Tuesday, July 26, 2022

July 2022 Windows 10 Version 21H2 Non-Security Optional Preview "C" Release

  


 
Microsoft released KB5015878 (OS Builds 19042.1865, 19043.1865, and 19044.1865), optional “C” release preview cumulative updates with non-security improvements and fixes.

The following are the highlights included in the update:
  • New!  Gives you the option to receive important notifications when focus assist is on. Focus assist is like a do not disturb mode that hides notifications.

  • New! Restores functionality for Windows Autopilot deployment scenarios that are affected by the security mitigation for hardware reuse. This update removes the one-time use restriction for self-deploying mode (SDM) and pre-provisioning (PP). This update also re-enables any User Principal Name (UPN) display in user-driven mode (UDM) deployments for approved manufacturers.

  • Addresses an issue that causes certain docking stations to lose internet connectivity when waking from Sleep mode.

  • Adds functionality that improves the OS upgrade experience. 

  • Addresses an issue that might cause consecutive video clip playback to fail in games that use DX12.

  • Addresses an issue that affects certain games that use the XAudio API to play sound effects.

  • Addresses an issue that affects the height of the Search box when you use multiple monitors that have different resolutions.

  •  Addresses an issue that prevents certain troubleshooting tools from opening.

Refer to the referenced KB update for information on additional improvements and fixes.

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

Update:  To get the update, go to Settings > Update & Security > Windows Update.  The link to download and install the update can be found in the Optional updates available area.  To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows 10 update history



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Mozilla Firefox Version 103.0 Released with Security Updates

               FirefoxMozilla sent Firefox Version 103.0 to the release channel today.  The update includes eight security updates of which two (2) are rated high, four (4) moderate and two (2) are rated low.

Firefox ESR was updated to Version 91.12.

High

Moderate

Low

New

  • Improved responsiveness on macOS during periods of high CPU load by switching to a modern lock API.
  • Do you always forget something? Required fields are now highlighted in PDF forms.
  • Improved performance on high-refresh rate monitors (120Hz+).
  • Enjoying Picture-in-Picture subtitles feature? It just got better: you can now change subtitles font size directly from the PiP window. Additionally, PiP subtitles are now available at Funimation, Dailymotion, Tubi, Hotstar, and SonyLIV.
  • Buttons in the Tabs toolbar can now be reached with Tab, Shift+Tab, and Arrow keys. 
  • Windows' "Make text bigger" accessibility setting now affects all the UI and content pages, rather than only applying to system font sizes.
  • Rejoice! You can now conveniently access Firefox, which will now be pinned to the Windows taskbar during installation on Windows 10 and 11. (This will also allow for Firefox to be launched quicker after installing.)

Fixed

  • Non-breaking spaces are now preserved—preventing automatic line breaks—when copying text from a form control.
  • Fixed WebGL performance issues on NVIDIA binary drivers via DMA-Buf on Linux.
  • Fixed an issue in which Firefox startup could be significantly slowed down by the processing of Web content local storage. This had the greatest impact on users with platter hard drives and significant local storage.

Changed

  • Removed a configuration option to allow SHA-1 signatures in certificates: SHA-1 signatures in certificates—long since determined to no longer be secure enough—are now not supported.

Web Platform

  • Your information now has increased protection from online tracking via Total Cookie Protection enabled by default. All third-party cookies are now isolated into partitioned storage.

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

References



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, July 21, 2022

July 2022 Windows 11 Non-Security Optional Preview "C" Release

      Microsoft released the monthly “C” release preview cumulative updates with non-security improvements and fixes for Windows 11.

Following are the highlights for KB5015882 (OS Build 22000.829) for Windows 11: 

  • New! Gives you the option to receive urgent notifications when focus assist is on. Focus assist is like a do not disturb mode that hides notifications. 
  • New! Gives you the option to update to a newer Windows 11 version at the very first startup of Windows if your device is eligible.
  • Addresses an issue that causes File Explorer to stop working when you use the play and pause keyboard buttons on certain devices.
  • Addresses an issue that causes File Explorer to stop working when you use the Start menu’s context menu (Win+X) and an external monitor is connected to your device.
  • Addresses an issue that displays a blank window that you cannot close when you hover over the search icon on the taskbar.

See the referenced KB article for the long list of improvements and fixes included in the update.

Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest LCU.  For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

Update:  To get the update, go to Settings > Update & Security > Windows Update. The link to download and install the update can be found in the Optional updates available area.  To get the standalone package for this update, go to the Microsoft Update Catalog website.

For information about the types of updates released by Microsoft each month, see Windows 11 life cycle and servicing update.

Windows 11 update history


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

July 2022 Windows 10 Version 1809 Non-Security Optional Preview "C" Release

 


 
Microsoft released KB5015880 (OS Build 17763.3232, optional “C” release preview cumulative updates with non-security improvements and fixes.

The following is the highlight included in the update:
  • Addresses an issue that prevents certain trouble-shooting tools from opening.

A long list of additional improvements and fixes is included in the referenced KB update.

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

Prerequisite: You must install the August 10, 2021 SSU (KB5005112) before installing the LCU. 

Update:  To get the update, go to Settings > Update & Security > Windows Update.  The link to download and install the update can be found in the Optional updates available area.  To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows 10 update history



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, July 19, 2022

Oracle Java SE Security Update Released

   

java



Oracle released the scheduled security update for its Java SE Runtime Environment software.  This Critical Patch Update contains five (5) new security patches for Oracle Java SE.  Four of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

Update:  If Java is still installed on your computer, it is recommended that this update be applied as soon as possible due to the threat posed by a successful attack.

Download Information

Java SE Runtime Environment Version 8u341:  https://www.oracle.com/java/technologies/javase-jre8-downloads.html or https://java.com/en/download/manual.jsp.

Notes:

  • UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.  Preferably, see the instructions below on how to handle "Unwanted Extras".  
  • Oracle does not plan to migrate desktops from Java 8 to Java 9 through the auto update feature.  Therefore, it is strongly recommended that you uninstall JRE 8 prior to updating.
  • Verify your version:  http://www.java.com/en/download/testjava.jsp  Note:  The Java version verification page will only work if your browser has NPAPI support.  In that case, to check the version, open a cmd window and enter the following (note the space following Java):  java -version
  • Important:  The Edge browser does not support plug-ins.  In the event you still have a need for Java, it will be necessary to use Firefox or open with Internet Explorer mode (See Microsoft Edge Enhancements for IE Mode).

Critical Patch Updates

For Oracle Java SE Critical Patch Updates, the next scheduled dates is October 18, 2022.

Unwanted "Extras"

Although most people do not need Java on their computer, there are some programs and games that require Java.  In the event you need to continue using Java, How-to Geek discovered a little-known and publicized option in the Java Control Panel to suppress the offers for the pre-checked unwanted extras that Oracle has long included with the updates.  Although the Ask Toolbar has been removed, that does not preclude the pre-checked option for some other unnecessary add-on.

Do the following to suppress the sponsor offers:
  1. Launch the Windows Start menu
  2. Click on Programs
  3. Find the Java program listing
  4. Click Configure Java to launch the Java Control Panel
  5. Click the Advanced tab and go to the "Miscellaneous" section at the bottom.
  6. Check the box by the “Suppress sponsor offers when installing or updating Java” option and click OK.
Java suppress sponsor offers

Java Security Recommendations

1)  In the Java Control Panel, at minimum, set the security to high.
2)  Keep Java disabled until needed.  Uncheck the box "Enable Java content in the browser" in the Java Control Panel.
3)  Instructions on removing older (and less secure) versions of Java can be found at http://java.com/en/download/faq/remove_olderversions.xml

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, July 12, 2022

Adobe Acrobat DC and Reader DC Security Updates Released

     

Adobe
Adobe has released updates for Adobe Acrobat DC and Reader DC for Windows and macOS. 

These updates address multiple critical, and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak.  
 
Release date: July 12, 2022
Vulnerability identifier: None
Platform: Windows and MacOS

Update or Complete Download

Reader DC and Acrobat DC were updated to version 22.001.20169 for Windows.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

References
Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Microsoft July 2022 Security Updates

             

The Microsoft June 2022 security updates have been released and consist of 84 CVEs.  Of these CVEs, 4 are rated critical and 80 rated important in severity.  At the time of release, none are listed as publicly known but one of the updates for CSRSS is under active attack.

The security updates apply to the following products, features, and roles: AMD CPU Branch, Azure Site Recovery, Azure Storage Library, Microsoft Defender for Endpoint, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Open Source Software, Role: DNS Server, Role: Windows Fax Service, Role: Windows Hyper-V, Skype for Business and Microsoft Lync, Windows Active Directory, Windows Advanced Local Procedure Call, Windows BitLocker, Windows Boot Manager, Windows Client/Server Runtime Subsystem, Windows Connected Devices Platform Service, Windows Credential Guard, Windows Fast FAT Driver, Windows Fax and Scan Service, Windows Group Policy, Windows IIS, Windows Kernel, Windows Media, Windows Network File System, Windows Performance Counters, Windows Point-to-Point Tunneling Protocol, Windows Portable Device Enumerator Service, Windows Print Spooler Components, Windows Remote Procedure Call Runtime, Windows Security Account Manager, Windows Server Service, Windows Shell, Windows Storage, and XBox.

See the long list of KBs at the bottom of the page at July 2022 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates as well as the CVEs with FAQs, Mitigations and/or Workarounds.

Important Notes: 

The Internet Explorer 11 desktop application has been retired and out of support, effective June 15, 2022.  See the steps at Microsoft Support to enable IE Mod on your Windows 10 or Windows 11 device. 

Windows 10 Versions 1909 and 20H2 have reached the end of service and will no longer receive updates.  The most current version of Windows 10 is 21H2. 

Recommended Reading:   See Dustin Childs review and analysis in Zero Day Initiative -- The July 2022 Security Update Review.

 

Additional Update Notes:

 

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...




 

Thursday, July 07, 2022

Pale Moon Version 31.1.1 Released with Security Updates

           

Pale Moon

Pale Moon has been updated to version 31.1.1.  This is a security update.

Linux versions will follow shortly.

Changes/Fixes:

  • Updated the list of blocked external protocol handlers to combat abuse of OS-supplied services on Windows.
  • Fixed a potential issue with revoked site certificates when connecting through a proxy.
  • Updated NSS to 3.52.7 to pick up some security fixes.
  • Updated site-specific user agent overrides to work around bad sniffing practices of dropbox and vimeo.
  • Security issues addressed: CVE-2022-34478, CVE-2022-34476, CVE-2022-34480 DiD, CVE-2022-34472, CVE-2022-34475 DiD, CVE-2022-34473 DiD, CVE-2022-34481 and a memory safety issue that doesn't have a CVE number.
  • UXP Mozilla security patch summary: 4 fixed, 4 DiD, 2 rejected, 11 not applicable.

*DiD This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

**Rejected security patches: This means that patches were theoretically applicable to our code but considered undesirable, which could be due to unwanted changes in behavior, known regressions caused by the patches, or unnecessary risks for stability, security or privacy.

Pale Moon includes both 32- and 64-bit versions for Windows:  Pale Moon for Windows downloads.

Update

To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

Release Notes
Release Cycle


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, July 06, 2022

Mozilla Firefox Version 102.0.1 Released

FirefoxMozilla sent Firefox Version 102.0.1 to the release channel today.  

Fixed

  • Fixed bookmark shortcut creation by dragging to Windows File Explorer and dropping partially broken (bug 1774683)
  • Fixed bookmarks sidebar flashing white when opened in dark mode (bug 1776157)
  • Fixed multilingual spell checking not working with content in both English and a non-Latin alphabet (bug 1773802)
  • Developer tools: Fixed an issue where the console output keep getting scrolled to the bottom when the last visible message is an evaluation result (bug 1776262)
  • Fixed Delete cookies and site data when Firefox is closed checkbox getting disabled on startup (bug 1777419)
  • Various stability fixes

Release Notes




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...