.6099.310 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 40-1.14 is a major update, replacing BerkeleyDB with alternatives, updating libraries, and including adding new features and defaults. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.4.1 adds support for new software, performance improvements, and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 12.1.0 improves tooltips, and resolves a couple bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Dymo Connect for Desktop 1.3.2.18 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dymo.com/label-makers-printers/labelwriter-label-printers/dymo-labelwriter-450-duo-thermal-label-printer/SAP_1752267.html

TP-Link Archer AX55 v1 240325 adds almost a dozen new features, improves stability and resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

TP-Link Archer AX73 v2.0 240323 resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

UniFi Network Server 8.1.127 enhances firewall rules visibility, adds tunnel IP addresses, OSPF dynamic routing support, and resolves a dozen bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.1.19.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Wacom Driver 6.4.6-1 adds support for newer hardware, resolves several bugs and improves stability.
https://www.wacom.com/en-us/support/product-support/drivers

Xerox Smart Start 2.0.34.0 doesn’t provide a change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.65.133 is a security update.
https://brave.com/

Firefox 126 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 124.0.6367.207 is a security update.
https://www.google.com/chrome/

Microsoft Edge 124.0.2478.97 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.7.3329.29 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.15.5.72973 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.15.5.72972 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.10.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.10 is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.0.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 199.4.6287 removes a cosmetic defect. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 211.0.0.18.236 is a security update.
https://www.messenger.com/download

FileZilla Client 3.67.0 is a security update.
https://filezilla-project.org/

FileZilla Server 1.8.2 is a security update.
https://filezilla-project.org/

FreeFileSync 13.6 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 90.0 resolves several bugs. This is the last version to support macOS 10.15 – if your hardware can not support macOS 11 you should have already removed it from the Internet, but if not, please take this as one more signal that it’s time to replace it.
https://drive.google.com/start

Microsoft Teams 1.7.00.10152 resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.0 is a major update, resolving dozens of bugs, updating libraries, and improving workflow and design. This should be treated as a security update.
https://nextcloud.com/

Nmap 7.95 adds over 6,500 more fingerprints, new scripts and resolves several bugs. This is a security update.
https://nmap.org/

PuTTY 0.81 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Signal 7.8.0 adds emoji call responses and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.6.2 adds emoji call responses, adds sent message editing, and resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Skype 8.116.0.213 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.27.7 resolves a potential security bug.
https://syncthing.net/

Telegram 5.0.1 resolves several bugs. This is not a security update.
https://telegram.org/

USB Drive Log 1.13 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/usb_drive_log.html

Z-Library 1.02 doesn’t provide a change log so should be treated as a security update.
https://z-library.se/z-access#desktop_app_tab

Zoom 6.0.4.38135 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.4 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.9 resolves several bugs. This is a security update.
https://www.bitwig.com/download/

Grayjay 240 adds several new features, sources, improvements, and resolves a dozen bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.2.3 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.92.1.140 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.60.1.134 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.2.8395 resolves several bugs, including an installation path issue. If you used a custom path you will need to uninstall and reinstall in order for future automatic updates to work correctly. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2024.4.0.137 changes homepage. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.201 resolves several bugs and improves interface. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.81.01 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.20.6 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 18.0.1 resolves several bugs. This is a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.430 resolves several bugs and improves hardware support. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-05-13 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
By the way, we won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

SteamOS SteamDeck Update 2024-05-03 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat and Reader 24.002.20759 and 20.005.30636 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-29.html

Adobe Aero 0.24.4 is a security update.
https://helpx.adobe.com/security/products/aero/apsb24-33.html

Adobe Animate 23.0.6 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-36.html

Adobe Dreamweaver 21.4 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb24-39.html

Adobe FrameMaker 2020.6 and 2022.4 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-37.html

Adobe Illustrator 28.5 and 27.9.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-30.html

Adobe Substance 3D Designer 13.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-35.html

Adobe Substance 3D Painter 10.0.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html

Aronium 1.43.0.2 adds dual currency and night theme, improves refund behavior, and resolves several bugs. This is not a security update.
https://aronium.com/

Audacity 3.5.1 adds a bunch of new features and resolves dozens of bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.10.0 adds export support, spell check, color inversion and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.6 improves wrapped line caompatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Formatta Filler 8.19.0.4 doesn’t provide a change log so should be treated as a security update.
https://formatta.com/formatta-products/complete-submit/

GIMP 2.10.38 doesn’t provide a detailed change log so should be treated as a security update.
https://www.gimp.org/

Java 8u411 is a security update.
https://www.java.com/en/download/manual.jsp

JShelter 0.18 improves compatibility. This is not a security update.
https://jshelter.org/install/

Kdenlive 24.02.2 improves compatibility and resolves several bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.3.70840 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.6.7 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.3 resolves over 75 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.5.13.1531 adds several new features and improves email integration and display. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.0 resolves dozens of bugs and updates libraries. This is a security update.
https://nextcloud.com/

Notepad++ 8.6.7 improves multiedit and language support, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.3.0.386 adds page extraction, label modification, improves sort and group behavior and resolves dozens of bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240509-R15_25 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240509-R12_15 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.9.0 adds native rules, timezone improvements, and adds ability to change default conditional when searching. This is not a security update.
https://github.com/countercept/chainsaw

Microsoft Edge Policy 2024.05.07 updates policies. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

OpenSSL 3.3.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.2.2 improves performance. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.16.1 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.118 adds support for more detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1266 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

Tails 6.2 is a security update.
https://tails.net/install/download/index.en.html

Velociraptor 0.72 adds EWF support and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.3 improves OCR, performances, updates libraries and resovles several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.7 resolves several couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.7.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.0 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.32 improves compatibility, adds support to import from more third-party platforms, and resolves several bugs. This is a security update.
https://1password.com/downloads/

Agent Ransack 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AOMEI Partition Assistant 10.4.0 improves the user interface. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.4.2 improves passkeys support and secrets manager, and adds a new Authenticator app. This is not a security update.
https://bitwarden.com/

BulkFileChanger 1.73 resolves a timezone-related bug. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

CCleaner 6.23.11010 resolves several bugs. This is a security update.
https://www.ccleaner.com/

DesktopOK 11.21 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.92.0 resolves a .git/.gitignore bug, updates .NET library and translations. This is a security update.
https://dngrep.github.io/

ExplorerPatcher 22621.3527.65.2 resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FileLocator Pro 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FoneTool 2.6.1 adds iOS Data Recovery and resolves a crash bug. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.45.0 adds dozens of new features and behaviors, and resolves over 50 bugs. This is not a security update.
https://git-scm.com/

Go 1.22.3 is a security update.
https://go.dev/

GoodSync 12.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.02 doesn’t provide a change log so should be treated as a security update.
https://www.hwinfo.com/download/

InstalledAppView 1.08 resolves a CLI bug. This is not a security update.
https://www.nirsoft.net/utils/installed_app_view.html

IsMyHdOK 3.96 improves performance and testing accuracy. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 2.0.1 updates dependencies and build environment, and resolves a stability bug. This is not a security update.
https://lessmsi.activescott.com/

NirCmd 2.87 adds and resolves ~$ variables. This is not a security update.
https://www.nirsoft.net/utils/nircmd.html

NTLite 2024.5.9931 resolves dozens of bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.12.1 is a security update.
https://osquery.io/downloads

PingInfoView 3.05 adds option to map source IPv4 Address. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.80.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.10.1 adds a dozen features and parameters, improves stability and reliability, and resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 9.5.8 improves GUI. This is not a security update.
https://www.roboform.com/

ScreenConnect 24.1.7.8892 resolves dozens of bugs and improves compatibility. This should be treated as a security update.
https://screenconnect.connectwise.com/download

Starwind V2V Converter 9.444 adds support for new conversions. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

WinGet 1.7.11261 fixes elevation issues, updates dependencies and libraries. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WUMT 04.22.2022 improves Windows 11 compatibility. This is not a security update.
https://www.oldergeeks.com/downloads/file.php?id=1366

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.5 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.3.1 adds device streaming for testing, integrates crashlytics, improves App Quality Insights, and adds audio redirection. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.14 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

cx_Freeze 7.0 updates dependencies and libraries and resolves hundreds of bugs. This should be treated as a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GitHub Desktop 3.3.17 removes support for older macOS versions, resolves a dozen bugs and improves user interface. This is not a security update.
https://desktop.github.com/

Godot 4.2.2 improves CLI support, resolves the audio bug, and more than 200 other issues. This is a security update.
https://godotengine.org/

MySQL ConnectorNet 8.4.0 updates libraries and resolves several bugs. This is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.37 resolves dozens of bugs. This is a security update.
https://dev.mysql.com/downloads/installer/

NASM 2.16.03 improves the build process. This is not a security update.
https://www.nasm.us/index.php

Node.js 18.20.2 is a security update.
https://nodejs.org/en/

Node.js 20.13.1 resolves several bugs and updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 21.7.3 is a security update.
https://nodejs.org/en/

Node.js 22.1.0 is a major update. This is a security update.
https://nodejs.org/en/

Redemption 6.5.0.6294 improves integration and resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

Rustup 1.27.1 resolves several bugs. This is not a security update.
https://www.rust-lang.org/

SQLite 3.45.3 adds new JSON handling behaviors and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.16.0 resolves a dozen bugs and updates libraries. This is a security update.
https://tortoisegit.org/

TortoiseSVN 1.14.7 resolves several bugs. This is a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.89.1 adds support to exclude content from Copilot and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.40 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.18 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.5 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.1.0 adds more than a dozen features and code and performance improvements. This is not a security update.
https://www.joomla.org/

MAMP 5.0.6 updates dependencies. This should be treated as a security update.
https://www.mamp.info/en/mamp/windows/

phpList 3.6.15 is a security update.
https://www.phplist.org/

Piwigo 14.4.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.5.3 is a security update.
https://wordpress.org/

BuddyPress 12.4.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.4 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.9 improves compatibility and resolves a bug. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar 2.7 resolves a cosmetic bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.69 should be treated as a security update.
https://wordpress.org/extend/plugins/postie/

Slider Revolution 6.7 resolves several bugs. This is a security update.
https://revolution.themepunch.com/

Social Post Feed 4.2.4 improves integration. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.44 improves API key controls. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.7.2 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.9.0 improves compatibility and resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.6 resolves several bugs. This is a security update.
https://wpbakery.com/

WPtouch 4.3.59 adds support for Reddit, improves compatibility, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-04-09

Welcome back, Folks!

Today is Patch Tuesday for April, 2024.

There were 370+ major hacks, and over 160 application updates this month. It’s a small month though, with only about 1.5 GB of updates for most users.

This Month in Technology

A5 PHARMACY INC., 6,000 ASUS routers, Ace Hardware, Acer Philippines, Activision, Acuity, Adobe Reader, Affinity Health Services, Air Europa, AirDAO, Alabama State Government, Alamo Insurance, Alsaree3, Amazon’s AWS Airflow Service, AMD Zen CPUs (ZenHammer), American Renal Associates, Apex Legends Global Series, Apotheka pharmacy, Apple Safari, Apple’s M Chips (GoFetch), Apple, Arcserve UDP, Argo, AT&T (after denying it), Aussizz Group, Aveanna Healthcare, Axis Direct, BabyTV, Bank of America, Bank of Tanzania, Bank Syariah Indonesia, Banregio, Battle Mountain General Hospital, Benetton Group, Bernalillo County, Better Accounting Solutions, BigBasket, BioLife Plasma Services, L.P., Bira91, boAt Lifestyle, Bonney Forge Corporation, Brewer & Company Of West Virginia, British Tobacco, BSR Infratech India Ltd, Bticino Club, California Correctional Health Care Services, California Department of Food and Agriculture (CDFA), Carolina Foods, Carrozzeria Aretusa, CASIO India, CCM Health, Chambers Construction, ChatGPT Plugin, Cherry Health, City of Conneaut, Ohio, City of Hope Cancer Center, City of Jacksonville Beach, Florida, City of Pensacola, Florida, City of St. Cloud, Florida, ClickASnap, Colorado Public Defender, Commerce Dental Group, Commonwealth Healthcare Corporation, Communications Workers Union, Cornerstone Healthcare Group Management Services LLC, Cornerstone Specialty Hospitals, Credit China, Crinetics Pharmaceuticals, Curio smart contracts, CVS Group, D-Link NAS (and several router models), DBS Bank, Delhi Police, Delta Dental of California, Delta Pipeline, Inc., Dental Health Services, Designed Receivable Solutions, Inc., Diabetes WA, Docker, Doctorim, Dolomite Exchange, Domestic Violence Project, Inc, Dormakaba’s Saflok, Dr. Cafe Coffee, Dunn, Pittman, Skinner & Cushman, PLLC, Duty Free Americas, Eagle Bank, Eagle Hydraulic, EAS Change Systems, East Baton Rouge Sheriff’s Office (EBRSO), Eastern Radiologists, Eastside Union School District, EBlock Corp, Ecuador’s Ministerio de Economía, Editorialist, El Salvador’s citizen database, Eland Energy, Inc., Ellsworth Cooperative Creamery, Emergency Medical Services Authority (EMSA), Encina Wastewater Authority, England and Wales Cricket Board, EquiLend, Ernest Health, eSIMs, Ethos/Southwest Boston Senior Services, Europol, Everbrite, LLC., Exvagos, Ezras Choilim Health Center, Inc., Family Health Center, Farmacia Ettore Florio SNC, Fidelity Investments Life Insurance Company, Fiduciary Outsourcing, LLC, FileCatalyst Transfer Tool, Fire Rescue Victoria, 223 million exposed Firebase records, Five Eyes Intelligence Group, Flipkart, Florida Department of Juvenile Justice, Florida Pediatric Associates, FortiClient EMS, France Travail (Government Unemployment Agency), French Football Federation, Fujitsu Corporate Networks, G&S Japan, Gamooga, GardaWorld Cash, Gerson Lehrman Group, most modern CPUs (GhostRace), Giant Tiger, Gilmer County, Georgia, Google Chrome, Google DoubleClick, Google Pixel, Government Employees Pension Fund (GEPF), Greensboro College, Greenwood Regional Rehabilitation Hospital, Gresser Inc. and Affiliates, Greylock McKinnon Associates, Group Health Cooperative of South Central Wisconsin, GSM Hosting, Guardian Life Insurance Company, Guy’s Floor Service Inc., HALO Branded Solutions, Hamilton, Canada, Harvard Pilgrim Health Care, Health Plan Intermediaries Holdings, Healthfirst Health Plan, Inc., Healthfirst Insurance Company, Inc., Healthfirst PHSP, Inc., Henry County, Illinois, High Wycombe Cressex Community School, Home Depot, Homeocan, Hot Topic, Houser LLP, Hoya Corporation, HTTP/2 “continuation” frames, Hudson Supplies Inc, Human Development Services of Westchester, Inc., Huntsville, Ontario, IATSE Staff Retirement and National Pension Funds, ICICIPruLife, ICN Assessoria, IKF Finance, Imperva WAF, Indian Defense & Energy Sectors, Indian S3WaaS website, InfoHit, INNO-SOFT Info Systems Pte Ltd, Inspection Services, Inc., Integration International Inc., INTEGRIS Health, International Monetary Fund (IMF), Irish Health Service Executive (HSE), Israeli Justice Ministry, Israeli LGBTQ App Atraf, Ivanti Connect Secure, Ivanti Policy Secure, Ivanti VPN gateways, Jackson County, Missouri, John R. Wood Properties, Johnson Matthey, Jordano’s Inc., JSC Kaluzhskoe, Kaspersky Fan Club, Keenan & Associates, KidSecurity, Kyivstar, Leicester City Council, Lewis & Clark College, Lindsay Municipal Hospital, London Mayor’s Office for Policing and Crime (MOPAC), Los Angeles Department of Mental Health, M&D Capital Premier Billing, Maccarinelli Luciano, macOS, Macuz, Madero, Magento, Magnum, Mahoney Foundries Inc., Malaysian Industrial Development Finance, MarineMax, Mary H. Makhlouf, DMD, MS, PA, Massachusetts Mutual Life Insurance Company, MediaWorks, Meson, Metropolitan Life Insurance Company, Microsoft, Microsoft Edge, Microsoft Exchange Server, Microsoft SharePoint, Midlands Regional Rehabilitation Hospital, Minecraft, Mintlify, Monmouth College, Motilal Oswal, MotorCycle Holdings, Mozilla Firefox, Multi-Fill, Munchables, Nampak, National Amusements, National Home Mortgage Finance Corporation (NHMFC), National Insurance Institute of Israel, National Public Data, Nations Direct Mortgage, Nationstar Mortgage, Nemesis Market, New Mexico Administrative Office of the District Attorneys, New York State Education Department, Newport Group, NHS Dumfries and Galloway, NHS Scotland, Nissan, NorthBay VacaValley Hospital, Northern Virginia Oral, Maxillofacial & Implant Surgery, Nykaa, Oak View Group, Olea Kiosks Inc., Omni Hotels & Resorts, On Q Financial, Open Automation Software OAS Engine, Oracle VirtualBox, Orange County’s Credit Union, Orsini Pharmaceutical Services, Otolaryngology Associates, OWASP, Pacific Guardian Life Insurance, Paducah Dermatology, Palau National Government, PandaBuy, Panera Bread, Paulmann, Pembina County Memorial Hospital, PGF Technology Group, Inc., Philips Respironics, Phillipine Department of Science and Technology, Plymouth Tube Company Employee Benefit Plan, Polycab, Pomona Valley Hospital Medical Center, Ponoka, Canada, Powerhost, Precision Tune Auto Care, Inc., Prisma Finance, ProcessMaker, Prudential Insurance, Punjab Police, Pakistan, Quality Education and Skills Training (QUEST) App, R1 RCM Inc., Radiant Logistics, Rairdon Automotive Group, Ray AI Framework, Redbus, Regional One Health, Rent Go, REV Drill Sales & Rentals, Risas Dental & Braces, Rockland, Roi Et Rajabhat University, Roku, Rudman Winchell Law Firm, SAC Constelacion, Saint Louis University, Santa Clarita Community College District, Saudi Arabia Railways, Scranton School District, PA, Scullion Law, Select Education Group (SEG), Services Informatiques Pour Professionnels, Shopify plugins, Simpson Strong-Tie Co. Inc., Sit ‘n Sleep, Skyway Coach Lines, South China Athletic Association, SouthState Bank, Spa Grand Prix, Spartanburg Rehabilitation Institute, Spedition Langen, Stanford University, Sugargoo, Summit State Bank, Super Sushi Samurai, SurveyLama, Swiggy, SwordFantasy, Sycamore Rehabilitation Services, Inc., Targus, Tarrant Appraisal District, Tarrant County, Texas, TataMotors, Teleflora, Tesla, Tesla ECU, Tesla Model 3, The Big Issue, The Law Firm of Friedman + Bartoumian, The Pokémon Company, TIAA, Top.gg Discord bot, Torre Pacheco Town Hall, Spain, Trezor’s X Account, Tri-City Healthcare District, True Homes, Trustpoint Rehabilitation Hospital, Ubuntu desktop, UC San Diego Health, Ultra Intelligence & Communications, United Network for Organ Sharing (UNOS), University of Winnipeg, US Department of Health and Human Services (HHS), US Department of Justice (DoJ), US Department of State, US Environmental Protection Agency (EPA), US National Security Agency (NSA), US Vision, Inc., UT Southwestern, V12 Software, Valley Oaks Health, Venmo, Veritas Genetics, Viber, VMware Workstation, VNDirect, Void Interactive, Walmart, Washington State Food Worker Card, Weirton Medical Center, Wells Fargo, Wendy’s, WeRize, Western New York Independent Living, Inc., White Oak Partners, Windows 11, Windows SmartScreen, Woodruff-Sawyer & Co., 39,000 WordPress sites, WordPress Essential Addons for Elementor plugin, WordPress LayerSlider plugin, WordPress miniOrange plugins, WordPress Rank Math SEO plugin, Wyatt Detention Facility, XpressBees, XZ Utils, Yale University, and Z Development Services have reported hacking or compromises this month.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is pretty small this month. The typical computer should see roughly 1.5 GB in updates today. Let’s get started.

Microsoft released updates to address 100 vulnerabilities in .NET and Visual Studio, Azure, Azure Compute Gallery, Azure Migrate, Azure Monitor, Azure Private 5G Core, Azure SDK, Internet Shortcut Files, Microsoft Azure Kubernetes Service, Microsoft Brokering File System, Microsoft Defender for IoT, Microsoft Edge (Chromium-based), Microsoft Install Service, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Open Management Infrastructure, Role: DNS Server, Servicing Stack Updates, SQL Server, Windows Authentication Methods, Windows BitLocker, Windows Compressed Folder, Windows Cryptographic Services, Windows Defender Credential Guard, Windows DHCP Server, Windows Distributed File System (DFS), Windows DWM Core Library, Windows File Server Resource Management Service, Windows HTTP.sys, Windows Internet Connection Sharing (ICS), Windows Kerberos, Windows Kernel, Windows Local Security Authority Subsystem Service (LSASS), Windows Message Queuing, Windows Mobile Hotspot, Windows Proxy Driver, Windows Remote Access Connection Manager, Windows Remote Procedure Call, Windows Routing and Remote Access Service (RRAS), Windows Secure Boot, Windows Telephony Server, Windows Update Stack, Windows USB Print Driver, Windows Virtual Machine Bus, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.

Apple released updates for GarageBand 10.4.11, iOS 16.7.7, iOS 17.4.1, iPadOS 16.7.7, iPadOS 17.4.1, macOS Sonoma 14.4.1, macOS Ventura 13.6.6, Safari 17.4.1, and visionOS 1.1.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.7 and 17.4.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.7 and 17.4.1 are security updates. Use Settings, General, Software Update to install the most current update.

visionOS 1.1.2 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 123.0.6312.94 is security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.3.1 resolves several bugs and compatibility issues. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 10.01 does not provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.7.4 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

UniFi airMAX NanoStation 5AC Loco 8.7.12 is a security update.
https://www.ui.com/download/software/loco5ac

UniFi Network Server 8.1.113 resolves dozens of bugs and improves management and features. This is not a security update.
https://www.ui.com/download/releases/network-server

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.64.116 is a security update.
https://brave.com/

Firefox 124.0.2 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.9.1 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 123.0.6312.86 is a security update.
https://www.google.com/chrome/

Microsoft Edge 123.0.2420.81 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Opera 109.0.5097.38 is a security update.
https://www.opera.com/browsers/opera

Opera GX 107.0.5045.86 is a security update.
https://www.opera.com/gx

SeaMonkey 2.53.18.2 is a security update. They’ve *finally* removed support for NPAPI plugins like Flash.
https://www.seamonkey-project.org/

Vivaldi 6.6.3271.57 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

DavMail Gateway 6.2.2 resolves dozens of bugs. This is a security update.
https://davmail.sourceforge.net/

OutlookAttachView 3.52 adds a cosmetic option to align numeric columns. This is not a security update.
https://www.nirsoft.net/utils/outlook_attachment.html

Spark 3.14.5.68977 resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.14.5.68976 resolves a couple bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.9.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 8.0.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

curl 8.7.1 is a security update.
https://curl.haxx.se/windows/

Dropbox 196.4.6900 is a security update.
https://www.dropbox.com/

Facebook Messenger 208.0.0.9.229 is a security update.
https://www.messenger.com/download

FreeFileSync 13.5 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 89.0 is a security update.
https://drive.google.com/start

Grocy Desktop 2.10.0 updates bundled Grocy. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.22 resolves dozens of bugs and updates libraries. This is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.7956 reduces default permissions. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0.4 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Signal (Android) 7.2.4 takes a few more steps away from dependence on a phone number. This is not a security update.
https://signal.org/android/apk/

Signal 7.4.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Syncthing 1.27.6 resovles several bugs. This should be treated as a security update.
https://syncthing.net/

Technitium DNS Server 12.1 is a security update.
https://technitium.com/dns/

Telegram 4.16.6 resolves several bugs. This is not a security update.
https://telegram.org/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.3 resolves several compatibility and cosmetic issues. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.6 resolves a couple bugs. This is not a security update.
https://www.bitwig.com/download/

Plex Desktop 1.90.1.118 improves collection management. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.59.0.121 updates engine. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.1.8227 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GDevelop 5.3.198 introduces feedback rewards, updates dependencies and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.73.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 18.0.0 adds a 15 minute option to sleep mode, Korean language, and resolves several bugs. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.315 adds brightness controls, improves mic and speaker support for DualSense controllers, and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe After Effects 24.2 and 23.6.5 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb24-09.html

Adobe Photoshop 24.7.3 and 25.4 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb24-16.html

Adobe Commerce 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8, 2.4.3-ext-7, 2.4.2-ext-7, 2.4.1-ext-7, 2.4.0-ext-7, and 2.3.7-p4-ext-7 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-18.html

Adobe InDesign 19.3 and 18.5.2 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb24-20.html

Adobe Experience Manager 2024.03 and 6.5.20 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-21.html

Adobe Media Encoder 24.3 and 23.6.5 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb24-23.html

Adobe Bridge 13.0.7 and 14.0.3 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-24.html

Adobe Illustrator 28.4 and 27.9.3 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-25.html

Adobe Animate 23.0.5 and 24.0.2 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-26.html

Adobe Reader DC 24.001.20643 improves GenAI stability. This is not a security update.
https://get.adobe.com/reader

Aronium 1.42 adds custom labels, database improvements and resolves several bugs. This should be treated as a security update.
https://aronium.com/

Calibre 7.8 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

GnuCash 5.6 resolves dozens of bugs. This is not a security update.
https://www.gnucash.org/

Kdenlive 24.02.1 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

LibreOffice 7.6.6 resolves almost 40 bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.2 resolves over 70 bugs. This is not a security update. The “Fresh” line is beta software so you should be avoided by most.
https://www.libreoffice.org/

Manager 24.4.8.1419 doesn’t provide a change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.12.3 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.6.5 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

QuickBooks Pro 2022 R14_41 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 R11_35 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Zotero (macOS) 6.0.37 improves Google Docs integration and improves messaging. This is not a security update.
https://www.zotero.org/

Zotero 6.0.36 updates digital signature. This should be treated as a security update.
https://www.zotero.org/

Security Software Updates

One or more of these is likely to be of interest to most people.

MalwareBytes Anti-Malware 4.6.10 is not a security update.
https://www.malwarebytes.org/antimalware/

OnionShare 2.6.2 is a security update.
https://onionshare.org/

OpenSSL 3.3.0 is a security update.
https://www.openssl.org/source/

ProtonVPN (macOS) 4.1.11 improves stability and resolves several bugs. This is not a security update.
https://protonvpn.com/download

QubesOS 4.2.1 is a security update.
https://www.qubes-os.org/downloads/

Stinger 13.0.0.90 adds new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1264 improves browser extension. This is not a security update.
https://www.superantispyware.com/download.html

Tails 6.1 is a security update.
https://tails.net/install/download/index.en.html

uBlock Origin 1.57.2 resolves a bug in differential updates. This should be treated as a security update.
https://github.com/gorhill/uBlock/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.1.2 adds several features and resolves a dozen bugs. This version requires NVIDIA 531.61 or newer drivers. This is not a security update.
https://obsproject.com/

ScreenToGif 2.41 updates libraries and adds click tracking. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.5 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

PDF Creator 5.2.1 resolves several bugs. This is not a security update.
https://www.pdfforge.org/pdfcreator

StreamFab 6.1.7.0 resolves several bugs and improves compatibility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.1.6 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.28 resolves several bugs. This is not a security update.
https://1password.com/downloads/

AOMEI Partition Assistant 10.3.1 improves duplicate detection and resolves several bugs. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.3.1 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.22.10977 resolves several bugs and improves compatibility. This is not a security update.
https://www.ccleaner.com/

ControlMyMonitor 1.38 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

Cygwin 3.5.3 resolves several bugs. This is a security update.
https://cygwin.com/

DesktopOK 11.19 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.47.0 resolves several bugs and updates dependencies. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-03-15 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.3.3 resolves several bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

ExplorerPatcher 22621.3296.64.1 resolves several bugs and improves compatibility. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FoneTool 2.5.2 improves licensing process. This is not a security update.
https://www.fonetool.com/download.html

Go 1.22.2 is a security update.
https://go.dev/

GoodSync 12.6.2 resolves several bugs and improves compatibility. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.00 doesn’t provide a change log so should be treated as a security update.
https://www.hwinfo.com/download/

Kingston SSD Manager 1.5.4.5 doesn’t provide a change log so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

LessMSI 1.11.0 improves GUI. This is not a security update.
https://lessmsi.activescott.com/

ManageWirelessNetworks 1.13 resolves a data export bug. This is not a security update.
https://www.nirsoft.net/utils/manage_wireless_networks.html

NTLite 2024.4.9860 updates controls and improves compatibility. This is not a security update.
https://www.ntlite.com/download/

OSForensics 11.0.1007 updates libraries and improves documentation. This is not a security update.
https://www.osforensics.com/download.html

PointerStick 6.37 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

PowerToys 0.80.0 improves stability and resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.10.0 resolves dozens of bugs and improves compatibility. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 9.5.7 improves defaults and resolves several bugs. This is not a security update.
https://www.roboform.com/

SearchMyFiles 3.25 improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TraceRouteOK 3.35 updates language files. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/TraceRouteOK

WinGet 1.7.10861 resolves dependency issues and a couple other bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

Developer Updates

These are unlikely to be of interest to most people.

ADB 35.0.1 updates libraries. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2023.2.1.24 resolves several bugs. This is a security update.
https://developer.android.com/studio

AutoHotkey 1.1.37.02 resolves several bugs related to hotkeys and clipboard control. This is not a security update.
https://www.autohotkey.com/download/

AutoHotkey 2.0.12 resolves several bugs. This should be treated as a security update.
https://www.autohotkey.com/download/

GitHub Desktop 3.3.13 resolves several bugs. This is not a security update.
https://desktop.github.com/

NASM 2.16.02 resolves several bugs and improves dependency controls. This should be treated as a security update.
https://www.nasm.us/index.php

Node.js 18.20.1 is a security update.
https://nodejs.org/en/

Node.js 20.12.1 is a security update.
https://nodejs.org/en/

Node.js 21.7.2 is a security update.
https://nodejs.org/en/

Python 3.12.3 is a security updae.
https://www.python.org/downloads/windows/

Unreal Engine 5.3 adds dozens of new features and hundreds of changes. This is not a security update.
https://unrealengine.com/en-US/

Visual Studio Code 1.88 adds several new features. This is not a security update.
https://code.visualstudio.com/

Web Package Updates

These are likely to be of interest only to web developers.

Grocy 4.2.0 resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.15.4 resolves several bugs. This is not a security update.
https://www.humhub.com/en

SpamAssassin 4.0.1 improves compatibility. This is not a security update.
https://spamassassin.apache.org/downloads.cgi

WordPress 6.5 is a major update adding several new features and font controls. This is not a security update.
https://wordpress.org/

Akismet 5.3.2 resolves a couple bugs and adds support for new webhooks. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

Antispam Bee 2.11.6 resolves several bugs and updates dependencies. This is not a security update.
https://wordpress.org/extend/plugins/antispam-bee/

BuddyPress 12.4.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.3 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Social Post Feed 4.2.3 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Interactive World Map 3.4.4 is a security update.
https://wordpress.org/extend/plugins/interactive-world-map/

My Sticky Bar 2.6.9 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Really Simple CAPTCHA 2.3 flags compatibility requirements. This is not a security update.
https://wordpress.org/extend/plugins/really-simple-captcha/

Sucuri Security 1.8.43 updates license and improves notifications. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.7.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.7.0 resolves over a hundred bugs and almost one hundred other issues. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/