Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Corrine

Pages: [1] 2 3 ... 88
1
Adobe released an optional hotfix Adobe Acrobat DC and Adobe Reader DC for Windows and macOS that addresses important bug fixes.

Release date:  April 16, 2020
Vulnerability identifier: None
Platform: Windows and MacOS

Bug fixes

Browser

  • 4327498: Unable to open FDF from web app
Security-Signatures
  • 4327765: Acrobat and Reader generates incorrect signature data for Elliptical curve signatures when Elliptical Certificate is stored in Windows Certificate store.
Update
Reader DC was updated to version 21.001.20149.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates. 

Note:    UNcheck any pre-checked additional  options presented with the update. They are not part of the software update and are completely optional.

Release Notes

2
Web News / Microsoft to use SHA-2 exclusively starting May 9, 2021
« on: April 14, 2021, 08:29:55 PM »
Quote
As a major move to the more secure SHA-2 algorithm, Microsoft will allow the Secure Hash Algorithm 1 (SHA-1) Trusted Root Certificate Authority to expire. Beginning May 9, 2021 at 4:00 PM Pacific Time, all major Microsoft processes and services—including TLS certificates, code signing and file hashing—will use the SHA-2 algorithm exclusively.

Additional information at the source:  Microsoft to use SHA-2 exclusively starting May 9, 2021 - Microsoft Tech Community.

3
Security Alerts & Briefings / Microsoft April 2021 Security Updates
« on: April 13, 2021, 06:00:36 PM »
The Microsoft April 2021 security updates have been released and consist of 114 CVEs.  The updates apply to the long list of products, features and roles that can be found in the April Security Updates Guide.  Of these 89 CVEs, 19 are rated Critical, 89, and 1 is rated Important in severity. Six additional bugs impact Chromium-based Edge. 

According to Microsoft, one bug is currently being exploited while four others are publicly known at the time of release.  In addition, CVE-2021-28310 is listed as being actively exploited.

The  updates released today will automatically remove Edge Legacy which is out of support and replace it with the new Chromium-based Edge.  In the event you still use legacy Edge or if you have blocked the Chromium Edge update using group policies/registry hacks, those settings will be ignored and the legacy version will be removed automatically.

Important Note For Windows 10, Version 2004 and Windows 10, Version 20H2:
Quote
Before installing this update
         
Prerequisite:
         
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). If you encounter the error, 0x800f0823 – CBS_E_NEW_SERVICING_STACK_REQUIRED, close the error message and install the last standalone SSU (KB4598481) before installing this LCU. You will not need to install this SSU (KB4598481) again for future updates.
         
For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.

For Windows 10 Version 1909, see Microsoft April 2021 Security Updates.

See Dustin Childs review and analysis in Zero Day Initiative -- The April 2021 Security Update Review.

April Security Updates Guide

4
Web News / Microsoft Edge Now Has More Users than Firefox!
« on: April 05, 2021, 07:19:53 PM »
Although the percentage is small, there are now more users of Microsoft Edge than Firefox.  From New Microsoft Edge grew 1,300% this year, overtaking Firefox:
Quote
The new Chromium-based Microsoft Edge browser has grown by over 1,300% in the past 12 months, while the Firefox browser is slowly losing its market share.

In January 2020, Microsoft released the first stable version of the new Chromium-based Microsoft Edge browser and announced that they would slowly release it to Windows 10 users. Unless users created special Windows Registry values, the new Edge would replace Microsoft Edge Legacy when installed.

As the new Microsoft Edge uses the same engine as Google Chrome, the browser quickly grew in popularity as it provides excellent performance, features. and can use all of Chrome's existing extensions.

More info at the source.

5
LandzDown Lounge / Happy Easter!
« on: April 04, 2021, 01:07:00 PM »

6
Pale Moon has been updated to version 29.1.1.  This update is a minor security and bugfix update.  Linux versions will follow soon.

Update
To get the update now, select "Help" from the  Pale Moon menu at the upper  left of the browser window.  Select About Pale Moon > Check for Updates.

Release Notes

7
Microsoft released the monthly “C” release preview cumulative update with non-security improvements and fixes for Windows 10 Versions 2004 and 20H2.  Both versions are receiving the same KB5000850 with a long list of key changes which can be viewed in the KB article.  Note, however, if you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device. 

Prerequisite:
   
Microsoft now combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). If you encounter the error, 0x800f0823 – CBS_E_NEW_SERVICING_STACK_REQUIRED, close the error message and install the last standalone SSU (KB4598481) before installing this LCU. You will not need to install this SSU (KB4598481) again for future updates.

To download and install the update, go to Settings -> Update and Security -> Windows Update and select Check for updates. To get the standalone package for this update, go to the Microsoft Update Catalog website.

Note:  This update also removes the Microsoft Edge Legacy desktop application that is out of support and installs the new Microsoft Edge. For more information, see New Microsoft Edge to replace Microsoft Edge Legacy with April’s Windows 10 Update Tuesday release.

Windows 10 update history

8
LandzDown Lounge / Passover (March 27 - April 4)
« on: March 27, 2021, 07:21:22 PM »
Warm Passover wishes to all our LzD friends.


9
Microsoft released the monthly “C” release preview cumulative update with non-security improvements and fixes yesterday for Windows 10 Versions 1909 and 1809. 

Both sets of updates have a long list of key changes which can be viewed in the KB articles.  Note, however, if you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.  To download and install the update, go to Settings -> Update and Security -> Windows Update and select Check for updates. Links to the standalone packages are included in the update information below.

Windows Version 1909 (Build 18363.1474), KB5000850: 

If you are using Windows Update, the latest SSU KB5001205 will be offered to you automatically. The SSU update addresses an issue that might prevent the CVE-2020-0689 update from installing. To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.

Note:  This update also removes the Microsoft Edge Legacy desktop application that is out of support and installs the new Microsoft Edge. For more information, see New Microsoft Edge to replace Microsoft Edge Legacy with April’s Windows 10 Update Tuesday release.

Windows 10 Version 1809 (Build 17763.1852), KB45000854: 

If you are using Windows Update, the latest SSU (KB5000859) will be offered to you automatically. The standalone package for the update is available in the Microsoft Update Catalog.  To get the standalone package for the latest SSU, search for it in the Microsoft Update Catalog.

Windows 10 update history

10
Mozilla sent Firefox Version 87.0 to the release channel today.  The update includes eight security updates of which two (2) are rated high, four (4) moderate and two (2) rated low.

Firefox ESR was updated to Version 78.9.

Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

Security Updates
Release Notes
Rapid Release Calendar

11
Microsoft released a second out-of-band non-security update to address unexpected results when printing from some apps or to some printers for the Windows 10 Versions listed below. 

The issues affects printer brands Kyocera, Rico, Dymo, Zebra, HP, Brother, and Canon after installing the security update released March 9, 2021 and the out-of-band updates released March 15, 2021. 

Note:  It is recommended that the update be installed only if your printer is affected by the issue(s) being addressed in the update.  The issues missing are solid color graphics, misalignment/formatting issues, or printing of blank pages/labels  For more information, see the known issues section for your version of Windows 10 in the appropriate KB Article below.
  • Windows 10, version 20H2 and Windows Server, version 20H2 (KB5001649)
  • Windows 10, version 2004 and Windows Server, version 2004 (KB5001649)
  • Windows 10, version 1909 and Windows Server, version 1909 (KB5001648)
  • Windows 10, version 1809 and Windows Server 2019 (KB5001638)
  • Windows 10, version 1803 (KB5001634)
  • Windows 10, version 1607 and Windows Server 2016 (KB5001633)
  • Windows 10, version 1507 (KB5001631)
As indicated in the Windows message center, "Updates for the remaining affected versions of Windows will be released in the coming days.

12
Web News / The Free Version of LastPass Loses Features Today
« on: March 16, 2021, 07:45:09 PM »
From Groovy Post at The Free Version of LastPass Loses Features Today:

Quote
LastPass Free Tier Changes
According to the company’s blog post, the company says, “Starting March 16th, 2021, LastPass Free will only include access on unlimited devices of one type.” The post continues to explain that starting today you will have to set your active device type. You’ll get three chances to decide on which you want to use as your “active device type” (mobile or desktop). However, note that your devices sync automatically. That means “you’ll never lose access to anything stored in your Vault or be locked out of your account due to these changes,” according to the support article.

13
Microsoft released out-of-band non-security updates for Windows 10 Versions 1909 and 2004 as well as versions 1803 and 1809 for enterprise/education.  The purpose of the updates is to fix the issue causing blue screens (BSOD) when printing to network printers with Type 3 printer drivers.  The issue showed up after installing the March 2021 cumulative updates.

Because the updates are optional, they are not available via Windows update.  However, if you have been affected by this issue, the updates can be downloaded manually from the Microsoft Catalog:

14
Mozilla sent Firefox Version 86.0.1 to the release channel today as a bug fix update.  Firefox ESR remains at Version 78.8.

Release Notes

15
Adobe released an optional hotfix Adobe Acrobat and Adobe Reader for Windows and macOS that addresses important bug fixes.

Release date:  March 10, 2020
Vulnerability identifier: None
Platform: Windows and MacOS

Bug fixes

Annotations
  • 4325450: Comments missing in shared review if done using Reader DC
Update :  Reader DC was updated to version 21.001.20145.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates. 

Note:    UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Release Notes

Pages: [1] 2 3 ... 88