Mozilla Firefox Version 143.0.3 Released with Security Updates

 Mozilla sent Firefox Version 143.0.3 to the release channel. 

The update includes two security updates rated critical. The security updates can be reviewed here.

A number of fixes are included in the update.  To review the fixes, see the Release Notes.

Update:  To get the update now, select "Help" from the Firefox menu and pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  If you do not use the English language version, Fully Localized Versions are available for download.

Rapid Release Calendar

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

September 2025 Windows 11 24H2 Non-Security Preview Update

 Microsoft released KB5065789 (OS Build 26100.6725) for Windows 11 24H2. 

See the very long list of Highlights included in the gradual rollout of the update. 

The summary below includes the quality improvements and new features, in the non-security update.  

• [Hyper-V] Fixed: This update addresses an issue that affects starting Hyper-V virtual machines with Trusted Platform Module (TPM) on ARM64 devices running supported versions of Windows. This can occur after installing KB5064081.

• [Input]

  • Fixed: An issue where some characters didn’t display correctly when using the Chinese Input Method Editor (IME).

  • Fixed: This update addresses an issue where certain Chinese characters appeared as empty boxes in some text fields, such as those used in Connection Manager Administration Kit, when a character limit was set.

  • Fixed: Addresses an issue in File Explorer where tooltips in the Recent section displayed certain extended Unicode characters—such as Chinese characters from Extension B through Extension F and other four-byte characters—as square boxes or unreadable symbols.

• [Networking (known issue)]​​​​​​​ Fixed: This update addresses an issue where you might not be able to connect to shared files and folders if you're using the Server Message Block (SMB) v1 protocol on NetBIOS over TCP/IP NetBIOS (NetBT). This can happen after installing update KB5065426.

• [Servicing] Fixed: This update addresses an issue that disrupted Windows Update for customers using Windows Server Update Services (WSUS).

• [Windows Hello] Fixed: This update addresses an issue that affects Windows Hello PIN setup with error 0x80090010 on devices joined to Microsoft Entra ID domains after installing Windows updates released on or after KB5060842.

Update:  To get the update, go to Settings > Update & Security > Windows Update. The link to download the update can be found in the Optional updates available section.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Adobe Acrobat/Reader Update

 

Adobe is releasing an update with new features, feature enhancements, and bug fixes for Acrobat and Acrobat Reader. 

Update or Complete Download

Adobe Acrobat and Reader are being updated to version 25.001.20744.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Pale Moon Version 33.9.0.1 Released

 Pale Moon has been updated to version 33.9.0.1.  This is a minor but critical update to address important usability and stability issues.

Mac and FreeBSD builds are not ready yet but will be updated as well as soon as the maintainer has those platforms ready for release.

Release Notes

Windows 11 24H2 Out-of-Band Update

 

Microsoft issued an Out-of-Band (OOB) update on September 22, 2024 that includes quality improvements. The update is cumulative and also includes security fixes and improvements from the September 9, 2025, security update (KB5065426). 

Fixed: This update addresses an issue that affects Microsoft Office applications running in Microsoft Application Virtualization (App-V) environments. The failure occurred due to a double handle closure in the AppVEntSubsystems32 or AppVEntSubsystems64 system component in addition to the following: 

• [Virtualization and platform compatibility] Fixed: This update addresses an issue that affects Microsoft Office applications running in Microsoft Application Virtualization (App-V) environments. The failure occurred due to a double handle closure in the AppVEntSubsystems32 or AppVEntSubsystems64 system component.

This release updates the following AI components:  Image Search, Content Extraction, Semantic Analysis, and Settings Model. 

You can download the update from Windows Update.  It is also available in the Microsoft Update Catalog via this link. 

 

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

September 2025 Windows 11 23H2 Non-Security Preview Update

 Microsoft released KB5065790 (OS Build 22621.5984) for Windows 11 23H2.

The non-security update for Windows 11 24H2 and Windows 10 will be ready soon.

Highlights

• This update addresses an issue that caused the Windows sign-in screen to stop responding after a user enters the SIM PIN during sign-in using a mobile broadband connection.
• This update addresses an issue that affects Microsoft Edge when running in Internet Explorer compatibility mode. It stops responding due to certain same-domain redirects.
• This update brings profiles up to date for certain mobile operators. 
• This update addresses an issue that affects display configuration changes during Remote Desktop Protocol (RDP) sessions with multiple monitors.

See the list of improvements included in the update for Windows 11 23H2 at KB5065790. 

Update:  To get the update, go to Settings > Update & Security > Windows Update. The link to download the update can be found in the Optional updates available section.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Pale Moon Version 33.9.0 Released with Security Updates

 Pale Moon has been updated to version 33.9.0.  This is a major development, bugfix and security release, The update is focusing primarily on improving web compatibility.

New Features:

• Implemented the CSS4 revert keyword.
• Implemented the clip keyword for overflow. See implementation notes.
  
• Implemented axis-shorthand parsing of overflow. This should fix some issues with areas being unscrollable on the web.
  
• Implemented CSS color-mix (RGB and HSL color spaces only).
• Implemented CSS @supports(selector(<complex selector>)) syntax.
• Implemented CSS Cascade Layers @layer support.
  
• Implemented support for CSS clip-path:<geometry-box> without actually supplying a clip path to use. See implementation notes.
• Implemented overflow-inline and overflow-block CSS properties.
• Implemented the :autofill CSS pseudo-class. Auto-filled fields will now also be styled by default to indicate autofilling/password manager recall has occurred.
  
• Implemented the :focus-visible CSS pseudo-class.
  
• Implemented the prefers-reduced-motion CSS media query. See implementation notes.
• Implemented a minimal version of the visualViewport web API. See implementation notes.

Changes/fixes:

• Un-prefixed CSS -moz-user-select and aligned with the user-select CSS4 spec.
• Un-prefixed CSS -moz-read-only and -moz-read-write pseudo-classes.
  
• Improved the handling of X-Content-Type-Options: nosniff to align more with the spec and expected behavior on the web.
• Added support for FFmpeg 7.0/libavcodec 61.
• Fixed a bug where sub-properties of CSS border-image would not update when the value they inherit from changes.
• Fixed a bug where scrollbar-width was incorrectly treated as an inherited property.
• Fixed an issue where screen/pixel color depth could potentially be mis-reported on Linux.
• Fixed a potential issue with fontconfig on Linux. We now explicitly initialize fontconfig on startup.
• Fixed various issues with vpx on PowerPC architectures.
• Fixed issues when building ffvpx on architectures without assembly support.
• Fixed a memory safety issue in two-position gradient color-stops code.
  
• Changed the way @import rules are processed. They will now be processed in the order of appearance in the importing stylesheet.
• Changed how TypedArray constructors handle initialization values, aligning with the ECMAScript spec. See implementation notes.
  
• Changed how Cache-control HTTP headers are parsed if multiple headers are present in a response.
• Made additional improvements to "Copy as cURL" devtools command.
  
• Security issues addressed: CVE-2025-10536 and CVE-2025-10533 DiD.

Implementation notes:

• The clip keyword allows you to specify overflow behavior that acts like a "passe-partout". This means any overflow will be hidden and content unscrollable.
  Important note: we have strictly followed the standard specification here which may result in issues on some websites if they do not explicitly specify overflow behavior in both axes when using clip as a keyword. clip, per the specification, results in unscrollable hidden content. If the other axis is unset, it will result in visible overflow that is also unscrollable (no scrollbar or mousewheel scrolling). Other browsers may default to scrollable visible overflow, instead. If you are a webmaster, please double-check if you are specifying overflow correctly when you are using clip. Because some of clip's behavior may be unintuitive at first glance, it serves well to always be explicit in both directions what kind of overflow behavior is desired.
• Pale Moon now supports specifying a CSS clip-path with just a geometry box (e.g. border-box) without defining a path. This should fix some websites displaying fully blank pages due to webmasters relying on implied "border-following" clipping when specifying a clip-path this way. Previously, this would result in everything being clipped (which used to be the explicit behaviour when no path definition was provided).
  
• The CSS media query prefers-reduced-motion can be used by webmasters to provide alternative styling of web pages when users indicate that they prefer web pages with less visual motion (e.g. for accessibility considerations for people with vestibular motion disorders). Pale Moon users can indicate this preference with a new option in the browser (Preferences -> Advanced -> tab "General" -> "Prefer reduced visual motion" under Accessibility). Please note that this option doesn't change how the browser itself handles e.g. animations or CSS; it is up to the webmaster to make use of this CSS feature to cater to visitors with this preference indicator.
  
• We now support a minimal implementation of the visualViewport web API. This API provides webmasters with indicators how much of the visible web pages should be considered "fully visible" to users. This API is primarily designed to cater to mobile traffic where browsers may be impaired by e.g. a camera notch in the screen. Since this isn't a concern on desktop, we always return a fixed (0,0) value for origin and offset. For other parts of the API, we give back the width/height of the root scrollframe of web content, while for scale we pass forward our dpp resolution (usually 1.0).
• TypedArray constructors can be passed initialization values to indicate the initial size of the array to create. According to the specced behavior, we should accept most values (anything accepted by ToIndex), even those that make no sense (e.g. a string or undefined). This has now been changed to align with that spec and we no longer throw an error in those cases, and simply return a 0-length typed array instead.

Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads.

Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

Release Notes
Release Cycle

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Mozilla Firefox Version 143.0.1 Released with Update

  Mozilla sent Firefox Version 143.0.1 to the Release Channel.

Fixed

• Fixed a tab crash experienced by some users caused by DLL injection. (Bug 1872261)

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Mozilla Firefox Version 143.0 Released with Security Updates

 Mozilla sent Firefox Version 143.0 to the release channel. 

The update includes eleven security updates of which three (3) are rated critical, five (5) rated moderate, and three (3) are rated low. The security updates can be reviewed here.

New features and fixes are included in the update.  To review the new features, see the Release Notes.

Update:  To get the update now, select "Help" from the Firefox menu and pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  If you do not use the English language version, Fully Localized Versions are available for download.

Rapid Release Calendar

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Adobe Acrobat/Reader Security Update

 

Adobe is releasing an update that addresses critical and moderate updates for Acrobat and Acrobat Reader. 

Update or Complete Download

Adobe Acrobat and Reader are being updated to version 25.001.20693.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Microsoft September 2025 Security Updates

 

The Microsoft September 2025 security updates have been released and consist of 80 new CVEs to Microsoft products. With the additional 5 non-Microsoft CVEs being documented, it brings the combined total to 85 CVEs.

Of the Microsoft CVEs released, 8 are rated Critical and the rest are rated Important in severity. At the time of release, one is listed as being publicly known and none are listed as under active attack.

The security updates apply to the following products, features and roles: Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, Hyper-V, SQL Server, Defender Firewall Service, and Xbox.

Information regarding known issues with KBs included in the security updates can be found at the bottom of the page at September 2025 Security Updates - Release Notes - Security Update Guide - Microsoft.

Recommended Reading:  See Dustin Childs review and analysis in Zero Day Initiative -- The September 2025 Security Update Review.

Additional Update Notes:

• Windows 10 End of Support -- On October 14, 2025, Windows 10 will reach end of support. See the Windows 10 blog for How to prepare for Windows 10 end of support by moving to Windows 11 today.
• Windows 10 Extended Security Updates (ESU) -- With Windows 10 scheduled to reach end of support on October 14, 2025, you can enroll your PC in Windows 10 Extended Security Updates and continue receiving security updates for one year. There are a number of articles about the process, with a simplified version at Major Geeks.
• MSRT -- The Malicious Software Removal Tool is now run on a quarterly basis rather than monthly.  See Remove specific prevalent malware with Windows Malicious Software Removal Tool. 
• Servicing Stack Updates -- Microsoft now combines the latest servicing stack update (SSU) for your operating system with the Latest Cumulative Updates (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
  
• Windows updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows, in addition to non-security updates. The updates are also available via search for the KB number in the Microsoft Update Catalog.
• For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows 10 Home and Pro and Windows 11 Home and Pro.
• Windows Update History:  Windows10, Windows 11

 

References

• Security Update FAQ
• Security Updates Guide

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Adobe Acrobat/Reader Update

 

Adobe is releasing an update with bug fixes for Acrobat and Acrobat Reader. 

Update or Complete Download

Adobe Acrobat and Reader are being updated to version 25.001.20xx.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Release Notes

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...