Happy Easter! "Khrystos Voskres!"

"Khrystos Voskres!"
(Christ is Risen!)

"Voistyno Voskres!"
(He is Truly Risen!)

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Optional Hotfix Patch for Adobe Reader and Acrobat

 

Adobe has released an optional hotfix patch which contains enhancements around Gen AI features in Acrobat & Reader.

Update or Complete Download

Reader DC and Acrobat DC were updated to version 24.001.20629 for Windows.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

References

• Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

March 2024 Windows 11 Non-Security Preview Update

  Microsoft released KB5035942 (OS Builds 22621.3374 and 22631.3374 today for Windows 11 23H3 and Windows 11 22H2. 

IMPORTANT:  The date for optional, non-security preview releases for Windows 11, version 22H2 has been extended from February 27,2024 to June 25, 2025. 

Highlights included in the update:

• This update adds more content to your lock screen. Sports, traffic, and finance content will appear along with weather. To turn on this feature, go to Settings > Personalization > Lockscreen.
• This update addresses an issue that affects the Settings app. It stops responding when you use it to remove Bluetooth devices.
• This update addresses an issue that affects USB audio. It fails on some processors. This occurs after you pause, play, or resume from sleep.
• The Windows share window now supports sharing with WhatsApp in the “Share using” section. 
• This update adds suggestions to Snap Layouts. They help you to instantly snap multiple app windows together.

See the KB article for a separate list of quality improvements included in the update for Windows 11 23H3 and Windows 11 22H2. 

Update:  To get the update, go to Settings > Update & Security > Windows Update. The link to download and install the update can be found in the Optional updates available area.  To get the standalone package for this update, go to the Microsoft Update Catalog website.

References:

Windows 11 update history

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

March 2024 Windows 10 Non-Security Preview Update

  Microsoft released KB5035941 for Windows 10 version 22H2 optional non-security release preview (Windows monthly updates explained).

Highlights included in the update:

• New! This update adds Windows Spotlight to your desktop background. This feature displays new images as your desktop wallpaper. If you want to know more about an image, click or tap the Learn More button, which takes you to Bing. To turn on this feature, go to Settings > Personalization > Background > Personalize your background. Choose Windows spotlight.

  Note This feature might not be available to all users because it will roll out gradually.

• New! This update adds more content to your lock screen. In addition to weather, sports, traffic, and finance content will appear.  To turn on this feature, go to Settings > Personalization > Lockscreen.

  Note This feature might not be available to all users because it will roll out gradually.

• This update addresses an issue that affects the touch keyboard. It does not open sometimes.

• When you sign in, you might see a message that invites you to upgrade to Windows 11. This message only appears if your device is eligible for an upgrade.

  Note This feature might not be available to all users because it will roll out gradually.

See the KB article for the list of quality improvements included in the update.

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

Update:  To get the update, go to Settings > Update & Security > Windows Update. The link to download and install the update can be found in the Optional updates available area.  To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows 10 update history

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Pale Moon Version 33.0.2 Released with Security Update

  Pale Moon has been updated to version 33.0.2.  This update is a minor security and stability release.

Changes/Fixes:

• Fixed an issue with attributes on duplicate html tags.
• Aligned the behavior of internal pointer structures to be more uniform. DiD
• Security issue addressed: CVE-2024-2610

Notes:

DiD: This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads.

Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

Release Notes
Release Cycle

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Mozilla Firefox Version 124.0.1 Released with Security Updates

   Mozilla sent Firefox Version 124.0.1 to the Release Channel.  The update includes two security updates rated high.

High

#CVE-2024-29943: Out-of-bounds access via Range Analysis bypass

#CVE-2024-29944: Privileged JavaScript Execution via Event Handlers

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

Security Updates

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Optional Hotfix Patch for Adobe Reader and Acrobat

 

Adobe has released an optional hotfix patch for Acrobat and Adobe Reader that addresses some important bug fixes. 

Update or Complete Download

Reader DC and Acrobat DC were updated to version 24.001.20615 for Windows.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

References

• Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Mozilla Firefox Version 124.0 Released with Security Updates

 Mozilla sent Firefox Version 124.0 to the release channel.  Firefox ESR was updated to Version 115.9.

The update includes eleven security updates of which six (6) are rated high, four (4) are rated moderate, and one (1) is rated low.

High

#CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector

#CVE-2024-2606: Mishandling of WASM register values

#CVE-2024-2607: JIT code failed to save return registers on Armv7-A

#CVE-2024-2608: Integer overflow could have led to out of bounds write

#CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9

#CVE-2024-2615: Memory safety bugs fixed in Firefox 124

Moderate

#CVE-2023-5388: NSS susceptible to timing attack against RSA decryption

#CVE-2024-2609: Permission prompt input delay could expire when not in focus

#CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage

#CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions

Low

#CVE-2024-2612: Self referencing object could have potentially led to a use-after-free

New

• Caret browsing mode now also works in the PDF viewer. (Learn more)

• In Firefox View, open tabs can now be sorted by either recent activity or tab order. Recent activity is the default setting.

• Firefox now populates the Windows taskbar jump list more efficiently, which should allow for a smoother overall browsing experience.

• Firefox on Mac now uses the macOS fullscreen API for all types of fullscreen windows. This should better match the expected macOS user experience for fullscreen spaces, menubar and the Dock.

• As of Firefox 124, Qwant's availability has been expanded to all languages in the France region along with Belgium, Italy, Netherlands, Spain, and Switzerland.

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

References

• Security Updates
• Release Notes
• Rapid Release Calendar
• ESR Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Adobe Acrobat/Reader Update

 

Adobe is releasing an update with new features and bug fixes for Acrobat and Acrobat Reader. 

Update or Complete Download

Adobe Reader was updated to version 23.008.20604 for Windows and Acrobat was updated to version 24.001.20604.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Microsoft March 2024 Security Updates

 

The Microsoft March 2024 security updates have been released and consist of 59 new patches. In addition, 5 non-Chromium updates are included, bringing the total number of CVEs to 64.

Of the CVEs released, 2 are rated critical and 57 are rated important in security. At the time of release, none of the CVEs are listed as being publicly known or under active attack.

The security updates apply to the following products, features and roles: Microsoft Windows and Windows Components; Office and Office Components; Azure; .NET Framework and Visual Studio; SQL Server; Windows Hyper-V; Skype; Microsoft Components for Android; and Microsoft Dynamics.

See the list of KBs at the bottom of the page at March 2024 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates as well as the CVEs with FAQs, Mitigations and/or Workarounds. For specific information on Windows 11, versions 23H2 and 22H2, see KB5035853.  For Windows 10, Version 22H2 see KB5035845.

Recommended Reading:   See Dustin Childs review and analysis in Zero Day Initiative -- The March 2024 Security Update Review.

Additional Update Notes:

• MSRT -- The Malicious Software Removal Tool is now run on a quarterly basis rather than monthly.  See Remove specific prevalent malware with Windows Malicious Software Removal Tool. 
• Servicing Stack Updates -- Microsoft now combines the latest servicing stack update (SSU) for your operating system with the Latest Cumulative Updates (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
  
• Windows updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows, in addition to non-security updates. The updates are also available via search for the KB number in the Microsoft Update Catalog.
• For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows 10 Home and Pro and Windows 11 Home and Pro.
• Windows Update History:
• Windows 11
• Windows 10

 

References

• Security Update FAQ
• Security Updates Guide

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Mozilla Firefox Version 123.0.1 Released

  Mozilla sent Firefox Version 123.0.1 to the Release Channel.

Fixed

• Fixed the Firefox Translation language indicator in the address bar displaying a colored square icon instead of the language code icon. (Bug 1879415)

• Fixed incorrect rendering of Canvas2D conic gradients colors on Windows. (Bug 1851963)

• Fixed a regression with the onChange event not firing when clearing the value of a textarea HTML field. (Bug 1881457)

• Fixed availability of system-level dictionaries for Linux users with Firefox installed as a Flatpak package. (Bug 1881830)

• Fixed a regression in the JavaScript JIT engine incorrectly inlining strings in some cases. (Bug 1882386)

• Fixed low contrast of text when selecting rows in the Developer tools' Storage panel. (Bug 1877090)

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...