Saturday, June 29, 2024

Optional Hotfix Patch for Adobe Reader and Acrobat

 

Adobe
Adobe has released an optional hotfix patch that addresses some important bug fixes.

Update or Complete Download

Reader DC and Acrobat DC were updated to version 24.002.20895 for Windows and version x.20893 for Mac.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

References

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, June 26, 2024

Mozilla Firefox Version 127.0.2 Released with Updates

   Mozilla sent Firefox Version 127.0.2 to the Release Channel.

Fixed

  • Fixed an issue where YouTube playback may experience stalling under certain conditions (bug 1900191bug 1878510).
  • Fixed an issue where the Private Window icon was displayed in the taskbar on Windows when browser.privateWindowSeparation.enabled was set to false (bug 1901840).

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

Release Notes


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, June 25, 2024

June 2024 Windows 11 Non-Security Preview Update

 Microsoft released KB5039302 (OS Builds 22621.3810 and 22631.3810 today for Windows 11 23H3 and Windows 11 22H2. 

Update 27Jun2024:  KB5039302 released as part of the June non-security preview update has been paused due to issues which cause devices to restart repeatedly. tinyurl.com/3jretfus

IMPORTANT:  The date for optional, non-security preview releases for Home and Pro versions of Windows 11, version 22H2 has been extended from February 27, 2024 to June 26, 2024. 

Highlights

  • This update addresses an issue that affects Snipping Tool. When you use it to record videos on some PCs, the audio has distortions.
  • This update addresses an issue that affects the touch keyboard. You cannot use it to enter special characters. This occurs when you use the Japanese 106 keyboard.
  • This update addresses an issue that affects USB devices. Ejecting them using the Safely Remove Hardware option fails. This occurs when Task Manager is open.
  • This update adds a new Game Pass recommendation card on the Settings home page. This home page shows on Home and Pro editions when you sign in to Windows using your Microsoft account.
  • The show desktop button is on the taskbar again by default. To change this, right-click the taskbar and choose Taskbar settings. At the lower part of the page, you will find Taskbar behaviors.

In addition, see the KB Article for a list of new features that may not be available to everyone as they will be rolling out gradually.

Update:  To get the update, go to Settings > Update & Security > Windows Update. The link to download and install the update can be found in the Optional updates available area.  To get the standalone package for this update, go to the Microsoft Update Catalog website.

References:

Windows 11 update history


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

June 2024 Windows 10 Non-Security Preview Update

 Microsoft released KB5039299 for Windows 10 version 22H2 optional non-security release preview (Windows monthly updates explained).

Highlights

§  This update addresses an issue that affects an app’s jump list on the taskbar. Completing actions from that list might fail. A jump list is a menu that appears when you right-click an app on the taskbar or Start menu. It gives you quick access to recently or frequently used app items.

§  This update addresses an issue that affects the default Japanese Input Method Editor (IME). The candidate window stops responding when you do not expect it. Then, it goes back to a former composition state at random.

§  This update addresses a known issue that might occur when you right-click some apps. Instead of running the task you choose from the context menu, an “Open with” dialog appears. It asks you, "How do you want to open this file?" This issue might affect any app that has tasks on a context menu. This issue also affects the icons on the taskbar and Start menu.

See the KB article for the list of quality improvements included in the update.

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

Update:  To get the update, go to Settings > Update & Security > Windows Update. The link to download and install the update can be found in the Optional updates available area.  To get the standalone package for this update, go to the Microsoft Update Catalog website.

Windows 10 update history



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, June 19, 2024

Mozilla Firefox Version 127.0.1 Released with Updates

 


   Mozilla sent Firefox Version 127.0.1 to the Release Channel.

Fixed

  • Fixed an issue where users with a primary password set on their profile could lose their previous session of tabs upon upgrading if they dismissed the primary password prompt (bug 1901899).
  • Fixed an issue where Linux users with accessibility.monoaudio.enable set to true were experiencing slow audio speeds (bug 1900972).
  • Fixed an issue where, in some circumstances, the Firefox installer on Windows failed to complete the installation (bug 1896868).
  • Fixed an issue causing Firefox to incorrectly reject cookies for certain websites (bug 1901325).

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

Release Notes


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, June 18, 2024

Pale Moon Version 33.2.0 Released with Security Updates

 Pale MoonPale Moon has been updated to version 33.2.0.  This is a development, stability and security release.

New features:

  • Implemented the missing parts of the html5 <dialog> element, including modal handling and custom backdrops.
  • Implemented courser, user-configurable granularity for the canvas poisoning anti-fingerprinting measure. See implementation notes.
  • Implemented new CSS viewport units svw, svh, svmin, svmax, lvw, lvh, lvmin, lvmax, dvw, dvh, dvmin and dvmax.
  • Implemented new CSS logical viewport units vb, vi, svb, svi, lvb, lvi, dvb and dvi.

Changes/fixes:

  • Removed the archaic and wholly outdated FIPS security module code.
  • Removed the archaic DBM support code for storing of passwords in DBM format files.
  • Removed the -moz prefix from -moz-fit-content, aligning with the current CSS standard fit-content value.
  • Updated our build system by adopting parts of the old autoconf 2.13 as maintained code. autoconf 2.13 is no longer a build requirement. If you build from source, you may want to review your dependencies with this change.
  • Fixed issues when building with GCC 14.* and Clang 16.*.
  • Fixed issues with emoji sequence clusters causing incorrect rendering of emoji glyphs in some cases.
  • Made some arguments to the legacy XPathEvaluator/XPathExpression interfaces optional for web compatibility.
  • Fixed a crash when reporting JavaScript module exporting errors.
  • Updated checking of special cookie prefixes to be case-insensitive in accordance with the current RFC 6265 (bis-11+).
  • Fixed issues with external protocol handlers.
  • Fixed an issue where autocomplete pop-ups would stay open in some circumstances.
  • Fixed an issue with potentially bad file names being entered by the user to "Save As...".
  • Fixed several crashes and race conditions.
  • Security issues addressed: CVE-2024-5699, CVE-2024-5702 DiD, CVE-2024-5690, CVE-2024-5698 DiD, CVE-2024-5688 DiD, CVE-2024-5692 and several other security issues (some more DiD) that do not have CVE numbers assigned to them.

Notes:

*DiD This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

Mac builds have switched to Xcode 15 and are now cross-compiled from Apple silicon for Intel targets. While the resulting builds have been tested on a few Intel Mac systems, this is a big build change, so please get in touch through our forum if you experience any issues with these builds on Mac.

Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads.

Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

Release Notes
Release Cycle

Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, June 16, 2024

Optional Update for Adobe Reader and Acrobat

 

Adobe
Adobe is releasing an optional hotfix patch for Acrobat and Acrobat Reader that addresses some important bug fixes.

Update or Complete Download

Adobe Acrobat and Reader were updated to version 24.002.20857.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Release Notes

Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, June 15, 2024

Adobe Acrobat/Reader Update

 

Adobe
Adobe is releasing an update with new features and bug fixes for Acrobat and Reader. 

Update or Complete Download

Adobe Acrobat and Reader were updated to version 24.002.20854.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Release Notes

Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, June 11, 2024

Microsoft June 2024 Security Updates

 

The Microsoft June 2024 security updates have been released and consist of 49 new patches to Microsoft products. In addition, 9 third-party CVEs are documented, bringing the total number of CVEs reported to 58.


Of the Microsoft CVEs released,1 is rated critical and,48 are rated important in security. At the time of release, one of the CVEs is listed as being publicly known.  However, it is a third-party update that is now being integrated into Microsoft products.  None are under active attack.

The security updates apply to the following products, features and roles: Windows and Windows Component, Office and Office Components, Azure, Dynamics Business Central and Visual Studio.

See the list of KBs at the bottom of the page at June 2024 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates as well as the CVEs with FAQs, Mitigations and/or Workarounds. For specific information on Windows 11, versions 23H2 and 22H2, see KB5039212.  For Windows 10, Version 22H2 see KB5039211.

Recommended Reading:   See Dustin Childs review and analysis in Zero Day Initiative -- The June 2024 Security Update Review.

Additional Update Notes:


 

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Mozilla Firefox Version 127.0 Released with Security Updates

 Mozilla sent Firefox Version 127.0 to the Release Channel. ESR was updated to Version 115.12.0.

The update includes fifteen security updates of which four (4) are rated high, eight (8) are rated moderate, and three (3) are rated low.

HIGH

#CVE-2024-5687: An incorrect principal could have been used when opening new tabs
#CVE-2024-5688: Use-after-free in JavaScript object transplant
#CVE-2024-5700: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12
#CVE-2024-5701: Memory safety bugs fixed in Firefox 127

MODERATE

#CVE-2024-5689: User confusion and possible phishing vector via Firefox Screenshots
#CVE-2024-5690: External protocol handlers leaked by timing attack
#CVE-2024-5691: Sandboxed iframes were able to bypass sandbox restrictions to open a new window
#CVE-2024-5692: Bypass of file name restrictions during saving
#CVE-2024-5693: Cross-Origin Image leak via Offscreen Canvas
#CVE-2024-5694: Use-after-free in JavaScript Strings
#CVE-2024-5695: Memory Corruption using allocation using out-of-memory conditions
#CVE-2024-5696: Memory Corruption in Text Fragments

LOW

#CVE-2024-5697: Website was able to detect when Firefox was taking a screenshot of them
#CVE-2024-5698: Data-list could have overlaid address bar
#CVE-2024-5699: Cookie prefixes not treated as case-sensitive

NEW

  • You can now set Firefox to automatically launch whenever you start or restart your Windows computer. Setting Firefox to auto-launch optimizes efficiency in our browser-centric digital routines, eliminating manual startup delays and facilitating immediate web access. (Learn more)
  • We completed work to optimize and enable DNS prefetching for HTTPS documents via the rel="dns-prefetch" link hint. This standard allows web developers to specify domain names for important assets that should be resolved preemptively.
  • It is now possible to close all duplicate tabs in a window with the Close duplicate tabs command available from the List all tabs widget in the tab bar or a tab context menu.
  • Firefox will now automatically try to upgrade <img><audio>, and <video> elements from HTTP to HTTPS if they are embedded within an HTTPS page. If these so-called mixed content elements do not support HTTPS, they will no longer load.
  • For added protection on MacOS and Windows, a device sign in (e.g. your operating system password, fingerprint, face or voice login if enabled) can be required when accessing and filling stored passwords in the Firefox Password Manager about:logins page.

Changed

  • To reduce user fingerprinting information and the risk of some website compatibility issues, the CPU architecture for 32-bit x86 Linux will now be reported as x86_64 in Firefox's User-Agent string and navigator.platform and navigator.oscpu Web APIs.
  • Links and other focusable elements are now tab-navigable by default on macOS, instead of following macOS' "Keyboard navigation" setting. This is a more accessible default and matches the default in all other platforms. A checkbox in the settings page still allows users to restore the old behavior.
  • The Screenshots feature in Firefox has gotten a big update! It now supports taking screenshots of file types like SVG, XML, and more as well as various about: pages within Firefox. We've also made the screenshot tool more accessible to everyone by implementing new keyboard shortcuts and adding theme compatibility and High Contrast Mode (HCM) support. And finally, performance for capturing large screenshots has been improved.

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

References


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...