Updates 2024-05-14

Welcome back, Folks!

Today is Patch Tuesday for May, 2024.

There were 580+ major hacks, and over 460 application updates this month. It’s an insanely big month, with about 5 GB of updates for most users.

This Month in Technology

First, let me apologize for this list. It’s 3x longer than it was only a couple months ago and that’s not really my fault. I really want to keep sharing the hacked lists but at the rate it’s going 3/4 of the newletter will just be the list by the end of Summer. I’m going to need to rework this next month when I have more time.

1+1 Media, 4LEAF, Inc, A123 Systems, Access Intelligence, Accor, ACFIN SA, Active PCB Solutions, Acurrate Lock & Hardware, ADCOM911, Advanced Business Networks, Advarra, Inc., Aero Tec Laboratories Inc, Aetna ACE, Affordable Payroll & Bookkeeping Services, Agate Construction, Agency for the Sustainable Development of the Saint Nazaire Region, France, AirAsia Group, Airsoft, Allianz Global Risks U.S. Insurance Company, Alltruck Bodies, Alrajhi Bank, Altipal S.A.S, Amazon, Amberstone Security, AMD Radeon DirectX 11 Driver, American Builders Outlet, American Renal Associates, American Renal Management, Andovers Federal Credit Union, APS – Automotive Parts Solutions, Arbitrum, Argentina’s national registry, Army Welfare Trust, Array Networks, Asantee Games, Asbury Automotive Group, Ascension healthcare, Ashley Home Stores, Aspire Health Alliance, Astra Daihatsu Motor (ID), AT&T, Atlantic States Marine Fisheries Commission (ASMFC), Aussizz Group, Autodesk Drive, Axip Energy Services, Ayesa, B&G Foods, Badger Tag & Label, Banco Santander, Banten Regional Development Bank Tbk, Barclays Bank, Base Network, Bay Oral Surgery & Implant Center, Bağcılar Training and Research Hospital, Bega Valley Council, Belarusian KGB, Belvedere Vodka UK, BenefitsCal, Berry, Dunn, McNeil & Parker, Best Reward Federal Credit Union, BetterHelp, Bharat Sanchar Nigam Limited (BSNL), BHF Couriers, Biggs Cardosa Associates, Inc., Bira 91, Bitfinex, Blackstone Valley Community Health Care, Blooms Today, Bluebonnet Trails, Bluegrass Care Navigators, BMW BANK, Bodyartforms LLC, Boeing, Bradford-Scott, Brandywine Realty Trust, BreachForums, Bridgeway Center, Inc., British Columbia, Canada, Brocade SANnav SAN Management Software, Brovedani Group, Bundeswehr, Byron council, Café Soluble, California library system, Calumet Civil Contractors, Inc, Camino Nuevo Charter Academy, Canatal Industries, Canberra club, Cannes hospital, Cariboo library system, Carpetright, Catholic Diocese of Cleveland, Catholic Medical Center (CMC), CCM Health, Central Bank Argentina, Central Carolina Insurance Agency Inc, Central Florida Equipment, Central Power Systems & Services, Central Virginia Federal Credit Union, Change Healthcare, Channel Logistics LLC, Chemring Group, Cherry Health, Chicony Electronics, Chirp Systems, Christie’s Auction House, Cisco Duo, Cisco Integrated Management Controller (IMC), City of Buckeye, AZ, City of Donges, France, City of El Cerrito, California, City of London, UK, City of Pensacola, Florida, City of Wichita, Kansas, Cleveland Catholic Diocese, Community First Credit Union, Confins Transport, Consensus Medical Group, Consol Energy, Continuum Health, Coppel, Coradix-Magnescan, CorporateStack, Costa Edutainment SPA, Council for Relationships, County of Coffee, Georgia, County of Hernando, FLCounty of Jackson, MOCounty of Los Angeles, CA, Department of Health Services, County of Robeson, NC, County of San Bernardino, CA, CrushFTP, Cushman Contracting Corporation, CyberPower UPS, D-Link Devices, Daoust, Dawson Creek, Deeside Timberframe, Delinea Secret Server, Dell, Dental Group of Amarillo, Dental Health Services, DES Architects and Engineers,
Designed Receivable Solutions, Deutsche Telekom, Digi Yatra Foundation, Dijk, Discord, District of Columbia’s Department of Insurance, Securities and Banking (DISB), DocGo, Dominican Republic vaccination data, Donco Air, Doyon Drilling, Drive Sally LLC, DRM Arby’s, Dropbox Sign, Duvel Moortgat, D’amico & Pettinicchi, LLC, E-ZPass, East Central University, OK, Eden Project, Edlong and Holstein Association USA, Educational Computer Systems, EduMarket, Efrat Airlines, Egypt Ministry of Supply and Internal Trade, El Salvador, El Salvador’s Chivo Wallet, Electric Mirror, Empath Health, Engineered Automation of Maine, Enstar, Epilepsy Foundation of Metro NY, EqualizeRCM and 1st Credentialing, Ernest Health, Eucatex, European Parliament, Europol, EvoBanco, F5 Central Manager, Feldstein & Stewart, Fic Expertise, Financial Business and Consumer Solutions (FBCS), Firstmac, FiXBET, Floirac, Footdistrict, Fort Worth, Texas, Foxit Reader, French Ministry of Agriculture, Frontier Communications, FrotCom, GBI Genios, Gerber Life Insurance Company, Giant Tiger, GitHub Search, GitLab, Glendale Unified School District, Glints, Global Tel Link, Google Chrome, Google, Graphic Solutions Group Inc, Grassroot DICOM, Great Firewall of China, Green Diamond Resource Company, Greylock McKinnon, Grindr, Grodno Azot, Group Health Cooperative of South-Central Wisconsin (GHC-SCW), Guadeloupe, Canada, Guardant Health, Inc., Guardian Analytics, Hapy Bear Surgery Center, Hardeman County Community Health Center, Hedgey Finance, Helapet Ltd, Helsinki Education Division, Heritage Cooperative, High Performance Services, Hillsong Church, Hirsh Industries, Hit Promotional Products, Home Depot, Hong Kong Arts Development Council, Hong Kong College of Technology, Hong Kong Fire Department, Hong Kong Union Hospital, Hooker Furniture, Hosocongty, Hospital Simone Veil, 100 hotels in Japan, Houser LLP, Hoya Optics, HP, HPE ArubaOS Devices, HSBC Bank, HTW, Hub International Limited, Human Events, IBM’s Enterprise Terminal, iCabbi, ICICI Bank, IDS Michigan, Illinois State Credit Union, Illinois Tollway, In The Know, India’s Central Board of Secondary Education (CBSE), India’s HRYLabour, India’s ICICI Bank, Ingo Money Inc, Inland Physicians Billing Services, Intel CPUs (Spectre v2), Intel Hardware Firmware, Interim Healthcare of Lubbock, International Baccalaureate Exam, Inventum Øst, Iranian Pipeline Company, Iress Ltd, Israel Electric Corporation (IEC), Israeli Real Estate Companies, ISTA International GmbH, It4 Solutions Robras Corp, Italian Red Cross Network, Ivanti Avalanche, J.P. Morgan Chase, JE Owens, Kaiser Foundation Health Plan, Inc., Kaiser Permanente, Kameymall, Kansas City Scout System, Keenan & Associates, Kintetsu World Express, Kisco Senior Living, KISTI SMART K2C, Kowloon Shangri-La, La Chapelle-des-marais, France, Ladakh Social Welfare Department, Lamont Hanley & Associates, Latvian TV Channels, LDLC, Le Slip Français, Leicester City Council, Lenovo Hardware Firmware, Lewis & Clark College, LG TVs, Lieberman LLP, Lilly Drogerie, Lincoln Project, LiteSpeed Cache, LivaNova, LiveHelpNow, LocalPlace JP, London Drugs, London Stock Exchange Group, Lopesan Hotels, Lotz Trucking, Lpdb Kumkm, LRB Info Tech, Lukfook Jewellery, Lumina Americas, Luxor, LYON TERMINAL, M2E Consulting Engineers, Macedonian Joint Stock Company, Madata, Magnet+, Malone & Co, Manchester’s Catholic Medical Center, Marpai Health, Mauritzon, McKinley Packing, Medequip Assistive Technology, Medical Home Network, MediExcel, Medios de Prevención Externos Sur SL, MedStar Health, Meduza, Mellitah Company, Mercedes, Merchants Benefit Administration, Metropolitan Life Insurance Company, Microsoft, Microsoft Azure Entra ID, Microsoft Outlook, Missouri Electric Cooperatives, Moffitt Cancer Center and Research Institute, Moldova Government, MoldTech, Molen & Associates, Monash Health, Monday.com, MongoDB, Monocon, Montoir-de-Bretagne, France, Moscow Moskollector, MovieBoxPro, MRA – The Management Association, Mt Hira College, Myers Automotive Group, National Energy Research Scientific Computing Center (NERSC), Nespresso, Nestle, New Boston Dental Care, New Hudson Facades, New Mexico Administrative Office of the District Attorneys, New Mexico Highlands University, New York’s state legislature, Nexperia, NHS Dumfries and Galloway, NK Parts Industries, NorthBay Health, Nota by M&T Bank and TTEC Databases, Nothing, Nova Scotia Health, NRS Healthcare, Numotion, NVIDIA, OakBend Medical, Octopharma Plasma, OE Federal Credit Union, Ogero, Ohio Lottery, Okta, Olson Steel, Olympus Group, OracleCMS, OraSure, Original Herkimer Cheese, OrthoConnecticut, Outabox, Pacific Guardian, Pak Suzuki, Palo Alto Networks PAN-OS, Panda Restaurant Group, Pandemonium Rocks, Panoramic Health, Parent Teacher Association (PTA), Paris Saint-Germain (PSG), Parklane Group, Patricia AI, Paychex, Inc., Paytm, Pennsylvania Convention Center, Pennsylvania Insurance Department, Peplink Smart Reader, Persyn, Philadelphia Inquirer, Philips Respironics, Phoenix Business Consulting, PHP, Pifer’s Auction & Realty, Pilot, Pinnacle Engineering, Pinnacle Orthopaedics, Pioneer Oil Company, Inc, Piping Rock, Police Service of Northern Ireland (PSNI), Porniche, France, Pratham, Precision Fluid Controls, Premier Dermatology, Prisma Finance, Pro Metals LLC, Process Solutions, Procuraduría General de la República, Profile Products, Progress Flowmon, Promarka Peru, Pub And Club, Public service of Wallonia, PWS – The Laundry Company, Qantas, QNAP, Quebec CEGEPs, RAF El Salvador, Randolph Health, RaySharp, RB Woodcraft, Reading Electric, Rebound Orthopedics & Neurosurgery, Recology, Redwood Coast Regional Center, Rehabilitation Hospital of Southern New Mexico, Reliable Networks, Rocky Mountain Sales, Roku, Romeo Pitaro Injury and Litigation Lawyers, Rushd Bookstore, Rutgers University, Räddningstjänsten Vä stra Blekinge, Sachkhere, Sahara Bank, Saint-Nazaire, France, Sanok Rubber Company, Saudi Water Facilities, Scanda Group, Scigames, Scottish health board, Seaman’s Mechanical, SEK Studio, Seneca Nation Health System, Sentry Data Management, Servicio Móvil, Shadow, Siemens Manufacturing, Sigmund Espeland, Signature Healthcare Services LLC, SigningHub, Simmons Perrine Moyer Bergman PLC, Singapore’s Ministry of Education, Singapore’s Mobile Guardian, SinglePoint Outsourcing, Inc., SIS Automatisering, Sisense, Skanlog, Sleep Data Holdings, LLC, Sleep Management Institute, Smoke Alarm Solutions, SOA Architecture, Softura, Somerset Dental Las Vegas, Somerville, Sonadev, France, South Africa’s International Trade Administration Commission (ITAC), South Korean courts, South Korean cable & satellite, South Korean Defense Companies, South Texas Oncology and Hematology, Space X, Space-Eyes, Speedy France, Sri Lanka’s visa system, SSCL, SSS Australia, St-Jerome Company, St. Helena Public Library, Stainless Foundry & Engineering, StarWallets, States of Guernsey, Sterling Holidays, Sterling Plumbing Inc., Studio LAMBDA, Swisspro, SynLab Italia, Sysmex America, Inc, T2 Tea Australia, Tamil Nadu Police, Tappware, Targus, Tatarstan, Russia, Taxi Software, Ted Brown Music, Telecom Argentina, Telit Cinterion modems, Texas Retina Associates, The Epilepsy Institute, The Georgia Institute for Plastic Surgery, The Heritage Foundation, The Kennedy Collective, The Lagunitas Brewing Company, The Line Up, Inc, The May Institute, Inc., The Philadelphia Inquirer, PBC, The Post and Courier, The Post Millennial, The Prudential Insurance Company of America, The Roman Catholic Diocese of Phoenix, The State of Kansas Office of Judicial Administration, The Tech Interactive, Theatrixx Technologies, Therapeutic Health Services, 50,000 Tinyproxy servers, Tipton Municipal Utilities, IN, Toolmarts, Toronto Transit Commission, Transamerica Life Insurance Company, Trib Total Media, True Homes, LLC, TRUE Solicitors, Trylon Srl, Tyler Technologies, UAE Government, UK Government’s System Database, UK Ministry of Defence, UK Royal Mail, 20 Ukrainian Energy and Water Sites, Ukrainian TV, United Nations Development Programme, University of Alabama, University of Alberta, University System of Georgia (USG), US Air Force Academy (USAFA), US Atlantic Fisheries, US Coast Guard Reserve, US Consumer Database, US Health and Human Services (HHS), US Internal Revenue Service (IRS), US Medicare, US Patent and Trademark Office, US Space Forces (USSF) Military Bases, USA Health Providence Hospital, Utica Mack, Valley Mountain Regional Center, Valley Veterinary Clinic, LLC, Van Gogh Museum, Varo Bank, N.A., Veeam, Velvet Capital, Verizon, Victorian Ambulance Union, Virginia Union University, VirtualBox, Visionary Integration Professionals, VMware Cloud Foundation, VMware ESXi, VMware Fusion Pro/Fusion, VMware Workstation Pro/Player, Void Interactive, Volkswagen, VPN traffic (TunnelVision), VTRP, W.I.S. Sicherheit-Service GmbH & Co. KG, Washington State’s Swinomish Casino and Lodge, WebTPA Employer Services, LLC, WEL Partners, Wells Fargo, Welsh Government, Wescom Central Credit Union, West Idaho Orthopedics and Sports Medicine, Westboro Baptist Church, WhatsApp, Windows, Windows Apps, Windows Print Spooler, WOM, World Architects, World-Check, WP Forminator plugin, WP-Automatic Plugin, Xiaomi, Yale Mortgage, YRW Limited – Chartered Accountants, ZA Government Employees Pension Fund’s (GEPF), ZircoDATA, and Zscaler Inc have reported hacking or compromises this month.

Central Power Systems & Services, Final Fantasy, Frontier Communications, Kansas City’s official website, Ogero, Reddit, and Telegram have suffered from outages this month.

Last months updates broke Outlook, Windows (thanks ManageEngine), and VPN connections.

An update to ManageEngine has caused thousands of Windows machines to fail to boot. I guess that’s one way to make sure that they can’t be hacked through ManageEngine vulnerabilities?

Windows has officially added advertisements to the Windows 11 Start Menu.

The PuTTY Pageant key generation weakness will require millions upon millions of certificates to be rekeyed.

The Windows Boot Manager update released in January still has no automated fix from Microsoft. Third parties have created several methods of installing the update, and the closest-to-perfect automation yet requires seven (7!) restarts.

Microsoft has announced plans to implement fully locked down DNS via a pairing of DNS and the firewall, branded Zero Trust DNS – ZTDNS.

A recent technical paper described the process of using LLM (GPT-4) to automate the process of building exploits for newly discovered vulnerabilities. Reviews of the paper tend to acknowledge that it can be used in this fashion but focus instead on the use of the word “autonomously” which they treat as sentience. No guys, the paper isn’t saying that Skynet is here, just that LLMs are getting to the point where they can build functional exploit code based on brief descriptions of vulnerabilities.

I first saw the description of “Kobold Letters” a couple months ago. While a very creative use of CSS and an interesting idea, what are the chances that this kind of thing would actually be used in real life? 100%. I’ve now seen this behavior on three different client mail accounts in Microsoft Online and Gmail.

The founder of Telegram has publicly reported that the FBI pressured an employee to build a backdoor into the system. They refused.

Thunderbird has added Microsoft Exchange support. This means you won’t be forced to use the “New Outlook” crapp to access your Microsoft Exchange accounts. 🙂

Now for the good news:

We won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is insane this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released updates to address 67 vulnerabilities in .NET and Visual Studio, Azure Migrate, Microsoft Bing, Microsoft Brokering File System, Microsoft Dynamics 365 Customer Insights, Microsoft Edge (Chromium-based), Microsoft Intune, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Microsoft Windows Search Component, Power BI, Visual Studio, Windows Cloud Files Mini Filter Driver, Windows CNG Key Isolation Service, Windows Common Log File System Driver, Windows Cryptographic Services, Windows Deployment Services, Windows DHCP Server, Windows DWM Core Library, Windows Hyper-V, Windows Kernel, Windows Mark of the Web (MOTW), Windows Mobile Broadband, Windows MSHTML Platform, Windows NTFS, Windows Remote Access Connection Manager, Windows Routing and Remote Access Service (RRAS), Windows Task Scheduler, Windows Win32K – GRFX, Windows Win32K – ICOMP, and MSRT. This includes security updates. A reboot is required.

Oracle released 441 security updates this quarter to address vulnerabilities in 119 applications.
https://www.oracle.com/security-alerts/cpuapr2024.html

Apple released updates for iOS 16.7.8, iOS 17.5, iPadOS 16.7.8, iPadOS 17.5, iTunes 12.13.2 for Windows, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, Safari 17.5, tvOS 17.5, and watchOS 10.5. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 6.7.8 and 17.5 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.5 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.5 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 124.0.6367.154 and 120.0.6099.310 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 40-1.14 is a major update, replacing BerkeleyDB with alternatives, updating libraries, and including adding new features and defaults. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.4.1 adds support for new software, performance improvements, and resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 12.1.0 improves tooltips, and resolves a couple bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Dymo Connect for Desktop 1.3.2.18 doesn’t provide a detailed change log so should be treated as a security update.
https://www.dymo.com/label-makers-printers/labelwriter-label-printers/dymo-labelwriter-450-duo-thermal-label-printer/SAP_1752267.html

TP-Link Archer AX55 v1 240325 adds almost a dozen new features, improves stability and resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

TP-Link Archer AX73 v2.0 240323 resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

UniFi Network Server 8.1.127 enhances firewall rules visibility, adds tunnel IP addresses, OSPF dynamic routing support, and resolves a dozen bugs. This is not a security update.
https://www.ui.com/download/releases/network-server

VIISAN OfficeCam 7.1.19.0 doesn’t provide a change log so should be treated as a security update.
https://www.viisan.com/en/download/type1.html

Wacom Driver 6.4.6-1 adds support for newer hardware, resolves several bugs and improves stability.
https://www.wacom.com/en-us/support/product-support/drivers

Xerox Smart Start 2.0.34.0 doesn’t provide a change log so should be treated as a security update.
https://www.support.xerox.com/en-us/content/143617

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.65.133 is a security update.
https://brave.com/

Firefox 126 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.11.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 124.0.6367.207 is a security update.
https://www.google.com/chrome/

Microsoft Edge 124.0.2478.97 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Vivaldi 6.7.3329.29 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.15.5.72973 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.15.5.72972 resolves several AI-related bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.10.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.10 is a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 8.0.1 resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

Dropbox 199.4.6287 removes a cosmetic defect. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 211.0.0.18.236 is a security update.
https://www.messenger.com/download

FileZilla Client 3.67.0 is a security update.
https://filezilla-project.org/

FileZilla Server 1.8.2 is a security update.
https://filezilla-project.org/

FreeFileSync 13.6 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 90.0 resolves several bugs. This is the last version to support macOS 10.15 – if your hardware can not support macOS 11 you should have already removed it from the Internet, but if not, please take this as one more signal that it’s time to replace it.
https://drive.google.com/start

Microsoft Teams 1.7.00.10152 resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 29.0.0 is a major update, resolving dozens of bugs, updating libraries, and improving workflow and design. This should be treated as a security update.
https://nextcloud.com/

Nmap 7.95 adds over 6,500 more fingerprints, new scripts and resolves several bugs. This is a security update.
https://nmap.org/

PuTTY 0.81 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html

Signal 7.8.0 adds emoji call responses and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.6.2 adds emoji call responses, adds sent message editing, and resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Skype 8.116.0.213 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.27.7 resolves a potential security bug.
https://syncthing.net/

Telegram 5.0.1 resolves several bugs. This is not a security update.
https://telegram.org/

USB Drive Log 1.13 adds black background support. This is not a security update.
https://www.nirsoft.net/utils/usb_drive_log.html

Z-Library 1.02 doesn’t provide a change log so should be treated as a security update.
https://z-library.se/z-access#desktop_app_tab

Zoom 6.0.4.38135 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.4 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.9 resolves several bugs. This is a security update.
https://www.bitwig.com/download/

Grayjay 240 adds several new features, sources, improvements, and resolves a dozen bugs. This is not a security update.
https://grayjay.app/index.html

iTunes 12.13.2.3 is a security update.
https://www.apple.com/itunes/download/

Plex Desktop 1.92.1.140 doesn’t provide a detailed change log so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.60.1.134 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.2.8395 resolves several bugs, including an installation path issue. If you used a custom path you will need to uninstall and reinstall in order for future automatic updates to work correctly. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2024.4.0.137 changes homepage. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.201 resolves several bugs and improves interface. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.81.01 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.20.6 does not provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 18.0.1 resolves several bugs. This is a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 2024.430 resolves several bugs and improves hardware support. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-05-13 resolves several bugs. This is not a security update.
https://store.steampowered.com/news/app/593110
By the way, we won. Sony caved on the Helldivers 2 privacy-violating “account linking” change. 🙂

SteamOS SteamDeck Update 2024-05-03 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat and Reader 24.002.20759 and 20.005.30636 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-29.html

Adobe Aero 0.24.4 is a security update.
https://helpx.adobe.com/security/products/aero/apsb24-33.html

Adobe Animate 23.0.6 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-36.html

Adobe Dreamweaver 21.4 is a security update.
https://helpx.adobe.com/security/products/dreamweaver/apsb24-39.html

Adobe FrameMaker 2020.6 and 2022.4 are security updates.
https://helpx.adobe.com/security/products/framemaker/apsb24-37.html

Adobe Illustrator 28.5 and 27.9.4 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb24-30.html

Adobe Substance 3D Designer 13.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-35.html

Adobe Substance 3D Painter 10.0.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-31.html

Aronium 1.43.0.2 adds dual currency and night theme, improves refund behavior, and resolves several bugs. This is not a security update.
https://aronium.com/

Audacity 3.5.1 adds a bunch of new features and resolves dozens of bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.10.0 adds export support, spell check, color inversion and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.6 improves wrapped line caompatibility. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Formatta Filler 8.19.0.4 doesn’t provide a change log so should be treated as a security update.
https://formatta.com/formatta-products/complete-submit/

GIMP 2.10.38 doesn’t provide a detailed change log so should be treated as a security update.
https://www.gimp.org/

Java 8u411 is a security update.
https://www.java.com/en/download/manual.jsp

JShelter 0.18 improves compatibility. This is not a security update.
https://jshelter.org/install/

Kdenlive 24.02.2 improves compatibility and resolves several bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.3.70840 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice 7.6.7 resolves over 40 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.3 resolves over 75 bugs. This is a security update.
https://www.libreoffice.org/

Manager 24.5.13.1531 adds several new features and improves email integration and display. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.13.0 resolves dozens of bugs and updates libraries. This is a security update.
https://nextcloud.com/

Notepad++ 8.6.7 improves multiedit and language support, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.3.0.386 adds page extraction, label modification, improves sort and group behavior and resolves dozens of bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20240509-R15_25 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20240509-R12_15 updates to backend processes. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.9.0 adds native rules, timezone improvements, and adds ability to change default conditional when searching. This is not a security update.
https://github.com/countercept/chainsaw

Microsoft Edge Policy 2024.05.07 updates policies. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

OpenSSL 3.3.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.2.2 improves performance. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.16.1 updates engine and resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.118 adds support for more detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1266 resolves several bugs. This is not a security update.
https://www.superantispyware.com/download.html

Tails 6.2 is a security update.
https://tails.net/install/download/index.en.html

Velociraptor 0.72 adds EWF support and resolves several bugs. This is not a security update.
https://github.com/Velocidex/velociraptor/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.3 improves OCR, performances, updates libraries and resovles several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.7 resolves several couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.7.7 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.2.0 resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.32 improves compatibility, adds support to import from more third-party platforms, and resolves several bugs. This is a security update.
https://1password.com/downloads/

Agent Ransack 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AOMEI Partition Assistant 10.4.0 improves the user interface. This is not a security update.
https://www.diskpart.com/

Bitwarden 2024.4.2 improves passkeys support and secrets manager, and adds a new Authenticator app. This is not a security update.
https://bitwarden.com/

BulkFileChanger 1.73 resolves a timezone-related bug. This is not a security update.
https://www.nirsoft.net/utils/bulk_file_changer.html

CCleaner 6.23.11010 resolves several bugs. This is a security update.
https://www.ccleaner.com/

DesktopOK 11.21 improves compatibility. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.92.0 resolves a .git/.gitignore bug, updates .NET library and translations. This is a security update.
https://dngrep.github.io/

ExplorerPatcher 22621.3527.65.2 resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FileLocator Pro 2022.3434 adds support for OneNote and resovles several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FoneTool 2.6.1 adds iOS Data Recovery and resolves a crash bug. This is not a security update.
https://www.fonetool.com/download.html

Git SCM 2.45.0 adds dozens of new features and behaviors, and resolves over 50 bugs. This is not a security update.
https://git-scm.com/

Go 1.22.3 is a security update.
https://go.dev/

GoodSync 12.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

HWiNFO 8.02 doesn’t provide a change log so should be treated as a security update.
https://www.hwinfo.com/download/

InstalledAppView 1.08 resolves a CLI bug. This is not a security update.
https://www.nirsoft.net/utils/installed_app_view.html

IsMyHdOK 3.96 improves performance and testing accuracy. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/IsMyHdOK

LessMSI 2.0.1 updates dependencies and build environment, and resolves a stability bug. This is not a security update.
https://lessmsi.activescott.com/

NirCmd 2.87 adds and resolves ~$ variables. This is not a security update.
https://www.nirsoft.net/utils/nircmd.html

NTLite 2024.5.9931 resolves dozens of bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.12.1 is a security update.
https://osquery.io/downloads

PingInfoView 3.05 adds option to map source IPv4 Address. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.80.1 improves stability. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

PSAppDeploy 3.10.1 adds a dozen features and parameters, improves stability and reliability, and resolves several bugs. This is not a security update.
https://psappdeploytoolkit.com/

RoboForm 9.5.8 improves GUI. This is not a security update.
https://www.roboform.com/

ScreenConnect 24.1.7.8892 resolves dozens of bugs and improves compatibility. This should be treated as a security update.
https://screenconnect.connectwise.com/download

Starwind V2V Converter 9.444 adds support for new conversions. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

WinGet 1.7.11261 fixes elevation issues, updates dependencies and libraries. This is a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.81 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WUMT 04.22.2022 improves Windows 11 compatibility. This is not a security update.
https://www.oldergeeks.com/downloads/file.php?id=1366

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.5 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

Android Studio 2023.3.1 adds device streaming for testing, integrates crashlytics, improves App Quality Insights, and adds audio redirection. This is not a security update.
https://developer.android.com/studio

AutoHotkey 2.0.14 resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

cx_Freeze 7.0 updates dependencies and libraries and resolves hundreds of bugs. This should be treated as a security update.
https://cx-freeze.readthedocs.io/en/latest/index.html

GitHub Desktop 3.3.17 removes support for older macOS versions, resolves a dozen bugs and improves user interface. This is not a security update.
https://desktop.github.com/

Godot 4.2.2 improves CLI support, resolves the audio bug, and more than 200 other issues. This is a security update.
https://godotengine.org/

MySQL ConnectorNet 8.4.0 updates libraries and resolves several bugs. This is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.37 resolves dozens of bugs. This is a security update.
https://dev.mysql.com/downloads/installer/

NASM 2.16.03 improves the build process. This is not a security update.
https://www.nasm.us/index.php

Node.js 18.20.2 is a security update.
https://nodejs.org/en/

Node.js 20.13.1 resolves several bugs and updates libraries. This is a security update.
https://nodejs.org/en/

Node.js 21.7.3 is a security update.
https://nodejs.org/en/

Node.js 22.1.0 is a major update. This is a security update.
https://nodejs.org/en/

Redemption 6.5.0.6294 improves integration and resolves several bugs. This is not a security update.
https://www.dimastr.com/redemption/

Rustup 1.27.1 resolves several bugs. This is not a security update.
https://www.rust-lang.org/

SQLite 3.45.3 adds new JSON handling behaviors and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

TortoiseGit 2.16.0 resolves a dozen bugs and updates libraries. This is a security update.
https://tortoisegit.org/

TortoiseSVN 1.14.7 resolves several bugs. This is a security update.
https://tortoisesvn.net/downloads.html

Visual Studio Code 1.89.1 adds support to exclude content from Copilot and resolves several bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.40 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 7.0.18 resolves over a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.5 resolves several bugs. This is not a security update.
https://www.humhub.com/en

Joomla 5.1.0 adds more than a dozen features and code and performance improvements. This is not a security update.
https://www.joomla.org/

MAMP 5.0.6 updates dependencies. This should be treated as a security update.
https://www.mamp.info/en/mamp/windows/

phpList 3.6.15 is a security update.
https://www.phplist.org/

Piwigo 14.4.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.5.3 is a security update.
https://wordpress.org/

BuddyPress 12.4.1 is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.4 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.9 improves compatibility and resolves a bug. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar 2.7 resolves a cosmetic bug. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.69 should be treated as a security update.
https://wordpress.org/extend/plugins/postie/

Slider Revolution 6.7 resolves several bugs. This is a security update.
https://revolution.themepunch.com/

Social Post Feed 4.2.4 improves integration. This is not a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.44 improves API key controls. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

W3 Total Cache 2.7.2 resolves several bugs and improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.9.0 improves compatibility and resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.6 resolves several bugs. This is a security update.
https://wpbakery.com/

WPtouch 4.3.59 adds support for Reddit, improves compatibility, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-03-12

Welcome back, Folks!

Today is Patch Tuesday for March, 2024.

There were 300+ major hacks, and over 175 application updates this month. It’s a small month, with about 2.3 GB of updates for most users.

This Month in Technology

Ace Air Cargo, Air Methods, Aleo, AlgoSec, Alliance Solutions Group, American Express, American Vision Partners, Android and iOS biometric information (GoldPickaxe), AnyCubic Kobra 3D printers, APK.TW, Apple Shortcuts, Assurance IQ, Auxo, Azure AD/Entra ID (Silver SAML), Baesman Group, Inc., Bangalore One, Bank of America, 61 Brazilian Banks, Bay Area Anesthesia, LLC, Benefit Design Group, Inc., Biomedical Research Institute, BlueCare Plus Tennessee, Booking.com, Bradford-Scott Data, Bright Wires, Capita, CareFirst BlueCross BlueShield Community Health Plan – District of Columbia, CareTree, Inc., Carnet-AMM, Casino Del Sol, Cencora, Centre Hospitalier D’Armentieres, CGM, Inc., Change Healthcare, Cheat-Database, Chunghwa Telecom, CIPC, CISA, Citrus Diagnostic Center, City of Dubuque Fire Department, City of Hamilton, Ontario, City of Oakley, CA, City of Pleasant Hill, CA, Coffee Beyers, Cogdell Memorial Hospital, Coinsquare, Colorado Department of Health Care Policy & Financing, Concord Music Group, Inc., ConnectWise Control/ScreenConnect, Continental Aerospace Technologies, Crossroads Equipment Lease & Finance, LLC, CUSO Financial Services, Cutout.Pro, CVS Pharmacy, Inc., David’s Bridal, Davlyn Investments, Denninger’s, Department of State Hospitals (DSH), DGA-Producer Pension & Health Plans, Dignity Health Welfare Benefits Plan, DiVal Safety Equipment, Inc, DJI, 8,000 major brands’ DNS, Duvel Moortgat Brewery, Eagers Automotive, East Carolina University’s Brody School of Medicine, Eastern Radiologists, Inc, EasyPark, EdisonLearning, Inc., Egyptian Health Department, EKEN cameras, El Al Airline, Election Commission of India, Elemetal, LLC, Empire Fidelity Investments Life Insurance Company, Employee Benefits Corporation of America, ETISALAT, Ewig Group, Facebook Marketplace, Fairway Independent Mortgage, FBI, FBinsure, fckeditor, Federal Communications Commission, Fidelity Investments Life Insurance, Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), FixedFloat, Fortinet FortiOS, Fortinet FortiProxy, Framwellgate School, FullPress, Future Generations Foundation, GCA Nederland, Gilroy Gardens, Gixen, Global Tel*Link, Golden Corral, Grace Lutheran Communities, Group Health Cooperative, Grupo Bimbo, Habib’s, Haivision MCS, Hampton County School District, Harvard Pilgrim Health Care, Hathway Cable & Datacom Limited, HAWITA Group, Health NZ, Hessen Consumer Center, Highland Health Systems, Hochschule Kempten, Hospice of Huntington, Houser LLP, Human Affairs International of California, HWL Ebsworth, Imaging Data Commons libdicom, InfoSys McCamish, Infraestructura Portuaria Mexicana, Insomniac Games, Institute of Food Technologists, Insurance ACE/Humana Inc., INTEGRIS Health, Interventional Pain and Regenerative Medicine, iSoon, Ivanti Pulse Secure, Jaypee University, Jersey’s Financial Services Commission, JFSC, Joomla, Jovani Fashions, Juniper Support Portal, JVC Kenwood, Kick, Kids Care Dental & Orthodontics, KNS Bank, La Bonne Alternance, LDLC, Leicester City Council, Lena Pope Home Inc., LenDenClub, Lindsey Municipal Hospital, Liquid Environmental Solutions, Littleton Regional Healthcare, llama.cpp GGUF library, Llamaya, loanDepot.com, LLC, Loghman Pharmaceuticals, Los Angeles International Airport (LAX), Malawi’s passport system, Maranhao Military Police, Maryville Addiction Treatment Centers, Maryville, Inc., McKenzie County Healthcare System, Inc., MedQ, Inc., Mental Health Center of North Central Alabama, Inc., Merchant.ID, Microsoft (yet again!), Microsoft .NET Framework, Microsoft Azure, 97,000 Microsoft Exchange servers, Microsoft Outlook, Microsoft Streaming Service, MicroStrategy, Ministry of Planning, Minnesota State University-Moorhead, Mirtylla, Motilal Oswal Financial Services, Mr. Green Gaming, NALS Apartment Homes LLC, National Police of Peru, Netgear RAX30, NewGen Administrative Services, LLC, North Hill Employee Dental Plan, North Hill Home Health Care, Inc., North Hill Needham, Inc., Northeast Orthopedics and Sports Medicine, PLLC, Northwestern Mutual Life Insurance, NVIDIA drivers, Oculus Meta, Odette, Online Trade (Онлайн Трейд), Opensea, Orlando VA Medical Center, P-Fleet, Pakistan National Bank, Paragon Technology and Innovation, Paul Davis Restoration, Paysign, Pennsylvania’s State Courts, PetSmart, Philips Respironics, PlayDapp, PowerRail, Prague Regional Memorial Hospital, Prince George’s County Public Schools, Procopio, Cory, Hargreaves & Savitch LLP, Prudential Financial, PSI Software SE, QEMU, QNAP NAS devices, Qualcomm Incorporated, RCI, LLC, Redis servers, Redwood Coast RC, Revolut, Richland Community College, Rio Hondo Community College, RMH Franchise, Robert Half, Roblox, Roku, Inc., Romanian medical facilities (approximately 100), Roswell Park Comprehensive Cancer Center, Royal Canadian Mounted Police (RCMP), Russian Ministry of Defense (Minoborony), SAFE Credit Union, Saint Joseph’s College of Maine, Samsung Electronics, Santa Clarita Community College District, Santa Monica-Malibu Unified School District, SCEVN, Schneider Electric, Seminole County Public Schools, Seneca, Seven Seas Group, Shein, SK Hynix, smartphone voice assistants (VoltSchemer), SolarWinds Access Rights Manager, Sony’s Insomniac Games, South Korean President, Southern Water, Spectrum Vision, SPMundi, Superior Communications, Tangerine, TeamCity, Tehachapi Unified School District, Tesla Phone Key, Texx Offroad, Thai Summit, The Biosig Project, The Northwestern Mutual Life Insurance Company (twice), ThyssenKrupp, Toner-dumping, Tornado Cash, Tracy Unified School District, Trans-Northern Pipelines, Tshwane University Of Technology, TTM Technologies, U-Haul, U.S. Department of the Interior, UAE’s IEMS, Ubiquiti Edge OS routers, UC San Diego Health Hillcrest – Hillcrest Medical Center, Ukraine’s State Environmental Inspector, UniCredit, Unisys, UNITE HERE, University of Cambridge’s Clinical School Computing Service, University of Machester, University of Wolverhampton, US Citizenship and Immigration Services, US Customs Enforcement, Valorem Reply, VARTA AG, Veeco, Vi Senior Living, Victor Valley Union High School District, Victoria Police, Virgin Hotels, Virginia Farm Bureau, VMware Cloud Foundation, VMware ESXi, VMware Fusion, VMware Workstation, VSexShop, Ward Transport & Logistics, Washington County Hospital and Nursing Home, Watson Clinic, WayForward, Webber International University, WebMarketPoint, Welltok, Inc., Western National Group, Western Union, Weston Embedded, Williamson County, TX, Windows AppLocker, Windows Defender SmartScreen, WordPress Brick Builder Theme, WordPress LiteSpeed Cache, WordPress Popup Builder, WordPress Ultimate Member, WoTLabs, Wyze, Yakima Valley Radiology, PC, YX International (2FA provider for Facebook and WhatsApp, Google, TikTok, and others), Zenlayer, Zoom, Zyxel firewalls, and ​​Harvard Pilgrim Health Care​ have reported hacking or compromises this month.

AT&T, Change Healthcare, Facebook, Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), Instagram, LinkedIn, Microsoft Outlook Exchange via ActiveSync, Minnesota State University-Moorhead, Royal Canadian Mounted Police (RCMP), US military pharmacies, WhatsApp, and Wyze have suffered from outages this month.

Citrix and Sophos (both companies over 29 years old) suffered from leap year bugs this year.

Microsoft has announced they’re throwing support behind the “privacy-preserving ads API” which is designed to “less uniquely” identify users. The new system is still designed to collect and share all your interests and internet activity (in fact, the one that will be used in Edge will share your desktop/mobile experience as well as activity in other applications, as Edge does now), but it will not be used to “uniquely” identify you, rather it will collect all this information about your activities and assign your profile to various collections through a process known as meta tagging, and these tags will be used to market to you.

In this way, they’ll be able to tell you’re a divorced Christian 40-something year old female with 2 children, dark hair, wears a size 3, prefers red wine, lives within a 2-block radius of Bank of America in Modesto, orders from Papa Johns once per month and only votes every other election cycle, but they won’t know it’s “you.” Please use an ad-blocker and disable all these metric and ad-measurement features.

The “new Outlook” by Microsoft is collecting logins from third-party accounts and storing them in the Microsoft Cloud without telling their users. Email, contacts and other information from third-party accounts, as well.

While I’m on the topic of Microsoft email…after pushing for better validation and spam controls among their industry partners, Microsoft Exchange is still responsible for a large amount of spam.

Microsoft is also making another push to upgrade those still on Windows 10 to Windows 11. For some devices this means they will be aggressively force-upgraded as happened to Windows 7 users win Windows 10 was released and to some Windows 10 users when Windows 11 was released.

Apple has disabled the Epic developer account, again, claiming that they can’t be trusted. Pot, kettle?

Google Pay is shutting down in the US. If you’ve stored money within this platform you need to move it out before early June. They couldn’t keep their own payment platform alive, but Google believes their AI should be trusted with direct access to information about all hacking incidents so it can be used “for defense.” Somehow I’m just not buying it.

The first publicly known AI prompt injection worm has been created and shown to self-propagate by telling the AI to send a copy of itself through to other AI nodes.

Troy Hunt has a great write-up that demonstrates why it is so easy for scammers to get away with text scams. The vendors suck.

Now for the good news:

Bitcoin broke $73,000 yesterday for the first time, which is $30,000 more than it was at the beginning of the year and $50,000 more than it was a year ago. If you’re looking to sell, don’t. But if you must, we still have about a month of growth yet before the bull run is over. I would be surprised if it doesn’t break at least $82,000 by the first week of April.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is small this month. The typical computer should see roughly 2.3 GB in updates today. Let’s get started.

Microsoft released updates to address 69 vulnerabilities in .NET, Azure Data Studio, Azure SDK, Microsoft Authenticator, Microsoft Azure Kubernetes Service, Microsoft Django Backend for SQL Server, Microsoft Dynamics, Microsoft Edge, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Intune, Microsoft Office, Microsoft Office Outlook, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft QUIC, Microsoft SharePoint Server, Microsoft Teams, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows SCSI Class System File, Open Management Infrastructure, Outlook for Android, Role: Windows Hyper-V, Servicing Stack Update, Servicing Stack Updates, Skype for Consumer, Software for Open Networking in the Cloud (SONiC), Visual Studio Code, Windows AllJoyn API, Windows Cloud Files Mini Filter Driver, Windows Composite Image File System, Windows Compressed Folder, Windows Defender, Windows Error Reporting, Windows Installer, Windows Kerberos, Windows Kernel, Windows NTFS, Windows ODBC Driver, Windows OLE, Windows Print Spooler Components, Windows Standards-Based Storage Management Service, Windows Telephony Server, Windows Update Stack, Windows USB Hub Driver, Windows USB Print Driver, Windows USB Serial Driver, and MSRT. This includes security updates. A reboot is required.

Apple released updates for iOS 15.8.2, iOS 16.7.6, iOS 17.4, iPadOS 16.7.6, iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, Safari 17.4, tvOS 17.4, visionOS 1.1, and watchOS 10.4. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.8.2, 16.7.6 and 17.4 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.6 and 17.4 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.4 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.4 is a security update. Use System, Software Update to install the most current version.

visionOS 1.1 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 120.0.6099.301, 121.0.6167.188 and 122.0.6045.214 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.2.1 improves stability and resolves more than a dozen bugs. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.7.3 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Nvidia Driver 474.89 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.63.169 is a security update.
https://brave.com/

Google Chrome 122.0.6261.111 is a security update.
https://www.google.com/chrome/

Microsoft Edge 122.0.2365.80 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 123.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.8.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Opera 108.0.5067.24 is a security update.
https://www.opera.com/browsers/opera

Opera GX 107.0.5045.60 is a security update.
https://www.opera.com/gx

Vivaldi 6.6.3271.48 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Spark 3.14.3.67453 improves AI training process. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.8.1 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

Dropbox 193.4.5594 resolves stability bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 206.0.0.8.218 is a security update.
https://www.messenger.com/download

FreeFileSync 13.4 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 88.0 doesn’t provide a detailed change log so should be treated as a security update.
https://drive.google.com/start

MeshCentral 1.1.21 resolves dozens of bugs. This is a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.6058 adds several new features. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0.3 resolves dozens of bugs. This is a security update.
https://nextcloud.com/

Omada Software Controller 5.13.30.8 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Rclone 1.66.0 resolves dozens of bugs. This is not a security update.
https://rclone.org/

Signal 7.1.1 is a major update, adding username support, improved privacy controls, new emoji, and resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 7.0.2 is a major update, adding username support, improved privacy controls, new emoji and resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Skype 8.113.0.210 improves stability. This is not a security update.
https://www.skype.com/

Syncthing 1.27.4 resolves several bugs. This is not a security update.
https://syncthing.net/

Telegram 4.15.1 adds Telegram Business features and adds emoji. This is not a security update.
https://telegram.org/

Telegram (Android) 10.9.1 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

WinSCP 6.3.2 updates libraries and resolves several bugs. This is a security update.
https://winscp.net/eng/index.php

Zoom 5.17.11.34827 improves AI and resolves several bugs. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.2 improves face detection, lip sync, and resolves several bugs. This is not a security update.
https://en.3tene.com/

darktable 4.6.1 improves performance and resolves dozens of bugs. This is a security update.
https://www.darktable.org/

Grayjay 236 adds cache support, improved performance, adds watch filters, and resolves several cosmetic bugs. This is not a security update. They also announced that Grayjay Desktop will be available in the coming months. Yay! 🙂
https://grayjay.app/index.html

Kodi 20.5 updates libraries and resolves several bugs. This is a security update.
https://kodi.tv/

Plex Desktop 1.88.1.96 improves stability and resolves a cosmetic bug. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.57.1.100 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

TuneIn 1.28.0 doesn’t provide a change log so should be treated as a security update.
https://tunein.com/radio/home/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2024.2.0.132 resolves several bugs. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.194 adds notification support, QRCode support, one-click iOS export, resolves several bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.71.01 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS3 4.91 adds support for the latest BluRay encodings and improves perofrmance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps3/system-software/

PS5 24.01-08.60.00 improves Parties, hardware support, and performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-03-07 resolves dozens of bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

SteamOS 3.5.17 resolves dozens of bugs and improves compatibility and stability. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Animate 23.0.4 and 24.0.1 are security updates.
https://helpx.adobe.com/security/products/animate/apsb24-19.html

Adobe Bridge 13.0.6 and 14.0.2 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb24-15.html

Adobe ColdFusion 2021.13 and 2023.7 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html

Adobe Experience Manager 2024.03 and 6.5.20.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb24-05.html

Adobe Lightroom 7.2 is a security update.
https://helpx.adobe.com/security/products/lightroom/apsb24-17.html

Adobe Premiere Pro 23.6.4 and 24.2.1 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb24-12.html

Calibre 7.6.0 adds profile support, merge support, and resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.5 resolves a tab-to-spaces bug and adds support for notifications coming in the next version of Notepad++. This is not a security update.
https://github.com/Coises/ColumnsPlusPlus

Ghostscript 10.03.0 resolves several bugs and improves OCR support. This is not a security update.
https://www.ghostscript.com/releases/gsdnld.html

ImageMagick 7.1.1-29 resolves several bugs. This is not a security update.
https://imagemagick.org/

Kdenlive 24.02.0 is a major update, adding native support for DirectX, Metal and Vulkan, Apple Silicon support, and resolves several bugs. This is not a security update.
https://kdenlive.org/

LibreOffice 7.6.5 resolves over 90 bugs. This is a security update.
https://www.libreoffice.org/

LibreOffice Fresh 24.2.1 resolves almost 100 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/

Manager 24.3.10.1347 doesn’t provide a detailed change log so should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.12.1 resolves several bugs. This should be treated as a security update.
https://nextcloud.com/

Notepad++ 8.6.4 resolves a focus bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.13 resolves a couple bugs and updates libraries. This is a security update.
https://www.getpaint.net/

QuickBooks Pro 2022 20231120-R13_69 no longer provides a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20231107-R9_133 does not provide a detailed change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 4.3.1 adds support for new smart cards, Windows root CAs, and resolves several bugs. This is a security update.
https://www.gpg4win.org/download.html

iOS 17.4 is a security update.
https://support.apple.com/kb/HT204204

iPadOS 17.4 is a security update.
https://support.apple.com/kb/HT204204

macOS 14.4 is a security update.
https://support.apple.com/kb/HT201541

MalwareBytes Anti-Malware 4.6.9 prepares the software for the v5 release. This is not a security update.
https://www.malwarebytes.org/antimalware/

OnionShare 2.6.1 updates dependencies, updates release process, resolves several bugs. This is not a security update.
https://onionshare.org/

ProtonVPN (macOS) 4.1.7 improves stability and resolves several bugs. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.15.3 updates engine, improves exclusion and configuration controls, adds support for multiple threat names and multiple schedules. This is not a security update.
https://www.adlice.com/download/roguekiller/

SanDisk PrivateAccess 6.4.10.0 does not provide a change log so should be treated as a security update.
https://support-en.wd.com/app/answers/detailweb/a_id/48025

Stinger 13.0.0.72 adds support for new detections. This is not a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Symantec Norton Removal Tool 20240303
https://support.norton.com/sp/en/us/home/current/solutions/v60392881

Tails 6.0 is a major update, improving persistent storage support, external mounting, session resumption, and application and library updates. This is a security update.
https://tails.net/install/download/index.en.html

tvOS 17.4 is a security update.
https://support.apple.com/kb/HT202716

uBlock Origin 1.56.0 resolves dozens of bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

watchOS 10.4 is a security update.
https://support.apple.com/kb/HT204641

Wireless Network Watcher 2.41 adds option to scan IPv6 addresses. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

SnagIt 24.1.1 updates libraries, improves mute detection, camera mode swapping, and resolves several bugs. This is a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.3 adds support for new encodings and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

StreamFab 6.1.6.8 improves compabitility. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.1.2 improves enlarger and upscaling, improves performance for deinterlacer and denoiser, and resolve several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.35 resolves several bugs, improves compatibility, and updates signature. This should be treated as a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.27 improves compatibility and resolves several bugs. This is not a security update.
https://1password.com/downloads/

Agent Ransack 2022.3425 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

Bitwarden 2024.3.0 adds passkey support to self-hosted version, improved 2FA, redesigned interface. This is a security update.
https://bitwarden.com/

CalyxOS Device Flasher 1.0.9 doesn’t provide a change log so should be treated as a security update.
https://calyxos.org/install/

CCleaner 6.21.10918 resolves several bugs and improves software udpater. This is not a security update.
https://www.ccleaner.com/

Cygwin 3.5.1-1 resolves several bugs. This should be treated as a security update.
https://cygwin.com/

DesktopOK 11.17 resovles several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.27.0 improves plugin support, adds sticky scrolling, extends date filters, improves installer and resolves several bugs. This is a security update.
https://dngrep.github.io/

ExplorerPatcher 22621.3007.63.2 improves compatibility, resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

FileLocator Pro 2022.3425 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

FileTypesMan 2.00 adds option to exclude loading of icons which might cause it to hang or crash. This is not a security update.
https://www.nirsoft.net/utils/file_types_manager.html

Fing 3.6.2 updates signature, improves service not found page, and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Git SCM 2.44.0 resolves several bugs and improves syntax. This is not a security update.
https://git-scm.com/

Go 1.22.1 is a security update.
https://go.dev/

GoodSync 12.5.8 improves compatibility and resolves several bugs. This is not a security update.
https://www.goodsync.com/

Hiren’s BootCD PE 1.0.8 updates drivers. This is not a security update.
https://www.hirensbootcd.org/download/

Homedale 2.11 improves channel width display. This is not a security update.
https://www.the-sz.com/products/homedale/

HWMonitor 1.53 adds hardware support. This is not a security update.
https://www.cpuid.com/softwares/hwmonitor.html

MobileFileSearch 1.48 resolves a bug in export content. This is not a security update.
https://www.nirsoft.net/utils/mobile_device_file_search.html

NConvert 7.172 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NetworkOpenedFiles 1.62 adds sort button to toolbar. This is not a security update.
https://www.nirsoft.net/utils/network_opened_files.html

OSFMount 3.1.1003 improves compatibility. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

OSForensics 11.0.1006 resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

PowerToys 0.79.0 rsolves dozens of bugs and updates libraries. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

ScreenConnect 23.9.10.8817 is a security update.
https://www.connectwise.com/software/control/download

Starwind V2V Converter 9.413 adds support for converting VMs to and from VirtualBox. This is not a security update.
https://www.starwindsoftware.com/starwind-v2v-converter

Sysmon 15.14 resolves crash bugs. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

Unity 2023.2.12 resolves dozens of bugs. This is not a security update.
https://unity3d.com/get-unity/download/archive

WifiInfoView 2.93 adds support for 8.2.11be. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

Windows Migration Assistant 3.0.0.0 doesn’t provide a detailed change log so should be treated as a security update.
https://support.apple.com/en-us/118595

WinGet 1.7.10582 is now officially stable, updating libraries and resolve dozens of bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinRAR 7.00 is a major version, increasing the maximum dictionary size, maximum path length, improved security tagging (MotW), and resolves dozens of bugs. This is not a security update.
https://www.rarlab.com/

WinScan2PDF 8.72 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.19 adds quick and dirty duplicate detection (name patterns only!) and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

XnConvert 1.100.1 improves batch operation. This is not a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2022.2402.1.400 improves tracking, compatibility, and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2023.2402.1.400 improves tracking, compatibility and resolves several bugs. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

.NET Runtime 8.0.3 is a security update.
https://dotnet.microsoft.com/en-us/download/dotnet

ADB 35.0.0 resolves compatibility bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2023.2.1.23 updates libraries and resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.11 resolves several bugs. This is not a security update.
https://desktop.github.com/

Node.js 18.19.1 is a security update.
https://nodejs.org/en/

Node.js 20.11.1 is a security update.
https://nodejs.org/en/

Node.js 21.7.1 is a security update.
https://nodejs.org/en/

Rustup 1.27.0 improves compatibility, updates libraries, and resolves several bugs. This is not a security update.
https://www.rust-lang.org/

SQLite 3.45.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.87.2 is a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Workstation Player 17.5.1 is a security update.
https://customerconnect.vmware.com/downloads/#all_products

Web Package Updates

These are likely to be of interest only to web developers.

Invision Community 4.7.16 is a security update.
https://invisioncommunity.com/

Joomla 5.0.3 and 4.4.3 are security updates.
https://www.joomla.org/

Piwigo 14.3.0 is a security update.
https://piwigo.org/

Autoptimize 3.1.11 resolves several bugs. This should be treated as a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 12.3.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.9.2 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

My Sticky Bar 2.6.8 is a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Theme My Login 7.1.7 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/theme-my-login/

W3 Total Cache 2.7.0 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.6.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.5 resolves several bugs. This is not a security update.
https://wpbakery.com/

WP Mail SMTP 4.0.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WP Plugin Update Checker 5.4 improves detection and resolves a couple bugs. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2024-02-13

Happy Valentine’s Day, Folks!

Today is Patch Tuesday for February, 2024. There were 230+ major hacks and over 200 application updates this month. It’s a big month, with about 3.5 GB of updates for most users.

This Month in Technology

23andMe, Inc., Academy Mortgage Corporation, AHS Management Company, Inc., Air Methods, LLC, Alkem Laboratories, AlmerysAlpine Halo9 iLX-F509, American Meat Companies, Android TV and eCos set-top boxes, Android, Ann & Robert H. Lurie Children’s Hospital, AnyDesk, Apple iPhone, Apple Mac, Apple Vision Pro, Apple Watch, AppleTV, Ashford, Inc., Autel MaxiCharger AC Wallbox Commercial, Automotive Grade Linux, Azura Vascular Care, Azusa Unified School District, Bake ‘N Joy Foods, Inc., Bank of America, Bankers Life and Casualty Company, Blink Mobility, Bosch Thermostats, Brady Martz & Associates PC, 3 million Breathless toothbrushes, BrightStar Care, Buildkit, Burr & Forman LLP, Cadence Bank, California Public Employees Retirement System (CalPERS), Calvià City Council, Canterbury County Council, Carnegie Mellon University, Catholic Charities of the Archdiocese of Miami, Inc., ChargePoint Home Flex, a China-based financial MNC, Chuze Fitness, Citrix Netscaler, Cloudflare, CNO ACE, Coastal Hospice & Palliative Care, Coastal Plains Community Mental Health Mental Retardation Center, Colorado Ophthalmology Associates, PC, Columbus Life Insurance Company, Columbus Regional Healthcare System, Concentra Health Services, Concord Music Group, Inc., Connecticut College, Coppola Physical Therapy and Fitness Gyms, Covenant Care California, LLC, Coventry school, Crace Medical Centre, Des Moines Orthopaedic Surgeons, P.C., Dickinson County Health Department, Docker, Dover District Council, Dutch Ministry of Defence, ElGuindy, Meyer & Koegel, APC, Emmanuel College, EMPORIA EV Charger Level 2, EquiLend Holdings, Europcar, ExpressVPN, Family Healthcare Center, FedEx  Corporation Group Health Plan, Fidelity National Financial, First Financial Security, Inc.,
FortinetFortiOS SSL VPN, FortiSIEM, Fortra GoAnywhere MFT, Framework Computer, Freehold Township schools, Fullerton Joint Union High School District, Gamma Strategies, GEICO Corporation, Georgia’s Fulton County, 5,300+ GitLab instances, Glendale Unified School District, Global Affairs CanadaGlow, Goledo Finance, Google Bazel, Google Chrome, Hair Club for Men, Ltd., Inc., Halara, Hampton-Newport News Community Services Board, Hanmi Bank, Hathway, Health Alliance Medical Plans, Hewlett Packard Enterprise (HPE), Hipocrate Information System, HMG Healthcare, HopSkipDrive, HORNE, LLP, HP ink cartridges, Hyundai Motor Europe, Infosys McCamish Systems LLC, InHealth Technologies, INTEGRIS Health, Islamic Charity in Saudi Arabia, ITITAN Hosting, Ivanti Avalanche, Ivanti Connect Secure VPN, Ivanti Policy Secure Gateway, J.D. Gilmour, Jason’s Deli, 45,000+ Jenkins instances, JetBrains TeamCity, 65 job listing sites, JuiceBox 40 Smart EV Charging Station, Juniper, Kansas City Area Transportation Authority, Kansas State University, Keenan & Associates, Kern Regional Center, Kyocera printers, Liberty Hospital, Lineage, Inc, Livall, LoanDepot, Lutheran World Federation, Marywood Nursing Care Center, Mastodon, McCarthy & Holthus, LLP, Medical Eye Services, Inc., Mercedes-Benz, Microbe & Lab, Microsoft (again!), Microsoft SharePoint, Microsoft SQL servers, Multi-Fineline Electronix, Inc., Musick, Peeler & Garrett LLP, MyPertamina, Nabholz Construction Company Employee Welfare Health Plan, NASCO, National Advisors Holdings, Inc., Nautic Partners, LLC, Navvis & Company, LLC, Naz.API, Oak View Group, Omaha Firefighters Healthcare Trust, Orange Spain, Orange Unified School District, OrthoArkansas, PA Employee Benefit Plan, Ozys, Parkovy, Payoneer, Pennsylvania Emergency Dispatch, Perry Johnson & Associates, Inc., Phoenix Contact CHARX SEC-3100, Pioneer DMH-WT7600NEX, Planet Home Lending, Planeta, PLUS FIVE FIVE, Prestige Care, Inc., Radiant Capital, Rajasthan government (India), Rebekah Children’s Services, Ripple, Romanian Chamber of Deputies, Roundcube email server, Saint Anthony Hospital, Schneider Electric Sustainability, SendGrid, Singing River Gulfport, Singing River Health System, SinglePoint Outsourcing, Inc., Socket, Somesing, SonicWall next-generation firewalls, Sony XAV-AX5500, Spoutible, Summit Medical Group, PLLC, Sun Pain Management, LLC, Tesla Infotainment System, Tesla Modem, Tesla, TGI Direct, Thanet District Council, The Burton Corporation, TIC Hosting, Tietoevry, Tigo, Torchbyte, TP-Link Omada, Trello, Trezor, Trinity Universal Insurance Company, TRISTAR Insurance  Group, U.S. Renal Care, Inc., Ubiquiti Connect EV Station, UEFI Firmware, United Regional Health Care System, Unitronics PLCs, US Department of Health and Human Services, US GSA, US military, Ventura County Credit Union, Veolia North America, Verizon Communications Inc., Verizon, Viamedis, VMware vCenter Server, Walker Therapeutic & Educational Programs, Washington National Insurance Company, Webber Chiropractic Sports Clinic, Inc., Weslend Financial, Windows SmartScreen, WinStar, Wise Lending, and WPS Office have reported hacking or compromises this month.

Atlassian Jira, Microsoft Teams (twice), Parkovy, Tietoevry, and T-Mobile have suffered from outages this month.

Last months updates broke spellcheck in Microsoft Teams, the ability to install updates directly for Microsoft Teams without enabling Delivery Optimization, search in OutlookGoogle Pixel phones, Outlook.com via Outlook, Windows Sysprep, Windows updates.

There is a new “flaw” in the Windows 11 installer, which allows incompatible hardware to be installed to and activated. The Microsoft ms-appinstaller protocol handler is being exploited again to install malware.

The German railway system still uses MS-DOS and Windows 3.11 to manage their displays. Wrenches and toothbrushes are the latest victims in hijacking efforts. A new study demonstrates that the new trend of using AI to write code generates less secure code. SIM swapping is still quite popular.

Google is resuming their migration to Manifest V3, which will result in many content and ad filters failing, as well as many other browser extensions, in only 5 short months.

Amazon AWS is now charging for IPv4 addresses.

While unlikely to make a difference, CA is now suing streaming media services for violating the CCPA. The UN is pushing for a “cybercrime” treaty designed to criminalize all efforts to research malware, security, and vulnerability testing, even when the target of the research has requested it. The treaty would also allow international courts to be used to target anyone using encryption for private communication channels, such as PGP, Telegram, or Signal.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is a big one this month. The typical computer should see roughly 3.5 GB in updates today. Let’s get started.

Microsoft released updates to address 79 vulnerabilities in .NET, .NET Framework, ASP.NET, Azure Active Directory, Azure Connected Machine Agent, Azure DevOps, Azure File Sync, Azure Site Recovery, Azure Stack, Internet Connection Sharing (ICS), Internet Shortcut Files, Microsoft ActiveX, Microsoft Azure Kubernetes Service, Microsoft Defender for Endpoint, Microsoft Dynamics 365, Microsoft Dynamics, Microsoft Edge, Microsoft Entra Jira, Microsoft Exchange Server, Microsoft Message Queuing (MSMQ), Microsoft ODBC Driver, Microsoft Office OneNote, Microsoft Office Outlook, Microsoft Office Word, Microsoft Office, Microsoft Power Platform Connector, Microsoft SQL Data Provider, Microsoft Teams for Android, Microsoft WDAC ODBC Driver, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Microsoft Windows, Servicing Stack Update, Skype for Business, SQL Server, Trusted Compute Base, Visual Studio, Win32k, Windows AppX, Windows DNS Client, Windows DNS Server, Windows Hyper-V, Windows Kernel, Windows LDAP, Windows Network Address Translation (NAT), Windows OLE, Windows Pragmatic General Multicast (PGM), Windows Printing Service, Windows SmartScreen, Windows USB Generic Parent Driver, Windows USB Serial Driver, and MSRT (~ 2.0 GB). This includes security updates. A reboot is required.

Apple released updates for iOS 15.8.1, iOS 16.7.5, iOS 17.3, iOS 17.3.1, iPadOS 15.8.1, iPadOS 16.7.5, iPadOS 17.3, iPadOS 17.3.1, macOS 14.3, macOS 14.3.1, macOS Monterey 12.7.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, Magic Keyboard Firmware 2.0.6, Safari 17.3.1, tvOS 17.3, visionOS 1.0.3, watchOS 10.3, and watchOS 10.3.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.8.1, 16.7.5 and 17.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.8.1, 16.7.5 and 17.3.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.3.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.3 is a security update. Use System, Software Update to install the most current version.

visionOS 1.0.3 is a security update. Use Settings, General, Software Update to install the most current version.

Google Chrome OS 120.0.6099.235 and 121.0.6167.159 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 24.1.1 adds support for new hardware, AFMF and upscaling improvements, and resolves several bugs. AMD Link is being discontinued with this version. This is not a security update.
https://www.amd.com/en/support

Display Driver Uninstaller 18.0.7.2 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Wacom Driver 6.4.5-5 improves reliability. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.62.162 is a security update. Use Menu, Help, About to install the most current version.
https://brave.com/

Firefox 122.0.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.7.0 is a security update. Use Menu, Help, About to install the most current version.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 121.0.6167.160 is a security update. Use Menu, Help, About to install the most current version.
https://www.google.com/chrome/

Microsoft Edge 121.0.2277.113 is a security update. Use Menu, Help, About to install the most current version.
https://www.microsoft.com/en-us/edge/business/download

SeaMonkey 2.53.18.1 is a security update. Use Menu, Help, About to install the most current version.
https://www.seamonkey-project.org/

Vivaldi 6.5.3206.61 is a security update. Use Menu, Help, About to install the most current version.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

DavMail Gateway 6.2.1 is a security update.
https://davmail.sourceforge.net/

Spark 3.13.4.66391 adds deep link email sharing and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark for macOS 3.13.4.66401 adds deep link email sharing and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.7.0 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.8 is a security update.
https://anydesk.com/en/downloads

AnyDesk 8.0.0 for macOS is a security update.
https://anydesk.com/en/downloads

curl 8.6.0 resolves over 100 bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 192.4.4605 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 205.0.0.11.228 is a security update.
https://www.messenger.com/download

FileZilla Client 3.66.5 is a security update.
https://filezilla-project.org/

FileZilla Server 1.8.1 is a security update.
https://filezilla-project.org/

Google Drive 86.0 resolves several bugs. This is not a security update.
https://drive.google.com/start

Grocy Desktop 2.9.0 updates library and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy-desktop

MeshCentral 1.1.20 resolves over a dozen bugs. This is not a security update.
https://meshcentral.com/info/downloads.html

Microsoft Teams 1.7.00.1864 adds several new features, including improved domain & email integration. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0.2 resolves more than 100 bugs. This is a security update.

Homepage

Npcap 1.79 resolves a couple reliability bugs. This is not a security update.
https://nmap.org/npcap/

Omada Software Controller 5.13.23 resolves several bugs. This is not a security udpate.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.22.1 resolves over a dozen bugs. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.77 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.65.2 updates libraries and resolves a couple important reliability bugs. This should be treated as a security update.
https://rclone.org/

Signal 6.47.0 makes several improvements to emoji and emoticon support. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.46.7 doesn’t have a detailed changelog so should be treated as a security update.
https://signal.org/android/apk/

Skype 8.110.0.218 improves stability and resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.27.3 resolves several bugs and improves CLI complettion. This is not a security update.
https://syncthing.net/

Technitium DNS Server 12.0.1 moves to .NET 8, resolves more than a dozen bugs. This is a security update.
https://technitium.com/dns/

Telegram 4.14.15 resolves several bugs. This is not a security update.
https://telegram.org/

Telegram (Android) 10.6.1 resolves several bugs. This is not a security update.
https://telegram.org/apps

Tigase Server 8.3.1 resolves several bugs. This is not a security update.
https://github.com/tigase/tigase-server/releases/latest

Trillian 6.5.0.38 resolves a mute bug. This should be treated as a security update.
https://www.trillian.im/

Zoom 5.17.7.31859 resolves several bugs. This is not a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 4.0.1 improves tracking, compatibility, and resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1.3 adds a few new filters and modules, and resolves several bugs. This is not a security update.
https://www.bitwig.com/download/

Grayjay 233 resolves several crashes and improves stability. This is not a security update.
https://grayjay.app/index.html

Kodi 20.4 resolves dozens of bugs and improves compatibility. This is a security update.
https://kodi.tv/

MediaMonkey 5.2 resolves a cosmetic bug. This is not a security update.
https://www.mediamonkey.com/windows#download

Plex Desktop 1.86.1.4076 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.55.1.4084 updates libraries. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.40.0.7998 improves native tagging, music filtering, resolves several bugs. This should be treated as a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GDevelop 5.3.189 resolves over 20 bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.61.01 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

PS5 2024.206 is a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

Steam 2024-01-13 resolves dozens of bugs. This is not a security update.
https://store.steampowered.com/news/app/593110

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 23.008.20533 is a security update.
https://get.adobe.com/reader

Adobe Commerce 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.3-ext-6, 2.4.2-ext-6, 2.4.1-ext-6, 2.4.0-ext-6, and 2.3.7-p4-ext-6 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-03.html

Magento Open Source 2.4.6-p4, 2.4.5-p6, and 2.4.4-p7 are security updates.
https://helpx.adobe.com/security/products/magento/apsb24-03.html

Adobe Substance 3D Painter 9.1.2 is a security update.
https://helpx.adobe.com/security/products/substance3d_painter/apsb24-04.html

Adobe Acrobat 23.008.20533 and 20.005.30574 are security updates.
https://helpx.adobe.com/security/products/acrobat/apsb24-07.html

Adobe FrameMaker Publishing Server 2022.2 is a security update.
https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-10.html

Adobe Audition 24.2 and 23.6.4 are security updates.
https://helpx.adobe.com/security/products/audition/apsb24-11.html

Adobe Substance 3D Designer 13.1.1 iis a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb24-13.html

Calibre 7.5.1 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

Columns++ 1.0.2 resolves a critical stability bug. This should be treated as a security update.
https://github.com/Coises/ColumnsPlusPlus

ImageMagick 7.1.1-28 updates libraries and resolves over a dozen bugs. This should be treated as a security update.
https://imagemagick.org/

Kindle for PC 2.3.70682 doesn’t provide a changelog so should be treated as a security update.
https://www.amazon.com/kindleforpc

LibreOffice Fresh 24.2.0 is the first version released with the new numbering scheme (year and month of release). This version resolves almost 300 bugs. This is a security update. The “Fresh” line is beta software and should be avoided by most people.
https://www.libreoffice.org/

Manager 24.2.13.1295 doesn’t have any detailed changes in the changelog for the most recent several versions over the last month, so this should be treated as a security update.
https://www.manager.io/

Nextcloud Desktop 3.11.1 updates libraries and resolves over a dozen bugs. This is a security update.

Homepage

Notepad++ 8.6.2 resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

PDF-XChange Editor 10.2.1.385 resolves over a dozen bugs. This is not a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 20231120-R13_63 doesn’t provide a detailed changelog so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 20231107-R9_121 doesn’t provide a detailed changelog so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

uniCenta oPOS 5.0 doesn’t provide a detailed changelog so should be treated as a security update.
https://unicenta.com/

Security Software Updates

One or more of these is likely to be of interest to most people.

Gpg4win 4.3.0 resolves dozens of bugs. This is a security update.
https://www.gpg4win.org/download.html

Java 8u401 is a security update.
https://www.java.com/en/download/manual.jsp

KeePass 2.56 improves integration and search feature, resolves more than a dozen bugs. This is not a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.6.8.311 doesn’t provide a detailed changelog so should be treated as a security update.
https://www.malwarebytes.org/antimalware/

Microsoft Edge Policy 2024.02.06 adds blocklist for extension install types and the ability to preserve Manifest v2 availability. This is not a security update.
https://github.com/MicrosoftDocs/Edge-Enterprise/blob/public/edgeenterprise/microsoft-edge-policies.md

OpenSSL 3.2.1 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN 3.3.5 improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.14.0 is a security update.
https://www.adlice.com/download/roguekiller/

Stinger 13.0.0.64 is a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Symantec Norton Removal Tool 20240206 improves removal. This is not a security update.
https://support.norton.com/sp/en/us/home/current/solutions/v60392881

Tails 5.22 updates libraries, included apps, and resolves several bugs. This is a security update.
https://tails.net/install/download/index.en.html

YARA 4.5.0 resolves a dozen bugs. This is not a security update.
https://github.com/VirusTotal/yara/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.1.1 adds support for new encodings and resolves a couple bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.7.3 resolves over a dozen bugs. This is not a security update.
https://handbrake.fr/

MakeMKV 1.17.6 improves tolerance and resolves several bugs. This is not a security update.
https://www.makemkv.com/download/

StreamFab 6.1.6.5 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.1.1 adds support for denoise, improves upscaling performance, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.24 resolves several bugs, improves idle behavior, and improves integration. This should be treated as a security update.
https://1password.com/downloads/mac/
https://1password.com/downloads/windows/

Agent Ransack 2022.3420 resolves several bugs. This is not a security update.

Agent Ransack – Download

AMD Ryzen Master 2.13.0.2908 adds support for new hardware and improves Curve Optimizer settings. This is not a security update.
https://www.amd.com/en/technologies/ryzen-master

AOMEI Partition Assistant 10.3.0 adds Bitlocker support and resolves several bugs. This is not a security update.
https://www.diskpart.com/

Autoruns 14.11 fixes a parameter parsing bug. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

balenaEtcher 1.18.11 resolves a couple bugs. This is not a security update.
https://etcher.balena.io/

Bitwarden 2024.2.0 improves self-hosting controls, TOTP capture and import. This is not a security update.
https://bitwarden.com/

CCleaner 6.20.10897 improves cleaning, adds bookmark backup removal, and improves compatibility. This is not a security update.
https://www.ccleaner.com/

CPU-Z Installer 2.09 adds support for new hardware and adds the ability to benchmark a single coreset/cluster. This is not a security update.
https://www.cpuid.com/softwares/cpu-z.html

Cygwin 3.5.0 drops support for older Windows versions, adds several new raw maps, API calls, and mixer control. This is not a security update.
https://cygwin.com/

Dell Command Update 5.2.0 improves controls and notifications. This is not a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

DesktopOK 11.16 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.1.7.0 improves PDF search, date-time display, adds mutliple custom editor support, and resolves several bugs. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2024-01-20 adds support for GWS Cloud Service accounts, and resolves several bugs. This is a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything CLI 1.1.0.27 improves performance and adds x64 build. This is not a security update.
https://www.voidtools.com/

Fido 1.55 improves compatibility. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3420 resolves several bugs. This is not a security update.

FileLocator Pro – Download

Fing 3.6.1 resolves a couple bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Go 1.22.0 adds several new language constructs, improved auditing and performance, adds go/version, and enhanced routing. This is not a security update.
https://go.dev/

GoodSync 12.5.5 improves compatibility and resolves more than a dozen bugs. This is not a security update.
https://www.goodsync.com/

Hiren’s BootCD PE 1.0.4 adds several new utilities, updates libraries and applications, adds hundreds of new drives, and resolves several bugs. This is a security update.

Download

Homedale 2.10 adds support for MU-MIMO detection. This is not a security update.
https://www.the-sz.com/products/homedale/

HWiNFO 7.72 doesn’t provide a detailed changelog so should be treated as a security update.

Download HWiNFO

Inkchip WIC 1.17 doesn’t provide a changelog so should be treated as a security update.
https://inkchip.net/wic/

Kingston SSD Manager 1.5.3.6 doesn’t provide a changelog so should be treated as a security update.
https://www.kingston.com/us/support/technical/ssdmanager

MS Printer Metadata Troubleshooter 1.0.0.1 is a security update.
https://support.microsoft.com/en-us/topic/kb5034510-microsoft-printer-metadata-troubleshooter-tool-december-2023-b3197f24-fd25-430d-96d2-70f2044ce6a1

OSForensics 11.0.1004 improves compatibility and resolves dozens of bugs. This is not a security update.
https://www.osforensics.com/download.html

osquery 5.11.0 updates libraries, adds support for new tables, and resolves several bugs. This is a security update.
https://osquery.io/downloads

PowerToys 0.78.0 updates libraries and resolves several bugs. This is a security update.
https://github.com/microsoft/PowerToys/releases/latest

Rufus 4.4 updates libraries and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.9.7.8804 is a security update.
https://www.connectwise.com/software/control/download

SearchMyFiles 3.24 resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

Sysmon 15.12 resolves several stability and reliability bugs. This is a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

Ventoy 1.0.97 adds support for FreeBSD 14.0 and resolves several bugs. This is not a security update.
https://www.ventoy.net/en/index.html

WhyNotWin11 2.6.0.0 improves detection and resolves several bugs. This is not a security update.
https://github.com/rcmaehl/WhyNotWin11

WizTree 4.18 improves scan performance and filter behavior, improves Copy/Cut/Delete, progress bar and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomIt 8.01 adds DemoType (autotyping) support and fixes a crash. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2023.1.1.28 resolves several bugs. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.8 resolves more than a dozen bugs. This is not a security update.
https://desktop.github.com/

Microsoft Visual C++ 2022 Redistributable 14.38.33135.0 doesn’t provide a changelog so should be treated as a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

MySQL ConnectorNet 8.3.0 is a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.36 is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 21.6.1 updates libraries and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/

Node.js 20.11.0 is a security update.
https://nodejs.org/en/

Python 3.12.2 is a security update.
https://www.python.org/downloads/windows/

SQLite 3.45.1 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.86.1 resolves dozens of bugs. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.38 improves BOM detection and resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.17.1 improves compatibility and resolves several bugs. This is not a security update.
https://www.ppsspp.org/download/

VirtualBox 7.0.14 resolves more than a dozen bugs. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.6.26 improves compatibility. This is not a security update.
https://coppermine-gallery.net/

Grocy 4.1.0 updates library and resolves several bugs. This is not a security update.
https://github.com/grocy/grocy

HumHub 1.15.3 resolves several bugs. This is not a security update.

Home

Invision Community 4.7.15 resolves over 50 bugs. This is a security update.
https://invisioncommunity.com/

MailEnable 10.48 resolves more than a dozen bugs. This is not a security update.
https://www.mailenable.com/

ownCloud Client 5.2.1.13040 resolves several bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 14.2.0 resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.4.3 is a security update.
https://wordpress.org/

Akismet 5.3.1 resolves several bugs and improves reliability. This is not a security update.
https://wordpress.org/extend/plugins/akismet/

BuddyPress 12.2.0 is a minor security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.8.7 improves compatibility and resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.8.1 resolves a couple bugs. This is not a security update.

Duplicator – WordPress Migration & Backup Plugin

Email Log 2.4.9 adds controls to limit actions. This is a security update.
https://wordpress.org/extend/plugins/email-log/

Redirection 5.4.2 removes Geo IP and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/redirection/

Social Post Feed 4.2.2 is a security update.
https://wordpress.org/extend/plugins/custom-facebook-feed/

Sucuri Security 1.8.41 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/sucuri-scanner/

WooCommerce 8.5.2 resolves a dozen bugs. This is a security update.
https://wordpress.org/extend/plugins/woocommerce/

WordPress Importer 0.8.2 updates documentation and improves workflow. This is not a security update.
https://wordpress.org/extend/plugins/wordpress-importer/

WP Cerber Security 9.6.2 updates design, adds event insights, and resolves a couple bugs. This is not a security update.
https://wpcerber.com/

WP Mail SMTP 3.11.1 resolves a couple bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WPBakery 7.4 adds built-in SEO toolkit and improves social media controls. This is not a security update.
https://wpbakery.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2023-12-12

Merry Christmas, Folks!

Today is Patch Tuesday for December, 2023.

There were 200+ major hacks, and over 215 application updates this month. Even with all that, it’s actually a pretty small month, with only about 2.5 GB of updates for most users.

This Month in Technology

1st Source Bank, 23andMe, 4 Over LLC, Aadhaar, Acuity, Advantis Global, Inc., Alps Alpine North America, Inc., AMD & Intel CPUs, AMD CPUs, American University of Antigua College of Medicine, Americold Logistics LLC, Apache Struts 2, Ardent Health Services, Austal USA, AutoZone, Avito, Beaverton School District, Big Brothers Big Sisters of America, Bleach Anime Forum, Bloomberg Crypto, Blue Shield of California, Blue Shield of California Promise Health Plan, Bluetooth 4.2 to 5.4 hardware (BLUFFS), British Library, Brodart Co, Brookfield Global Relocation Services, Butte School District, Cadence Bank, California Physicians Service, Cambridge NHS, Capital Health, CareTree, Inc., CBIZ KA, Citrix NetScaler Application Delivery Controller, Citrix NetScaler Gateway, CKF Addiction Treatment, Inc., Clark County School District, Clear Spring Life and Annuity Insurance Company, Coin Cloud, Community Health Network, Inc., Community Healthcare Network, Inc., Counter-Strike 2, CrushFTP, CTS, CVC Holding Corp, CyberLink, Deanco Healthcare LLC, Deer Oaks Behavioral Health, Delaware Life Insurance Company, DePauw University, Detroit Chassis, LLC, Dollar Tree, Dragon Touch, East River Medical Imaging, EMS Management and Consultants Inc., Endocrine and Psychiatry Center, Enstar (US) Inc., Equality Health, LLC, Erris water, Estante Virtual, Ethyrial, Experian, Fenway Community Health Center, Inc., Fidelity National Financial, Financial Risk Mitigation, Inc., FortiSIEM, Foursquare Healthcare, Ltd., Foxit Reader, Fred Hutchinson Cancer Center, Gemplex, General Electric, Gerber Life Insurance Company, Go Ninja, Google Calendar, Gunster, Yoakley & Steward, PA, Hackensack Meridian Health, Hal Turner Radio Show, Hampton-Newport News CSB, Hendersonville, Henry Schein, Holding Slovenske Elektrarne, HSKS Greenhalgh Chartered Accountants and Business Advisors, HTC Global Services, Idaho National Laboratory, IDF, Indian Hotels Company, IndiHome, Industrial and Commercial Bank of China, InflateVids, Inline Plastics Corp., Intel CPUs, International Paper Company, International Paper Company Group Health and Welfare Plan, Jam Tangan, Japan’s Space Agency JAXA, JoyGames, Kaneva, Kansas state court system, KitchenPal, Koeller Nebeker Calrson & Haluk LLP, KyberSwap, Kyivstar, Leggett & Platt Incorporated Employee Benefit Fund, Livermore Amador Valley Transit Authority, Long Beach, California, McLaren Health Care, Medical College of Wisconsin, Medical Eye Services, Inc., MeridianLink, MGM Resorts International, Microsoft DHCP servers, Microsoft Exchange, Midwest Gaming & Entertainment, LLC, Molina Healthcare of Iowa, Inc., Montrose Behavioral Health Hospital, Inc., Morrison Community Hospital District, Movie Forums, Municipal Water Authority of Aliquippa, NASCO, NEWAG trains, Nissan Australia & New Zealand, Nissan Financial Services, Nonstop Administration and Insurance Services, Inc., Norsk Hydro, Northwest Eye Care Professionals, Norton Healthcare, NSC Technologies, NXP, Oak Street Health, Okta, OMGPOP, ownCloud, Pahl & McCay, Pan-American Life Insurance Group, Inc., password managers on Android, Perry Johnson & Associates, pfSense servers, Philippine Government, Poloniex, Postmeds/Truepill, Proliance Surgeons, PruittHealth Network, Psychiatry Associates of Kansas City, Qlik Sense, RailYatri, Redcliffe Labs, Rock Valley Physical Therapy, Rosaviatsia, Rusnak, Saisystems International, Inc., Samsung Electronics, Sellafield, Serbian Civil Society, Shadowfax, Shoval, Sierra County, Sierra OT/IoT routers, SIRVA Worldwide Relocation & Moving Services, SoarGames, Sophos Firewalls, South Korean defense companies, Southwest Behavioral Health Center, Stanley Steemer International, Inc., Staples, State of Maine, Stevedore DP World, Systems East, Inc., Taylor University, TGI Direct, Inc., The Charles Lea Center, Tipalti, Toronto Public Library, Toyota Financial Services, TransUnion, Tri Counties Bank, Troutman Pepper Hamilton Sanders LLP, U.S. Drug Mart, Inc., UEFI on just about every platform, Unitronics PLCs, University of Manchester, US Department of Health and Human Services, US government agencies, Valrhona Inc., Vanderbilt University Medical Center, VMware Cloud Director, Warren General Hospital, Welltok, West Central District Health Department, Weston Embedded uC-HTTP Server, Westside Community Services, Wichita Urology Group, Windows Hello fingerprint authentication, WordPress Backup Migration plugin, WordPress, WP Fastest Cache, Wyoming County Community Health System, Yakima Valley Radiology PC, Yamaha Motor’s Philippines, Yanfeng Automotive Interiors, Zeroed-In Technologies, and Zyxel NAS have reported hacking or compromises this month.

ALPHV, Blender, British Library, Fidelity National Financial, Industrial and Commercial Bank of China, Kyivstar, Optus, Rumble, and Staples have suffered from outages this month.

Last months updates broke Google Drive, USB C compatibility, Microsoft 365 Outlook, trust in the Windows Store, Microsoft 365 authentication, and they’re installing HP Smart on millions of computers without any HP hardware.

Apple introduced a new feature (NameDrop) that allows it to easily share your contact information with someone nearby. While the feature is designed to share information only when the popup is selected, Apple has a history of weak or defective controls on new features. Apple’s AirTags can be silenced to make stalking easier.

Hackers claim they can use expired Google auth cookies to gain access to accounts. A new AI is designed to crack your password by listening to your typing.

Rumble has sued Check My Ads.

The EV death toll is rising and “green lie” is being exposed.

Now for the good news:

The FISA Reform and Reauthorization Act is due to be renewed (like, tomorrow), and information is out that exposes how it can be abused even further. There’s still time to contact your congress critters and ask them to reject it.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is pretty small this month. The typical computer should see roughly 2.5 GB in updates today. Let’s get started.

Microsoft released updates to address 42 vulnerabilities in Azure Connected Machine Agent, Azure Machine Learning, Microsoft Bluetooth Driver, Microsoft Dynamics, Microsoft Edge, Microsoft Office Outlook, Microsoft Office Word, Microsoft Power Platform Connector, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows DNS, Windows Cloud Files Mini Filter Driver, Windows Defender, Windows DHCP Server, Windows DPAPI (Data Protection Application Programming Interface), Windows Internet Connection Sharing (ICS), Windows Kernel, Windows Kernel-Mode Drivers, Windows Local Security Authority Subsystem Service (LSASS), Windows Media, Windows MSHTML Platform, Windows ODBC Driver, Windows Telephony Server, Windows USB Mass Storage Class Driver, Windows Win32K, XAML Diagnostics, AMD Chipsets, and MSRT. This includes security updates. A reboot is required.

Apple released updates for macOS Monterey 12.7.2, macOS Sonoma 14.1.2, macOS Sonoma 14.2, macOS Ventura 13.6.3, iOS 16.7.3, iOS 17.1.2, iOS 17.2, iPadOS 16.7.3, iPadOS 17.1.2, iPadOS 17.2, Safari 17.1.2, Safari 17.2, tvOS 17.2, watchOS 10.2, and Pro Video Formats 2.3. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 16.7.3, 17.1.2 and 17.2 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 16.7.3, 17.1.2 and 17.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.2 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 114.0.5735.343 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.12.1 resolves several bugs and improves compatibility. This is not a security update.
https://www.amd.com/en/support

Crucial Storage Executive 9.09 doesn’t provide a change log so should be treated as a security update.
https://www.crucial.com/support/storage-executive

Display Driver Uninstaller 18.0.7.0 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Drivers by Seagull 2023.4 adds support for 200 new printers. This is not a security update.
https://www.seagullscientific.com/support/downloads/drivers/

DS4Windows 3.2.21 resolves several bugs and updates libraries. This is not a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Epson ET-2800 3.01 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-2800/s/SPT_C11CJ66202

Epson ET-3760 2.68.02 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-3760/s/SPT_C11CG20203

Epson ET-4800 3.01 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4800/s/SPT_C11CJ65201

Epson ET-4850 3.02.00 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-4850/s/SPT_C11CJ60202

Epson ET-5880 3.02 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/ET-Series/Epson-ET-5880/s/SPT_C11CJ28201

Epson WF-4820 3.04.00 doesn’t provide a detailed change log so should be treated as a security update.
https://epson.com/Support/Printers/All-In-Ones/WorkForce-Series/Epson-WorkForce-Pro-WF-4820/s/SPT_C11CJ06201

TP-Link Archer AX55 v1 231130 resolves several bugs. This is a security update.
https://www.tp-link.com/us/support/download/archer-ax55/v1/#Firmware

TP-Link Archer AX73 v2.0 231023 is a security update.
https://www.tp-link.com/us/support/download/archer-ax73/v2.0/#Firmware

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.61.101 is a security update.
https://brave.com/

Firefox 120.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.5.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Google Chrome 120.0.6099.71 is a security update.
https://www.google.com/chrome/

Microsoft Edge 120.0.2210.61 is a security update.
https://www.microsoft.com/en-us/edge/business/download

SeaMonkey 2.53.18 is a security update.
https://www.seamonkey-project.org/

Vivaldi 6.4.3160.47 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.13.2 resolves several bugs. This is a security update.
https://getmailspring.com/

Spark 3.10.6.61878 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.10.6.61877 resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.5.2 is a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk (macOS) 7.3.0 resolves several bugs and improves address book. This is not a security update.
https://anydesk.com/en/downloads

aria2 1.37.0 resolves dozens of bugs and updates libraries. This is not a security update.
https://aria2.github.io/

curl 8.5.0 resolves more than 180 bugs. This is not a security update.
https://curl.haxx.se/windows/

Dropbox 188.4.6302 resolves several bugs. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 201.0.0.9.336 is a security update.
https://www.messenger.com/download

FileZilla Server 1.8.0 is a security update.
https://filezilla-project.org/

FreeFileSync 13.2 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Microsoft Teams 1.6.00.33567 is a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 28.0 resolves dozens of bugs and updates libraries. This should be treated as a security update.
https://nextcloud.com/

Omada Software Controller 5.13.22 resolves several bugs. This is not a security update.
https://www.tp-link.com/us/support/download/omada-software-controller/

Pocketnet-Core 0.22.0 is a major update improving performance and optimizing storage. This is not a security update.
https://pocketnet.app/

Pocketnet-GUI 0.8.74 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.65.0 adds dozens of new features, resolves several bugs, and improves performance and reliability. This is not a security update.
https://rclone.org/

Signal 6.41.0 resolves several bugs. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.41.3 resolves several bugs. This is not a security update.
https://signal.org/android/apk/

Syncthing 1.27.1 resolves several bugs. This is not a security update.
https://syncthing.net/

Telegram 4.12.2 resolves several bugs and improves compatibility. This is not a security update.
https://telegram.org/

Telegram (Android) 10.3.2 doesn’t provide a detailed change log so should be treated as a security update.
https://telegram.org/apps

Wget2 2.1.0 resolves a couple dozen bugs. This is not a security update.
https://gitlab.com/gnuwget/wget2/-/releases

Zoom 5.16.10.26186 updates the icon and adds dozens of new features. This is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.14 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.1 adds several new characters and dozens of new controls and improvements. This is not a security update.
https://www.bitwig.com/download/

Plex Desktop 1.83.1.4061 improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.52.1.4035 updates libraries. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.8.7639 updates libraries and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.11.0.121 doesn’t provide a detailed change log so should be treated as a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.183 vastly improves startup performance and resolves several bugs. This is not a security update.
https://gdevelop.io/download

Minecraft Server (Bedrock) 1.20.50.03 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Minecraft Server (Java) 1.20.4 doesn’t provide a change log so should be treated as a security update.
https://www.minecraft.net/en-us/download/server

Nintendo Switch 17.0.1 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

SteamOS SteamDeck Update 3.5.7 improves stability and USB connectivity. This is not a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Dimension 3.4.11 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb23-71.html

Adobe Experience Manager 2023.11 and 6.5.19.0 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html

Adobe Illustrator 28.1 and 27.9.1 are security updates.
https://helpx.adobe.com/security/products/illustrator/apsb23-68.html

Adobe InDesign 19.1 and 18.5.1 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb23-70.html

Adobe Prelude 22.6.1 is a security update.
https://helpx.adobe.com/security/products/prelude/apsb23-67.html

Adobe Reader DC Patch 23.008.20421 resolves several bugs. This is not a security update. Use Help, Check for updates to install the most current version.
https://get.adobe.com/reader

Adobe Reader DC Patch for MacOS 23.008.20423 resolves several bugs. This is not a security update. Use Menu, Check for updates to install the most current version.
https://get.adobe.com/reader

Adobe Substance3D After Effects 24.1 and 23.6.2 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb23-75.html

Adobe Substance3D Designer 13.1.0 is a security update.
https://helpx.adobe.com/security/products/substance3d_designer/apsb23-76.html

Adobe Substance3D Sampler 4.2.2 is a security update.
https://helpx.adobe.com/security/products/substance3d-sampler/apsb23-74.html

Adobe Substance3D Stager 2.1.3 is a security update.
https://helpx.adobe.com/security/products/substance3d_stager/apsb23-73.html

Audacity 3.4.2 resolves dozens of bugs. This is not a security update.
https://www.audacityteam.org/download/

Calibre 7.1.0 resolves several bugs. This is not a security update.
https://calibre-ebook.com/

ImageMagick 7.1.1-23 resolves dozens of bugs. This is a security update.
https://imagemagick.org/

Inkscape 1.3.2 resolves dozens of bugs. This should be treated as a security update.
https://inkscape.org/release/

Kdenlive 23.08.4 resolves a dozen stability and reliability bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.2.70623 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Krita 5.2.2 fixes more than a dozen bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice 7.5.9 resolves a couple bugs. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 7.6.4 resolves more than 150 bugs. This should be treated as a security update. Remember that the Fresh line is beta software and the “Still” line should be used by most users.
https://www.libreoffice.org/

Manager 23.12.12.1221 resolves more than a dozen bugs and adds several new features, including global inventory transfer and custom depreciation and amortization fields. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.11.0 resolves dozens of bugs and improves compatibility. This is not a security update.
https://nextcloud.com/

Notepad++ 8.6 improves multi-edit, inaccessible file access, and resolves several bugs. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.12 resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.1.3.383 is a security update.
https://www.pdf-xchange.com/product/pdf-xchange-editor

QuickBooks Pro 2022 R13_33 resolves several bugs. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 R9_104 resolves several bugs. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2024 R4_15 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

Security Software Updates

One or more of these is likely to be of interest to most people.

Chainsaw 2.8.1 updates dependencies and resolves a couple bugs. This is not a security update.
https://github.com/countercept/chainsaw

HTTP Toolkit 1.14.8 doesn’t provide a change log so should be treated as a security update.
https://httptoolkit.tech/

MalwareBytes Anti-Malware 4.6.6 resolves a couple bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.2.0 is a security update.
https://slproweb.com/products/Win32OpenSSL.html

ProtonVPN (macOS) 4.0.1 improves the user interface. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.13.1 resolves several bugs. This is not a security update.
https://www.adlice.com/download/roguekiller/

SuperAntiSpyware 10.0.1260 resolves several bugs and adds a Chrome and Edge extension. This is not a security update.
https://www.superantispyware.com/download.html

Tails 5.20 is a security update.
https://tails.boum.org/install/dvd/index.en.html

uBlock Origin 1.54.0 adds differential updates for filter lists and resolves a dozen bugs. This is not a security update.
https://github.com/gorhill/uBlock/releases/latest

VT-CLI 1.0.0 is the first official release version. This is not a security update.
https://github.com/VirusTotal/vt-cli/releases/latest

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.0.2 resolves a dozen bugs. This is a security update.
https://obsproject.com/

ScreenToGif 2.40 improves theming, updates dependencies and resolves several bugs. This is not a security update.
https://github.com/NickeManarin/ScreenToGif/releases/latest

SnagIt 24.0.2 resolves a couple bugs. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.0.7 adds support for new encodings, improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

HandBrake 1.7.1 adds support for new output formats and resolves several bugs. This is not a security update.
https://handbrake.fr/

IsoBuster 5.3 adds support for new hardware, new encodings, new partition schemes, and several bug fixes. This is not a security update.
https://www.isobuster.com/download.php

StreamFab 6.1.5.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.0.6 improves compatibility and performance. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Utility Updates

These are unlikely to be of interest to most people.

1Password 8.10.22 adds reminders to imported passwords and resolves more than a dozen bugs. This is a security update.
https://1password.com/downloads/

Agent Ransack 2022.3418 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AMD Ryzen Master 2.12.0.2806 adds support for new hardware and voltage reporting. This is not a security update.
https://www.amd.com/en/technologies/ryzen-master

Beyond Compare 4.4.7.28397 resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 2023.12.0 resolves several bugs and adds Elastic integration and CLI event logs. This is not a security update.
https://bitwarden.com/

CalyxOS Device Flasher 1.0.8 doesn’t provide a change log so should be treated as a security update.
https://calyxos.org/install/

CCleaner 6.18.10838 resolves several bugs. This is a security update.
https://www.ccleaner.com/

dnGrep 4.0.151.0 adds several new features and controls. This is not a security update.
https://dngrep.github.io/

email-oauth2-proxy 2023-11-18 resolves several bugs. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

ExplorerPatcher 22621.2506.60.1 improves compatibility and resolves several bugs. This is not a security update.
https://github.com/valinet/ExplorerPatcher/

Fido 1.53 adds new UEFI Shell and updates versions. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3418 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Git SCM 2.43.0 resolves dozens of bugs. This is not a security update.
https://git-scm.com/

Go 1.21.5 is a security update.
https://go.dev/

GoodSync 12.4.8 improves compatibility. This is not a security update.
https://www.goodsync.com/

ImageUSB 1.5.1006 improves logging. This is not a security update.
https://www.osforensics.com/tools/write-usb-images.html

Mac Migration Assistant 2.4.5.0 doesn’t provide a change log so should be treated as a security update.
https://support.apple.com/en-us/HT204087

NTLite 2023.11.9515 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

PowerToys 0.76.1 resolves several bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

ProcDump 3.0 for Linux adds memory leak reporting. This is not a security update.
https://live.sysinternals.com/

ripgrep 14.0.3 resolves several bugs. This is not a security update.
https://github.com/BurntSushi/ripgrep/releases/latest

RoboForm 9.5.6 resolves a couple bugs. This is not a security update.
https://www.roboform.com/

ScreenConnect 23.8.6.8735 is a security update.
https://www.connectwise.com/software/control/download

Sysmon 1.3.2 for Linux is a security update.
https://live.sysinternals.com/

WinGet 1.6.3421 updates the app installer and adds Configure command to improve consistency. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WirelessKeyView 2.23 improves QR Code generation and improves compatibility. This is not a security update.
https://www.nirsoft.net/utils/wireless_key.html

XnConvert 1.99 doesn’t provide a detailed change log so should be treated as a security update.
https://www.xnview.com/en/xnconvert/

ZoomText 2023 2023.2311.20.400 resolves several bugs.
https://support.freedomscientific.com/Downloads/ZoomText

ZoomText 2024 is a new major version adding several new mouse and cursor controls, performance improvements, and improved keyboard controls. This is not a security update.
https://support.freedomscientific.com/Downloads/ZoomText

Developer Updates

These are unlikely to be of interest to most people.

Android Studio 2023.1.1.26 resolves several bugs and improves compatibility. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.6 resolves several bugs. This is not a security update.
https://desktop.github.com/

Godot 4.2.1 resolves over 1,800 bugs. This is not a security update.
https://godotengine.org/

Node.js 18.19.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 20.10.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Node.js 21.4.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://nodejs.org/en/

Python 3.12.1 resolves dozens of bugs. This is a security update.
https://www.python.org/downloads/windows/

SQLite 3.44.2 resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.85 adds dozens of new features. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.36 resolves several bugs. This is not a security update.
https://winmerge.org/

Web Package Updates

These are likely to be of interest only to web developers.

Joomla 5.0.1 is a security update.
https://www.joomla.org/

ownCloud Client 5.2.0.12726 resolves a couple bugs. This is not a security update.
https://owncloud.com/desktop-app/

Piwigo 14.0.0 improves search, index, media support, album editor and performance, and resolves several bugs. This is not a security update.
https://piwigo.org/

WordPress 6.4.2 is a security update.
https://wordpress.org/

BuddyPress 12.0.0 is a major update, replacing the rewrite API and resolving dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.8.4 is a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.7.1 is a security update.
https://wordpress.org/plugins/duplicator/#developers

Postie 1.9.68 adds an option to suppress the postie div. This is not a security update.
https://wordpress.org/extend/plugins/postie/

NextScripts Social Networks Auto-Poster 4.4.3 is a security update.
https://wordpress.org/extend/plugins/social-networks-auto-poster-facebook-twitter-g/

W3 Total Cache 2.6.1 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.3.1 resolves dozens of bugs. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WPBakery 7.3 resolves a couple bugs. This is not a security update.
https://wpbakery.com/

WP Cerber Security 9.6 adds 2FA support and improves compatibility. This is not a security update.
https://wpcerber.com/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2023-11-14

Happy Thanksgiving, Folks!

Today is Patch Tuesday for November, 2023. It’s ugly.

This month brings a new version of Windows 11 (v23H2), critical security updates for all supported Apple products, and (literally) new security updates for every browser every single week since the last update cycle on October 10th. That’s on top of the 190+ major hacks, and over 205 application updates this month. Prepare yourself, there will be about 5 GB of updates for most devices this month.

The new Windows Copilot AI feature is now enabled by default in Windows 10 and 11, but can be disabled either in the deep settings or within group policy.

This Month in Technology

1Password, 23andMe, Accenture, Ace Hardware, Advarra, Air Canada, Air Europa, Allen & Overy, Allied Pilots Association, AlohaCare, American Family Insurance, Ampersand, Android 13, AndroidLista, Apache ActiveMQ, Apple Safari, Apple “Find My”, Atlas Healthcare CT, Atlassian Confluence, Avito, BHI Energy Health and Welfare Benefits Plan, BHI Energy I Specialty Services LLC, BHS Physician Network, Inc., Boeing, British Library, Bukalapak, BulletProftLink, Bureau van Dijk, Cadence Bank, Caesars Entertainment, Inc., Casio, CCleaner, Chess, Cisco IOS XE, City of Philadelphia, City of Victorville, California, Clark County School District (CCSD), Colonial Pipeline, Counseling and Recovery Services of Oklahoma, Crum & Forster, D-Link, Dakota Eye Institute, Deer Oaks Behavioral Health, 22 companies overseeing energy infrastructure in Denmark, District of Columbia Board of Elections, DP World Australia, Drug Free Workplaces USA, LLC, Edward C. Taylor, PhD., PL, eleHealth, Ethereum wallet system, European government email servers, F5 BIG-IP, Fidelity National Information Services, Inc., Financial Asset Management Systems, First Judicial Circuit, Fitmart, Five Guys Enterprises, LLC, Frax Outsourcing, Frazier & Deeter, LLC, Fredericksburg Foot & Ankle Center, PLC, GameSprite, GamingMonk, GPD Holdings LLC (CoinFlip), Grammarly, Greater Rochester Independent Practice Association, Inc., Growers Express, LLC, Grupo GTD, Healthsoft LLC, Helping the Aging Needy and Disabled Inc, Henry Schein, Hill International, Inc, Hospital & Medical Foundation of Paris, Inc, Hospital Sisters Health System, Indian state government, Industrial and Commercial Bank of China (ICBC)…which paid the ransom, International Criminal Court, IPM Healthcare DBA Boomerang Healthcare, Jeffco Public Schools, Juniper devices, Jupyter Notebooks, JustSystems Corporation Ichitaro, Kansas Supreme Court, Kwik Trip, Kyocera AVX Components Corporation (KAVX), La Red Health Center, LastPass, LCS Financial Services, LDLC ASVEL, Lennar Corporation, Life Generations Healthcare LLC, Lobel Financial Corporation, Longhorn Village, macOS, Marina Bay Sands, Mattson Technology, Inc., McLaren Health Care, MemeChat, Microsoft Exchange, Morrison Community Hospital, Mozi IoT Botnet, Mr. Cooper, Napa Integrated Medicine PC, NASCO, NetScaler ADC and NetScaler Gateway appliances, New York Life Insurance Company, Northern Iowa Therapy PC, Okta (again and again), OrthoAlaska, LLC, Oscar Insurance Company of Florida, Pacific Clear Vision Institute, Pacific Union College, Peerstar LLC, Pennsylvania General Store, peplink Surf SOHO, Perry Johnson & Associates, Personify Care, Pharmacy Group of Mississippi, LLC, Phoenix, Pisenti & Brinker LLP, Postmeds, Inc./Truepill, Progress Software MOVEit, Progressive Leasing, Prolific Puma, Pypl, QNAP QTS, Radius Global Solutions, RagnarLocker ransomware, Redcliffe Labs, Refresco Beverages US Inc., Resort Data Processing, Inc., Revival Animal Health, Riverside County Office of Education, Roundcube Webmail, Royal Elementor, Samsung Galaxy S23, San Diego PACE, San Francisco Jazz Organization, Sberbank, Seiko, Shadow PC, Simpson Manufacturing, Singing River Health System, 1 million Windows and Linux hosts using SMBv1, SoftEther VPN, SolarWinds Access Rights Manager, South River Technologies Titan MFT and Titan SFTP, Sphero, Stanford University, Stars Arena, State of Maine, Sumo Logic, Sun Life Financial, Sutter Health, SysAid, Taylored Service Parent Co., TeamCity, The Chattanooga Heart Institute, The Commerce Insurance Company (MAPFRE Insurance), The Hilb Group Operating Company, LLC, The Newtron Group, LLC, Toronto Public Library, Toumei, Town of Iowa, Louisiana, Transaction Data Systems, TransForm, Tri Counties Bank, Tri-City Medical Center, Trigona ransomware gang, Trust Benefit Technologies, LLC, Tunngle, 11 Ukrainian telcos, University Federal Credit Union, University of Michigan, University of Missouri, User Submitted Posts WordPress plugin, Veeam ONE IT, Vidio, VMware vCenter Server, VMware vRealize Log Insight, WACOSA, Wescom Central Credit Union, West Texas Gas, Westat, Inc., Western Washington Medical Group, Weston Embedded uC-HTTP HTTP Server, Women Political Leaders Summit, WS_FTP, Wyze Cam v3, Yifan YF325, Zhefengle have reportedly been hacked or compromised this month.

In what should be no surprise to 40,000 people, yes, leaving the default “admin” password will get you hacked.

Cloudflare, OpenAI/ChatGPT, Outlook.com, and the Toronto Public Library have suffered from outages this month.

Last months updates broke .NET 6.0 security patches, .NET 7.0 security patches, Apple device integration with Enterprise Single Sign On, Hosted Exchange, HP motherboards, Hyper-V, Microsoft 365 admin system, Microsoft 365, MS Office, Outlook Desktop, Rivian infotainment systems, Veeam RCT, VMware ESXi, Windows desktop icons, Windows Server 2022 VMs on VMware ESXi, Windows Update, and WSUS.

Microsoft violated (again) their promise not to push bloatware on LTSC.

Microsoft also introduced over 110 security vulnerabilities (discovered so far…) to Microsoft 365 by integrating SketchUp 3D capabilities.

Sadly, Microsoft has also disabled the free upgrade to Windows 10 from Windows 7 and 8. Until about a month ago it was still possible to upgrade older machines to Windows 10 without having to purchase a license. Now it is no longer possible.

Microsoft has also changed Authenticator behavior to suppress notifications for “risky sign-ins.” The idea is that when a login occurs from an unlikely source, somewhere you have not logged in before or a country you’re unlikely to be in, they can prevent the out-of-the-blue popup asking if you’re trying to log in. Unfortunately, if you’ve reused passwords, or used weak passwords, then this will increase the likelihood of a random calls “from microsoft” or “your IT department” asking you to “verify that you still have access to account” by opening the authenticator and actively approving the login. This kind of UI behavior teaches people to be less wary since they have to then go out of their way to “prove” themselves, which is something most humans innately want to do. It’s going to be bad. To reduce the risk please use strong, unique, random passwords to lessen the risk of successful password spraying attacks.

Microsoft extended the security update support period for Windows Server 2012 to October 2026.

LBRY, Inc is finally throwing in the towel after years of fighting the SEC. LBRY is the organization behind the best (IMHO) video and data sharing service in the world, and was targeted because the federal government chooses not to understand crypto. LBRY is dead, long live LBRY!

The US is leading an alliance to never pay ransom to cybercriminals. A US court has ruled that it is not a privacy violation for your car to harvest your contacts, texts and call logs even when you do not grant those permissions. The SEC has charged SolarWinds and their CISO with fraud over the massive hack in late 2020.

Not only is it foolhardy to assume that any automated system could prevent abuse by 100% of the advertisers, Google’s own data shows that the number of malicious ads they have detected has increased by over 50% in the last year.

The “they have detected” clause is the important takeaway from that statement. Google has over a thousand dedicated people within their ad review department whose sole purpose is to detect and block malicious advertisements, and ads that violate any other policies. Even with that, many people that interact with ads still don’t realize they’re advertisements or are taken to malicious or fraudulent sites. They simply can not detect all malicious advertisements.

Now that Google is pushing a new ad-blocker war via YouTube, it’s actually increasing the number of people that realize that they can, and should, take action to block advertisements. Is it any wonder why people are increasingly blocking ads? You should, too. Start with uBlock Origin. Blocking advertisements is not just about security, though, it could help save the planetNeed help? Ask.

Moody’s has downgraded the US financial outlook to “negative”.

Now for the good news:

According to the CDC there are now record-high childhood vaccine refusals across the country. It’s about time.

Let’s Get Busy

Now back to our regularly scheduled program.

Patch Tuesday is huge this month. The typical computer should see roughly 5 GB in updates today. Let’s get started.

Microsoft released updates to address 83 vulnerabilities in .NET Framework, ASP.NET, Azure, Azure DevOps, Microsoft Dynamics, Microsoft Dynamics 365 Sales, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Remote Registry Service, Microsoft WDAC OLE DB provider for SQL, Microsoft Windows Search Component, Microsoft Windows Speech, Open Management Infrastructure, Tablet Windows User Interface, Visual Studio, Visual Studio Code, Windows Authentication Methods, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Compressed Folder, Windows Defender, Windows Deployment Services, Windows DHCP Server, Windows Distributed File System (DFS), Windows DWM Core Library, Windows HMAC Key Derivation, Windows Hyper-V, Windows Installer, Windows Internet Connection Sharing (ICS), Windows Kernel, Windows NTFS, Windows Protected EAP (PEAP), Windows Scripting, Windows SmartScreen, Windows Storage, and MSRT (~ 2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Monterey 12.7.1, macOS Ventura 13.6.2, macOS Sonoma 14.1.1, iOS 15.8, iOS 16.7.2, iOS 17.1.1, iPadOS 15.8, iPadOS 16.7.2, iPadOS 17.1.1, Safari 17.1, tvOS 17.1, and watchOS 10.1.1. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

iOS 15.8, 16.7.2, and 17.1.1 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 15.8, 16.7.2, and 17.1.1 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 10.1.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 17.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 118.0.5993.123/124 and 114.0.5735.339 are security updates. Use Menu, Help, About to install the most current version. A reboot is required.

Fedora 39-1.5 is a major update, adding cosmetic, networking, security and other improvements, and updates libraries. This should be treated as a security update.
https://getfedora.org/en/workstation/download/

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Sonoma (14.x) means that macOS Big Sur (11.x) and older are no longer supported. If you can not install at least macOS Monterey (12) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current — and final — release of the Windows 10 (v22H2) is very large so will take a long time to download on slower connections. All non-LTS versions of Windows 10 other than v22H2 are now out of support, upgrade to v22H2 now. If you aren’t sure whether you are using LTS, you aren’t. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

The now-current release of the Windows 11 (v23H2) is very large so will take a long time to download on slower connections. Windows 11 pushes you to get the latest Windows 11 release every 12 months and only supports any consumer builds for 24 months. If you don’t let it finish and you’re on a slow connection, this process will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Windows 11 is now stable and can be upgraded to if your hardware supports it, but I recommend you continue to use Windows 10 until early 2025 before you consider switching to it.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface. This includes “free” applications like Avast, OpenOffice, and games you do not actually play.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

AMD Adrenalin 23.11.1 resolves several bugs. This is not a security update.
https://www.amd.com/en/support

Daemon Tools Lite 12.0.0 is a major update with a redesign, improves search and resolves several bugs. This is not a security update.
https://www.daemon-tools.cc/products/dtLite

Display Driver Uninstaller 18.0.6.9 improves cleanup. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

DS4Windows 3.2.19 updates libraries and resolves several bugs. This is a security update.
https://github.com/Ryochan7/DS4Windows/releases/latest

Nvidia Driver 474.66 is a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Samsung DeX 2.4.1.22 doesn’t provide a change log so should be treated as a security update.
https://www.samsung.com/us/apps/dex/

Wacom Driver 6.4.4-3 adds support for new hardware and resolves several bugs. This is not a security update.
https://www.wacom.com/en-us/support/product-support/drivers

Browser Updates

One or more of these are likely to be of interest to everyone.

Brave 1.60.114 resolves dozens of bugs. This is a security update.
https://brave.com/

Google Chrome 119.0.6045.123 is a security update.
https://www.google.com/chrome/

Microsoft Edge 119.0.2151.58 is a security update.
https://www.microsoft.com/en-us/edge/business/download

Firefox 119.0.1 is a security update.
https://www.mozilla.org/en-US/firefox/new/

Firefox ESR 115.4.0 is a security update.
https://www.mozilla.org/en-US/firefox/organizations/all/

Vivaldi 6.4.3160.42 is a security update.
https://vivaldi.com/

Microsoft Edge WebView2 119.0.2151.44 is a security update.
https://developer.microsoft.com/en-us/microsoft-edge/webview2/

Email Updates

One or more of these are likely to be of interest to everyone.

DavMail Gateway 6.2.0 updates dependencies and resolves several bugs. This is a security update.
https://davmail.sourceforge.net/

Spark 3.10.2 adds Spark Integrations and +AI to improve automation and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Spark (macOS) 3.10.2.61166 adds Spark Integrations and +AI to improve automation and resolves several bugs. This is not a security update.
https://sparkmailapp.com/

Thunderbird 115.4.2 resolves several bugs. This is not a security update.
https://www.thunderbird.net/en-US/

Internet Updates

One or more of these are likely to be of interest to everyone.

AnyDesk 8.0.6 adds dark mode, improves key handling, improves UI, and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

AnyDesk (macOS) 7.2.3 vastly improves key handling and resolves several bugs. This is not a security update.
https://anydesk.com/en/downloads

BrowsingHistoryView 2.57 improves compatibility with Opera. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

curl 8.4.0 adds support for IPFS and resolves more than 100 bugs. This is a security update.
https://curl.haxx.se/windows/

Dropbox 186.4.6207 improved hard drive space controls. This is not a security update.
https://www.dropbox.com/

Facebook Messenger 199.0.0.9.236 is a security update.
https://www.messenger.com/download

FileZilla Client 3.66.1 improves stability and resolves several bugs. This is not a security update.
https://filezilla-project.org/

FreeFileSync 13.1 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Google Drive 84.0 is a security update.
https://drive.google.com/start

Microsoft Teams 1.6.00.29964 adds SMS notifications, unique join links, workflows within channels and resolves several bugs. This is not a security update.
https://teams.microsoft.com/downloads

Nextcloud Server 27.1.3 is a security update.
https://nextcloud.com/

Npcap 1.78 is a security update.
https://nmap.org/npcap/

Pocketnet-GUI 0.8.67 resolves several bugs. This is not a security update.
https://pocketnet.app/

Rclone 1.64.2 resolves several bugs. This should be treated as a security update.
https://rclone.org/

Signal 6.38.0 improves contact management, voice and video calls. This is not a security update.
https://signal.org/download/windows/

Signal (Android) 6.39.3 improves contact management. This is not a security update.
https://signal.org/android/apk/

Skype 8.106.0.212 resolves several bugs. This is not a security update.
https://www.skype.com/

Syncthing 1.26.0 resolves several bugs. This should be treated as a security update.
https://syncthing.net/

Technitium DNS Server 11.5.3 resolves several bugs. This follows shortly after a security update, so should be treated as a security update.
https://technitium.com/dns/

Telegram (Android) 10.2.3 doesn’t provide a changelog so should be treated as a security update.
https://telegram.org/apps

Telegram 4.11.8 resolves several bugs. This is not a security update.
https://telegram.org/

Zoom 5.16.6.24712 is a security update.
https://zoom.us/

Media Updates

These are unlikely to be of interest to most people.

3tene 3.0.13 resolves several bugs. This is not a security update.
https://en.3tene.com/

Bitwig Studio 5.0.11 resolves several bugs. This is not a security update.
https://www.bitwig.com/download/

iTunes 12.13.0.9 is a security update.
https://www.apple.com/itunes/download/

Picard 2.10 is a security update.
https://picard.musicbrainz.org/

Plex Desktop 1.81.0.4012 adds Discover Together and resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Home Theater 1.50.1.4014 improves stability. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-app

Plex Media Server 1.32.8.7639 resolves several bugs. This is not a security update.
https://www.plex.tv/media-server-downloads/#plex-media-server

VLC Media Player 3.0.20 is a security update.
https://www.videolan.org/vlc/

Game Updates

These are unlikely to be of interest to most people.

GameMaker Studio 2023.8.2.108 improves stability. This is not a security update.
https://www.yoyogames.com/en/gamemaker

GDevelop 5.3.180 resolves several bugs. This is not a security update.
https://gdevelop.io/download

Lego Studio 2.23.10_1 resolves several bugs. This is not a security update.
https://www.lego.com/en-us/ldd

Minecraft Server (Bedrock) 1.20.41.02 doesn’t provide a changelog so should be treated as a security update.
https://www.minecraft.net/en-us/download/server/bedrock

Nintendo Switch 17.0.0 improves stability. This is not a security update.
https://en-americas-support.nintendo.com/app/answers/detail/a_id/22525/kw/system%20updates/p/989

PS5 23.02-08.20.02 improves performance. This is not a security update.
https://www.playstation.com/en-us/support/hardware/ps5/system-software/

SteamOS SteamDeck Update 2023-11-13 is a security update.
https://store.steampowered.com/news/app/1675200/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Acrobat and Reader DC 23.006.20380 is a security update.
https://get.adobe.com/reader

Adobe Acrobat and Reader 20.005.30539 is a security update.
https://helpx.adobe.com/security/products/acrobat/apsb23-54.html

Adobe After Effects 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/after_effects/apsb23-66.html

Adobe Animate 23.0.3 and 24.0 are security updates.
https://helpx.adobe.com/security/products/animate/apsb23-61.html

Adobe Audition 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/audition/apsb23-64.html

Adobe Bridge 13.0.5 and 14.0.1 are security updates.
https://helpx.adobe.com/security/products/bridge/apsb23-57.html

Adobe ColdFusion 2021.12 and 2023.6 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html

Adobe Dimension 3.4.10 is a security update.
https://helpx.adobe.com/security/products/dimension/apsb23-62.html

Adobe FrameMaker Publishing Server 2022.1 is a security update.
https://helpx.adobe.com/security/products/framemaker/apsb23-58.html

Adobe InCopy 18.5.1 and 19.0 are security updates.
https://helpx.adobe.com/security/products/incopy/apsb23-60.html

Adobe InDesign 18.5.1 and 19.0 are security updates.
https://helpx.adobe.com/security/products/indesign/apsb23-55.html

Adobe Media Encoder 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/media-encoder/apsb23-63.html

Adobe Photoshop 24.7.2 and 25.1 are security updates.
https://helpx.adobe.com/security/products/photoshop/apsb23-56.html

Adobe Premiere Pro 23.6.2 and 24.0.3 are security updates.
https://helpx.adobe.com/security/products/premiere_pro/apsb23-65.html

Adobe RoboHelp Server 11.5 is a security update.
https://helpx.adobe.com/security/products/robohelp-server/apsb23-53.html

Artweaver 7.0.16 resolves several bugs. This is not a security update.
https://www.artweaver.de/

Audacity 3.4.1 adds musical view, pitch controls, and resolves a dozen bugs. This is not a security update.
https://www.audacityteam.org/download/

Blender 3.6.5 doesn’t provide a detailed change log so should be treated as a security update.
https://www.blender.org/download/

Calibre 6.29.0 resolves several bugs, improves zoom control, and adds a command line option to open a new instance. This is not a security update.
https://calibre-ebook.com/

Ghostscript 10.02.1 is a security update.
https://www.ghostscript.com/releases/gsdnld.html

GIMP 2.10.36 is a security update.
https://www.gimp.org/

ImageMagick 7.1.1-21 is a security update.
https://imagemagick.org/

Kdenlive 23.08.3 resolves dozens of bugs. This is not a security update.
https://kdenlive.org/

Kindle for PC 2.1.70471 doesn’t provide a change log so should be treated as a security update.
https://www.amazon.com/kindleforpc

Krita 5.2.1 improves various features and resolves dozens of bugs. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice 7.5.8 resolves more than a dozen bugs. This is not a security update.
https://www.libreoffice.org/

Manager 23.11.13.1143 resolves several bugs. This is not a security update.
https://www.manager.io/

Nextcloud Desktop 3.10.1 resolves several bugs. This is not a security update.
https://nextcloud.com/

Notepad++ 8.5.8 resolves more than a dozen bugs. This is a security update.
https://notepad-plus-plus.org/

Paint.net 5.0.11 resolves several bugs. This is not a security update.
https://www.getpaint.net/

PDF-XChange Editor 10.1.2.382 is a security update.
https://www.tracker-software.com/product/pdf-xchange-editor

QuickBooks Pro 2022 R13_09 improves migration assistant and resolves several bugs. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2023 R6_25 resolves resolves a major billing bug. This is not a security update.
https://downloads.quickbooks.com/app/qbdt/products

QuickBooks Pro 2024 20230817-R3_61 doesn’t provide a change log so should be treated as a security update.
https://downloads.quickbooks.com/app/qbdt/products

SumatraPDF 3.5.2 resolves several bugs. This is not a security update.
https://www.sumatrapdfreader.org/download-free-pdf-viewer

Security Software Updates

One or more of these is likely to be of interest to most people.

JShelter 0.17 adds several new controls and features. This is not a security update.
https://jshelter.org/install/

KeePass 2.55 resolves more than a dozen bugs and adds several new features. This is a security update.
https://keepass.info/

MalwareBytes Anti-Malware 4.6.5 improves compatibility and resolves a couple bugs. This is not a security update.
https://www.malwarebytes.org/antimalware/

OpenSSL 3.1.4 is a security update.
https://www.openssl.org/

ProtonVPN (macOS) 4.0.0 improves stability. This is not a security update.
https://protonvpn.com/download

RogueKiller 15.13.0 is a security update.
https://www.adlice.com/download/roguekiller/

Stinger 12.2.0.664 adds support for several new detections. This should be considered a security update.
https://www.mcafee.com/us/downloads/free-tools/stinger.aspx

SuperAntiSpyware 10.0.1258 is a security update.
https://www.superantispyware.com/download.html

Tails 5.19 is a security update.
https://tails.boum.org/install/dvd/index.en.html

Tron 2023-10-17 is a security update.
https://www.bmrf.org/repos/tron/

uBlock Origin 1.53.4 improves stability.
https://github.com/gorhill/uBlock/releases/latest

Wireless Network Watcher 2.40 adds columns for IPv6 Address and Link Local IPv6 Address. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

Capture Updates

These are unlikely to be of interest to most people.

Open Broadcaster Software 30.0.0 is a major update which removes support for older platforms, adds support to new features and capabilities, and resolves over 50 bugs. This should be treated as a security update.
https://obsproject.com/

SnagIt 24.0.1 resolves several bugs, improves performance and adds output to Teams. This is not a security update.
https://www.techsmith.com/screen-capture.html

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 13.0.0.4 resolves dozens of bugs and adds support for new encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

FFmpeg 20231114 adds caption decoding. This is not a security update.
https://ffmpeg.org/ffmpeg.html

StreamFab 6.1.4.9 improves compatibility and resolves dozens of bugs. This is not a security update.
https://www.dvdfab.cn/downloader-new.htm

UniFab 2.0.0.3 improves compatibility and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/unifab.htm

Education updates

One or more of these are likely to be of interest to most people.

Zotero 6.0.30 is a security update.
https://www.zotero.org/

Utility Updates

These are unlikely to be of interest to most people.

.NET Runtime 7.0.13 and 8.0.0 are security updates.
https://dotnet.microsoft.com/en-us/download/dotnet

1Password 8.10.18 resolves over a dozen bugs. This is not a security update.
https://1password.com/

Agent Ransack 2022.3416 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

AMD Ryzen Master 2.11.2.2659 is a security update.
https://www.amd.com/en/technologies/ryzen-master

AOMEI Partition Assistant 10.2.1 improves compatibility. This is not a security update.
https://www.diskpart.com/

Beyond Compare 4.4.7.28397 improves stability and resolves several bugs. This is not a security update.
https://www.scootersoftware.com/download.php?zz=dl4

Bitwarden 2023.10.1 resolves several bugs. This is not a security update.
https://bitwarden.com/

CCleaner 6.17.10746 improves junk cleaning. This is a security update.
https://www.ccleaner.com/

CurrPorts 2.76 adds option to show only incoming TCP connections. This is not a security update.
https://www.nirsoft.net/utils/cports.html

Dell Command Update 5.1.0 is a security update.
https://www.dell.com/support/article/us/en/04/sln311129/dell-command-update?lang=en

Dell OS Recovery Tool 2.3.2.7523 doesn’t provide a change log so should be treated as a security update.
https://www.dell.com/support/home/uk/en/ukbsdt1/drivers/osiso/recoverytool

DesktopOK 11.13 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

dnGrep 4.0.129.0 updates libraries and resolves several bugs. This is a security update.
https://dngrep.github.io/

email-oauth2-proxy 2023-11-01 adds support for secret rotation, resolves a couple bugs, and improves compatibility. This is not a security update.
https://github.com/simonrob/email-oauth2-proxy

Everything Toolbar 1.3.2 resolves a couple bugs. This is not a security update.
https://github.com/stnkl/EverythingToolbar/

Fido 1.52 adds support for Windows 11 23H2. This is not a security update.
https://github.com/pbatard/Fido/releases

FileLocator Pro 2022.3416 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 3.5.1 improves stability and resolves several bugs. This is not a security update.
https://www.fing.com/products/fing-desktop-download-windows

Go 1.21.4 is a security update.
https://go.dev/

GoodSync 12.4.5 resolves dozens of bugs. This is not a security update.
https://www.goodsync.com/

HDD Raw Copy 1.20 doesn’t provide a change log so should be treated as a security update.
https://hddguru.com/software/HDD-Raw-Copy-Tool/

HWiNFO 7.66 adds support for newer hardware and resolves several bugs. This is not a security update.
https://www.hwinfo.com/download/

Java 8u391 is a security update.
https://www.java.com/en/download/manual.jsp

NConvert 7.163 doesn’t provide a change log so should be treated as a security update.
https://www.xnview.com/en/nconvert/

NetworkInterfacesView 1.35 adds support for IPv6 addresses and IPv6 DNS servers. This is not a security update.
https://www.nirsoft.net/utils/network_interfaces.html

NTLite 2023.11.9477 improves compatibility and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

osquery 5.10.2 is a security update.
https://osquery.io/downloads

PingInfoView 3.01 adds support for IPv6, sorting, reporting improvements, and resolves several bugs. This is not a security update.
https://www.nirsoft.net/utils/multiple_ping_tool.html

PowerToys 0.75.1 resolves a couple bugs. This is not a security update.
https://github.com/microsoft/PowerToys/releases/latest

RoboForm 9.5.4 reduces nags and resolves several bugs. This is not a security update.
https://www.roboform.com/

Rufus 4.3 adds support for Windows 11 23H2, improves compatibility, and resolves several bugs. This is not a security update.
https://rufus.ie/en_US/

ScreenConnect 23.8.5.8707 is a security update.
https://www.connectwise.com/software/control/download

Sysmon 15.11 improves performance and resolves a couple bugs. This is a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon

TcpLogView 1.40 adds option to show only incoming connections. This is not a security update.
https://www.nirsoft.net/utils/tcp_log_view.html

VMMap 3.4 adds support for .NET 6 and higher. This is not a security update.
https://docs.microsoft.com/en-us/sysinternals/downloads/vmmap

WinGet 1.6.3133 adds support to configure behavior and resolves several bugs. This is not a security update.
https://github.com/microsoft/winget-cli/releases/latest

WinScan2PDF 8.68 improves performance and reliability. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 4.16 adds several new features, cosmetic and reliability improvements, and resolves several bugs. This is not a security update.
https://www.diskanalyzer.com/

ZoomIt 7.2 adds highlighter and blur and microphone selection. This is not a security update.
https://learn.microsoft.com/en-us/sysinternals/downloads/zoomit

Developer Updates

These are unlikely to be of interest to most people.

ADB 34.0.5 resolves several bugs. This is not a security update.
https://developer.android.com/studio/releases/platform-tools

Android Studio 2022.3.1.21 resolves a couple issues with Gradle. This is not a security update.
https://developer.android.com/studio

GitHub Desktop 3.3.5 resolves several bugs. This is not a security update.
https://desktop.github.com/

Godot 4.1.3 resolves several bugs. This is not a security update.
https://godotengine.org/

Microsoft Visual C++ 2022 Redistributable 14.36.33130.0 is a security update.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist

MySQL ConnectorNet 8.2.0 updates libraries and resolves a couple bugs. This is not a security update.
https://dev.mysql.com/downloads/connector/net/

MySQL Server 8.0.35 resolves over a dozen bugs. This is a security update.
https://dev.mysql.com/downloads/installer/

Node.js 18.18.2 is a security update.
https://nodejs.org/en/

Node.js 20.9.0 is a security update.
https://nodejs.org/en/

Node.js 21.2.0 resolves several bugs, updates libraries, and provides dozens of improvements. This is a security update.
https://nodejs.org/en/

SQLite 3.44.0 provides more than a dozen improvements and bug fixes. This should be treated as a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.84.2 resolves several bugs. As of 1.84 Microsoft has dropped support for 32-bit versions of Visual Studio. This is not a security update.
https://code.visualstudio.com/

WinMerge 2.16.34 resolves several bugs. This is not a security update.
https://winmerge.org/

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.16.6 resolves several bugs. This is not a security update.
https://www.ppsspp.org/download/

VirtualBox 7.0.12 resolves dozens of bugs. This should be treated as a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

HumHub 1.15.0 resolves dozens of bugs. This is a security update.
https://www.humhub.com/en

Invision Community 4.7.14 resolves dozens of bugs. This is not a security update.
https://invisioncommunity.com/

Joomla 5.0.0 and 4.4.0 are both major updates with many new features, compatibility improvements, and bug fixes. These are not security updates.
https://www.joomla.org/

ownCloud Client 5.1.2 is a major update improving compatibility, performance, stability and resolving many bugs. This is not a security update.
https://owncloud.com/desktop-app/

ownCloud Server 10.13.2 updates depenendencies and resolves several bugs. This is a security update.
https://owncloud.com/download-server/

WordPress 6.4.1 is the third update to WordPress in the last month, following several security issues.
https://wordpress.org/

Autoptimize 3.1.10 resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/autoptimize/

BuddyPress 11.4.0 improves stability and compatibility. This is a security update.
https://wordpress.org/extend/plugins/buddypress/

Contact Form 7 5.8.2 improves stability and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/contact-form-7/

Duplicator 1.5.7 resolves a couple bugs. This is not a security update.
https://wordpress.org/plugins/duplicator/#developers

My Sticky Bar (formerly myStickymenu) 2.6.5 rebrands, adds a couple features, and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/mystickymenu/

Postie 1.9.66 improves compatibility and resolves a notification bug. This is not a security update.
https://wordpress.org/extend/plugins/postie/

Show IDs 1.1.10 improves compatibility. This is not a security update.
https://wordpress.org/extend/plugins/wpsite-show-ids/

W3 Total Cache 2.6.0 improves compatibility and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/w3-total-cache/

WooCommerce 8.2.2 resolves several bgus. This is not a security update.
https://wordpress.org/extend/plugins/woocommerce/

WP Mail SMTP 3.10.0 improves OAuth integration and resolves several bugs. This is not a security update.
https://wordpress.org/extend/plugins/wp-mail-smtp/

WP Plugin Update Checker 5.3 resolves a couple bugs. This is not a security update.
https://github.com/YahnisElsts/plugin-update-checker/releases/latest

WPBakery 7.2 adds AI support and resolves several bugs. This is not a security update.
https://wpbakery.com/

WPtouch 4.3.55 resolves several bgus. This is not a security update.
https://wordpress.org/extend/plugins/wptouch/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/