Updates 2020-02-11

Welcome back, Folks!

Today is Patch Tuesday for February 2020.

Microsoft blinked and released three updates to Windows 7 this month, however two of the issues that were resolved were actually caused by their EOL updates released last month. It’s no longer trustworthy, so do not let Windows 7 touch the Internet!

Windows 7 is officially end-of-life (EOL). If you’re still running it, shame on you, and if you are running a licensed version of Windows 7 or 8 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Don’t want to do it yourself? Call me!
https://saferpc.info/contact/

The Windows Update engine relies upon a file called “wsusscn2.cab” which is currently choking on download. While there are several Windows updates available today, it looks like the time just to check for updates will be over 2 hours for most devices today. Have patience or wait to start patching until later when they resolve this issue. There’s plenty of other stuff to patch anyway.

This Month in Technology

macOS finally fixes the Sudo bug (after 9 years), but this pales in comparison to the ease at which Mac users are infected through social engineering tactics. If you still think Mac’s are more secure than Windows, you need to see the numbers from MalwareBytes which show the typical Mac is targeted by nearly double the malware that Windows devices are. One special note here is that the users trusted the names of the websites that were involved, mostly a result of allowing domains to expire (a common concept within the broad scheme of domain hijacking).

While we’re on the subject of renewing domains, don’t forget your certificates! TLS/SSL certificates are often an enterprise’s weakest point of failure, especially when they’re not renewed on time. This will become even more important as TLS 1.0 and 1.1 are deprecated over the next couple months, which will prevent most older devices from being able to safely use the Internet at all. How important is certificate trust? Last months certificate hijacking bug allowed a researcher to replicate NSA and Github certificates in less than 24 hours which could be used immediately in MitM and DNS cache poisoning attacks with no effort from the attacker and as little as 10 lines of browser-based code.

Microsoft has decided to end it’s own ad platform within UWP apps, which will seriously hurt the entire UWP ecosystem and likely their users, by encouraging less security- and privacy-concerned third-party platforms to take their place.

This month we’ve seen data dumps from Twitter user details (shortly before a Twitter outage), Trello, Google, half a million servers, routers, and IoT devices, a major cannabis dispensary POS vendor, THSuite, WhatsApp had a major vulnerability (since patched), a Zoom vulnerability allowed hackers to eavesdrop on your calls, Mitsubishi was hacked via their enterprise security software, Trend Micro OfficeScan, and the United Nations was hacked through an unpatched server.

Is your privacy important? Apple bowed to the FBI to prevent fully-encrypted backups, ICE is using cellphone location data to track immigrants, but Avast has decided to stop selling it’s user data and they’re “sorry”, so at least there’s some good news.

Of course, any account can be hacked, even Facebook’s Twitter and Instagram accounts, and the NFL, and this month the City of Oshkosh (WI) and Duplin County (NC) join the “yet another government network hijacked” club.

It’s one thing to be incompetent when it comes to security, but Blizzard doesn’t even understand their users. This month they’re asserting total copyright ownership of any mods their users create and they released Warcraft: Reforged, which is the first game to ever be reviewed this poorly by the userbase. You might give Blizzard some credit for this – after all, they did build the engine that allowed the third-party “Dota” to flourish. LastPass, however, built their own system but accidentally removed their own extension from the Chrome Web Store!

In IoT news, more than 2/3rds of corporate and government entities were compromised with endpoint attacks in 2019, the weakest link might be the building itself or any of tens of millions of devices on a typical corporate or government network, though, as expected, many Huawei IoT devices have a backdoor. A serious public key exposure in Fortinet SIEM allows evildoers to kill your security appliance, and a critial zero-day in SolarWinds RMM allows attackers to hijack your network. Supply chain attacks targeting EOL Windows 7 devices remind us why we should avoid EOL hardware and software, and Phillips Hue lightbulbs are still proving that they weren’t well though-out security-wise. Thousand of WordPress-based websites have been hijacked to redirect visitors to evil sites, and there is always more to security than patching.

Let’s end my soapbox on a happy note: The best news this month might just be that Netflix finally offers an option to disable those #@$& autoplay previews. It’s about time.

Let’s Get Busy

Now back to our regularly scheduled program. The typical computer should see roughly 2.2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Internet Explorer, .NET, Flash, Servicing Stack, and MSRT (~1.2 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra, iCloud for Windows 10.9.2, iCloud for Windows 7.17, iOS 13.3.1, iPadOS 13.3.1, iTunes for Windows 12.10.4, Safari 13.0.5, tvOS 13.3.1, and watchOS 6.1.2. These are security updates. Use Apple Software Update to install the most current versions.

iOS 13.3.1 and 12.4.5 are security updates. Use Settings, General, Software Update to install the most current update.

iPadOS 13.3.1 is a security update. Use Settings, General, Software Update to install the most current update.

watchOS 6.1.2 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 13.3.1 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 79.0.3945.123 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 32.0.0.330 is a security update. Take comfort knowing that Flash will be EOL in only 10 months.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) and older are no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (1909) is a pretty small update so will install quickly. Windows 10 pushes you to get the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, this process kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.2.2 resolves several issues and improves removal procedure. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

BullZip PDF Printer 11.12.0.2816 improves compatibility with Chrome 80+. This is not a security update.
https://www.bullzip.com/products/pdf/info.php#download

Intel Driver and Support Assistant 20.1.5 improves user interface, performance, uninstall, and resolves several bugs. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 442.19 adds framerate capping, performance improvements for certain games, VRSS controls, and support for newer hardware. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Garmin Express 6.20 doesn’t provide a changelog so should be treated as a security update.
https://www.garmin.com/en-US/software/express/

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 80.0.3987.100 is a security update. This version is also the predecessor to the new samesite cookie handling behavior that will cause problems for various industries, including ad-services. Use Menu, Help, About to install the most current version.

Firefox 73.0 is a security update. Use Menu, Help, About to install the most current version.

Firefox ESR 68.5.0 is a security update. Use Menu, Help, About to install the most current version.

Iridium 2019.11.78 is a security update. Use Menu, Help, About to install the most current version.

Vivaldi 2.10.1745.27 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 68.5.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

MaxMind GeoLite: Due to their interpretation of the CCPA (California Consumer Privacy Act), MaxMind has opted to no longer provide direct downloads of their IP information databases. An account and agreement to perform updates immediately upon publishing new releases and removal of all existing copies is now required. Due to this we will no longer be listing MaxMind on SaferPC. I suggest you integrate their automatic update service into your existing platform to ensure that you can comply with their new usage agreement.

Prosody 0.11.4 improves performance and resolves several bugs. This is not a security update.
https://prosody.im/download/start

BrowsingHistoryView 2.36 adds option to delete Chrome and Firefox history records. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

FreeNAS 11.3 is a major update offering improved performance, security controls, community plugin integration, improved granularity of alerts and more. This is not a security update.
https://www.freenas.org/download-freenas-release/

Npcap 0.9987 is a security update.
https://nmap.org/npcap/

Media Updates

These are unlikely to be of interest to most people.

iTunes 12.10.4 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Steam 2020.01.20 resolves several bugs and improves reliability of Remote Play. This is not a security update.

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 20.006.20034 is a security update. Use Help, Check for Updates to get the most current version.

Adobe DNG 12.2 adds support for new hardware. This is not a security update.
Mac: https://supportdownloads.adobe.com/detail.jsp?ftpID=6879
Win: https://supportdownloads.adobe.com/detail.jsp?ftpID=6881

Adobe Experience Manager 6.5.0-31870 and 6.4.0-31868 are security updates.
https://helpx.adobe.com/security/products/experience-manager/apsb20-08.html

Adobe Digital Editions 4.5.11 is a security update.
https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html

Adobe Framemaker 2019.0.5 is a security update.
https://helpx.adobe.com/security/products/framemaker/apsb20-04.html

Adobe Illustrator CC 24.0.2 is a security update.
https://helpx.adobe.com/security/products/illustrator/apsb20-03.html

Artweaver 7.0.4 resolves several bugs and improves performance with impasto and PSD text layers. This is not a security update.
https://www.artweaver.de/

Atom 1.44.0 resolves several bugs. This is not a security update.
https://atom.io/

LibreOffice Still 6.3.4 is a major update adding a wide variety of new features and performance improvements. This is not a security update.
https://www.libreoffice.org/

LibreOffice Fresh 6.4.0 resolves almost 500 bugs, including security issues. The typical user should run LibreOffice Still (stable), not Fresh (beta).
https://www.libreoffice.org/

Lightworks NLE 14.5 adds dozens of new features, export options, media codecs, and over a hundred bugs. This should be treated as a security update.
https://www.lwks.com/

Notepad++ 7.8.4 adds JSON and Workspace improvements, and resolves a crash bug. This is not a security update.
https://notepad-plus-plus.org/

Paint.net 4.2.9 resolves several bugs and improves performance. This is not a security update.
https://www.getpaint.net/

Security Software Updates

One or more of these is likely to be of interest to most people.

QubesOS 4.0.3 is a security update.
https://www.qubes-os.org/downloads/

elementaryOS 5.1.2 is a security update.
https://elementary.io/

RogueKiller 14.1.1 resolves several bugs. This is a security update.
https://www.adlice.com/download/roguekiller/

TinyWall 3.0 improves reliability, user interface, exception controls, and resolves several bugs. This is not a security update.
https://tinywall.pados.hu/

Capture Updates

These are unlikely to be of interest to most people.

ScreenToGif 2.20.2 resolves several bugs. This is not a security update.
https://www.fosshub.com/ScreenToGif.html

Converter Updates

These are unlikely to be of interest to most people.

MKVToolnix 43.0.0 resolves several bugs and improves user interface defaults options from command line. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

DVDFab 11.0.7.1 resolves several bugs and adds support for newer encodings. This is not a security update.
https://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.6.6 improves compatibility and resolves several bugs. This is not a security update.
https://www.roboform.com/

Easy2Boot 1.B8A improves compatibility and user-interface. This is not a security update.
https://www.fosshub.com/Easy2Boot.html

1Password for Mac 7.4.2 improves compatibility and resolves several bugs. This is not a security update.
https://1password.com/downloads/mac/

ControlMyMonitor 1.25 adds option to put icon in tray. This is not a security update.
https://www.nirsoft.net/utils/control_my_monitor.html

DesktopOK 6.84 resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

DevManView 1.66 adds Class GUID column. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

Etcher 1.5.76 updates libraries and resolves several bugs. This is not a security update.
https://www.balena.io/etcher/

Everything CLI 1.1.0.18 doesn’t provide a changelog, so should be treated as a security update.
https://www.voidtools.com/

FileLocator Pro 8.5.2944 resolves several bugs. This is not a security update.
https://www.mythicsoft.com/filelocatorpro/download

Fing 8.8.2 improves user interaction and resolves several bugs. This is not a security update.
https://community.fing.com/

GoodSync 10.10.21 improves performance and reliability, resolves several bugs. This is not a security update.
https://www.goodsync.com/

MS ISO Downloader 8.31 adds support for new media. This is not a security update.
https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool

OSFMount 3.0.1005 adds command-line options to load physical or logical emulation only, and resolves a permissions bug. This is not a security update.
https://www.osforensics.com/tools/mount-disk-images.html

SetDefaultBrowser 1.4 adds support for Chromium-based Edge. This is not a security update.
https://kolbi.cz/blog/2017/11/10/setdefaultbrowser-set-the-default-browser-per-user-on-windows-10-and-server-2016-build-1607/

TaskSchedulerView 1.54 adds options to select/deselect all to column chooser. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

USBDeview 2.86 adds mode option for Regedit call, to support opening with or without elevation.
https://www.nirsoft.net/utils/usb_devices_view.html

WinScan2PDF 5.21 improves WIA compatibility. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WizTree 3.32 resolves several bugs, adds options to export file types to CSV, filterexclude, and command-line supporter activation. This is not a security update. On the note of Supporters – this software is amazing. Use it. And donate.
https://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive/

Developer Updates

These are unlikely to be of interest to most people.

Godot 3.2 improves reliability, performance, stability and resolves almost 2,000 bugs. This should be treated as a security update.
https://godotengine.org/

Node.js 13.8.0 is a security update.
https://nodejs.org/en/

SQLite 3.31.1 adds generated columns, hard heap limits, improved pragma, dbstat aggregated mode support, open nofollow, and resolves an internal schema compatibility issue. This compatibility fix is temporary, so fix your applications if you currently rely on parsing the data structure via internal schema. This is a security update.
https://www.sqlite.org/download.html

Visual Studio Code 1.42 resolves several bugs, improves user interface, additional preference controls, task management, and more. This is not a security update.
https://code.visualstudio.com/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.1.2-135663 resolves several bugs and improves compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.7.6 resolves several bugs. This is not a security update.
https://www.adminer.org/en/

Drupal 8.8.2 resolves dozens of bugs. This is not a security update.
https://drupal.org/download

HumHub 1.4.0 updates libraries and resolves dozens of bugs. This is not a security update.
https://www.humhub.com/en/download

Joomla 3.9.15 is a security update.
https://www.joomla.org/

Magento 2.3.4, 2.2.11, 1.14.4.4, 1.9.4.4 are security updates.
https://helpx.adobe.com/security/products/magento/apsb20-02.html

Nextcloud Hub 18.0.0 is a major update adding improved file, flow, photos, calendar, mail, and talk integration, and ONLYOFFICE support. This is not a security update.
https://nextcloud.com/

ScreenConnect 19.6.26659.7340 is a security update.
https://www.connectwise.com/software/control/download

SpamAssassin 3.4.4 is a security update.
http://spamassassin.apache.org/downloads.cgi

YOURLS 1.7.6 is a security update.
https://yourls.org/

bbPress 2.6.4 is a security update.

Interactive World Map 3.1.4 is a major update that resolves several issues. This is not a security update.

myStickymenu 2.3.4 resolves several bugs. This is not a security update.

Postie 1.9.41 resolves regex bug and now attempts to process only 1 email at a time. This is not a security update.

Sucuri Security 1.8.23 updates key updater and improves user interface. This is not a security update.

W3 Total Cache 0.13.1 resolves several bugs. This is not a security update.

WooCommerce 3.9.1 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

Updates 2019-10-08

Hi, Folks!

Today is Patch Tuesday for October 2019 and it’s pretty mild for anyone not using Apple products.

The next build of Windows 10, version 1909, will be released any time. This version will be minor compared to other Windows 10 upgrades and should be nearly indistinguishable from 1903. If you’re running 1903 now installing 1909 should have no negative impact. If you’re running an older version I recommend upgrading to 1903 before switching to 1909.

Windows 7 will fall completely out of support in only 3 months. Don’t run out the clock. If you are running a licensed version of Windows 7 you can still upgrade to Windows 10 and have a supported version of Windows for the foreseeable future. Get it done before it’s too late. Don’t want to do it yourself? Call me!
https://saferpc.info/contact/

This month we learned that sometimes the weakest link is support. ZenDesk, central to support for more than 120,000 companies from Airbnb to MailChimp to Vimeo, was hacked in 2016 and discovered it only last week. They’re doing things right: public exposure, contacting customers, describing the chain of events, getting outside help to research and resolve their issues. Unfortunately, this doesn’t eliminate the problems for the approximately 25% of their customers that were exposed in this breach.

Now back to our regularly scheduled program. The typical computer should see roughly 2 GB in updates today. Let’s get started.

Microsoft released updates for Windows, .NET, Edge, Internet Explorer, and MSRT (~ 1.1 GB). This includes security updates. A reboot is required.

Apple released updates for macOS Catalina 10.15, macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, Security Update 2019-005 Sierra, iCloud for Windows 10.7, iCloud for Windows 7.14, iTunes for Windows 12.10.1, iOS 12.4.2, iOS 13.1.2, iPadOS 13.1.2, Safari 13.0.1, Xcode 11.0, tvOS 13, and watchOS 6.0.1. These are security updates. Use Apple Software Update to install the most current versions.

macOS Catalina (10.15) is available! This is a large download and will take between 2 and 4 hours to install on most hardware. The release of macOS Catalina (10.15) means that macOS Sierra (10.12) is now no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

iOS 12.4.2 and 13.1.2 are security updates. Use Settings, General, Software Update to install the most current update.

watchOS 6.0.1 is a security update. Use the Watch app on your iPhone to install the most current version.

tvOS 13.0 is a security update. Use System, Software Update to install the most current version.

Google Chrome OS 77.0.3865.105 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The release of macOS Catalina (10.15) means that macOS Sierra (10.12) is now no longer supported. If you can not install at least macOS High Sierra (10.13) on your Mac then you should immediately remove it from the Internet and use it offline only. It will no longer receive patches or updates and can now no longer be secured.

The now-current release of the Windows 10 (1903) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6 GB through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need or use, reducing the attack surface.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.1.9 improves cleanup, system restore, and resolves several bugs. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Intel Driver and Support Assistant 19.9.38 improves device detection. This is not a security update.
https://www.intel.com/p/en_US/support/detect

nVidia 436.48 adds support for newer hardware and improves performance. This is not a security update.
https://www.nvidia.com/Download/index.aspx?lang=en-us

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 77.0.3865.90 is a security update. Use Menu, Help, About to get the most current version.

Firefox 69.0.2 resolves several bugs, but follows shortly on the heels of 69.0.1, which was a security update. Use Menu, Help, About to get the most current version.

Vivaldi 2.8.1664.40 resolves several bugs. This is not a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 68.1.1 is a security update. Use Menu, Help, About to get the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Prosody 0.11.3 resolves several bugs and improves reliability. This is not a security update.
https://prosody.im/download/start

Trillian 6.2.0.12 resolves several bugs. This is not a security update.
https://www.trillian.im/

aria2 1.35.0 updates libraries and resolves several bugs. This is a security update.
https://aria2.github.io/

BrowsingHistoryView 2.25 adds support for Waterfox. This is not a security update.
https://www.nirsoft.net/utils/browsing_history_view.html

DNSDataView 1.60 adds TTL. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

FileZilla Client 3.45.1 resolves several bugs and adds stale version detection. This should be treated as a security update.
https://filezilla-project.org/

MaxMind GeoIP2 201910 is a data refresh.
http://dev.maxmind.com/geoip/

PuTTY 0.73 is a security update.
https://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

WinSCP 5.15.4 is a security update.
https://winscp.net/eng/index.php

Media Updates

These are unlikely to be of interest to most people.

MusicBrainz Picard 2.2.2 resolves dozens of bugs and adds several new features. This is not a security update.

Flickr Downloadr 3.2.3.1 resolves a JSON length bug. This is not a security update.

iTunes 12.10.1 is a security update. Use Apple Software Update to install the most current version.

Game Updates

These are unlikely to be of interest to most people.

Steam 2019.09.19 resolves a beta bug. This is not a security update. Use Steam to update Steam.

PlayStation PS4 7.00 is a major update that doubles the size limit of parties to 16, improves networking, adds chat transcription, improves voice audio, adds Remote Play to more devices, and resolves several bugs. This is not a security update.
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Artweaver 7.0.2 improves online update and error reporting, resolves several bugs. This is not a security update.
http://www.artweaver.de/

Krita 4.2.7.1 resolves several bugs, improves color selector, layer controls, and adds new brushes. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 6.3.2 resolves dozens of bugs. This is not a security update. (“Fresh” is the Beta version so stick with “Still” unless you don’t mind stability issues.)
https://www.libreoffice.org/

OpenOffice 4.1.7 resolves several bugs and adds support for OpenJDK. This is not a security update.
http://www.openoffice.org/download/

Paint.net 4.2.5 adds support for WebP format and resolves several bugs. This is not a security update.
https://www.getpaint.net/

Adobe DNG Converter 11.4.1 adds support for newer hardware. This is not a security update.
macOS: https://supportdownloads.adobe.com/detail.jsp?ftpID=6743
Windows: https://supportdownloads.adobe.com/detail.jsp?ftpID=6741

Security Software Updates

One or more of these is likely to be of interest to most people.

OpenSSL 1.0.2t is a security update.
https://indy.fulgan.com/SSL/

RogueKiller 13.5.2 resolves several bugs, improves performance for large files, and improves stability. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

Wireless Network Watcher 2.21 updates the internal MAC database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

PureOS 9.0 is a new major release of PureOS, updates libraries, dependencies and forging the way for the final release of the Librem 5. This is a security update.
https://pureos.net/download/

Converter Updates

These are unlikely to be of interest to most people.

MKVToolnix 38.0.0 resolves several bugs, improves immutability, adds new default output (console) to mkvextract. This is not a security update.
https://www.fosshub.com/MKVToolNix.html

DVDFab 11.0.5.3 adds support for new encodings, updates libraries, resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

Education updates

One or more of these are likely to be of interest to most people.

e-Sword 12.1 updates the downloader to support eStudySource. This is not a security update.
https://www.e-sword.net/

Utility Updates

These are unlikely to be of interest to most people.

1Password for Windows 7.3.712 resolves several bugs, adds support for new features. This is a security update.
https://1password.com/downloads/windows/

Agent Ransack 2019.2929 is a major update that adds high-DPI support, improves performance, improves PDF search, resolves several bugs. This is not a security update.
https://www.mythicsoft.com/agentransack/download/

BgInfo 4.28 doesn’t provide a changelog, so should be treated as a security update.
https://live.sysinternals.com/

Sysmon 10.41 resolves a configuration parsing bug. This is not a security update.
https://live.sysinternals.com/

DesktopOK 6.59 resolves several bugs and improves color detection. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Etcher 1.5.57 resolves a startup bug. This is not a security update.
https://www.balena.io/etcher/

FolderChangesView 2.30 adds “*.” support to include/exclude files without filenames. This is not a security update.
https://www.nirsoft.net/utils/folder_changes_view.html

GoodSync 10.10.9 resolves several bugs and updates cipher list. This is a security update.
https://12pd.com/click?goodsync

NTLite 1.8.0.7165 adds new features, updates translations, and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

OSForensics 7.0.1004 adds clipboard viewer, AmCache viewer, auto triage, VM improvements, improved indexing, and resolves several bugs. This is not a security update.
https://www.osforensics.com/download.html

Password Security Scanner 1.46 improves reliability and adds support for Waterfox. This is not a security update.
https://www.nirsoft.net/utils/password_security_scanner.html

Recover Keys 11.0.4.233 adds support for over 1,000 new applications. This is not a security update.
https://recover-keys.com/en/download.html

RoboForm 8.6.1 impose periodic Master Password check, add difference check to Backup/Restore, add import from Sticky Password, resolves several bugs. This is not a security update.
https://12pd.com/click?rf

Rufus 3.8 resolves several bugs. This is not a security update.
https://rufus.ie/en_IE.html

SearchMyFiles 3.05 adds support to specify time range in GMT. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

WakeMeOnLan 1.85 updates the internal MAC database. This is not a security update.
https://www.nirsoft.net/utils/wake_on_lan.html

WifiInfoView 2.47 updates the internal MAC database. This is not a security update.
https://www.nirsoft.net/utils/wifi_information_view.html

WinScan2PDF 5.01 improves drag and drop page re-order feature, multiformat output, adds support for multiple scan operations. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

WSUS Offline 11.8.1 improves detection of updates and resolves supersedence issues. This is not a security update.
http://download.wsusoffline.net/

Developer Updates

These are unlikely to be of interest to most people.

AutoHotkey 1.1.31.00 adds Switch and InputHook, improves support for long paths, and resolves several bugs. This is not a security update.
https://www.autohotkey.com/download/

Android Studio 3.5.1.0 resolves several bugs. This is not a security update.
https://developer.android.com/studio/index.html

Node.js 12.11.1 resolves several bugs. This is not a security update.
https://nodejs.org/en/

SQLite 3.30.0 adds support for aggregate filters, NULLS FIRST/NULLS LAST in order by, improves index, and resolves several bugs. This is not a security update.
https://www.sqlite.org/download.html

Virtual Machine Updates

These are unlikely to be of interest to most people.

PPSSPP 1.9.3 resolves several bugs. This is not a security update.
https://ppsspp.org/downloads.html

Web Package Updates

These are likely to be of interest only to web developers.

YOURLS 1.7.4 is a security update.
https://yourls.org/

Drupal 8.7.8 is a security update.
https://drupal.org/download

Joomla 3.9.12 is a security update.
https://www.joomla.org/

Nextcloud Server 17.0.0 adds remote wipe, improved 2FA, secure view, one-time login tokens, secure mailbox Outlook Add-in, and resolves several bugs. This is not a security update.
https://nextcloud.com/

Adobe ColdFusion 2018.5 and 2016.12 are security updates.
https://helpx.adobe.com/security/products/coldfusion/apsb19-47.html

phpList 3.4.6 resolves several bugs. This is not a security update.
http://www.phplist.com/download

phpMyAdmin 4.9.1 resolves several bugs. This is a security update.
http://www.phpmyadmin.net/home_page/news.php

BuddyPress 5.0.0 adds BP REST API, group invites, group membership requests, improved WP integration, and resolves several bugs. This is not a security update.

Smash Balloon Social Post Feed 2.11 (was Custom Facebook Feed) adds several new options, restores FB group access, and updates FB API to v4.0. This is not a security update.

myStickymenu 2.2.3 updates Pro features. This is not a security update.

Redirection 4.4.2 resolves several bugs. This is not a security update.

W3 Total Cache 0.10.1 resolves several bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2019-01-08

Welcome to 2019, Folks! I’ve never been so happy to have a year behind me. 2019 is looking good even if it starts with a huge number of updates.

Today is Patch Tuesday and it’s a big one. Every major vendor has their regular updates, and it looks like every minor vendor took the holiday break to work on updates for their software, too.

The typical computer should see roughly 3 GB in updates today. Let’s get started.

Microsoft released updates for Windows, Edge, Internet Explorer, .NET, Flash, and MSRT (~2 GB). This includes security updates. A reboot is required.

iOS 12.1.2 is a security update. Use Settings, General, Software Update to install the most current update.

Adobe AIR 32.0.0.89 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Adobe Flash Player 32.0.0.114 is a security update.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Google Chrome OS 71.0.3578.94 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

The now-current release of Windows 10 (1809) will cause your computer to feel unusually slow until it is installed. This is a side-effect of the Windows 10 upgrade cycle, which pushes out 3-6 GB through Windows update to get you to the latest Windows 10 release every 6 months. If you don’t let it finish and you’re on a slow connection, it will kill your Internet performance forever. If you don’t have the bandwidth to download the bits, I’m happy to provide loaner USB drives to our local clients, or, if you prefer to have me mail it to you please contact me for information.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 18.0.0.6 resolves several bugs and adds support for newer hardware. This is not a security update.
https://www.wagnardsoft.com/display-driver-uninstaller-ddu

Logitech Options 7.10.5 is a security update.
https://support.logitech.com/en_us/software/options

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 71.0.3578.98 is a security update.

Vivaldi 2.2.1388.37 is a security update.
https://vivaldi.com/

Email Updates

One or more of these are likely to be of interest to everyone.

Mailspring 1.5.5 adds preview for common attachment types and resolves several bugs. This is not a security update.
https://getmailspring.com/

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 8.36.0.52 resolves several bugs. This is not a security update.
https://12pd.com/click?skype

DNSDataView 1.56 adds command-line configuration syntax. This is not a security update.
https://www.nirsoft.net/utils/dns_records_viewer.html

IPNetInfo 1.80 now defaults to detecting IPv6 addresses and provides command-line configuration syntax. This is not a security update.
https://www.nirsoft.net/utils/ipnetinfo.html

WinSCP 5.13.7 resolves several bugs. This is not a security update.
https://winscp.net/eng/index.php

uTorrent 3.5.5 Build 44954 resolves several bugs. This is not a security update.
https://www.utorrent.com/downloads

FreeFileSync 10.7 resolves several bugs. This is not a security update.
https://www.freefilesync.org/download.php

Npcap 0.99-r8 resolves several bugs. This is not a security update.
https://nmap.org/npcap/

MaxMind GeoIP Data 201901 is a data refresh.
https://dev.maxmind.com/geoip/geolite

Media Updates

These are unlikely to be of interest to most people.

VLC Media Player 3.0.5 resolves several bugs, updates libraries and components, and now imposes runtime hardening on macOS. This is not a security update.
https://www.videolan.org/vlc/

MusicBrainz Picard 2.1 resolves many bugs, adds AAC/ADTS/MIDI/SMF support, $delete, $title, and several other improvements. This is not a security update.
https://picard.musicbrainz.org/

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.5.32.18460 resolves several bugs and adds data moving. This is not a security update.
https://www.origin.com/en-us/download

PlayStation PS4 6.20 improves performance. This is not a security update. Note that Sony says it is important not to install this update “soon before or soon after” a power outage. If you’re planning to have a power outage, wait for well after it ends before installing the PS4 update. LOL
https://www.playstation.com/en-us/support/system-updates/ps4/

Office Updates

One or more of these are likely to be of interest to most people.

Adobe Reader DC 19.010.20069 is a security update. Use Help, Check for Updates to install the most current version.

Adobe Connect 10.1 is a security update.
Win: https://www.adobe.com/go/Connectmsi
Mac: https://www.adobe.com/go/ConnectSetupMac

Adobe Digital Editions 4.5.10 is a security update.
https://www.adobe.com/solutions/ebook/digital-editions/download.html

Notepad++ 7.6.2 resolves several bugs and improves the plugin sanity…but requires that you move any plugins you put in %appdata% for 7.6 under %programdata% now with 7.6.1+, but still allows custom user-level configuration of the installed plugins through %appdata%. It’s the right way to do things and will be better for all of us once we get past this. This is not a security update.
https://12pd.com/click?npp

Krita 4.1.7 resolves several bugs, including a rather annoying wifi bug introduced by a dependency. This is not a security update.
https://krita.org/en/download/krita-desktop/

LibreOffice Fresh 6.1.4 resolves over a hundred bugs. This is not a security update.
https://www.libreoffice.org/

Kindle for PC 1.25.0 Build 52064 doesn’t provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

TDSSKiller 3.1.0.25 doesn’t provide a changelog so should be treated as a security update.
https://support.kaspersky.com/viruses/utility#TDSSKiller

Wireless Network Watcher 2.19 updates the MAC addresses database. This is not a security update.
https://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 13.0.21 resolves several bugs, adds signatures, improves high-DPI support, and updates core engine. This is not a security update.
https://www.adlice.com/softwares/roguekiller/

SuperAntiSpyware 8.0.1026 resolves several bugs and adds ability to disable notifications.
https://www.superantispyware.com/download.html

Avast! Home Edition 19.1.2360 resolves several bugs, improves GUI, and reduces clutter. It still doesn’t behave well with low-resolution screens.
https://www.avast.com/free-antivirus-download

KeePass 1.37 adds several options including the ability to avoid storing data in the clipboard history. This should be treated as a security update.
https://keepass.info/

Converter Updates

These are unlikely to be of interest to most people.

CDex 2.13 resolves several bugs. This is not a security update.
https://cdex.mu/?q=download

AVStoDVD 2.8.8 resolves several bugs, adds several new features, and updates libraries. This should be treated as a security update.
https://sites.google.com/site/avstodvdmain/

DVDFab 11.0.1.2 adds several new output options, new encodings, and resolves several bugs. This is not a security update.
https://www.dvdfab.cn/download.htm

IsoBuster 4.3 adds support to many new formats, resolves several new bugs, and adds syntax and command-line options, settings, performance improvements, and more. This is not a security update.
https://www.isobuster.com/download.php

Utility Updates

These are unlikely to be of interest to most people.

RoboForm 8.5.5 resolves several bugs. This is not a security update.
https://12pd.com/click?rf

7-Zip 18.06 improves performance and resolves several bugs. This is not a security update.
https://www.7-zip.org/

GoodSync 10.9.21 improves stability, license management, and resolves several bugs. This is not a security update.
https://12pd.com/click?goodsync

NTLite 1.7.2.6650 adds command-line support and resolves several bugs. This is not a security update.
https://www.ntlite.com/download/

1Password for Mac 7.2.4 is a security update.
https://1password.com/downloads/mac/

1Password for Windows 7.2.617 improves stability and compatibility. This should be considered a security update.
https://1password.com/downloads/windows/

DevManView 1.56 adds command-line configuration support and now returns an error code instead of 0 on error. This is not a security update.
https://www.nirsoft.net/utils/device_manager_view.html

DesktopOK 5.82 improves compatibility and resolves several bugs. This is not a security update.
https://www.softwareok.com/?seite=Freeware/DesktopOK

Everything 1.4.1.924 resolves several bugs. This is not a security update.
https://www.voidtools.com/

Sysmon 8.04 reverts a filtering change that broke existing configuration files, and resolves a couple bugs. This is not a security update.
https://sysinternals.com/

Bitcoin 0.17.1 resolves several bugs and improves performance. This is not a security update.
http://bitcoin.org/en/download

PointerStick 3.41 is a cosmetic update. This is not a security update.
https://www.softwareok.com/?seite=Freeware/PointerStick

SearchMyFiles 2.91 adds duplicate file indication. This is not a security update.
https://www.nirsoft.net/utils/search_my_files.html

TaskSchedulerView 1.46 adds policy control for multiple instances and a column for network availability requirement. This is not a security update.
https://www.nirsoft.net/utils/task_scheduler_view.html

WifiChannelMonitor 1.58 adds always on top support and updates internal MAC database. This is not a security update.
https://www.nirsoft.net/utils/wifi_channel_monitor.html

WinScan2PDF 4.67 adds support for new translations and improves customization. This is not a security update.
https://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Node.js 11.6.0 adds and improves certificate trust and resolves several bugs. This should be treated as a security update.
https://nodejs.org/en/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VirtualBox 6.0.0-127566 is a major update with many resolved bugs. This version adds HiDPI support, export to Oracle Cloud Infrastructure, improved setup and maintenance, improved 3D support for guests, surround sound speakers, and Hyper-V as fallback core for compatibility. This is not a security update.
https://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

TinyMCE 4.9.2 resolves several bugs. This is not a security update.
https://www.tinymce.com/download/

phpList 3.3.7 resolves a minor bug. This is not a security update.
http://www.phplist.com/download

Coppermine Gallery 1.5.48 is a security update.
https://coppermine-gallery.net/

Drupal 8.6.5 resolves several bugs. This is not a security update.
https://drupal.org/download

YOURLS 1.7.3 resolves several bugs, adds hooks, and updates libraries. This should be treated as a security update.
https://yourls.org/

WordPress 5.0.2 resolves over 70 bugs in the 5.0 branch and follows quickly on the heels of the 5.0.1 security update. This should be treated as a security update to 5.0.
https://wordpress.org/

Contact Form 7 5.1.1 improves handling of empty response. This is not a security update.

Postie 1.9.27 improves support for parent post detection. This is not a security update.

Sucuri Security 1.8.19 resolves a couple bugs. This is not a security update.

Theme My Login 7.0.12 improves compatibility and reliability. This is not a security update.

WooCommerce 3.5.3 resolves a cosmetic bug for WP5 compatibility. This is not a security update.

WP Add Custom CSS 1.1.3 improves compatibility and uninstaller. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2017-05-09

Hi, Folks!

It’s Patch Tuesday.

This month brings some downright scary news in the security world.

Intel announced they made a “minor coding error” in their CPUs designed for Enterprise deployment, which allows unauthenticated third parties to control pretty much every aspect of their computers. Oops.

Microsoft released a critical out-of-band security update yesterday, the day before Patch Tuesday, due to the severity of the bug in the Microsoft Malware Protection Engine (a component used by Microsoft firewalls, Windows Defender, Microsoft Security Essentials and other Microsoft security products). If you’re running Windows 10 the update should be have been installed automatically for you during the definition update process. If running an older version of Windows, it’ll be installed for you today when you install the rest of Windows Updates. You are going to install updates today, right?

Have I Been Pwned announced that another billion (with a B) accounts have been released on the web. If nothing else, consider this a reminder that if you haven’t started using a password manager yet, you’re really only hurting yourself.

The Windows 10 Creators Update (aka 1703, aka TH4) has been out about a month now and is remarkably stable. This major upgrade takes a few hours to install but improves responsiveness and corrects the app reinstall bug that has plagued previous builds of Windows 10. Windows 10 version 1507 (aka 10240) is now End-of-Life, which means that it will no longer receive important security updates. If you’re still running this version of Windows you must upgrade to at least version 1511 (10586) to continue to receive security updates. Use the installer here to get the most current version:
https://12pd.com/click?win10upgrade

Like Win10 1507, Windows Vista is dead. Really. It won’t be missed. If you’re still running Vista, take the machine off the Internet (forever) or switch to Fedora or any other supported operating system:
https://getfedora.org/
If you need help, contact me.

Now back to our regularly scheduled program.

The typical computer should see roughly 1gb in updates today. Let’s get started.

Microsoft released updates to Windows, .NET, Windows Defender, Internet Explorer, Edge, WEPOS, and MSRT (~800mb). This includes security updates. A reboot is required.

Google Chrome OS 58.0.3029.89 is a security update. Use Menu, Help, About to install the most current version. A reboot is required.

Adobe Flash Player 25.0.0.171 is a security update. Flash is being actively replaced with HTML5 on most sites and services, however, so unless you’re 110% positive you need it for critical functions, you should remove it instead. And, within those browsers that have it embedded (Chrome, Edge, Internet Explorer 11+) your best option is to disable it. It’s just not worth the risk.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Driver Updates

If you’re using this hardware – these updates are for you.

Display Driver Uninstaller 17.0.6.4 improves update checking, and is now digitally signed. This should be treated as a security update.
http://www.wagnardsoft.com/display-driver-uninstaller-ddu

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 58.0.3029.96 is a security update. Use Menu, Help, About to install the most current version.

Firefox 53.0.2 is a security update. Use Menu, Help, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

Thunderbird 52.1.0 is a security update. Use Menu, Help, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

.NET Framework 4.7 is a major feature update. This should be treated as a security update. Use Windows Update to get the most current version.

Adobe Shockwave 12.2.8.198 is a security update. Shockwave is not required for most users, so you’re better off removing it than updating. If you find that you do require it later on, you can always install the update then.
https://12pd.com/click?shockwave

Silverlight 5.1.50906 is a security update.
http://www.microsoft.com/getsilverlight/Get-Started/Install/Default.aspx

Java 8u131 is a security update. Java is *not* JavaScript, and most computers do not require it. You’re better off removing it unless you are 100% sure you do require it. You can always install it later if you discover an application requires Java.
http://www.java.com/en/download/manual.jsp

Skype 7.35.0.102 improves stability and reliability. This is not a security update.
https://12pd.com/click?skype

Line 7.3.0 adds Ladder Shuffle and Relay. This is not a security update.
http://line.me/update

WinSCP 5.9.5 is a security update.
http://winscp.net/eng/index.php

Evernote 6.5.4.4720 fixes several bugs. This is not a security update.
http://www.evernote.com/

Nmap 7.40 adds several new scripts, updates libraries, and adds new features. This is a security update.
http://nmap.org/

uTorrent 3.5.0 Build 43580 is a security update.
http://www.utorrent.com/downloads

FileZilla 3.25.2 is a security update.
http://filezilla-project.org/

MaxMind GeoIP Data 201705 is a data refresh.
http://dev.maxmind.com/geoip/

Media Updates

These are unlikely to be of interest to most people.

CDBurnerXP 4.5.7.6623 resolves several bugs. This is not a security update.
http://cdburnerxp.se/

MusicBrainz Picard 1.4.2 resolves several bugs. This is not a security update.
http://musicbrainz.org/doc/MusicBrainz_Picard

Game Updates

These are unlikely to be of interest to most people.

EA Origin 10.4.9.38188 updates the interface and resolves several bugs. This is not a security update.
https://www.origin.com/en-us/download

Office Updates

One or more of these are likely to be of interest to most people.

Paint.net 4.0.16 resolves a crash bug. This is not a security update.
http://www.getpaint.net/

IcoFX 3.0.3 fixes scaling issues on high-DPI displays. This is not a security update.
http://icofx.ro/

Kindle for PC 1.20.1 Build 47037 does not provide a changelog, so should be treated as a security update.
https://12pd.com/click?kindle4pc

Security Software Updates

One or more of these is likely to be of interest to most people.

Tails 2.12 is a security update.
https://tails.boum.org/install/index.en.html

Norton Power Eraser 20170412 is a security update.
https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN_EndUserProfile_en_us

Avast! Home Edition 17.4.2294 resolves several bugs and updates the GUI. This is a security update.
http://www.avast.com/free-antivirus-download

KeePass 1.32 improves several features, fixes bugs and updates libraries. This is a security update.
http://keepass.sourceforge.net/

Wireshark 2.2.6 is a security update.
http://www.wireshark.org/

DNSQuerySniffer 1.61 adds ability to show only failed DNS queries. This is not a security update.
http://www.nirsoft.net/utils/dns_query_sniffer.html

MSRT 5.48 is a security update.
http://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

Wireless Network Watcher 2.11 updates the internal MAC databae. This is not a security update.
http://www.nirsoft.net/utils/wireless_network_watcher.html

RogueKiller 12.10.8 is a security update.
http://www.adlice.com/softwares/roguekiller/

TDSSKiller 3.1.0.15 is a security update.
http://support.kaspersky.com/viruses/utility#TDSSKiller

Capture Updates

These are unlikely to be of interest to most people.

XSplit Broadcaster 2.9.1701.1640 improves stability on Windows 10 Creators Update. This is not a securty update.
http://www.xsplit.com/get/

XSplit Gamecaster 2.9.1701.1621 improves stability on Windows 10 Creators Update. This is not a securty update.
http://www.xsplit.com/get/

Converter Updates

These are unlikely to be of interest to most people.

FFmpeg 3.3 doesn’t provide a changelog, so should be treated as a security update.
http://ffmpeg.org/ffmpeg.html

DVDFab 10.0.3.6 improves stability and compatibility. This is not a security update.
http://www.dvdfab.cn/download.htm

Utility Updates

These are unlikely to be of interest to most people.

NTLite 1.3.0.5024 improves compatibility with Windows 10 Creators Update. This is not a security update.
https://www.ntlite.com/download/

GoodSync 10.4.4 improves stability and compatibility. This is not a security update.
https://12pd.com/click?goodsync

RoboForm 8.3.3 improves stability. This is not a security update.
https://12pd.com/click?rf

Bitcoin 0.14.1 improves performance, fixes several bugs and stability issues. This is not a security update.
http://bitcoin.org/en/download

CintaNotes 3.7 adds drag & drop from any application, improves printing and stability, and resolves several bugs. This is not a security update.
http://cintanotes.com/download

DesktopOK 4.69 improves compatibility. This is not a security update.
http://www.softwareok.com/?seite=Freeware/DesktopOK

AS SSD Benchmark 1.9.5986 improves stability and compatibility within Windows 10. This is not a security update.
http://alex-is.de/PHP/fusion/downloads.php?cat_id=4&download_id=9

LessMSI 1.6.1 improves stability. This is not a security update.
http://lessmsi.activescott.com/

NetworkTrafficView 2.06 adds ability to map source IP address. This is not a security update.
http://www.nirsoft.net/utils/network_traffic_view.html

SearchMyFiles 2.82 adds ability to exclude folders by name without path. This is not a security update.
http://www.nirsoft.net/utils/search_my_files.html

USBDeview 2.66 adds the ability to start the remote registry service even if it’s disabled. This is not a security update.
http://www.nirsoft.net/utils/usb_devices_view.html

WakeMeOnLan 1.79 adds a 64-bit version and updates the MAC address list. This is not a security update.
http://www.nirsoft.net/utils/wake_on_lan.html

WifiChannelMonitor 1.48 updates the internal MAC address list. This is not a security update.
http://www.nirsoft.net/utils/wifi_channel_monitor.html

TaskSchedulerView 1.30 adds quick-filter capability. This is not a security update.
http://www.nirsoft.net/utils/task_scheduler_view.html

CCleaner 5.29.6033 improves compatibility and application support. This is not a security update.
https://12pd.com/click?ccleaner

RapidEE 9.1 build 936 updates translations. This is not a security update.
http://www.rapidee.com/en/download

TeamViewer 12.0.77242 resolves several bugs. This is not a security update.
https://www.teamviewer.com/en-us/download/windows/

WinScan2PDF 3.43 improves compatibility with Windows 10 Creators Update. This is not a security update.
http://www.softwareok.com/?seite=Microsoft/WinScan2PDF

Developer Updates

These are unlikely to be of interest to most people.

Redemption 5.14.0.4776 adds several new objects, and resolves several bugs. This is not a security update.
http://www.dimastr.com/redemption/

Virtual Machine Updates

These are unlikely to be of interest to most people.

VMware Player 12.5.5 is a security update.
http://www.vmware.com/products/player/

VirtualBox 5.1.22-115126 resolves several bugs. This is not a security update.
http://www.virtualbox.org/wiki/Downloads

Web Package Updates

These are likely to be of interest only to web developers.

Adminer 4.3.1 resolves several bugs. This is not a security update.
http://www.adminer.org/en/

Piwigo 2.9.0 is a major update that adds several new features. This is not a security update.
http://piwigo.org/

TinyMCE 4.6.0 adds several features and fixes several bugs. This is not a security update.
http://www.tinymce.com/download/

Drupal 8.3.2 resolves dozens of bugs. This is not a security update.
http://drupal.org/download

HumHub 1.2.0 resolves several bugs. This is not a security update.
https://www.humhub.org/en/download

MailEnable 9.74 resolves several bugs. This is not a security update.
http://www.mailenable.com/

ownCloud Client 2.3.2 resolves several stability and reliability bugs. This is not a security update.
https://owncloud.org/install/

ScreenConnect 6.2.12963.6312 resolves several bugs, and improves compatibility. This is not a security update.
http://www.screenconnect.com/Download

WordPress 4.7.4 resolves dozens of bugs. This is not a security update.
http://wordpress.org/

YOURLS 1.7.2 improves stability and GUI, updates libraries, resolves several bugs. This is not a security update.
http://yourls.org/

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/

 

Updates 2015-12-08

Hi, Folks!

It’s Patch Tuesday! The typical computer should see roughly 250mb in updates today. Let’s get started.

Windows 10 is about as stable as it’s going to get. Next month it will be switched from an “optional” update to an “important” update for Windows 7 and Windows 8.1, which means that it will attempt to automatically install whenever you install updates (and sometimes just for fun at 3am) and will also download (~3gb!) whether or not you plan to install it. The privacy controls for some features are buried in places most people won’t look, and the defaults for some options are very insecure. My recommendation is to make some time to install it. Immediately after installation go to All Settings and review every single option. If you have problems with Windows 10, revert to your existing OS. If you need help blocking the upgrade, contact me.

Also beginning in January, Microsoft will stop supporting anything but the most current Internet Explorer and Edge version for all supported operating systems (Vista, Win7, Win8, Win10). This means that you’ll be forced to run the latest browser or you won’t get future security updates (which are released on about a monthly basis now). If you’re running an older browser for compatibility with certain websites or applications (like DQSD), it’s time to find another browser that works and upgrade IE whether you like it or not. Consider this your 35 day warning.

Microsoft released 20 updates to address vulnerabilities in Windows, Internet Explorer, Edge, .NET, Skype, Lync, Office, and Silverlight (~120mb). This includes security updates. A reboot is required.
http://update.microsoft.com/

Apple released updates for OS X 10.11.2, Security Update 2015-008, iOS 9.2, tvOS 9.1, Safari 9.0.2, watchOS 2.1 and Xcode 7.2 to address over 100 security vulnerabilities. This includes security updates. Use Apple Software Update to install these updates. A reboot is required.

Adobe AIR 20.0.0.204 is a security update.
Win: https://12pd.com/click?air
Mac: https://12pd.com/click?airmac

Adobe Flash Player 20.0.0.228 and 20.0.0.235 are security updates.
Win: https://12pd.com/click?flash
Win: https://12pd.com/click?flashie
Mac: https://12pd.com/click?flashmac

Don’t forget to check your mobile devices, too! Many updates will also apply to your tablet, phone, kindle or television – so check your device-appropriate App Store and install updates.

Important Notes

Everything above this section should be checked by everyone on every computer. Chances are good that close to every single computer you touch will be affected by those updates. This is not the case with the items below, though you should still check each line item below to see if it applies to software you have installed.

Please remember that while I list many different applications within these updates, most people should ONLY install updates for a program if they already have a previous version of that program installed.

It is essential to maintain all the applications you have installed on your computer, but often you can minimize the time investment and the potential for exploitation simply by uninstalling software you do not need.

Also note that using the applications own “check for updates” function, when available, will best preserve your current settings, and often avoid any crapware that might come with a fresh installer. Use this option if it’s available to you.

Finally, if you’re sick of doing this all yourself, let me! Call or email me any time, and we can set you up with subscription SaferPC updates which will be installed each month whenever necessary. Click, call or email for more details:
https://saferpc.info/updates/
209-565-12PD
shawn@12pointdesign.com

Browser Updates

One or more of these are likely to be of interest to everyone.

Google Chrome 47.0.2526.80 is a security update. Use Menu, About to install the most current version.

Email Updates

One or more of these are likely to be of interest to everyone.

NK2Edit 3.11 adds RemoveProperty scripting. This is not a security update.
http://www.nirsoft.net/utils/outlook_nk2_edit.html

OutlookAttachView 2.86 adds logfile support. This is not a security update.
http://www.nirsoft.net/utils/outlook_attachment.html

Thunderbird 38.4.0 is a security update. Use Menu, About to install the most current version.

Internet Updates

One or more of these are likely to be of interest to everyone.

Skype 7.16.0.101 adds a new toolbar to improve sharing links and media with contacts. This is not a security update.
https://12pd.com/click?skype

Connectify Hotspot 9.3 improves Windows 10 support and removes uptime limitations from the Lite version.
http://www.connectify.me/

Dropbox 3.12.4 fixes a performance and stability problems. This is not a security update.
https://12pd.com/click?dropbox

Evernote 5.9.6.9494 fixes a PDF crash bug. This should be treated as a security update.
http://www.evernote.com/

Nmap 7.00 adds dozens of new profiles and several new scripts. This major update also improves Ncat and parsing for multiple cookie headers. This is not a security update.
http://nmap.org/

uTorrent 3.4.5 Build 41372 fixes several bugs including stability, memory leaks and resource usage. This should be treated as a security update.
http://www.utorrent.com/downloads

BrowsingHistoryView 1.77 is a cosmetic change. This is not a security update.
http://www.nirsoft.net/utils/browsing_history_view.html

.NET Framework 4.6.1 is a security update.
http://www.microsoft.com/net/

Adobe Shockwave 12.2.2.172 is a security update.
https://12pd.com/click?shockwave

Game Updates

These are unlikely to be of interest to most people.

EA Origin 9.11.1.6605 fixes several bugs, including a checkout requirement for free add-on content. This is not a security update.
https://www.origin.com/en-us/download

Office Updates

One or more of these are likely to be of interest to most people.

Krita 2.9.9.1 doesn’t provide a changelog, so treat it as a security update.
https://krita.org/download/krita-desktop/

LibreOffice 5.0.3 fixes several bugs. This is not a security update.
http://www.libreoffice.org/

Notepad++ 6.8.7 fixes a very annoying default document type bug, various crash issues and styling problems. This should be treated as a security update.
https://12pd.com/click?npp

Kindle for PC 1.13.1 Build 42052 doesn’t provide a changelog, so should be treated as a security update.
http://www.amazon.com/kindleforpc

Adobe FrameMaker 2015.0.2 is a security update.
http://www.adobe.com/support/downloads/detail.jsp?ftpID=5996

Adobe DNG Converter 9.3 adds support for additional hardware.
Win: http://www.adobe.com/support/downloads/detail.jsp?ftpID=5995
Mac: http://www.adobe.com/support/downloads/detail.jsp?ftpID=5994

Security Software Updates

One or more of these is likely to be of interest to most people.

AVG Anti-Virus 2016.2 fixes several compatibility issues with Office 2016, improved safe mode scanning, and performance problems. This should be treated as a security update.
http://www.avg.com/us-en/download

Avast! Home Edition 11.1.2245 doesn’t provide a changelog, so should be treated as a security update.
http://www.avast.com/free-antivirus-download

BelArc Advisor 8.5b doesn’t provide a changelog, so should be treated as a security update.
http://www.belarc.com/free_download.html

Wireshark 2.0.0 fixes many bugs. This is a security update.
http://www.wireshark.org/

OpenSSL Binaries 1.0.2e is a security update.
http://slproweb.com/products/Win32OpenSSL.html

RogueKiller 11.0.2 fixes a search bug. This is a security update.
http://www.adlice.com/softwares/roguekiller/

VirusTotalUploader 1.6.0 adds update support. This should be treated as a security update.
http://www.adlice.com/software/vtuploader/

Converter Updates

These are unlikely to be of interest to most people.

DVDFab 9.2.1.9 adds support for newer encodings, Meta Collection support and new output profiles. This is not a security update.
http://www.dvdfab.cn/download.htm

MKVToolNix 8.6.1 changes logic to significantly improve performance in some situations. This is not a security update.
http://www.videohelp.com/software/MKVtoolnix

TEncoder 4.5.10 fixes several bugs. This is not a security update.
http://tencoder.sourceforge.net/

Utility Updates

These are unlikely to be of interest to most people.

Synergy 1.7.5 corrects scaling and edge detection bugs. This is not a security update.
http://synergy-project.org/download/

7-Zip 15.12 is the release version of 7-Zip 15.x, adding several new core features such as ‘move’, support for ext2/ext3/ext4/VMDK/GPT/VDI/WIM/RAR5, and various bug fixes. This is not a security update.
http://sourceforge.net/projects/sevenzip/files/7-Zip/

BFGMiner 5.4.1 improves reliability, fixes bugs and updates libraries. This is a security update.
https://github.com/luke-jr/bfgminer/

Bitcoin 0.11.2 fixes several bugs and addresses policy changes. This should be treated as a security update.
http://bitcoin.org/en/download

CintaNotes 3.1.1 fixes partial word search, autocomplete, GUI improvements and various other issues. This is not a security update.
http://cintanotes.com/

Acronis True Image (WDC) 6126 does not provide a changelog, so should be treated as a security update.
http://support.wdc.com/product/downloaddetail.asp?swid=119&wdc_lang=en

TeamViewer 11.0.52465 fixes several bugs, including crash bugs. This should be treated as a security update.
http://www.teamviewer.com/en/download/windows.aspx

Everything 1.4.0.713b fixes several indexing bugs, adds options to search and view bookmarks, and improves cosmetics. This is not a security update.
http://www.voidtools.com/

LessMSI 1.4 adds Windows 10 support. This is not a security update.
http://lessmsi.activescott.com/

LicenseCrawler 1.52 build-930 does not provide a current changelog, so should be treated as a security update.
http://www.klinzmann.name/licensecrawler_download.htm

BulkFileChanger 1.35 adds EXIF support and the ability to run elevated. This is not a security update.
http://www.nirsoft.net/utils/bulk_file_changer.html

NetworkTrafficView 2.01 fixes a DLL loading problem with certain drivers. This is not a security update.
http://www.nirsoft.net/utils/network_traffic_view.html

WifiInfoView 1.95 adds affected channels summary mode. This is not a security update.
http://www.nirsoft.net/utils/wifi_information_view.html

WirelessKeyView 1.72 fixes key import and export where certain characters appeared in the key or network name. This is not a security update.
http://www.nirsoft.net/utils/wireless_key.html

CCleaner 5.12.5431 improves Firefox and Chrome support, UAC bypass, and portable browser improvements. This is not a security update.
https://12pd.com/click?ccleaner

Speccy 1.29.714 adds support for newer hardware and improves Windows 10 support. This is not a security update.
https://12pd.com/click?speccy

ProduKey 1.82 adds elevation support for drive mounted recovery. This is not a security update.
http://www.nirsoft.net/utils/product_cd_key_viewer.html

TaskSchedulerView 1.12 adds always on top support. This is not a security update.
http://www.nirsoft.net/utils/task_scheduler_view.html

WSUS Offline 10.2.1 fixes several superseded updates. This should be treated as a security update.
http://download.wsusoffline.net/

IPXWrapper 0.6.0 fixes several protocol bugs for hardware compatibility. This is not a security update.
http://www.solemnwarning.net/ipxwrapper/

Web Package Updates

These are likely to be of interest only to web developers.

Coppermine Gallery 1.5.40 is a security update.
http://coppermine-gallery.net/

Dada Mail 9.0.0 re-adds one-click unsubscribe, enhanced login support, improvements to GUI and responsive layout. This is not a security update.
http://dadamailproject.com/

phpList 3.2.4 fixes several bugs. This is not a security update.
http://www.phplist.com/download

ownCloud Client 2.1.0 fixes several bugs, improves performance and stability, and adds several new features. This is not a security update.
https://owncloud.org/install/

Drupal 8.0.1 doesn’t provide a current changelog, so should be treated as a security update.
http://drupal.org/download

MailEnable Enterprise 9.01 adds AV and spam filter bypass for authenticated senders, various fixes for webmail, CalDAV and the new MIME library. This is not a security update.
http://www.mailenable.com/

phpMyAdmin 4.5.2 fixes several bugs. This should be treated as a security update.
http://www.phpmyadmin.net/home_page/news.php

YOURLS 1.7.1 adds PHP 7 support, fixes several bugs, improves readability and search. This is not a security update.
http://yourls.org/

WordPress 4.4 adds many new features and security updates.
http://wordpress.org/

BuddyPress 2.4.2 is a security update.

Contact Form 7 4.3.1 improves reCAPTCHA support. This is not a security update.

Developer 1.2.6 removes MP6 and improves compatibility. This is not a security update.

Multisite Enhancements 1.3.1 improves external domain verification. This should be treated as a security update.

WooCommerce 2.4.11 fixes several bugs. This is not a security update.

WPtouch 3.8.9 fixes bugs. This is not a security update.

That’s all for now folks. Keep it clean out there. 😉

Regards,

Shawn K. Hall
https://SaferPC.info/
https://12PointDesign.com/