Thursday, April 24, 2025

Adobe Acrobat/Reader Optional Update

 

Adobe
Adobe is releasing an optional hotfix patch for Acrobat and Acrobat Reader that addresses an important bug fix.

Update or Complete Download

Adobe Acrobat and Reader were updated to version 25.001.20467.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Release Notes

Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Posted by No comments:
Labels: , ,

Tuesday, April 22, 2025

April 2025 Windows 10 Non-Security Preview Update

 Microsoft released KB5055612 for Windows 10 version 22H2 optional non-security release preview (Windows monthly updates explained).

Highlights

  • [Internal Windows OS] This update contains miscellaneous security improvements to internal Windows OS functionality.

Improvements

  • [Graphics] Fix: The check for GPU paravirtualization was case-sensitive in Windows Subsystem for Linux 2 (WSL2). This issue might potentially cause GPU paravirtualization support to fail.

  • [OS Security] Updates to the Windows Kernel Vulnerable Driver Blocklist (DriverSiPolicy.p7b). Additions have been made to blocklist drivers with security vulnerabilities that have been used in Bring Your Own Vulnerable Driver (BYOVD) attacks.

  • [System Guard Runtime Monitor Broker service (Known issue)] Fixed: The Windows Event Viewer might display an error related to SgrmBroker.exe, on devices that have installed Windows updates released January 14, 2025, or later. This error can be found under Windows Logs > System as Event 7023, with text similar to ‘The System Guard Runtime Monitor Broker service terminated with the following error: %%3489660935’.

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

Update:  To get the update, go to Settings > Update & Security > Windows Update. The link to download and install the update can be found in the Optional updates available area.  

Windows 10 update history



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Posted by No comments:
Labels: , ,

April 2025 Windows 11 23H3 and 22H2 Non-Security Preview Update

  Microsoft released KB5055629 (OS Builds 22621.5262 and 22631.5262) for Windows 11 23H3 and Windows 11 22H2. 

Highlights

Gradual rollout

A gradual rollout releases updates over a period of time, so users receive them at different times. To see the status of this feature, go to Windows release health dashboard.​​​​​​​

  • [File Explorer] 


    • New! Pivot-based curated views on File Explorer Home that supports ease of access of Microsoft 365 content on Windows. Be more productive and get highly relevant content at your fingertips on File Explorer Home.

    • Fixed: Improved the performance of extracting zipped files, particularly in the case where you’re unzipping a large number of small files.

  • [Narrator] New! Keep track of what Narrator has spoken and access it for quick reference. With speech recap, you can quickly access spoken content, follow along with live transcription, and copy what Narrator last said—all with simple keyboard shortcuts.

  • [Phone Link] New! You can do even more with your Windows PC and your mobile device with direct access to cross-device features from the Start menu. For example, you can make phone calls, send SMS messages, access your photos, or share content between your mobile device and PC.

  • [Widgets]


    • New! Web developers can use their existing content to create interactive widgets that can be added to multiple widgets surfaces. For more info, see Web widget providers​​​​​​​.

    • New!  Support for lock screen widgets (previously referred to as “Weather and more”) arrives on devices in the European Economic Area (EEA). You can add, remove, and rearrange lock screen widgets such as Weather, Watchlist, Sports, Traffic, and more. Any widget that supports the small sizing option can be added. To customize your lock screen widgets, navigate to Settings > Personalization > Lock screen​​​​​​​.

  • [Desktop icons] The logic for apps pinned to the desktop has been updated, so that packaged apps no longer show an accent colored backplate. For example, if you were to drag and drop Snipping Tool from the apps list in Start to the desktop the icons should be bigger and easier to see now.

  • [Share Sheet] Make last-minute edits such as cropping, rotating, and adding filters to images shared though the share sheet.

  • [Start]


    • Fixed: You can’t use touch gestures to view the list of apps pinned in the Start menu.

    • Fixed: The Sign out and More options​​​​​​​ buttons in the Start menu account manager might not be visible with increased text size.

  • [Taskbar] Fixed: If you use the arrow keys after pressing the Windows key + T, the arrows move in the wrong direction for Arabic and Hebrew display languages.

    Update:  To get the update, go to Settings > Update & Security > Windows Update. The link to download and install the update can be found in the Optional updates available area.  

    References:

    Windows 11 update history


    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...
    Posted by No comments:
    Labels: , ,

    Sunday, April 20, 2025

    Happy Easter! "Khrystos Voskres!"

       



    "Khrystos Voskres!"
    (Christ is Risen!)




    "Voistyno Voskres!"
    (He is Truly Risen!)






    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...








    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...
    Posted by No comments:

    Wednesday, April 16, 2025

    Adobe Acrobat/Reader Update

     

    Adobe
    Adobe released an update with new features and bug fixes for Acrobat and Reader. 

    Update or Complete Download

    Adobe Acrobat and Reader were updated to version 25.001.20458.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

    Reader DC and other versions are available here: https://get.adobe.com/reader/

    Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

    Release Notes

    Home
    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...
    Posted by No comments:
    Labels: , ,

    Tuesday, April 15, 2025

    Oracle Java Runtime (JRE) Update Released with Critical Security Updates

     

    java


    Oracle released the scheduled update for its Java SE Runtime Environment software.  This is a critical security and bugfix update.  

    This Critical Patch Update contains 6 new security patches for Oracle Java SE.  Five of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. 

    Download Information:  

    Java SE Runtime Environment Version 8u451: https://java.com/en/download/manual.jsp

    Java Security Recommendations

    1) If Java is still installed on your computer, it is recommended that all updates be applied as soon as possible and older, less secure, versions uninstalled.  See Why should I uninstall older versions of Java from my system?
    2) In the Java Control Panel, at minimum, set the security to high.
    3) Keep Java disabled until needed.  Uncheck the box "Enable Java content in the browser" in the Java Control Panel.

    Notes:

    • UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.  Preferably, see the instructions below on how to handle "Unwanted Extras".  
    • Oracle does not plan to migrate desktops from Java 8 to Java 9 through the auto update feature.  Therefore, it is strongly recommended that you uninstall JRE 8 prior to updating.
    • Verify your version:  http://www.java.com/en/download/testjava.jsp  Note: The Java version verification page will only work if your browser has NPAPI support.  In that case, to check the version, open a cmd window and enter the following (note the space following Java):  java -version
    • Important:  If you have a need to use Java, see which browser support it at Browsers That Still Support Java & How to Enable It.

    Patch Schedule

    For Oracle Java SE, the next scheduled update is July 15, 2025.  The planned release schedule is available here.

    Unwanted "Extras"

    Although most people do not need Java on their computer, there are some programs and games that require Java.  In the event you need to continue using Java, How-to Geek discovered a little-known and publicized option in the Java Control Panel to suppress the offers for the pre-checked unwanted extras that Oracle has long included with the updates.  Although the Ask Toolbar has been removed, that does not preclude the pre-checked option for some other unnecessary add-on.

    Do the following to suppress the sponsor offers:
    1. Launch the Windows Start menu
    2. Click on Programs
    3. Find the Java program listing
    4. Click Configure Java to launch the Java Control Panel
    5. Click the Advanced tab and go to the "Miscellaneous" section at the bottom.
    6. Check the box by the “Suppress sponsor offers when installing or updating Java” option and click OK.
    Java suppress sponsor offers

    References


    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...
    Posted by No comments:
    Labels: , , ,

    Mozilla Firefox Version 137.0.2 Released with Fixes and a Security Update

     FirefoxMozilla sent Firefox Version 137.0.2 to the release channel.  At this time no updates have been located for Firefox ESR. 

    The update includes one security update, rated high. The security update can be reviewed here.

    The update includes a number of fixes, particularly an issue that caused some Firefox users to restart their browser multiple times to complete an update.

    To review all of the fixes, see the Release Notes.

    Update:  To get the update now, select "Help" from the Firefox menu and pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  If you do not use the English language version, Fully Localized Versions are available for download.

    Rapid Release Calendar


    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...
    Posted by No comments:
    Labels: , , , ,

    Tuesday, April 08, 2025

    Microsoft April 2025 Security Updates

     

    The Microsoft April 2025 security updates have been released and consist of 124 new CVEs to Microsoft products. The additional third-party CVEs bring the combined total to 134 CVEs and 9 non-Microsoft CVEs.


    Of the Microsoft CVEs released, 11 are rated critical, 2 low and the rest are rated important in security. At the time of release, one is listed as being publicly known and under active attack.

    The security updates apply to the following products, features and roles: Windows and Windows Components, Office and Office Components, Azure, .NET and Visual Studio, BitLocker, Kerberos, Windows Hello, OpenSSH, and Windows Lightweight Directory Access Protocol (LDAP).

    See the list of KBs at the bottom of the page at April 2025 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates.

    Recommended Reading:   See Dustin Childs review and analysis in Zero Day Initiative -- The April 2025 Security Update Review.

    Additional Update Notes:

     

    References




    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...
    Posted by No comments:
    Labels: , , ,

    Mozilla Firefox Version 137.0.1 Released with Updates

       Mozilla sent Firefox Version 137.0.1 to the Release Channel.

    Fixed

    • Fixed an issue where folder shortcuts on Windows were incorrectly treated as files during file uploads, preventing selecting files within the target folder. (Bug 1958222)
    • Fixed a crash experienced by Windows users when downloading files with Qihoo 360 Total Security Antivirus software installed. (Bug 1958112)
    • Fixed an occasional startup crash. (Bug 1958293)

    Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

    Release Notes


    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...
    Posted by No comments:
    Labels: , ,

    Pale Moon Version 33.7.0 Released with Security Updates

     Pale MoonPale Moon has been updated to version 33.7.0.  This is a development, bugfix and security update.

    Changes/fixes:

    • Implemented CSS two-location color stop logic. This allows for two-location color stops (`color x% y%`) in gradients, which is shorthand for `color x%, color y%` where both colors are equal.
    • Our minimum GCC version requirement to build is now 9.1.
    • Improved channel handling when CSP blocks network redirects.
    • Implemented several fixes for CORS preflight requests.
    • Added explicit whitelisting from CSP content loading of javascript: scheme URLs.
    • Updated the ffvpx library to 6.0.1, this time preventing video color range regressions. An update to 6.0 was previously backed out in 33.5.0.
    • Updated the JPEG-XL library to 0.11.1 to pick up several fixes and improve decoding compatibility of jxl files.
    • Updated the SQLite library to 3.49.1.
    • Fixed a spec compliance issue with DOMRect and DOMQuad returning 0 if NaN was present. We now return NaN in that case, per spec.
    • Fixed a spec compliance issue with NTLM authentication. We now compute Channel Binding Hashes using the certificate signature's hash algorithm, per spec.
      Note that particularly weak algorithms are not used and SHA256 will be used as a minimum, instead, in those cases.
    • Fixed a buildability issue on Mac with XCode 16.3.
    • Added some additional safety checking to SharedArrayBuffers.
    • Added some additional safety checking to XSLT compilation and transformation.
    • Windows only: Added a preference widget.windows.follow_shortcuts_on_file_open to control how Windows File Open dialogs handle shortcut links. See implementation notes.
    • Security bugs addressed: CVE-2025-3028 (DiD) and CVE-2025-3033 (see implementation notes).

      Implementation notes:

      • Windows only: This version introduces a new (numeric) preference to control how the "Open File" dialogs handle shortcut links in the file system.
        A low-severity security issue (CVE-2025-3033) was found that in some specific circumstances could allow a malicious actor to convince a user to upload an unintended file from their file system with a specially-crafted shortcut file. To mitigate this, a special flag can be passed to File Open dialogs which prevent the dialogs from parsing shortcut links and navigating to target files and folders based on the shortcut file contents. This can be controlled with the newly-added preference. Since this flag, when set, also prevents users from navigating "through" shortcuts to folders (from e.g. the desktop) and would instead open/attach/upload the shortcut file itself, this would be disruptive to many users' workflows. Considering the major usability drawback and the low-severity nature of the security issue (which would require considerable social engineering to pull off), Pale Moon, at least for the time being or until a better solution is found, will continue allowing the following of shortcuts and navigating through them to target folders and files in File Open dialogs. If you are overly cautious, you may want to set this preference to the value 0 which always prevents shortcut parsing and following. For everyone else, just a warning to please stay safe and never follow strange sequences of instructions from strangers that you don't exactly know what they do (and never take their explanations at face value).


      Notes:  *DiD This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

      Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads.

      Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

      Release Notes
      Release Cycle

      Home
      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...

      Posted by No comments:
      Labels: , , ,

      Tuesday, April 01, 2025

      Mozilla Firefox Version 137.0 Released with Security Updates

        FirefoxMozilla sent Firefox Version 137.0 to the release channel.  Firefox ESR was updated to Versions 115.22.0 and 129.0.

      The update includes eightsecurity updates of which three (3) are rated high, four (4) are rated moderate and one (1) is rated low. The security updates can be reviewed here.

      Many new features are included in the update.  To review all of the new features, see the Release Notes.

      Update:  To get the update now, select "Help" from the Firefox menu and pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  If you do not use the English language version, Fully Localized Versions are available for download.

      Rapid Release Calendar


      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...
      Posted by No comments:
      Labels: , , , ,

      Thursday, March 27, 2025

      Mozilla Firefox Version 136.0.4 Released with Critical Security Update

         Mozilla sent Firefox Version 136.0.4 to the Release Channel.  Firefox ESR was updated to versions 128.8.1 and115.21.1.

      The update includes one security update rated critical.

      Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

      Release Notes


      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...
      Posted by No comments:
      Labels: , , , ,

      Tuesday, March 25, 2025

      Mozilla Firefox Version 136.0.3 Released with Update

           Mozilla sent Firefox Version 136.0.3 to the Release Channel.

      Fixed

      • Significantly improved responsiveness on TikTok by improving the speed of date formatting. (Bug 1954323).

      Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

      Release Notes


      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...
      Posted by No comments:
      Labels: , ,

      Thursday, March 20, 2025

      Adobe Acrobat/Reader Optional Update

       

      Adobe
      Adobe is releasing an optional hotfix patch for Acrobat and Acrobat Reader that addresses some important bug fixes.

      Update or Complete Download

      Adobe Acrobat and Reader were updated to version 25.001.20435 for Microsoft Windows and version 25.001.20438 for Macintosh.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

      Reader DC and other versions are available here: https://get.adobe.com/reader/

      Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

      Release Notes

      Home
      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...
      Posted by No comments:
      Labels: , ,

      Tuesday, March 18, 2025

      Mozilla Firefox Version 136.0.2 Released with Updates

        Mozilla sent Firefox Version 136.0.2 to the Release Channel.

      Fixed

      • Fixed a bug where "Cookies and site data" and "Temporary cached files and pages" were unexpectedly enabled after updating to Firefox 136 for users with "History" and/or "Site settings" set to clear on shutdown in previous versions. (Bug 1952564).

      Affected users already on Firefox 136 can disable these settings in "Privacy & Security".

      • Fixed an issue where the Primary Password prompt appeared in unexpected situations. (Bug 1946121).
      • Fixed visibility issues with radio buttons on dark backgrounds. (Bug 1951930).
      • Fixed high CPU usage on Windows when the screen was locked or the laptop lid was closed. (Bug 1924932).

      Web Platform

      Disabled support for the CookieStore API due to compatibility concerns. The API will be enabled later once the compatibility issues have been addressed.

      Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

      Release Notes


      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...
      Posted by No comments:
      Labels: , ,

      Tuesday, March 11, 2025

      Pale Moon Version 33.6.1 Released with Security Update

        Pale MoonPale Moon has been updated to version 33.6.1.  This is a security, bugfix and stability update.

      Important: Mac and FreeBSD builds will be updated soon. They are currently not yet ready due to builder absence.

      Changes/fixes:
      • Simplified some WASM code generation in the Ion JIT compiler.
      • Fixed a crash in loading external resource maps.
      • Disabled potentially unsafe attempts at recovering JIT operations.
      • Fixed some minor linking issues in about:rights.
      • Updated the embedded emoji font to fix incorrect display of some of the wheelchair emoji.
      • Security issues addressed: CVE-2025-1934 (*DiD).

        Notes:  *DiD This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

        Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads.

        Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

        Release Notes
        Release Cycle

        Home
        Remember - "A day without laughter is a day wasted."
        May the wind sing to you and the sun rise in your heart...

        Posted by No comments:
        Labels: , , ,
        Subscribe to: Posts (Atom)