Tuesday, October 26, 2021

Windows October 2021 Release Preview Update for Versions 2004, 20H2, and 21H1

Microsoft released KB5006738, the monthly “C” release preview cumulative update with non-security improvements and fixes for Windows 10 Versions 2004, 20H2 and 21H1.  

IMPORTANT: Starting in October 2021, there will no longer be non-security releases (known as "C" releases) for Windows 10, version 1909. Only cumulative monthly security updates (known as the "B" or Update Tuesday release) will continue for Windows 10, version 1909.

The highlighted changes include the following:
  • Updates an issue an issue that might prevent subtitles from displaying for certain video apps and streaming video sites.
  • Updates an issue that that prevents Kana input mode users from inserting a question mark (?) using the Shift-0 key combination.
  • Updates an issue that sometimes causes your lock screen background to appear black if you have set up a slideshow of pictures as your lock screen background.  

Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest LCU. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

For information about the types of updates released by Microsoft each month see Windows 10 update servicing cadence primer.

Update:  To get the update, go to Settings > Update & Security > Windows Update.  The link to download and install the update can be found in the Optional updates available area.  To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows 10 update history



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, October 21, 2021

Windows 11 Optional Preview Cumulative Update


Microsoft released KB5006746, the monthly “C” release preview cumulative update with non-security improvements and fixes for the Windows 11 original release, Build 22000.282.

The highlighted changes include the following:
  • Updates an issue that causes Internet Explorer to stop working when you type certain characters in the Input Method Editor (IME).
  • Updates an issue that occurs when you try to rename a file in File Explorer using the new Japanese IME.
  • Updates an issue that might distort the sound captured by voice assistants. 
  • Updates an issue that sometimes causes your lock screen background to appear black if you have set up a slideshow of pictures as your lock screen background. 
  • Updates an issue that might cause your Bluetooth mice and keyboards to respond slower than expected.  
  • Improves the time estimate for how long you might wait to use your device after it restarts.
  • Updates an issue that might prevent you from using the Xbox Game Bar recording features.
  • Updates an issue that causes some applications to run slower than usual after you upgrade to Windows 11 (original release).
  • Updates an issue that prevents Narrator and other screen readers from announcing when the Start menu is open in certain cases.
  • Updates an issue in that prevents the search window from appearing on a secondary monitor.
  • Updates an issue that prevents you from opening multiple instances of an app using Shift and clicking on the app’s icon in the taskbar.
  • Updates the visual design and animations of the Chat icon on the taskbar.
  • Updates an issue for a small number of users that prevents the Start menu from working and prevents you from seeing the updated taskbar after upgrading to Windows 11 (original release).

See the referenced KB article for the long list of improvements and fixes included in the update.

Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest LCU. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

For information about the types of updates released by Microsoft each month see Windows 11 life cycle and servicing update.

Update:  To get the update, go to Settings > Update & Security > Windows Update.  The link to download and install the update can be found in the Optional updates available area.  To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows 11 update history



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, October 19, 2021

Oracle Java SE Security Update Released

 

java



Oracle released the scheduled security update for its Java SE Runtime Environment software.  
This Critical Patch Update contains fifteen (15) new security patches for Oracle Java SE.  Thirteen (13) of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. 

Update

If Java is still installed on your computer, it is recommended that this update be applied as soon as possible due to the threat posed by a successful attack.

Download Information

Java SE Runtime Environment Version 8u311:  https://www.oracle.com/java/technologies/javase-jre8-downloads.html or https://java.com/en/download/manual.jsp.

Notes:

  • UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.  Preferably, see the instructions below on how to handle "Unwanted Extras".  
  • Oracle does not plan to migrate desktops from Java 8 to Java 9 through the auto update feature.  Therefore, it is strongly recommended that you uninstall JRE 8 prior to updating.
  • Verify your version:  http://www.java.com/en/download/testjava.jsp  Note:  The Java version verification page will only work if your browser has NPAPI support.  In that case, to check the version, open a cmd window and enter the following (note the space following Java):  java -version
  • Important:  The Edge browser does not support plug-ins.  In the event you still have a need for Java, it will be necessary to use Firefox or open with Internet Explorer by selecting the "More Actions" option located at the top of the Edge browser and then click "Open with Internet Explorer.  (See Windows 10 and Java.)

Critical Patch Updates

For Oracle Java SE Critical Patch Updates, the next scheduled dates are as follows:
  • 18 January 2022
  • 19 April 2022
  • 19 July 2022
  • 18 October 2022

Unwanted "Extras"

Although most people do not need Java on their computer, there are some programs and games that require Java.  In the event you need to continue using Java, How-to Geek discovered a little-known and publicized option in the Java Control Panel to suppress the offers for the pre-checked unwanted extras that Oracle has long included with the updates.  Although the Ask Toolbar has been removed, tha does not preclude the pre-checked option for some other unnecessary add-on.

Do the following to suppress the sponsor offers:
  1. Launch the Windows Start menu
  2. Click on Programs
  3. Find the Java program listing
  4. Click Configure Java to launch the Java Control Panel
  5. Click the Advanced tab and go to the "Miscellaneous" section at the bottom.
  6. Check the box by the “Suppress sponsor offers when installing or updating Java” option and click OK.
Java suppress sponsor offers

Java Security Recommendations

1)  In the Java Control Panel, at minimum, set the security to high.
2)  Keep Java disabled until needed.  Uncheck the box "Enable Java content in the browser" in the Java Control Panel.
3)  Instructions on removing older (and less secure) versions of Java can be found at http://java.com/en/download/faq/remove_olderversions.xml

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, October 12, 2021

Adobe Acrobat DC and Reader DC Security Updates Released

    

Adobe
Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. 
 
Release date:  October 12, 2021
Vulnerability identifier: APSB21-104
Platform: Windows and MacOS

Update or Complete Download

Reader DC and Acrobat DC were updated to version 21.007.20099.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

References
Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Microsoft October 2021 Security Updates

    



The Microsoft October 2021 security updates have been released and consist of 71 CVEs.  Of these CVEs, 2 are rated Critical, 68 are rated Important, and 1 Low in severity.  


For new Windows 11 adapters, note that the update today includes the first "Update Tuesday" update.

The updates apply to the following long list of products:  .NET Core & Visual Studio, Active Directory Federation Services, Console Window Host, HTTP.sys, Microsoft DWM Core Library, Microsoft Dynamics, Microsoft Dynamics 365 Sales, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Intune, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office Word, Microsoft Windows Codecs Library, Rich Text Edit Control, Role: DNS Server, Role: Windows Active Directory Server, Role: Windows AD FS Server, Role: Windows Hyper-V, System Center, Visual Studio, Windows AppContainer, Windows AppX Deployment Service, Windows Bind Filter Driver, Windows Cloud Files Mini Filter Driver, Windows Common Log File System Driver, Windows Desktop Bridge, Windows DirectX, Windows Event Tracing, Windows exFAT File System, Windows Fastfat Driver, Windows Installer, Windows Kernel, Windows MSHTML Platform, Windows Nearby Sharing, Windows Network Address Translation (NAT), Windows Print Spooler Components, Windows Remote Procedure Call Runtime, Windows Storage Spaces Controller, Windows TCP/IP, Windows Text Shaping, and Windows Win32K.

See the KBs listed at October 2021 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates as well as the CVEs with FAQs, Mitigations and/or Workarounds.


Recommended Reading:   See Dustin Childs review and analysis in Zero Day Initiative -- The October 2021 Security Update Review.

 

Additional Update Notes:

 

References


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...




 

Tuesday, October 05, 2021

Mozilla Firefox Version 93.0 Released with Security Updates

     FirefoxMozilla sent Firefox Version 93.0 to the release channel today.  The update includes seven security updates of which four (4) are rated high and three (3) are rated moderate.

Firefox ESR was updated to Version 78.15.


High


Moderate


New

  • Firefox now supports the new AVIF image format, which is based on the modern and royalty free AV1 video codec. It offers significant bandwidth savings for sites compared to existing image formats. It also supports transparency and other advanced features.
  • Firefox PDF viewer now supports filling more forms (XFA-based forms, used by multiple governments and banks). Learn more.
  • When available system memory is critically low, Firefox on Windows will automatically unload tabs based on their last access time, memory usage, and other attributes. This should help reduce Firefox out-of-memory crashes. Switching to an unloaded tab automatically reloads it.
  • To prevent session loss for macOS users who are running Firefox from a mounted .dmg file, they’ll now be prompted to finish installation. This permission prompt only appears the first time these users run Firefox on their computer.
  • Firefox now blocks downloads that rely on insecure connections, protecting against potentially malicious or unsafe downloads. Learn more and see where to find downloads in Firefox.
  • Improved web compatibility for privacy protections with SmartBlock 3.0. Learn more
  • Introducing a new referrer tracking protection in Strict Tracking Protection and Private Browsing. Learn more

Fixed

  • The VoiceOver screen reader now correctly reports checkable items in accessible tree controls as checked or unchecked.
  • The Orca screen reader now works correctly with Firefox, no longer requiring users to switch to another application after starting Firefox.\
  • Various security fixes

Changed

  • TLS ciphersuites that use 3DES have been disabled. Such ciphersuites can only be enabled when deprecated versions of TLS are also enabled. Learn more.
  • The download panel now follows the Firefox visual styles.
Update To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

Thursday, September 30, 2021

Windows 10 Non-Security Release Preview Cumulative Update

  


Microsoft released
 KB5005611, the monthly “C” release preview cumulative update with non-security improvements and fixes for Windows 10 Versions 21H1, 20H2, and 2004.  

IMPORTANT: Starting in October 2021, there will no longer be non-security releases (known as "C" releases) for Windows 10, version 1909. Only cumulative monthly security updates (known as the "B" or Update Tuesday release) will continue for Windows 10, version 1909.

The highlighted changes include the following:
  • Updates an issue that causes News and interests to appear when you right-click the taskbar even if you have turned off that feature on your device.
  • Updates an issue that causes blurry News and interests icons when you use certain screen resolutions.
  • Updates an issue that causes the system clock to be wrong by one hour after a daylight saving time (DST) change.  
  • Updates an issue that prevents you from providing input to apps when the taskbar is not at the bottom of the screen. 

Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest LCU. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

For information about the types of updates released by Microsoft each month see Windows 10 update servicing cadence primer.

Update:  To get the update, go to Settings > Update & Security > Windows Update.  The link to download and install the update can be found in the Optional updates available area.  To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows 10 update history



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, September 29, 2021

Adobe Acrobat DC and Adobe Reader DC Optional Hotfix

  

Adobe


Adobe released an optional hotfix for Adobe Acrobat DC and Adobe Reader DC for Windows that addresses important bug fixes for vulnerabilities described in the corresponding security bulletins of Reader and Acrobat.

Release date:  September 29, 2021
Vulnerability identifier: None
Platform: Windows and Macintosh

Bug fixes

Accessibility
  • 4341633: Outline box is not visible in Custom Area selection on using Reading Order tool
Adobe Sign
  • 4341599: Unable to type @ symbol in Add Signer dialog in Request Signature workflow with localized keyboard
Editing
  • 4341451: [Windows only] Selection border does not show up while selecting objects during marquee selection
Installer
  • 4341424: Acrobat/Reader starts repair window when launched from shortcut icon or on opening FDF/XDP/XFDF files
PDFMaker
  • 4341762: Alt-text of figures is not getting captured and appearing gibberish post conversion to pdf
Rendering
  • 4341347: Out of Memory error while scrolling through page thumbnails
  • 4341548: Lag was observed while using Marquee Zoom tool on Mac
Viewer
  • 4341639: On Mac, black marker is not visible on dragging-dropping in Left Side Panels
  • 4341271: Menu Bar appears truncated on extended monitor

Update or Complete Download

Reader DC and Acrobat DC were updated to version 21.007.20095 for Windows and 21.007.2009x for Macintosh. 

Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

References



Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, September 23, 2021

Mozilla Firefox Version 92.0.1 Released

   FirefoxMozilla sent Firefox Version 92.0.1 to the release channel.

Fixed

  • Fixes an issue where audio playback was not working on some Linux systems (bug 1730499)
  • Fixes issues with the findbar close button on different operating systems (bug 1728368)

Update 


To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.


References


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...



Tuesday, September 14, 2021

Microsoft September 2021 Security Updates

   



The Microsoft September 2021 security updates have been released and consist of 66 CVEs.  Of these CVEs, 3 are rated Critical, 62 are rated Important, and 1 Moderate in severity.  


One bug is listed as publicly known but is not being exploited at this time.

The updates apply to the following long list of products:  Azure Open Management Infrastructure, Azure Sphere, Dynamics Business Central Control, Microsoft Accessibility Insights for Android, Microsoft Edge (Chromium-based), Microsoft Edge for Android, Microsoft MPEG-2 Video Extension, Microsoft Office, Microsoft Office Access, Microsoft Office Excel, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Office Word, Microsoft Windows Codecs Library, Microsoft Windows DNS, Visual Studio, Windows Ancillary Function Driver for WinSock, Windows Authenticode, Windows Bind Filter Driver, Windows BitLocker, Windows Common Log File System Driver, Windows Event Tracing, Windows Installer, Windows Kernel, Windows Key Storage Provider, Windows MSHTML Platform, Windows Print Spooler Components, Windows Redirected Drive Buffering, Windows Scripting, Windows SMB, Windows Storage, Windows Subsystem for Linux, Windows TDX.sys, Windows Update, Windows Win32K, Windows WLAN Auto Config Service, and Windows WLAN Service.

See the KBs listed at September 2021 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates as well as the CVEs with FAQs, Mitigations and/or Workarounds.


Recommended Reading:   See Dustin Childs review and analysis in Zero Day Initiative -- The September 2021 Security Update Review.

 

Additional Update Notes:

 

References


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...




 

Adobe Acrobat DC and Reader DC Security Updates Released

   

Adobe
Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. 
 
Release date:  August 14, 2021
Vulnerability identifier: APSB21-55
Platform: Windows and MacOS

Update or Complete Download

Reader DC and Acrobat DC were updated to version 21.007.20091.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

References
Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...